WO2012055112A1 - Method for establishing connection and apparatus, communication system thereof - Google Patents

Method for establishing connection and apparatus, communication system thereof Download PDF

Info

Publication number
WO2012055112A1
WO2012055112A1 PCT/CN2010/078222 CN2010078222W WO2012055112A1 WO 2012055112 A1 WO2012055112 A1 WO 2012055112A1 CN 2010078222 W CN2010078222 W CN 2010078222W WO 2012055112 A1 WO2012055112 A1 WO 2012055112A1
Authority
WO
WIPO (PCT)
Prior art keywords
address
terminal
connection
transmission control
control protocol
Prior art date
Application number
PCT/CN2010/078222
Other languages
French (fr)
Chinese (zh)
Inventor
周伟
王岩
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to PCT/CN2010/078222 priority Critical patent/WO2012055112A1/en
Priority to CN201080001916.9A priority patent/CN102714617B/en
Publication of WO2012055112A1 publication Critical patent/WO2012055112A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to a connection establishment method, apparatus, and communication system. Background technique
  • the Internet Engineering Task Force proposes a method of separating the identification and positioning functions to solve the mobility, which is also the host identity protocol (HIP: Host Identity Protocol).
  • HIP Host Identity Protocol
  • the idea of an asymmetric key encryption algorithm is adopted, and the public key in the key pair is used as the host identifier of the node (HI: Host Identity)rada Since HI as a public key may be relatively long, at all In actual use, it is not very useful.
  • the saved value is the 128-bit hash value of this host ID, which is the host identifier (HIT: Host Identity Tag). Since the lengths of HIT and IPv6 addresses are exactly the same, It can be directly applied to IPv6 applications. After such processing, the separation of host ID and host location is achieved.
  • the existing Transmission Control Protocol/Internet Protocol (TCP/IP) protocol stack needs to be modified, and a host identification layer is added between the network layer and the transport layer, specifically, the HIP network protocol.
  • the bottom layer is the physical layer
  • the top layer is the link layer
  • the network layer (IPv4 or IPv6) is added between the network layer and the transport layer
  • the correspondence between the port and the IP is changed to the correspondence between the port and the HIT. Therefore, the application layer does not need to know the current host and the specific address of the host to be contacted, just need to know the host ID.
  • the IP address is used only as a routing function here, and the HIP layer implements a mapping between the host's HIT and IP address to implement a complete communication process.
  • each packet containing the source HIT and the target HIT is mapped to the IP address of the node, and the IP packet is routed at the network layer.
  • the source HIT is mapped to the source IP address
  • the target HIT is mapped to the target IP address.
  • the HIP layer on the peer maps the IP address to the HIT. Specifically, the source IP address is mapped to the source HIT, and the target IP address is mapped to the target HIT, and the message is further sent to the transport layer for processing, thereby realizing that the message arrives at the sender from the sender's transport layer.
  • the transport layer completes the end-to-end transmission.
  • the application layer will use the HIT to identify the upper connection, and the HIT can be used throughout It remains unchanged during the connection process.
  • the underlying IP address can change with the move, but this change in IP address is transparent to the upper layer application, thus solving the host mobility problem.
  • the host identity protocol introduces the HIP layer in the protocol stack
  • the correspondence between the port and the IP is changed to the correspondence between the port and the HIT, and the HIT of the HIP layer is bound to only one IP address at the same time.
  • the terminal cannot implement multiple access in the HIP network.
  • Embodiments of the present invention provide a connection establishment method, apparatus, and communication system, so that a terminal implements multiple access in a HIP network.
  • An embodiment of the present invention provides a connection establishment method, including:
  • the second terminal After the second terminal establishes that the first address of the second terminal is associated with the first host identity protocol of the second address of the first terminal, the second terminal saves that the first address and the second address are associated with the first host identity protocol First mapping relationship;
  • the second terminal sends a second transmission control protocol synchronization message to the first terminal by using the third address according to the second mapping relationship, to establish the third address and the second address of the fourth address.
  • a transmission control protocol connection the second transmission control protocol synchronization message including the same connection identifier information as the first transmission control protocol synchronization message.
  • connection establishing apparatus including a host identity protocol association establishing unit, a saving unit, a transmission control protocol connection establishing unit, and a receiving unit;
  • the host identity protocol association establishing unit is configured to establish a first address associated with the first host identity protocol of the second address of the first terminal; after the receiving unit receives the fourth address sent by the first terminal, establish a third The address is associated with a second host identity protocol of the fourth address;
  • the saving unit is configured to establish the first host in the host identity protocol association establishing unit After the association of the protocol is associated, the first mapping relationship between the first address and the second address and the first host identity protocol is saved; after the host identity protocol association establishing unit establishes the second host identity protocol association, Saving a second mapping relationship between the third address and the fourth address and the second host identity protocol;
  • the transmission control protocol connection establishing unit is configured to send, by using the first address, a first transmission control protocol synchronization message to the first terminal according to the first mapping relationship saved by the saving unit, to establish a
  • the first address is connected to the first transmission control protocol of the second address, the first transmission control protocol synchronization message includes connection identifier information, and the third mapping is performed according to the second mapping relationship saved by the saving unit.
  • the connection identifier information is the same as the first transmission control protocol synchronization message; the receiving unit is configured to receive the fourth address sent by the first terminal.
  • Another embodiment of the present invention provides a communication system, including the connection establishment apparatus provided by the embodiment of the present invention.
  • the source endpoint may save the first mapping relationship between the first address and the second address and the first HIP, thereby establishing the first address and a first TCP connection between the second address, and carrying the CID information in the process of establishing the first TCP connection, so that after receiving the fourth address sent by the first terminal, the CID information can be used to establish the third address and the third address
  • a second TCP connection between the four addresses so that at least two TCP connections can be applied to the same TCP, so that different TCP flows of one TCP application can be transmitted through different paths, so that terminals supporting multiple access are in the HIP network. It can take advantage of multiple access and improve the utilization efficiency of terminals and networks.
  • FIG. 1 is a schematic diagram of a hierarchy of host identification protocols in the prior art
  • FIG. 2 is a schematic diagram of a HIP network protocol stack according to an embodiment of the present invention
  • FIG. 3 is a flowchart of a connection establishment method according to an embodiment of the present invention
  • connection establishment method 4 is a signaling flowchart of a connection establishment method according to another embodiment of the present invention.
  • FIG. 5 is a structural diagram of a connection establishing apparatus according to an embodiment of the present invention.
  • connection establishing apparatus is a structural diagram of a connection establishing apparatus according to another embodiment of the present invention.
  • FIG. 7 is a structural diagram of a connection establishing apparatus according to another embodiment of the present invention.
  • FIG. 8 is a structural diagram of a connection establishing apparatus according to another embodiment of the present invention.
  • FIG. 1 is a schematic diagram of a HIP protocol stack in the prior art.
  • the bottom layer of the HIP protocol stack is a physical layer
  • the uplink layer is a link layer
  • a network layer IPv4 or IPv6
  • a HIP layer Transport layer (TCP/UDP) and application layer.
  • the function of the multi-path TCP is introduced on the terminal supporting the HIP protocol, so that the function of the transport layer of the terminal supporting the HIP protocol is decomposed into a semantic layer and a TCP sub-flow layer, wherein the semantics Layers, also known as multipath TCP layers, are responsible for scheduling and management between multiple TCP substreams.
  • the HIP network protocol stack is as shown in FIG. 2.
  • the bottom layer is a physical layer interface with multiple accesses
  • the upper layer is a network layer, and above the network layer.
  • the HIP layer it is mainly used to shield the upper layer from accessing IP, so that the mapping between the original port and the IP address is changed to the mapping between the port and the HIT on the HIP level.
  • a TCP sub-flow layer which can correspond to multiple physical interfaces at the bottom.
  • a TCP sub-flow can correspond to an underlying physical interface.
  • a multi-path TCP layer which can perform path management and scheduling for the lower-layer TCP sub-flow, and the multi-path TCP layer can also reorder data of multiple TCP sub-flows and submit it to the application layer.
  • multiple TCP substreams are combined and sent to the application layer to implement transparency of the underlying changes to the upper application.
  • the uppermost application layer which is not aware of the changes in the transport layer, continues to communicate with the peer through the HIT.
  • FIG. 3 is a flowchart of a connection establishment method according to an embodiment of the present invention.
  • the second terminal is specifically described in the embodiment. It is a processing flow of a source endpoint in a communication process, and the embodiment includes the following steps.
  • the second terminal establishes a first RRC association between the first address of the second terminal and the second address of the first terminal, and the second terminal saves the first mapping relationship between the first address and the second address and the first HIP.
  • the second terminal may obtain the second address of the first terminal from the DNS server or the RVS server, and the DNS server and the RVS server may save the correspondence between the HIT of the terminal and the address of the terminal, for example, the second terminal may be according to the application layer.
  • the HIT included in the sent data packet determines the address of the terminal corresponding to the HIT.
  • the HIT corresponds to the first terminal
  • the second terminal queries the DNS server or the RVS server to learn the first address of the first terminal.
  • the address of the terminal may be an IP address.
  • the second terminal establishes a first HIP association between the first address of the second terminal and the second address of the first terminal, where the second terminal sends the first initial message to the first terminal;
  • the second terminal sends the first response to the first terminal, and the second terminal sends the second initial message to the first terminal.
  • the first terminal sends the second response to the second terminal.
  • the HIP layer implements a mapping relationship between an IP address and an HIT.
  • the TCP sub-flow layer is between the HIP association and the HIT. Mapping relationship.
  • the HIP protocol supports multiple physical interfaces (multiple IP addresses), so that one HIT can be bound to multiple IP addresses to implement fault recovery.
  • the HIT of the HIP layer is bound to only one IP address. (a physical interface), so for the upper multipath TCP, multiple TCP connections will still correspond to the same HIT, that is, the data of multiple TCP substreams will only pass through a physical interface (address) bound to the HIT. The transmission is performed.
  • the mapping relationship is specifically to establish a mapping relationship between the HIP-associated address and the HIP, and the mapping relationship is saved in the terminal. Therefore, after the first HIP association is established, the second terminal may save the first mapping relationship between the first address and the second address and the first HIP.
  • the first mapping relationship may be caused by the upper layer.
  • the TCP substream corresponds to a plurality of different HIP associations, and thus corresponds to a plurality of different physical interfaces, thereby being transmitted through different paths.
  • the first mapping relationship can also be saved in the first terminal.
  • the second terminal sends a first TCP synchronization (SYN) packet to the first terminal by using the first address according to the first mapping relationship, to establish a first TCP connection between the first address and the second address, where the first TCP SYN 4)
  • the message contains the connection identifier (CID: Connection Identity) information.
  • the first address corresponding to the first HIP association may be determined according to the first mapping relationship, and then the first address is used. Sending a first TCP SYN 4 message to the first terminal, so as to establish a first TCP connection between the first address and the second address, where the first TCP connection is the first TCP sub-flow.
  • the first TCP SYN message further includes CID information, where the connection identifier information indicates common features of multiple TCP sub-flows belonging to the same TCP application, and has the same connection identifier information.
  • the TCP connection will be aggregated into a TCP connection on the multi-connection TCP layer. So there is only one TCP connection at the application layer perspective.
  • the second terminal sends the first TCP SYN packet to the first terminal by using the first address according to the first mapping relationship, so that the first TCP connection of the first address and the second address may be specifically used.
  • the second terminal sends the first TCP SYN packet to the first terminal by using the first address according to the first mapping relationship, and receives the first TCP synchronization and acknowledgement (SYN/ACK) packet returned by the second address, the first TCP.
  • the SYN/ACK packet includes the CID information, and the first TCP SYN/ACK packet is sent by the second address to the first TCP SYN packet forwarded by the first terminal, and the first terminal is configured according to the saved first mapping relationship.
  • a TCP SYN packet is forwarded to the second address; a TCP acknowledgement (ACK) packet is sent to the second address by using the first address, and the establishment of the first TCP connection is completed.
  • ACK TCP acknowledgement
  • the TCP application layer can transmit data over the first TCP connection.
  • the second terminal may further receive the information of the second address failure sent by the first terminal;
  • a mapping relationship determines that the second address corresponds to the first TCP connection, so that when the second terminal sends the TCP connection teardown request to the first terminal, the second terminal may carry the second address in the TCP connection teardown request, so as to correctly remove the first TCP connection.
  • the second terminal receives the fourth address sent by the first terminal.
  • the fourth address received by the second terminal is sent by the first terminal after the first TCP connection is established, and the fourth address is a multiple access address of the first terminal. It should be noted that the fourth address may be more than one. The specific address. The fourth address can be sent through the first TCP connection. In another embodiment of the present invention, the second terminal may also send the fifth address of the second terminal to the first terminal, where the fifth address is also a multiple access address. It should be noted that the fifth address may be a The above specific address. Thereby, the first terminal actively initiates establishing a third TCP connection of the sixth address and the fifth address. The fifth address can also be sent over the first TCP connection.
  • the fifth address and the first address of the second terminal may be the same address.
  • the second terminal establishes a second HIP association between the third address and the fourth address, and the second terminal saves the second mapping relationship between the third address and the fourth address and the second HIP.
  • the first terminal may also save the second mapping relationship.
  • the third address and the first address may also refer to the same address.
  • the second terminal sends a second TCP SYN packet to the first terminal by using the third address according to the second mapping relationship, to establish a second TCP connection between the third address and the fourth address, where the second TCP SYN packet includes The same CID information of a TCP SYN message.
  • the third address corresponding to the second HIP association may be determined according to the second mapping relationship, and then the first address is obtained through the third address.
  • the terminal sends a second TCP SYN packet, so as to establish a second TCP connection of the third address and the fourth address, where the second TCP connection is the second TCP substream.
  • the second TCP SYN message may also include connection identifier information, and the TCP connection with the same connection identifier information will be in multiple connections. Converged on the TCP layer into a TCP connection.
  • the second TCP SYN packet is sent to the first terminal by using the third address according to the second mapping relationship, so that the second TCP connection of the third address and the fourth address may be established in the following manner. Transmitting, by the third address, the second TCP SYN packet to the first terminal according to the second mapping relationship; receiving the second TCP SYN/ACK packet returned by the fourth address, where the second TCP SYN/ACK packet includes CID information, where the The second TCP SYN/ACK packet is sent by the fourth address to the second TCP SYN packet forwarded by the first terminal, and the first terminal forwards the second TCP SYN packet to the fourth address according to the saved second mapping relationship; The TCP ACK packet is sent to the fourth address through the third address, and the establishment of the second TCP connection is completed. After the second TCP connection is established, the TCP application layer can simultaneously transmit data through the first TCP connection and the second TCP connection.
  • the second terminal establishes a third address and a second address
  • the information about the fourth address failure sent by the first terminal may be further received.
  • the fourth address may be determined to correspond to the second TCP connection according to the second mapping relationship, so that the second terminal sends the TCP to the first terminal.
  • the connection removal request is made, the fourth address may be carried in the TCP connection teardown request, so that the second TCP connection is properly removed.
  • the TCP connection teardown request may be a TCP end (FIN) message.
  • the first HIP association and the first TCP connection are corresponding to each other, that is, the corresponding first TCP connection can be found according to the first HIP association. Similarly, the corresponding second TCP connection can be found according to the second HIP association.
  • the multi-path TCP layer can aggregate the first TCP connection and the second TCP connection into the same TCP connection and send it to the application layer. Therefore, the multi-path TCP layer can parse the received TCP connection, obtain the CID of the TCP connection, and determine whether the CID of the received TCP connection is the same.
  • the multi-path TCP layer after receiving the data sent by the application layer, can find the HIP association corresponding to the HIT according to the HIT included in the data, and further find the association with the HIP association.
  • the TCP connection performs data transfer.
  • the multi-path TCP layer stores a correspondence between the HIT and the HIP association, or a correspondence between the HIT and the TCP connection.
  • the second terminal may save the first mapping relationship between the first address and the second address and the first HIP, thereby establishing a first TCP connection between the first address and the second address, and
  • the process of establishing the first TCP connection carries the CID information, so after receiving the fourth address sent by the first terminal, the CID information can be used to establish a second TCP connection between the third address and the fourth address, thereby
  • the same TCP application has at least two TCP connections, so that different TCP flows of one TCP application can be transmitted through different paths, so that the terminal supporting multiple access can take advantage of multiple access in the HIP network, and can improve the terminal and The efficiency of the use of the network.
  • the second terminal may send the fifth address to the first terminal, so that the first terminal may initiate the establishment of the TCP connection, further improving the terminal and the network. Utilization efficiency.
  • the second terminal may tear down the second TCP connection, thereby enabling resources of the terminal and the network. A valid application can be obtained.
  • Figure 4 depicts a signaling flow of a connection establishment method provided by another embodiment of the present invention, the embodiment including the following steps.
  • the second terminal sends the first initial message to the second address of the first terminal by using the first address of the second terminal.
  • the first initial message includes the HIT of the second terminal and the HIT of the first terminal, and the second terminal can obtain the defect of the first terminal from the DNS server or the RVS server.
  • the second address of the first terminal sends the first response to the first address of the second terminal. After receiving the first initial message, the first terminal sends back the first response message to the second terminal. In the first response message, a generated puzzle is included, which requires a second terminal solution. The first terminal implements security verification of the second terminal by this method.
  • a Diffie-Hellman process may be included in the first response, including a public key of the first terminal and a Diffie-Hellman parameter.
  • the first address of the second terminal sends a second initial message to the second address of the first terminal. After receiving the first response message of the first terminal, the second terminal first answers the puzzle and includes the result of the solution in the second initial text. Also included in the second initial message are information such as response information, security parameter index, and encrypted public key.
  • the second address of the first terminal sends a second response to the first address of the second terminal. After receiving the second initial message, the first terminal verifies the puzzle that the second terminal has answered, and authenticates the second terminal. In the second response sent back by the first terminal, the security parameter index value of the first terminal will be included.
  • the first terminal and the second terminal save a first mapping relationship between the first address and the second address and the first HIP.
  • the first address of the second terminal sends the first TCP SYN to the second address of the first terminal. Text.
  • the first address of the second terminal sends a first TCP SYN message to the second address of the first terminal to initiate a first TCP connection establishment process.
  • the first TCP SYN packet carries the connection identifier information in order to identify the first TCP connection.
  • the second address of the first terminal sends a first TCP SYN/ACK packet to the first address of the second terminal.
  • the first terminal After receiving the first TCP SYN packet sent by the first address of the second terminal, the first terminal forwards the first TCP SYN 4 message to the second address according to the first mapping relationship.
  • the second address After receiving the first TCP SYN packet, the second address checks the connection identifier information contained therein. If the connection identifier information is not present in the local device, it indicates that a new TCP connection is established. Then, the second address of the first terminal sends a first TCP SYN/ACK message to the first address of the second terminal, and carries the same connection identifier information in the first TCP SYN message.
  • the first TCP SYN/ACK message is an acknowledgement of the first TCP SYN 4 message on the one hand, and a connection identifier information confirming the TCP connection on the other hand, and can be generated by using the connection identifier information in a subsequent process.
  • TCP subflow is an acknowledgement of the first TCP SYN 4 message on the one hand, and a connection identifier information confirming the TCP connection on the other hand, and can be generated by using the connection identifier information in a subsequent process.
  • the first address of the second terminal sends the first TCP ACK message to the second address of the first terminal.
  • the first TCP ACK packet is a three-way handshake process for confirming the first TCP SYN/ACK packet and completing the TCP connection establishment.
  • the first TCP connection is established after 406 ⁇ 408.
  • this connection maintains a connection identifier information that can be used to establish TCP substreams belonging to the same TCP application.
  • the first terminal sends a fourth address to the second terminal by using the first TCP connection, where the fourth address is a multiple access address, indicating that the first terminal can use the fourth address to establish more of the same TCP application with the second terminal.
  • TCP subflow
  • the first terminal and the second terminal save a second mapping relationship between the third address and the fourth address and the second HIP.
  • the third address of the second terminal sends the second TCP SYN to the fourth address of the first terminal. Text.
  • the third address of the second terminal sends a second TCP SYN message to the fourth address of the first terminal to initiate a second TCP connection establishment process.
  • the second TCP SYN packet carries the connection identifier information, where the connection identifier information is the same as the connection identifier information carried in the first TCP SYN packet, and is used to indicate the first TCP connection.
  • the second TCP connection belongs to the same TCP application.
  • the fourth address of the first terminal sends a second TCP SYN/ACK packet to the third address of the second terminal.
  • the first terminal After receiving the second TCP SYN packet sent by the third terminal of the second terminal, the first terminal forwards the second TCP SYN packet to the fourth address according to the second mapping relationship. After receiving the second TCP SYN packet, the fourth address checks the connection identifier information contained therein. If the connection identifier information is present in the local device, it indicates that a TCP connection is established as the TCP substream. Then, the fourth address of the first terminal sends a second TCP SYN/ACK packet to the third address of the second terminal, and carries the same connection identifier information in the second TCP SYN packet, indicating that the second Confirmation of TCP SYN packets.
  • the third address of the second terminal sends a second TCP ACK message to the fourth address of the first terminal.
  • the second TCP ACK packet is a three-way handshake process for confirming the second TCP SYN/ACK packet and completing the TCP connection establishment.
  • a second TCP connection is established after 412 ⁇ 414.
  • the second TCP connection belongs to the same TCP connection as the first TCP connection.
  • the upper application layer can send data through two different TCP connections to implement multi-access transmission and multi-path transmission in the HIP network.
  • the destination endpoint After receiving the packets from the two TCP connections, the destination endpoint aggregates the data into a TCP stream on the multi-path TCP layer and hands it over to the application layer to implement transparency of the application layer.
  • the application layer of the second terminal forwards the data packet to the multipath TCP layer, where the multipath
  • the TCP layer determines, according to the HIT of the data packet, that there are two TCP connections corresponding to the HIT, namely, TCP 1 and TCP 2. Then, the multi-path TCP layer of the second terminal sends the data packet to the bottom layer through TCP 1 and TCP 2.
  • the bottom layer of the second terminal sends the data packet to the first terminal
  • the bottom layer of the first terminal receives the data packet sent by the TCP 1 and the TCP 2 connection, and the bottom of the first terminal
  • the layer sends the data transmitted by the TCP 1 and the TCP 2 to the multi-path TCP layer
  • the multi-path TCP layer determines that the TCP 1 and the TCP 2 connection belong to the same TCP connection according to the CID of the TCP 1 and the TCP 2, and then passes through the TCP.
  • the data packets sent by the TCP 2 are aggregated and sent to the application layer of the first terminal.
  • the second terminal may save the first mapping relationship between the first address and the second address and the first HIP, thereby establishing a first TCP connection between the first address and the second address, and
  • the process of establishing the first TCP connection carries the CID information, so after receiving the fourth address sent by the first terminal, the CID information can be used to establish a second TCP connection between the third address and the fourth address, thereby
  • the same TCP application has at least two TCP connections, so that different TCP flows of one TCP application can be transmitted through different paths, so that the terminal supporting multiple access can take advantage of multiple access in the HIP network, and can improve the terminal and The efficiency of the use of the network.
  • FIG. 5 illustrates the structure of the connection establishing apparatus according to an embodiment of the present invention, including a host identity protocol association establishing unit 501, a saving unit 502, and a transmission control protocol connection establishing unit 503. And receiving unit 504.
  • the host identity protocol association establishing unit 501 is configured to establish a first address-to-first HIP association with the first terminal, and after the receiving unit 504 receives the fourth address sent by the first terminal,
  • the saving unit 502 is configured to: after the host identity association association establishing unit 501 establishes the first HIP association, save the first mapping relationship between the first address and the second address and the first HIP; and establish the first in the host identity protocol association establishing unit 501. After the second HIP is associated, the second mapping relationship between the third address and the fourth address and the second HIP is saved.
  • the transmission control protocol connection establishing unit 503 is configured to send the first TCP SYN 4 message to the first terminal by using the first address according to the first mapping relationship saved by the saving unit 502, to establish the first address and the first address of the second address.
  • a TCP connection the first TCP SYN packet includes the CID information
  • the second TCP SYN packet is sent to the first terminal by using the third address according to the second mapping relationship saved by the saving unit 502.
  • the second TCP SYN message includes the CID information.
  • the receiving unit 504 is configured to receive a fourth address sent by the first terminal.
  • connection establishing apparatus in this embodiment can save the first mapping relationship between the first address and the second address and the first HIP, thereby establishing a first TCP connection between the first address and the second address, and
  • the process of establishing the first TCP connection carries the CID information, so after receiving the fourth address sent by the first terminal, the CID information can be used to establish a second TCP connection between the third address and the fourth address, thereby
  • the same TCP application has at least two TCP connections, so that different TCP flows of one TCP application can be transmitted through different paths, so that the terminal supporting multiple access can take advantage of multiple access in the HIP network, and can improve the terminal and The efficiency of the use of the network.
  • Figure 6 is a diagram showing the structure of a connection establishing apparatus according to another embodiment of the present invention, including a host identification protocol association establishing unit 601, a saving unit 602, a transmission control protocol connection establishing unit 603, a receiving unit 604, and a transmitting unit 605.
  • the host identity protocol association establishing unit 601 is configured to establish a first address and a second HIP association of the first terminal, and after the receiving unit 604 receives the fourth address sent by the first terminal,
  • the saving unit 602 is configured to: after the host identity association association unit 601 establishes the first HIP association, save the first mapping relationship between the first address and the second address and the first HIP; and establish the first in the host identity protocol association establishing unit 601. After the second HIP is associated, the second mapping relationship between the third address and the fourth address and the second HIP is saved.
  • the transmission control protocol connection establishing unit 603 is configured to send, by using the first address, the first TCP SYN 4 message to the first terminal according to the first mapping relationship saved by the saving unit 602, to establish the first address and the first address of the second address.
  • the TCP connection, the first TCP SYN message includes the CID information
  • the second TCP SYN message is sent to the first terminal by using the third address according to the second mapping relationship saved by the saving unit 602, to establish the third address and the fourth address.
  • the second TCP connection, the second TCP SYN message includes CID information.
  • the receiving unit 604 is configured to receive a fourth address sent by the first terminal.
  • the sending unit 605 is configured to send a fifth address to the first terminal after the transmission control protocol connection establishing unit 603 establishes the first TCP connection, so that the first terminal initiates the establishment of the sixth address and the fifth address.
  • the third TCP connection is configured to send a fifth address to the first terminal after the transmission control protocol connection establishing unit 603 establishes the first TCP connection, so that the first terminal initiates the establishment of the sixth address and the fifth address.
  • connection establishing apparatus in this embodiment can save the first address and the second address and the first
  • the CID information can be used to establish a second TCP connection between the third address and the fourth address, so that at least two TCP connections can be applied to the same TCP, so that different TCP flows of one TCP application can pass different
  • the path transmission enables the terminal supporting multiple access to take advantage of multiple access in the HIP network, and at the same time can improve the utilization efficiency of the terminal and the network.
  • the fifth address is sent to the first terminal, so that the first terminal can initiate the establishment of the TCP connection, thereby further improving the utilization efficiency of the terminal and the network.
  • Figure 7 is a diagram showing the structure of a connection establishing apparatus according to another embodiment of the present invention, including a host identification protocol association establishing unit 701, a saving unit 702, a transmission control protocol connection establishing unit 703, a receiving unit 704, and a removing unit 705.
  • the host identity protocol association establishing unit 701 is configured to establish a first address and a second HIP association of the first terminal, and after the receiving unit 704 receives the fourth address sent by the first terminal,
  • the saving unit 702 is configured to: after the host identity association association establishing unit 701 establishes the first HIP association, save the first mapping relationship between the first address and the second address and the first HIP; and establish the first in the host identity protocol association establishing unit 701 After the second HIP is associated, the second mapping relationship between the third address and the fourth address and the second HIP is saved.
  • the transmission control protocol connection establishing unit 703 is configured to send the first TCP SYN 4 message to the first terminal by using the first address according to the first mapping relationship saved by the saving unit 702, to establish the first address and the first address of the second address.
  • the TCP connection, the first TCP SYN packet includes the CID information; and the second TCP SYN packet is sent to the first terminal by using the third address according to the second mapping relationship saved by the saving unit 702, to establish the third address and the fourth address.
  • the second TCP connection, the second TCP SYN message includes the CID information.
  • the receiving unit 704 is configured to receive the fourth address sent by the first terminal. After the second TCP connection is established, the transmission control protocol connection establishing unit 703 receives the information of the fourth address failure sent by the first terminal.
  • the removing unit 705 is configured to determine, according to the second mapping relationship saved by the saving unit 702, that the fourth address corresponds to the second TCP connection, and remove the second TCP connection, after the receiving unit 704 receives the information of the fourth address failure.
  • connection establishing apparatus in this embodiment can save the first mapping relationship between the first address and the second address and the first HIP, thereby establishing a first TCP connection between the first address and the second address, and
  • the process of establishing the first TCP connection carries the CID information, so after receiving the fourth address sent by the first terminal, the CID information can be used to establish a second TCP connection between the third address and the fourth address, thereby
  • the same TCP application has at least two TCP connections, so that different TCP flows of one TCP application can be transmitted through different paths, so that the terminal supporting multiple access can take advantage of multiple access in the HIP network, and can improve the terminal and The efficiency of the use of the network.
  • the second TCP connection can be removed, so that the resources of the terminal and the network can be effectively applied.
  • FIG. 8 illustrates the structure of a connection establishing apparatus according to an embodiment of the present invention, including a host identity protocol association establishing unit 801, a saving unit 802, a transmission control protocol connection establishing unit 803, and a receiving unit 804.
  • the host identity protocol association establishing unit 801 is configured to establish a first address and a second HIP association of the first terminal, and after the receiving unit 804 receives the fourth address sent by the first terminal,
  • the saving unit 802 is configured to: after the host identity association association unit 801 establishes the first HIP association, save the first mapping relationship between the first address and the second address and the first HIP; and establish the first in the host identity protocol association establishing unit 801. After the second HIP is associated, the third address and the fourth address are saved with the second
  • the transmission control protocol connection establishing unit 803 is configured to send the first TCP SYN 4 message to the first terminal by using the first address according to the first mapping relationship saved by the saving unit 802, to establish the first address and the first address of the second address.
  • TCP connection, the first TCP SYN message includes CID information; according to the saving unit
  • the second mapping relationship saved by the 802 sends a second TCP SYN packet to the first terminal by using the third address to establish a second TCP connection between the third address and the fourth address, where the second TCP SYN packet includes the CID information.
  • a transmission control protocol connection establishing unit 803 A message transmitting unit 8031 and a message receiving unit 8032 may be included.
  • the message sending unit 8031 is configured to send, by using the first address, the first TCP SYN message to the first terminal according to the first mapping relationship; after the message receiving unit 8032 receives the first TCP SYN/ACK message, pass the first The address sends a TCP ACK packet to the second address to complete the establishment of the first TCP connection.
  • the message receiving unit 8032 is configured to receive a first TCP SYN/ACK message returned by the second address, where the first TCP SYN/ACK message includes CID information, and the first TCP SYN/ACK message is received by the second address. After the first TCP SYN packet is forwarded by the terminal, the first terminal forwards the first TCP SYN packet to the second address according to the saved first mapping relationship.
  • the receiving unit 804 is configured to receive a fourth address sent by the first terminal.
  • connection establishing apparatus in this embodiment can save the first address and the second address and the first
  • the CID information can be used to establish a second TCP connection between the third address and the fourth address, so that at least two TCP connections can be applied to the same TCP, so that different TCP flows of one TCP application can pass different
  • the path transmission enables the terminal supporting multiple access to take advantage of multiple access in the HIP network, and at the same time can improve the utilization efficiency of the terminal and the network.
  • An embodiment of the present invention further provides a communication system, which includes the connection establishment apparatus provided by the embodiment of the present invention.
  • the storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).
  • ROM read-only memory
  • RAM random access memory

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Small-Scale Networks (AREA)

Abstract

A method for establishing a connection includes: after establishing a first host identity protocol(HIP) association between a first address of a second terminal and a second address of a first terminal, the second terminal saves a first mapping relation among the first address, the second address and the first HIP association; a first transmission control protocol(TCP) connection between the first address and the second address is established, and a first TCP SYN message includes connection identity(CID) information; the second terminal establishes a second HIP association between a third address and a forth address of the second terminal, and saves a second mapping relation among the third address, the forth address and the second HIP association; a second TCP connection between the third address and the forth address is established, and a second TCP SYN message includes CID information which is the same with that of the first TCP SYN message. An apparatus for establishing a connection and a communication system corresponding to the method for establishing a connection are also provided. The multi-access of the terminal in the HIP network can be realized.

Description

连接建立方法、 装置及通信系统  Connection establishment method, device and communication system
技术领域 Technical field
本发明涉及通信技术领域,具体涉及一种连接建立方法、装置及通信系统。 背景技术  The present invention relates to the field of communications technologies, and in particular, to a connection establishment method, apparatus, and communication system. Background technique
随着终端的移动性增强, 需要在终端主机上实现移动性管理。 为了解决主 机的移动性问题, 因特网工程任务组( IETF: Internet Engineering Task Force ) 提出了一种采用将标识和定位功能相分离的方法来解决移动性,这也是主机标 识协议( HIP: Host Identity Protocol ) 的出发点。 在 HIP协议中, 采用了非对 称密钥加密算法的思想, 将密钥对中的公共密钥作为节点的主机标识 (HI: Host Identity )„ 由于作为公共密钥的 HI可能比较长, 在所有情况下都使用不 是很实用。 在实际使用中, 保存的值为此主机标识的 128位哈希值, 为主机标 识符( HIT: Host Identity Tag )。 由于 HIT和 IPv6地址的长度完全一样, 所以 可以直接应用于 IPv6应用。 经过这样的处理后, 实现了主机标识和主机位置 的分离。  As the mobility of the terminal increases, mobility management needs to be implemented on the terminal host. In order to solve the mobility problem of the host, the Internet Engineering Task Force (IETF) proposes a method of separating the identification and positioning functions to solve the mobility, which is also the host identity protocol (HIP: Host Identity Protocol). ) The starting point. In the HIP protocol, the idea of an asymmetric key encryption algorithm is adopted, and the public key in the key pair is used as the host identifier of the node (HI: Host Identity) „ Since HI as a public key may be relatively long, at all In actual use, it is not very useful. In actual use, the saved value is the 128-bit hash value of this host ID, which is the host identifier (HIT: Host Identity Tag). Since the lengths of HIT and IPv6 addresses are exactly the same, It can be directly applied to IPv6 applications. After such processing, the separation of host ID and host location is achieved.
在增加了 HIP后, 需要对现有的传输控制协议 /网际协议(TCP/IP ) 的协 议栈进行修改, 在网络层和传输层之间新增一个主机标识层, 具体地, 在 HIP 网络协议栈中, 最底层是物理层, 向上依次是链路层, 网络层(IPv4或 IPv6 ), HIP层, 传输层(TCP/UDP )和应用层。 即在网络层和传输层之间新增加了一 个协议栈层次 HIP层, 将原来由端口和 IP的对应关系转变为了端口和 HIT的 对应关系。 因此应用层不用知道当前主机和所需要联系主机的具体地址, 只需 要知道主机标识即可。 IP地址在这里仅仅只是作为路由功能所使用, 而 HIP 层则实现了主机的 HIT和 IP地址之间的映射, 从而实现完整的通信流程。  After the HIP is added, the existing Transmission Control Protocol/Internet Protocol (TCP/IP) protocol stack needs to be modified, and a host identification layer is added between the network layer and the transport layer, specifically, the HIP network protocol. In the stack, the bottom layer is the physical layer, and the top layer is the link layer, the network layer (IPv4 or IPv6), the HIP layer, the transport layer (TCP/UDP), and the application layer. That is, a new protocol stack HIP layer is added between the network layer and the transport layer, and the correspondence between the port and the IP is changed to the correspondence between the port and the HIT. Therefore, the application layer does not need to know the current host and the specific address of the host to be contacted, just need to know the host ID. The IP address is used only as a routing function here, and the HIP layer implements a mapping between the host's HIT and IP address to implement a complete communication process.
在 HIP层次上,每个包含源 HIT和目标 HIT的分组被映射到节点的 IP地 址上, 同时在网络层上实现 IP报文的路由。其中,源 HIT被映射成源 IP地址, 而目标 HIT则被映射成目标 IP地址。 当报文分组通过网络层的路由等功能到 达对端后, 对端上的 HIP层次将 IP地址映射成 HIT。 具体地, 源 IP地址被映 射成源 HIT, 而目标 IP地址则被映射成目标 HIT, 并进一步将 4艮文发送到传 输层进行处理,从而实现了报文从发送者的传输层到达接收者的传输层, 完成 端到端传输。 因此, 应用层将使用 HIT来标识上层连接, 而 HIT能够在整个 连接过程中保持不变。 另一方面, 底层的 IP地址可以随着移动而改变, 但是 这种 IP地址的变化对于上层应用来说是透明的,从而解决了主机移动性问题。 At the HIP level, each packet containing the source HIT and the target HIT is mapped to the IP address of the node, and the IP packet is routed at the network layer. The source HIT is mapped to the source IP address, and the target HIT is mapped to the target IP address. After the packet is sent to the peer through the network layer route and other functions, the HIP layer on the peer maps the IP address to the HIT. Specifically, the source IP address is mapped to the source HIT, and the target IP address is mapped to the target HIT, and the message is further sent to the transport layer for processing, thereby realizing that the message arrives at the sender from the sender's transport layer. The transport layer, completes the end-to-end transmission. Therefore, the application layer will use the HIT to identify the upper connection, and the HIT can be used throughout It remains unchanged during the connection process. On the other hand, the underlying IP address can change with the move, but this change in IP address is transparent to the upper layer application, thus solving the host mobility problem.
但是, 由于在主机标识协议在协议栈中引入了 HIP层, 将原来由端口和 IP的对应关系转变为了端口和 HIT的对应关系, 而同一时间 HIP层的 HIT只 会绑定一个 IP地址, 因此终端无法在 HIP网络实现多接入。  However, since the host identity protocol introduces the HIP layer in the protocol stack, the correspondence between the port and the IP is changed to the correspondence between the port and the HIT, and the HIT of the HIP layer is bound to only one IP address at the same time. The terminal cannot implement multiple access in the HIP network.
发明内容 Summary of the invention
本发明实施例提供了连接建立方法、装置及通信系统,使终端在 HIP网络 中实现多接入。  Embodiments of the present invention provide a connection establishment method, apparatus, and communication system, so that a terminal implements multiple access in a HIP network.
本发明一个实施例提供了一种连接建立方法, 包括:  An embodiment of the present invention provides a connection establishment method, including:
第二终端建立第二终端的第一地址与第一终端的第二地址的第一主机标 识协议关联后 ,第二终端保存所述第一地址和第二地址与所述第一主机标识协 议关联的第一映射关系;  After the second terminal establishes that the first address of the second terminal is associated with the first host identity protocol of the second address of the first terminal, the second terminal saves that the first address and the second address are associated with the first host identity protocol First mapping relationship;
第二终端根据所述第一映射关系通过所述第一地址向所述第一终端发送 第一传输控制协议同步 ·^艮文 ,以建立所述第一地址与所述第二地址的第一传输 控制协议连接, 所述第一传输控制协议同步报文包括连接标识符信息;  Transmitting, by the first terminal, the first transmission control protocol synchronization message to the first terminal by using the first address, to establish a first address of the first address and the second address, according to the first mapping relationship a transmission control protocol connection, where the first transmission control protocol synchronization message includes connection identifier information;
第二终端接收所述第一终端发送的第一终端的第四地址;  Receiving, by the second terminal, a fourth address of the first terminal sent by the first terminal;
第二终端建立第二终端的第三地址与所述第四地址的第二主机标识协议 关联,第二终端保存所述第三地址和第四地址与所述第二主机标识协议关联的 第二映射关系;  Establishing, by the second terminal, a third address of the second terminal and a second host identity protocol of the fourth address, where the second terminal saves the third address and the fourth address are associated with the second host identity protocol Mapping relations;
第二终端根据所述第二映射关系通过所述第三地址向所述第一终端发送 第二传输控制协议同步 ·^艮文 ,以建立所述第三地址与所述第四地址的第二传输 控制协议连接,所述第二传输控制协议同步报文包括与所述第一传输控制协议 同步报文相同的连接标识符信息。  The second terminal sends a second transmission control protocol synchronization message to the first terminal by using the third address according to the second mapping relationship, to establish the third address and the second address of the fourth address. a transmission control protocol connection, the second transmission control protocol synchronization message including the same connection identifier information as the first transmission control protocol synchronization message.
本发明另一个实施例提供了一种连接建立装置,包括主机标识协议关联建 立单元, 保存单元, 传输控制协议连接建立单元和接收单元;  Another embodiment of the present invention provides a connection establishing apparatus, including a host identity protocol association establishing unit, a saving unit, a transmission control protocol connection establishing unit, and a receiving unit;
所述主机标识协议关联建立单元,用于建立第一地址与第一终端的第二地 址的第一主机标识协议关联后; 在接收单元接收了第一终端发送的第四地址 后, 建立第三地址与所述第四地址的第二主机标识协议关联;  The host identity protocol association establishing unit is configured to establish a first address associated with the first host identity protocol of the second address of the first terminal; after the receiving unit receives the fourth address sent by the first terminal, establish a third The address is associated with a second host identity protocol of the fourth address;
所述保存单元,用于在所述主机标识协议关联建立单元建立所述第一主机 标识协议关联后 ,保存所述第一地址和第二地址与所述第一主机标识协议关联 的第一映射关系;在所述主机标识协议关联建立单元建立所述第二主机标识协 议关联后 ,保存所述第三地址和第四地址与所述第二主机标识协议关联的第二 映射关系; The saving unit is configured to establish the first host in the host identity protocol association establishing unit After the association of the protocol is associated, the first mapping relationship between the first address and the second address and the first host identity protocol is saved; after the host identity protocol association establishing unit establishes the second host identity protocol association, Saving a second mapping relationship between the third address and the fourth address and the second host identity protocol;
所述传输控制协议连接建立单元,用于根据所述保存单元保存的第一映射 关系,通过所述第一地址向所述第一终端发送第一传输控制协议同步 ·^艮文, 以 建立所述第一地址与所述第二地址的第一传输控制协议连接,所述第一传输控 制协议同步报文包括连接标识符信息; 根据所述保存单元保存的第二映射关 系,通过第三地址向所述第一终端发送第二传输控制协议同步 ·^艮文, 以建立所 述第三地址与所述第四地址的第二传输控制协议连接,所述第二传输控制协议 同步报文包括与所述第一传输控制协议同步报文相同的连接标识符信息; 所述接收单元, 用于接收所述第一终端发送的第四地址。  The transmission control protocol connection establishing unit is configured to send, by using the first address, a first transmission control protocol synchronization message to the first terminal according to the first mapping relationship saved by the saving unit, to establish a The first address is connected to the first transmission control protocol of the second address, the first transmission control protocol synchronization message includes connection identifier information, and the third mapping is performed according to the second mapping relationship saved by the saving unit. Transmitting, by the first terminal, a second transmission control protocol synchronization packet, to establish a connection between the third address and the fourth transmission control protocol, where the second transmission control protocol synchronization packet includes The connection identifier information is the same as the first transmission control protocol synchronization message; the receiving unit is configured to receive the fourth address sent by the first terminal.
本发明另一个实施例提供了一种通信系统,包括本发明实施例提供的连接 建立装置。  Another embodiment of the present invention provides a communication system, including the connection establishment apparatus provided by the embodiment of the present invention.
从本发明实施例提供的以上技术方案可以看出,从上可知, 本实施例中源 端点可以保存第一地址和第二地址与第一 HIP关联的第一映射关系,从而建立 第一地址和第二地址之间的第一 TCP连接, 并且在建立第一 TCP连接的过程 中携带 CID信息,从而在接收到第一终端发送的第四地址后,可以使用该 CID 信息建立第三地址与第四地址之间的第二 TCP连接, 从而可以为同一个 TCP 应用至少两个 TCP连接,使一个 TCP应用的不同的 TCP流可以通过不同的路 径传输,使支持多接入的终端在 HIP网络中发挥出多接入的优势, 同时可以提 高终端以及网络的利用效率。  It can be seen from the above technical solution provided by the embodiment of the present invention that, in the foregoing embodiment, the source endpoint may save the first mapping relationship between the first address and the second address and the first HIP, thereby establishing the first address and a first TCP connection between the second address, and carrying the CID information in the process of establishing the first TCP connection, so that after receiving the fourth address sent by the first terminal, the CID information can be used to establish the third address and the third address A second TCP connection between the four addresses, so that at least two TCP connections can be applied to the same TCP, so that different TCP flows of one TCP application can be transmitted through different paths, so that terminals supporting multiple access are in the HIP network. It can take advantage of multiple access and improve the utilization efficiency of terminals and networks.
附图说明 DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施 例或现有技术描述中所需要使用的附图作筒单地介绍,显而易见地, 下面描述 中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲, 在不付 出创造性劳动性的前提下, 还可以根据这些附图获得其他的附图。  In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description For some embodiments of the present invention, other drawings may be obtained from those skilled in the art without departing from the drawings.
图 1为现有技术中主机标识协议层次示意图;  1 is a schematic diagram of a hierarchy of host identification protocols in the prior art;
图 2为本发明实施例中 HIP网络协议栈示意图; 图 3为本发明一个实施例提供的连接建立方法的流程图; 2 is a schematic diagram of a HIP network protocol stack according to an embodiment of the present invention; FIG. 3 is a flowchart of a connection establishment method according to an embodiment of the present invention;
图 4为本发明另一个实施例提供的连接建立方法的信令流程图;  4 is a signaling flowchart of a connection establishment method according to another embodiment of the present invention;
图 5为本发明一个实施例提供的连接建立装置的结构图;  FIG. 5 is a structural diagram of a connection establishing apparatus according to an embodiment of the present invention;
图 6为本发明另一个实施例提供的连接建立装置的结构图;  6 is a structural diagram of a connection establishing apparatus according to another embodiment of the present invention;
图 7为本发明另一个实施例提供的连接建立装置的结构图;  FIG. 7 is a structural diagram of a connection establishing apparatus according to another embodiment of the present invention; FIG.
图 8为本发明另一个实施例提供的连接建立装置的结构图。  FIG. 8 is a structural diagram of a connection establishing apparatus according to another embodiment of the present invention.
具体实施方式 detailed description
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清 楚、 完整地描述, 显然, 所描述的实施例仅仅是本发明一部分实施例, 而不是 全部的实施例。基于本发明中的实施例, 本领域普通技术人员在没有作出创造 性劳动前提下所获得的所有其他实施例, 都属于本发明保护的范围。  BRIEF DESCRIPTION OF THE DRAWINGS The technical solutions in the embodiments of the present invention will be described in detail below with reference to the accompanying drawings. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present invention without creative work are within the scope of the present invention.
图 1是现有技术中的一个 HIP协议栈的示意图, 如图 1 所示, 该 HIP协 议栈中最底层是物理层, 向上依次是链路层, 网络层(IPv4或 IPv6 ), HIP层, 传输层(TCP/UDP )和应用层。  1 is a schematic diagram of a HIP protocol stack in the prior art. As shown in FIG. 1, the bottom layer of the HIP protocol stack is a physical layer, and the uplink layer is a link layer, a network layer (IPv4 or IPv6), and a HIP layer. Transport layer (TCP/UDP) and application layer.
在本发明的一个实施例中,在支持 HIP协议的终端上, 引入了多路径 TCP 的功能, 使得该支持 HIP协议的终端的传输层的功能被分解成语义层和 TCP 子流层, 其中语义层也可称为多路径 TCP层, 负责多个 TCP子流之间的调度 和管理。 本发明的一个实施例中, HIP网络协议栈如图 2所示, 在图 2中, 底 层为具有多个接入的物理层接口, 往上一层则为网络层, 在网络层之上则为 HIP层次, 主要用来屏蔽上层对 IP的访问, 使得原来端口和 IP地址的映射转 变为了端口和 HIP层次上的 HIT之间的映射。 在 HIP层次之上则为 TCP子流 层, 可以对应于底层的多个物理接口, 如一个 TCP子流可以对应一个底层的 物理接口。在 TCP子流层之上为多路径 TCP层, 可以对下层的 TCP子流进行 路径管理和调度等, 同时多路径 TCP层还可以对多个 TCP子流的数据重排序 并提交给应用层, 如将多个 TCP子流合并后发送给应用层, 实现底层的改动 对上层应用的透明性。 而最上层的应用层, 对于传输层的改动并不感知, 继续 与对端通过 HIT进行通信。  In an embodiment of the present invention, the function of the multi-path TCP is introduced on the terminal supporting the HIP protocol, so that the function of the transport layer of the terminal supporting the HIP protocol is decomposed into a semantic layer and a TCP sub-flow layer, wherein the semantics Layers, also known as multipath TCP layers, are responsible for scheduling and management between multiple TCP substreams. In an embodiment of the present invention, the HIP network protocol stack is as shown in FIG. 2. In FIG. 2, the bottom layer is a physical layer interface with multiple accesses, and the upper layer is a network layer, and above the network layer. For the HIP layer, it is mainly used to shield the upper layer from accessing IP, so that the mapping between the original port and the IP address is changed to the mapping between the port and the HIT on the HIP level. Above the HIP level, it is a TCP sub-flow layer, which can correspond to multiple physical interfaces at the bottom. For example, a TCP sub-flow can correspond to an underlying physical interface. Above the TCP sub-flow layer is a multi-path TCP layer, which can perform path management and scheduling for the lower-layer TCP sub-flow, and the multi-path TCP layer can also reorder data of multiple TCP sub-flows and submit it to the application layer. For example, multiple TCP substreams are combined and sent to the application layer to implement transparency of the underlying changes to the upper application. The uppermost application layer, which is not aware of the changes in the transport layer, continues to communicate with the peer through the HIT.
先介绍本发明实施例提供的连接建立方法,图 3描述了本发明一个实施例 提供的连接建立方法的流程, 该实施例描述的是第二终端(第二终端具体可以 是通信过程中的源端点) 的处理流程, 该实施例包括如下步骤。 The connection establishment method provided by the embodiment of the present invention is described first. FIG. 3 is a flowchart of a connection establishment method according to an embodiment of the present invention. The second terminal is specifically described in the embodiment. It is a processing flow of a source endpoint in a communication process, and the embodiment includes the following steps.
301、 第二终端建立第二终端的第一地址与第一终端的第二地址的第一 HIP关联,第二终端保存第一地址和第二地址与第一 HIP关联的第一映射关系。  301. The second terminal establishes a first RRC association between the first address of the second terminal and the second address of the first terminal, and the second terminal saves the first mapping relationship between the first address and the second address and the first HIP.
其中,第二终端可以从 DNS服务器或 RVS服务器获得第一终端的第二地 址, DNS服务器和 RVS服务器可以保存终端的 HIT以及该终端的地址之间的 对应关系, 如第二终端可以根据应用层发送的数据包中所包含的 HIT确定该 HIT所对应的终端的地址, 如该 HIT对应的是第一终端, 第二终端向 DNS服 务器或者 RVS服务器查询可以获知该第一终端的第一地址。本发明实施例中, 终端的地址具体可以是 IP地址。  The second terminal may obtain the second address of the first terminal from the DNS server or the RVS server, and the DNS server and the RVS server may save the correspondence between the HIT of the terminal and the address of the terminal, for example, the second terminal may be according to the application layer. The HIT included in the sent data packet determines the address of the terminal corresponding to the HIT. For example, the HIT corresponds to the first terminal, and the second terminal queries the DNS server or the RVS server to learn the first address of the first terminal. In the embodiment of the present invention, the address of the terminal may be an IP address.
第二终端建立第二终端的第一地址与第一终端的第二地址的第一 HIP 关 联可以采用如下方式, 第二终端向第一终端发送第一次初始 ^艮文; 第一终端向 第二终端发送第一次响应 ·^艮文; 第二终端向第一终端发送第二次初始 ·^艮文; 第 一终端向第二终端发送第二次响应 4艮文。  The second terminal establishes a first HIP association between the first address of the second terminal and the second address of the first terminal, where the second terminal sends the first initial message to the first terminal; The second terminal sends the first response to the first terminal, and the second terminal sends the second initial message to the first terminal. The first terminal sends the second response to the second terminal.
在 HIP网络结构中, HIP层实现了 IP地址和 HIT之间的映射关系, 对于 具有多个物理接口的终端, 也只有一个 HIT来标识该终端, TCP子流层上为 HIP关联和 HIT之间的映射关系。 而 HIP协议虽然支持多个物理接口 (多个 IP地址 ), 以使一个 HIT可以和多个 IP地址绑定来实现故障恢复等功能, 但 是在同一时间 HIP层的 HIT只会绑定一个 IP地址(一个物理接口), 因此对 于上层的多路径 TCP来说, 多个 TCP连接仍然会对应到同一个 HIT, 即多个 TCP子流的数据都只会通过与 HIT绑定的一个物理接口 (地址)进行传输, 因此, 本发明实施例引入 TCP子流和 HIP关联之间的映射关系, 该映射关系 具体是建立 HIP关联的地址与该 HIP关联的映射关系, 该映射关系保存在终 端。 因此, 在建立第一 HIP关联后, 第二终端可以保存第一地址和第二地址与 第一 HIP关联的第一映射关系, 支持 HIP协议的终端在传输数据时, 第一映 射关系可以使得上层的 TCP子流对应于多个不同 HIP关联, 进而对应多个不 同的物理接口, 从而通过不同的路径传输。  In the HIP network structure, the HIP layer implements a mapping relationship between an IP address and an HIT. For a terminal having multiple physical interfaces, there is only one HIT to identify the terminal, and the TCP sub-flow layer is between the HIP association and the HIT. Mapping relationship. The HIP protocol supports multiple physical interfaces (multiple IP addresses), so that one HIT can be bound to multiple IP addresses to implement fault recovery. However, at the same time, the HIT of the HIP layer is bound to only one IP address. (a physical interface), so for the upper multipath TCP, multiple TCP connections will still correspond to the same HIT, that is, the data of multiple TCP substreams will only pass through a physical interface (address) bound to the HIT. The transmission is performed. Therefore, the mapping between the TCP sub-flow and the HIP association is introduced in the embodiment of the present invention. The mapping relationship is specifically to establish a mapping relationship between the HIP-associated address and the HIP, and the mapping relationship is saved in the terminal. Therefore, after the first HIP association is established, the second terminal may save the first mapping relationship between the first address and the second address and the first HIP. When the terminal supporting the HIP protocol transmits data, the first mapping relationship may be caused by the upper layer. The TCP substream corresponds to a plurality of different HIP associations, and thus corresponds to a plurality of different physical interfaces, thereby being transmitted through different paths.
同时, 在第一终端也可以保存第一映射关系。  At the same time, the first mapping relationship can also be saved in the first terminal.
302、 第二终端根据第一映射关系通过第一地址向第一终端发送第一 TCP 同步( S YN )报文,以建立第一地址与第二地址的第一 TCP连接,第一 TCP SYN 4艮文中包含连接标识符 (CID: Connection Identity )信息。 302. The second terminal sends a first TCP synchronization (SYN) packet to the first terminal by using the first address according to the first mapping relationship, to establish a first TCP connection between the first address and the second address, where the first TCP SYN 4) The message contains the connection identifier (CID: Connection Identity) information.
第二终端在建立了第一 HIP关联后, 如果需要建立于该第一 HIP关联对 应的 TCP连接, 则可以根据第一映射关系确定该第一 HIP关联对应的第一地 址, 再通过第一地址向第一终端发送第一 TCP SYN 4艮文, 从而建立第一地址 与第二地址的第一 TCP连接, 该第一 TCP连接即为第一 TCP子流。  After the second terminal establishes the first HIP association, if the TCP connection corresponding to the first HIP association needs to be established, the first address corresponding to the first HIP association may be determined according to the first mapping relationship, and then the first address is used. Sending a first TCP SYN 4 message to the first terminal, so as to establish a first TCP connection between the first address and the second address, where the first TCP connection is the first TCP sub-flow.
其中,为了标识第一 TCP连接,在第一 TCP SYN报文还包含了 CID信息, 该连接标识符信息表示了属于同一个 TCP应用的多个 TCP子流的共同特征, 具有相同连接标识符信息的 TCP连接将在多连接 TCP层上汇聚成一个 TCP连 接。 因此在应用层的角度只有一个 TCP连接。  In order to identify the first TCP connection, the first TCP SYN message further includes CID information, where the connection identifier information indicates common features of multiple TCP sub-flows belonging to the same TCP application, and has the same connection identifier information. The TCP connection will be aggregated into a TCP connection on the multi-connection TCP layer. So there is only one TCP connection at the application layer perspective.
在本发明的一个实施例中,第二终端根据第一映射关系通过第一地址向第 一终端发送第一 TCP SYN报文 , 以建立第一地址与第二地址的第一 TCP连接 具体可以采用如下方式,第二终端根据第一映射关系通过第一地址向第一终端 发送第一 TCP SYN 报文; 接收第二地址返回的第一 TCP 同步与确认 ( SYN/ACK )报文, 第一 TCP SYN/ACK报文包括 CID信息, 该第一 TCP SYN/ACK报文由第二地址接收到第一终端转发的第一 TCP SYN报文后发送, 第一终端根据保存的第一映射关系将第一 TCP SYN报文转发给第二地址; 通 过第一地址向第二地址发送 TCP确认( ACK )报文, 完成第一 TCP连接的建 立。  In an embodiment of the present invention, the second terminal sends the first TCP SYN packet to the first terminal by using the first address according to the first mapping relationship, so that the first TCP connection of the first address and the second address may be specifically used. The second terminal sends the first TCP SYN packet to the first terminal by using the first address according to the first mapping relationship, and receives the first TCP synchronization and acknowledgement (SYN/ACK) packet returned by the second address, the first TCP. The SYN/ACK packet includes the CID information, and the first TCP SYN/ACK packet is sent by the second address to the first TCP SYN packet forwarded by the first terminal, and the first terminal is configured according to the saved first mapping relationship. A TCP SYN packet is forwarded to the second address; a TCP acknowledgement (ACK) packet is sent to the second address by using the first address, and the establishment of the first TCP connection is completed.
在建立了第一 TCP连接后, TCP应用层就可以通过第一 TCP连接传输数 据。  After the first TCP connection is established, the TCP application layer can transmit data over the first TCP connection.
在本发明的另一个实施例中, 第二终端建立第一地址与第二地址的第一 TCP连接后可能会进一步接收到第一终端发送的第二地址失效的信息; 此时, 可以根据第一映射关系确定第二地址对应第一 TCP连接, 从而第二终端在向 第一终端发送 TCP连接拆除请求时, 可以在 TCP连接拆除请求中携带第二地 址, 从而正确地拆除第一 TCP连接。  In another embodiment of the present invention, after the second terminal establishes the first TCP connection of the first address and the second address, the second terminal may further receive the information of the second address failure sent by the first terminal; A mapping relationship determines that the second address corresponds to the first TCP connection, so that when the second terminal sends the TCP connection teardown request to the first terminal, the second terminal may carry the second address in the TCP connection teardown request, so as to correctly remove the first TCP connection.
303、 第二终端接收第一终端发送的第四地址。  303. The second terminal receives the fourth address sent by the first terminal.
第二终端接收的第四地址由第一终端在建立了第一 TCP连接后发送, 该 第四地址即为第一终端的一个多接入地址, 需要说明的是, 第四地址可以是一 个以上的具体地址。 其中, 第四地址可以通过第一 TCP连接发送。 在本发明的另一个实施例中,第二终端也可以向第一终端发送第二终端的 第五地址, 该第五地址也是一个多接入地址, 需要说明的是, 第五地址可以是 一个以上的具体地址。从而以便于第一终端主动发起建立第六地址与该第五地 址的第三 TCP连接。 第五地址也可以通过第一 TCP连接发送。 The fourth address received by the second terminal is sent by the first terminal after the first TCP connection is established, and the fourth address is a multiple access address of the first terminal. It should be noted that the fourth address may be more than one. The specific address. The fourth address can be sent through the first TCP connection. In another embodiment of the present invention, the second terminal may also send the fifth address of the second terminal to the first terminal, where the fifth address is also a multiple access address. It should be noted that the fifth address may be a The above specific address. Thereby, the first terminal actively initiates establishing a third TCP connection of the sixth address and the fifth address. The fifth address can also be sent over the first TCP connection.
其中,在本发明的一个实施例中, 第二终端的第五地址和第一地址可以是 同一个地址。  In one embodiment of the present invention, the fifth address and the first address of the second terminal may be the same address.
304、 第二终端建立第三地址与第四地址的第二 HIP关联, 第二终端保存 第三地址和第四地址与第二 HIP关联的第二映射关系。  304. The second terminal establishes a second HIP association between the third address and the fourth address, and the second terminal saves the second mapping relationship between the third address and the fourth address and the second HIP.
同时, 第一终端也可以保存第二映射关系。  At the same time, the first terminal may also save the second mapping relationship.
其中,在本发明的一个实施例中, 第三地址和第一地址也可以指同一个地 址。  In one embodiment of the present invention, the third address and the first address may also refer to the same address.
305、 第二终端根据第二映射关系通过第三地址向第一终端发送第二 TCP SYN报文, 以建立第三地址与第四地址的第二 TCP连接, 第二 TCP SYN报 文包括与第一 TCP SYN报文相同的 CID信息。  305. The second terminal sends a second TCP SYN packet to the first terminal by using the third address according to the second mapping relationship, to establish a second TCP connection between the third address and the fourth address, where the second TCP SYN packet includes The same CID information of a TCP SYN message.
在建立了第二 HIP关联后, 如果需要建立于该第二 HIP关联对应的 TCP 连接,则可以根据第二映射关系确定该第二 HIP关联对应的第三地址,再通过 第三地址向第一终端发送第二 TCP SYN报文, 从而建立第三地址与第四地址 的第二 TCP连接, 该第二 TCP连接即为第二 TCP子流。  After the second HIP association is established, if the TCP connection corresponding to the second HIP association needs to be established, the third address corresponding to the second HIP association may be determined according to the second mapping relationship, and then the first address is obtained through the third address. The terminal sends a second TCP SYN packet, so as to establish a second TCP connection of the third address and the fourth address, where the second TCP connection is the second TCP substream.
其中, 为了标识第二 TCP连接与已经建立的第一 TCP连接属于同一个 TCP应用, 可以在第二 TCP SYN报文也包含连接标识符信息, 具有相同连接 标识符信息的 TCP连接将在多连接 TCP层上汇聚成一个 TCP连接。  In order to identify that the second TCP connection belongs to the same TCP application as the established first TCP connection, the second TCP SYN message may also include connection identifier information, and the TCP connection with the same connection identifier information will be in multiple connections. Converged on the TCP layer into a TCP connection.
在本发明的一个实施例中,根据第二映射关系通过第三地址向第一终端发 送第二 TCP SYN报文,以建立第三地址与第四地址的第二 TCP连接具体可以 采用如下方式, 根据第二映射关系通过第三地址向第一终端发送第二 TCP SYN报文;接收第四地址返回的第二 TCP SYN/ACK报文,第二 TCP SYN/ACK 报文包括 CID信息, 该第二 TCP SYN/ACK报文由第四地址接收到第一终端 转发的第二 TCP SYN报文后发送, 第一终端根据保存的第二映射关系将第二 TCP SYN报文转发给第四地址;通过第三地址向第四地址发送 TCP ACK报文, 完成第二 TCP连接的建立。 在建立了第二 TCP连接后, TCP应用层就可以通过第一 TCP连接和第二 TCP连接同时传输数据。 In an embodiment of the present invention, the second TCP SYN packet is sent to the first terminal by using the third address according to the second mapping relationship, so that the second TCP connection of the third address and the fourth address may be established in the following manner. Transmitting, by the third address, the second TCP SYN packet to the first terminal according to the second mapping relationship; receiving the second TCP SYN/ACK packet returned by the fourth address, where the second TCP SYN/ACK packet includes CID information, where the The second TCP SYN/ACK packet is sent by the fourth address to the second TCP SYN packet forwarded by the first terminal, and the first terminal forwards the second TCP SYN packet to the fourth address according to the saved second mapping relationship; The TCP ACK packet is sent to the fourth address through the third address, and the establishment of the second TCP connection is completed. After the second TCP connection is established, the TCP application layer can simultaneously transmit data through the first TCP connection and the second TCP connection.
在本发明的另一个实施例中, 第二终端建立第三地址与第四地址的第二 In another embodiment of the present invention, the second terminal establishes a third address and a second address
TCP连接后可能会进一步接收到第一终端发送的第四地址失效的信息; 此时, 可以根据第二映射关系确定第四地址对应第二 TCP连接, 从而第二终端在向 第一终端发送 TCP连接拆除请求时, 可以在 TCP连接拆除请求中携带第四地 址, 从而正确地拆除第二 TCP连接, 具体地, TCP连接拆除请求可以是 TCP 结束(FIN )报文。 After the TCP connection, the information about the fourth address failure sent by the first terminal may be further received. At this time, the fourth address may be determined to correspond to the second TCP connection according to the second mapping relationship, so that the second terminal sends the TCP to the first terminal. When the connection removal request is made, the fourth address may be carried in the TCP connection teardown request, so that the second TCP connection is properly removed. Specifically, the TCP connection teardown request may be a TCP end (FIN) message.
在本发明实施例中, 第一 HIP关联和第一 TCP连接是——对应的, 即根 据第一 HIP关联即可查找到对应的第一 TCP连接。 同理, 根据第二 HIP关联 即可查找到对应的第二 TCP连接。  In the embodiment of the present invention, the first HIP association and the first TCP connection are corresponding to each other, that is, the corresponding first TCP connection can be found according to the first HIP association. Similarly, the corresponding second TCP connection can be found according to the second HIP association.
在如图 2所述的协议栈中,如果第二终端和第一终端建立第一 HIP关联和 第二 HIP关联, 以及建立第一 TCP连接和第二 TCP连接,则在 TCP子流层中 就有两个 TCP子流, 即第一 TCP连接 (第一 TCP子流)和第二 TCP连接 (第 二 TCP子流)。 并且因为第一 TCP连接和第二 TCP连接的 CID相同, 因此多 路径 TCP层可以将第一 TCP连接和第二 TCP连接汇聚为同一个 TCP连接发 送给应用层。 因此在多路径 TCP层可以解析接收到的 TCP连接, 进而获取该 TCP连接的 CID, 并确定接收到的 TCP连接的 CID是否相同。  In the protocol stack as described in FIG. 2, if the second terminal and the first terminal establish a first HIP association and a second HIP association, and establish a first TCP connection and a second TCP connection, then in the TCP sub-flow layer There are two TCP substreams, a first TCP connection (first TCP substream) and a second TCP connection (second TCP substream). And because the CIDs of the first TCP connection and the second TCP connection are the same, the multi-path TCP layer can aggregate the first TCP connection and the second TCP connection into the same TCP connection and send it to the application layer. Therefore, the multi-path TCP layer can parse the received TCP connection, obtain the CID of the TCP connection, and determine whether the CID of the received TCP connection is the same.
在本发明的另外一个实施例中, 多路径 TCP层接收到应用层发送的数据 后, 根据该数据中所包含的 HIT可以查找到与该 HIT对应的 HIP关联, 进而 查找到与该 HIP关联对应的 TCP连接进行数据传输。 其中, 该多路径 TCP层 中保存有 HIT和 HIP关联的对应关系, 或者 HIT与 TCP连接的对应关系。  In another embodiment of the present invention, after receiving the data sent by the application layer, the multi-path TCP layer can find the HIP association corresponding to the HIT according to the HIT included in the data, and further find the association with the HIP association. The TCP connection performs data transfer. The multi-path TCP layer stores a correspondence between the HIT and the HIP association, or a correspondence between the HIT and the TCP connection.
从上可知,本实施例中第二终端可以保存第一地址和第二地址与第一 HIP 关联的第一映射关系, 从而建立第一地址和第二地址之间的第一 TCP连接, 并且在建立第一 TCP连接的过程中携带 CID信息, 从而在接收到第一终端发 送的第四地址后, 可以使用该 CID信息建立第三地址与第四地址之间的第二 TCP连接,从而可以为同一个 TCP应用至少两个 TCP连接,使一个 TCP应用 的不同的 TCP流可以通过不同的路径传输, 使支持多接入的终端在 HIP网络 中发挥出多接入的优势, 同时可以提高终端以及网络的利用效率。 在本发明的另一个实施例中, 第二终端可以在建立了第一 TCP连接后, 将第五地址发送给第一终端, 使第一终端可以主动发起 TCP连接的建立, 进 一步提高终端和网络的利用效率。在本发明的另一个实施例中, 如果在建立了 第二 TCP连接后, 第二终端接收到第四地址失效的信息, 第二终端可以将第 二 TCP连接拆除, 从而使终端和网络的资源可以得到有效的应用。 As can be seen from the above, in the embodiment, the second terminal may save the first mapping relationship between the first address and the second address and the first HIP, thereby establishing a first TCP connection between the first address and the second address, and The process of establishing the first TCP connection carries the CID information, so after receiving the fourth address sent by the first terminal, the CID information can be used to establish a second TCP connection between the third address and the fourth address, thereby The same TCP application has at least two TCP connections, so that different TCP flows of one TCP application can be transmitted through different paths, so that the terminal supporting multiple access can take advantage of multiple access in the HIP network, and can improve the terminal and The efficiency of the use of the network. In another embodiment of the present invention, after the first TCP connection is established, the second terminal may send the fifth address to the first terminal, so that the first terminal may initiate the establishment of the TCP connection, further improving the terminal and the network. Utilization efficiency. In another embodiment of the present invention, if the second terminal receives the information of the fourth address failure after the second TCP connection is established, the second terminal may tear down the second TCP connection, thereby enabling resources of the terminal and the network. A valid application can be obtained.
图 4描述了本发明另一个实施例提供的连接建立方法的信令流程,该实施 例包括如下步骤。  Figure 4 depicts a signaling flow of a connection establishment method provided by another embodiment of the present invention, the embodiment including the following steps.
401、 第二终端通过第二终端的第一地址向第一终端的第二地址发送第一 次初始 4艮文。  401. The second terminal sends the first initial message to the second address of the first terminal by using the first address of the second terminal.
其中,第一次初始 4艮文中包含第二终端的 HIT和第一终端的 HIT,第二终 端可以从 DNS服务器或 RVS服务器获得第一终端的 ΗΙΤ。  The first initial message includes the HIT of the second terminal and the HIT of the first terminal, and the second terminal can obtain the defect of the first terminal from the DNS server or the RVS server.
402、 第一终端的第二地址向第二终端的第一地址发送第一次响应 ^艮文。 当第一终端收到第一次初始 4艮文后, 向第二终端回送第一次响应 4艮文。在 第一次响应报文中, 包含了一个生成的谜题, 需要第二终端解答。 第一终端通 过此方法实现对第二终端的安全验证。 另外,在第一次响应 ·^艮文中还可以包括 Diffie-Hellman过程, 其中包含第一终端的公共密钥和 Diffie-Hellman参数。  402. The second address of the first terminal sends the first response to the first address of the second terminal. After receiving the first initial message, the first terminal sends back the first response message to the second terminal. In the first response message, a generated puzzle is included, which requires a second terminal solution. The first terminal implements security verification of the second terminal by this method. In addition, a Diffie-Hellman process may be included in the first response, including a public key of the first terminal and a Diffie-Hellman parameter.
403、 第二终端的第一地址向第一终端的第二地址发送第二次初始报文。 当第二终端收到第一终端的第一次响应报文后, 首先对谜题进行解答, 并 将解答结果包含在第二次初始 4艮文中。同时包含在第二次初始 4艮文中的还可以 有响应信息、 安全参数索引以及加密公钥等信息。  403. The first address of the second terminal sends a second initial message to the second address of the first terminal. After receiving the first response message of the first terminal, the second terminal first answers the puzzle and includes the result of the solution in the second initial text. Also included in the second initial message are information such as response information, security parameter index, and encrypted public key.
404、 第一终端的第二地址向第二终端的第一地址发送第二次响应 ^艮文。 第一终端在收到第二次初始报文后, 对第二终端已经解答的谜题进行验 证, 对第二终端进行鉴别。 在第一终端回送的第二次响应 ·^艮文中, 将包含第一 终端的安全参数索引值。  404. The second address of the first terminal sends a second response to the first address of the second terminal. After receiving the second initial message, the first terminal verifies the puzzle that the second terminal has answered, and authenticates the second terminal. In the second response sent back by the first terminal, the security parameter index value of the first terminal will be included.
至此完成第二终端的第一地址与第一终端的第二地址之间的第一 HIP 关 联的建立。  This completes the establishment of the first HIP association between the first address of the second terminal and the second address of the first terminal.
405、 第一终端和第二终端保存第一地址和第二地址与第一 HIP关联的第 一映射关系。  405. The first terminal and the second terminal save a first mapping relationship between the first address and the second address and the first HIP.
406、 第二终端的第一地址向第一终端的第二地址发送第一 TCP SYN 4艮 文。 406. The first address of the second terminal sends the first TCP SYN to the second address of the first terminal. Text.
第二终端的第一地址向第一终端的第二地址发送第一 TCP SYN 4艮文, 用 来发起第一 TCP连接建立过程。 其中, 为了标识第一 TCP连接, 在第一 TCP SYN报文中携带连接标识符信息。  The first address of the second terminal sends a first TCP SYN message to the second address of the first terminal to initiate a first TCP connection establishment process. The first TCP SYN packet carries the connection identifier information in order to identify the first TCP connection.
407、第一终端的第二地址向第二终端的第一地址发送第一 TCP SYN/ACK 报文。  407. The second address of the first terminal sends a first TCP SYN/ACK packet to the first address of the second terminal.
在第一终端收到第二终端的第一地址发来的第一 TCP SYN报文后, 根据 第一映射关系, 将第一 TCP SYN 4艮文转发到第二地址。 第二地址在收到第一 TCP SYN报文后, 查看其中包含的连接标识符信息, 如果在本机没有此连接 标识符信息, 则表示是新建一个 TCP连接。 随后, 第一终端的第二地址将向 第二终端的第一地址发送第一 TCP SYN/ACK报文, 并在其中携带第一 TCP SYN报文中相同的连接标识符信息。 第一 TCP SYN/ACK报文一方面是对第 一 TCP SYN 4艮文的确认, 另一方面则是确认此 TCP连接的连接标识符信息, 在后续流程可以使用此连接标识符信息来生成新的 TCP子流。  After receiving the first TCP SYN packet sent by the first address of the second terminal, the first terminal forwards the first TCP SYN 4 message to the second address according to the first mapping relationship. After receiving the first TCP SYN packet, the second address checks the connection identifier information contained therein. If the connection identifier information is not present in the local device, it indicates that a new TCP connection is established. Then, the second address of the first terminal sends a first TCP SYN/ACK message to the first address of the second terminal, and carries the same connection identifier information in the first TCP SYN message. The first TCP SYN/ACK message is an acknowledgement of the first TCP SYN 4 message on the one hand, and a connection identifier information confirming the TCP connection on the other hand, and can be generated by using the connection identifier information in a subsequent process. TCP subflow.
408、 第二终端的第一地址向第一终端的第二地址发送第一 TCP ACK ¾ 文。  408. The first address of the second terminal sends the first TCP ACK message to the second address of the first terminal.
第一 TCP ACK报文是对第一 TCP SYN/ACK报文进行确认,完成 TCP连 接建立的三次握手过程。  The first TCP ACK packet is a three-way handshake process for confirming the first TCP SYN/ACK packet and completing the TCP connection establishment.
在 HIP网络中, 经过 406~408就建立了第一 TCP连接。 同时, 此连接还 维护了一个连接标识符信息, 可以使用此标识符信息来建立属于同一个 TCP 应用的 TCP子流。  In the HIP network, the first TCP connection is established after 406~408. At the same time, this connection maintains a connection identifier information that can be used to establish TCP substreams belonging to the same TCP application.
409、 第一终端通过第一 TCP连接向第二终端发送第四地址, 该第四地址 为多接入地址,表明第一终端可以使用第四地址与第二终端建立更多属于同一 个 TCP应用的 TCP子流。  409. The first terminal sends a fourth address to the second terminal by using the first TCP connection, where the fourth address is a multiple access address, indicating that the first terminal can use the fourth address to establish more of the same TCP application with the second terminal. TCP subflow.
410、第二终端的第三地址与第一终端的第四地址之间建立第二 HIP关联。 第二 HIP关联的建立流程可以参考 401~404。  410. Establish a second HIP association between the third address of the second terminal and the fourth address of the first terminal. For the establishment process of the second HIP association, refer to 401~404.
411、 第一终端和第二终端保存第三地址和第四地址与第二 HIP关联的第 二映射关系。  411. The first terminal and the second terminal save a second mapping relationship between the third address and the fourth address and the second HIP.
412、 第二终端的第三地址向第一终端的第四地址发送第二 TCP SYN 4艮 文。 412. The third address of the second terminal sends the second TCP SYN to the fourth address of the first terminal. Text.
第二终端的第三地址向第一终端的第四地址发送第二 TCP SYN 4艮文, 用 来发起第二 TCP连接建立过程。 其中, 为了标识第二 TCP连接, 在第二 TCP SYN报文中携带连接标识符信息, 该连接标识符信息与第一 TCP SYN报文携 带的连接标识符信息相同, 用于表示第一 TCP连接和第二 TCP连接属于同一 个 TCP应用。  The third address of the second terminal sends a second TCP SYN message to the fourth address of the first terminal to initiate a second TCP connection establishment process. The second TCP SYN packet carries the connection identifier information, where the connection identifier information is the same as the connection identifier information carried in the first TCP SYN packet, and is used to indicate the first TCP connection. And the second TCP connection belongs to the same TCP application.
413、第一终端的第四地址向第二终端的第三地址发送第二 TCP SYN/ACK 报文。  413. The fourth address of the first terminal sends a second TCP SYN/ACK packet to the third address of the second terminal.
在第一终端收到第二终端的第三地址发来的第二 TCP SYN报文后, 根据 第二映射关系, 将第二 TCP SYN报文转发到第四地址。 第四地址在收到第二 TCP SYN报文后, 查看其中包含的连接标识符信息, 如果在本机有此连接标 识符信息, 则表示是建立一个作为 TCP子流的 TCP连接。 随后, 第一终端的 第四地址将向第二终端的第三地址发送第二 TCP SYN/ACK报文,并在其中携 带第二 TCP SYN报文中相同的连接标识符信息,表示对第二 TCP SYN报文的 确认。  After receiving the second TCP SYN packet sent by the third terminal of the second terminal, the first terminal forwards the second TCP SYN packet to the fourth address according to the second mapping relationship. After receiving the second TCP SYN packet, the fourth address checks the connection identifier information contained therein. If the connection identifier information is present in the local device, it indicates that a TCP connection is established as the TCP substream. Then, the fourth address of the first terminal sends a second TCP SYN/ACK packet to the third address of the second terminal, and carries the same connection identifier information in the second TCP SYN packet, indicating that the second Confirmation of TCP SYN packets.
414、 第二终端的第三地址向第一终端的第四地址发送第二 TCP ACK ¾ 文。  414. The third address of the second terminal sends a second TCP ACK message to the fourth address of the first terminal.
第二 TCP ACK报文是对第二 TCP SYN/ACK报文进行确认,完成 TCP连 接建立的三次握手过程。  The second TCP ACK packet is a three-way handshake process for confirming the second TCP SYN/ACK packet and completing the TCP connection establishment.
在 HIP网络中, 经过 412~414就建立了第二 TCP连接。 第二 TCP连接与 第一 TCP连接同属于一个 TCP应用。 上层应用层可以将数据通过两个不同的 TCP连接进行发送, 实现在 HIP 网络中的多接入发送和多路径传输。 当目的 端点收到来自于两个 TCP连接的报文后, 在多路径 TCP层上将数据汇聚成一 个 TCP流, 并交给应用层, 实现应用层实现的透明性。  In the HIP network, a second TCP connection is established after 412~414. The second TCP connection belongs to the same TCP connection as the first TCP connection. The upper application layer can send data through two different TCP connections to implement multi-access transmission and multi-path transmission in the HIP network. After receiving the packets from the two TCP connections, the destination endpoint aggregates the data into a TCP stream on the multi-path TCP layer and hands it over to the application layer to implement transparency of the application layer.
具体的, 第二终端的应用层将数据报文转发给多路径 TCP层, 该多路径 Specifically, the application layer of the second terminal forwards the data packet to the multipath TCP layer, where the multipath
TCP层根据该数据报文的 HIT确定与该 HIT对应的 TCP连接有两个, 即 TCP 1和 TCP2, 那么第二终端的多路径 TCP层将该数据报文通过 TCP 1和 TCP 2 发送给底层进行传输, 第二终端的底层将该数据报文发送给第一终端, 第一终 端的底层接收到通过该 TCP 1和 TCP 2连接发送的数据报文后,第一终端的底 层将该 TCP 1和 TCP 2传输的数据发送给多路径 TCP层, 该多路径 TCP层根 据该 TCP 1和 TCP 2的 CID确定该 TCP 1和 TCP 2连接属于同一个 TCP连接, 则将通过 TCP 1和 TCP 2发送的数据报文汇聚后发送给第一终端的应用层。 The TCP layer determines, according to the HIT of the data packet, that there are two TCP connections corresponding to the HIT, namely, TCP 1 and TCP 2. Then, the multi-path TCP layer of the second terminal sends the data packet to the bottom layer through TCP 1 and TCP 2. Transmitting, the bottom layer of the second terminal sends the data packet to the first terminal, and the bottom layer of the first terminal receives the data packet sent by the TCP 1 and the TCP 2 connection, and the bottom of the first terminal The layer sends the data transmitted by the TCP 1 and the TCP 2 to the multi-path TCP layer, and the multi-path TCP layer determines that the TCP 1 and the TCP 2 connection belong to the same TCP connection according to the CID of the TCP 1 and the TCP 2, and then passes through the TCP. The data packets sent by the TCP 2 are aggregated and sent to the application layer of the first terminal.
从上可知,本实施例中第二终端可以保存第一地址和第二地址与第一 HIP 关联的第一映射关系, 从而建立第一地址和第二地址之间的第一 TCP连接, 并且在建立第一 TCP连接的过程中携带 CID信息, 从而在接收到第一终端发 送的第四地址后, 可以使用该 CID信息建立第三地址与第四地址之间的第二 TCP连接,从而可以为同一个 TCP应用至少两个 TCP连接,使一个 TCP应用 的不同的 TCP流可以通过不同的路径传输, 使支持多接入的终端在 HIP网络 中发挥出多接入的优势, 同时可以提高终端以及网络的利用效率。  As can be seen from the above, in the embodiment, the second terminal may save the first mapping relationship between the first address and the second address and the first HIP, thereby establishing a first TCP connection between the first address and the second address, and The process of establishing the first TCP connection carries the CID information, so after receiving the fourth address sent by the first terminal, the CID information can be used to establish a second TCP connection between the third address and the fourth address, thereby The same TCP application has at least two TCP connections, so that different TCP flows of one TCP application can be transmitted through different paths, so that the terminal supporting multiple access can take advantage of multiple access in the HIP network, and can improve the terminal and The efficiency of the use of the network.
需要说明的是, 对于前述的各方法实施例, 为了筒单描述, 故将其都表述 为一系列的动作组合,但是本领域技术人员应该知悉, 本发明并不受所描述的 动作顺序的限制,因为依据本发明,某些步骤可以采用其他顺序或者同时进行。 其次, 本领域技术人员也应该知悉,说明书中所描述的实施例均属于优选实施 例, 所涉及的动作和模块并不一定是本发明所必须的。  It should be noted that, for each of the foregoing method embodiments, for the description of the package, it is expressed as a series of action combinations, but those skilled in the art should know that the present invention is not limited by the described action sequence. Because certain steps may be performed in other sequences or concurrently in accordance with the present invention. In addition, those skilled in the art should also understand that the embodiments described in the specification are all preferred embodiments, and the actions and modules involved are not necessarily required by the present invention.
如下再介绍本发明实施例提供的连接建立装置,图 5描述了本发明一个实 施例提供的连接建立装置的结构, 包括主机标识协议关联建立单元 501 , 保存 单元 502, 传输控制协议连接建立单元 503和接收单元 504。  The connection establishing apparatus provided by the embodiment of the present invention is further described below. FIG. 5 illustrates the structure of the connection establishing apparatus according to an embodiment of the present invention, including a host identity protocol association establishing unit 501, a saving unit 502, and a transmission control protocol connection establishing unit 503. And receiving unit 504.
主机标识协议关联建立单元 501 , 用于建立第一地址与第一终端的第二地 一 HIP关联;在接收单元 504接收了第一终端发送的第四地址后,建立
Figure imgf000014_0001
The host identity protocol association establishing unit 501 is configured to establish a first address-to-first HIP association with the first terminal, and after the receiving unit 504 receives the fourth address sent by the first terminal,
Figure imgf000014_0001
保存单元 502,用于在主机标识协议关联建立单元 501建立第一 HIP关联 后,保存第一地址和第二地址与第一 HIP关联的第一映射关系;在主机标识协 议关联建立单元 501建立第二 HIP关联后, 保存第三地址和第四地址与第二 HIP关联的第二映射关系。  The saving unit 502 is configured to: after the host identity association association establishing unit 501 establishes the first HIP association, save the first mapping relationship between the first address and the second address and the first HIP; and establish the first in the host identity protocol association establishing unit 501. After the second HIP is associated, the second mapping relationship between the third address and the fourth address and the second HIP is saved.
传输控制协议连接建立单元 503 , 用于根据保存单元 502保存的第一映射 关系, 通过第一地址向第一终端发送第一 TCP SYN 4艮文, 以建立第一地址与 第二地址的第一 TCP连接,第一 TCP SYN报文包括 CID信息;根据保存单元 502保存的第二映射关系,通过第三地址向第一终端发送第二 TCP SYN报文, 以建立第三地址与第四地址的第二 TCP连接,第二 TCP SYN报文包括该 CID 信息。 The transmission control protocol connection establishing unit 503 is configured to send the first TCP SYN 4 message to the first terminal by using the first address according to the first mapping relationship saved by the saving unit 502, to establish the first address and the first address of the second address. a TCP connection, the first TCP SYN packet includes the CID information, and the second TCP SYN packet is sent to the first terminal by using the third address according to the second mapping relationship saved by the saving unit 502. To establish a second TCP connection of the third address and the fourth address, the second TCP SYN message includes the CID information.
接收单元 504, 用于接收第一终端发送的第四地址。  The receiving unit 504 is configured to receive a fourth address sent by the first terminal.
从上可知,本实施例中连接建立装置可以保存第一地址和第二地址与第一 HIP关联的第一映射关系, 从而建立第一地址和第二地址之间的第一 TCP连 接, 并且在建立第一 TCP连接的过程中携带 CID信息, 从而在接收到第一终 端发送的第四地址后, 可以使用该 CID信息建立第三地址与第四地址之间的 第二 TCP连接,从而可以为同一个 TCP应用至少两个 TCP连接,使一个 TCP 应用的不同的 TCP流可以通过不同的路径传输, 使支持多接入的终端在 HIP 网络中发挥出多接入的优势, 同时可以提高终端以及网络的利用效率。  It can be seen that the connection establishing apparatus in this embodiment can save the first mapping relationship between the first address and the second address and the first HIP, thereby establishing a first TCP connection between the first address and the second address, and The process of establishing the first TCP connection carries the CID information, so after receiving the fourth address sent by the first terminal, the CID information can be used to establish a second TCP connection between the third address and the fourth address, thereby The same TCP application has at least two TCP connections, so that different TCP flows of one TCP application can be transmitted through different paths, so that the terminal supporting multiple access can take advantage of multiple access in the HIP network, and can improve the terminal and The efficiency of the use of the network.
图 6描述了本发明另一个实施例提供的连接建立装置的结构,包括主机标 识协议关联建立单元 601 , 保存单元 602, 传输控制协议连接建立单元 603 , 接收单元 604和发送单元 605。  Figure 6 is a diagram showing the structure of a connection establishing apparatus according to another embodiment of the present invention, including a host identification protocol association establishing unit 601, a saving unit 602, a transmission control protocol connection establishing unit 603, a receiving unit 604, and a transmitting unit 605.
主机标识协议关联建立单元 601 , 用于建立第一地址与第一终端的第二地 一 HIP关联;在接收单元 604接收了第一终端发送的第四地址后,建立
Figure imgf000015_0001
The host identity protocol association establishing unit 601 is configured to establish a first address and a second HIP association of the first terminal, and after the receiving unit 604 receives the fourth address sent by the first terminal,
Figure imgf000015_0001
保存单元 602,用于在主机标识协议关联建立单元 601建立第一 HIP关联 后,保存第一地址和第二地址与第一 HIP关联的第一映射关系;在主机标识协 议关联建立单元 601建立第二 HIP关联后, 保存第三地址和第四地址与第二 HIP关联的第二映射关系。  The saving unit 602 is configured to: after the host identity association association unit 601 establishes the first HIP association, save the first mapping relationship between the first address and the second address and the first HIP; and establish the first in the host identity protocol association establishing unit 601. After the second HIP is associated, the second mapping relationship between the third address and the fourth address and the second HIP is saved.
传输控制协议连接建立单元 603 , 用于根据保存单元 602保存的第一映射 关系, 通过第一地址向第一终端发送第一 TCP SYN 4艮文, 以建立第一地址与 第二地址的第一 TCP连接,第一 TCP SYN报文包括 CID信息;根据保存单元 602保存的第二映射关系,通过第三地址向第一终端发送第二 TCP SYN报文, 以建立第三地址与第四地址的第二 TCP连接, 第二 TCP SYN报文包括 CID 信息。  The transmission control protocol connection establishing unit 603 is configured to send, by using the first address, the first TCP SYN 4 message to the first terminal according to the first mapping relationship saved by the saving unit 602, to establish the first address and the first address of the second address. The TCP connection, the first TCP SYN message includes the CID information, and the second TCP SYN message is sent to the first terminal by using the third address according to the second mapping relationship saved by the saving unit 602, to establish the third address and the fourth address. The second TCP connection, the second TCP SYN message includes CID information.
接收单元 604, 用于接收第一终端发送的第四地址。  The receiving unit 604 is configured to receive a fourth address sent by the first terminal.
发送单元 605 ,用于在传输控制协议连接建立单元 603建立第一 TCP连接 后, 向第一终端发送第五地址, 以便于第一终端发起建立第六地址与第五地址 的第三 TCP连接。 The sending unit 605 is configured to send a fifth address to the first terminal after the transmission control protocol connection establishing unit 603 establishes the first TCP connection, so that the first terminal initiates the establishment of the sixth address and the fifth address. The third TCP connection.
从上可知,本实施例中连接建立装置可以保存第一地址和第二地址与第一 As can be seen from the above, the connection establishing apparatus in this embodiment can save the first address and the second address and the first
HIP关联的第一映射关系, 从而建立第一地址和第二地址之间的第一 TCP连 接, 并且在建立第一 TCP连接的过程中携带 CID信息, 从而在接收到第一终 端发送的第四地址后, 可以使用该 CID信息建立第三地址与第四地址之间的 第二 TCP连接,从而可以为同一个 TCP应用至少两个 TCP连接,使一个 TCP 应用的不同的 TCP流可以通过不同的路径传输, 使支持多接入的终端在 HIP 网络中发挥出多接入的优势, 同时可以提高终端以及网络的利用效率。 同时, 可以在建立了第一 TCP连接后, 将第五地址发送给第一终端, 使第一终端可 以主动发起 TCP连接的建立, 进一步提高终端和网络的利用效率。 a first mapping relationship associated with the HIP, thereby establishing a first TCP connection between the first address and the second address, and carrying CID information in the process of establishing the first TCP connection, thereby receiving the fourth sent by the first terminal After the address, the CID information can be used to establish a second TCP connection between the third address and the fourth address, so that at least two TCP connections can be applied to the same TCP, so that different TCP flows of one TCP application can pass different The path transmission enables the terminal supporting multiple access to take advantage of multiple access in the HIP network, and at the same time can improve the utilization efficiency of the terminal and the network. At the same time, after the first TCP connection is established, the fifth address is sent to the first terminal, so that the first terminal can initiate the establishment of the TCP connection, thereby further improving the utilization efficiency of the terminal and the network.
图 7描述了本发明另一个实施例提供的连接建立装置的结构,包括主机标 识协议关联建立单元 701 , 保存单元 702, 传输控制协议连接建立单元 703 , 接收单元 704和拆除单元 705。  Figure 7 is a diagram showing the structure of a connection establishing apparatus according to another embodiment of the present invention, including a host identification protocol association establishing unit 701, a saving unit 702, a transmission control protocol connection establishing unit 703, a receiving unit 704, and a removing unit 705.
主机标识协议关联建立单元 701 , 用于建立第一地址与第一终端的第二地 一 HIP关联;在接收单元 704接收了第一终端发送的第四地址后,建立
Figure imgf000016_0001
The host identity protocol association establishing unit 701 is configured to establish a first address and a second HIP association of the first terminal, and after the receiving unit 704 receives the fourth address sent by the first terminal,
Figure imgf000016_0001
保存单元 702,用于在主机标识协议关联建立单元 701建立第一 HIP关联 后,保存第一地址和第二地址与第一 HIP关联的第一映射关系;在主机标识协 议关联建立单元 701建立第二 HIP关联后, 保存第三地址和第四地址与第二 HIP关联的第二映射关系。  The saving unit 702 is configured to: after the host identity association association establishing unit 701 establishes the first HIP association, save the first mapping relationship between the first address and the second address and the first HIP; and establish the first in the host identity protocol association establishing unit 701 After the second HIP is associated, the second mapping relationship between the third address and the fourth address and the second HIP is saved.
传输控制协议连接建立单元 703 , 用于根据保存单元 702保存的第一映射 关系, 通过第一地址向第一终端发送第一 TCP SYN 4艮文, 以建立第一地址与 第二地址的第一 TCP连接,第一 TCP SYN报文包括 CID信息;根据保存单元 702保存的第二映射关系,通过第三地址向第一终端发送第二 TCP SYN报文, 以建立第三地址与第四地址的第二 TCP连接,第二 TCP SYN报文包括该 CID 信息。  The transmission control protocol connection establishing unit 703 is configured to send the first TCP SYN 4 message to the first terminal by using the first address according to the first mapping relationship saved by the saving unit 702, to establish the first address and the first address of the second address. The TCP connection, the first TCP SYN packet includes the CID information; and the second TCP SYN packet is sent to the first terminal by using the third address according to the second mapping relationship saved by the saving unit 702, to establish the third address and the fourth address. The second TCP connection, the second TCP SYN message includes the CID information.
接收单元 704, 用于接收第一终端发送的第四地址; 在所述传输控制协议 连接建立单元 703建立第二 TCP连接后, 接收第一终端发送的第四地址失效 的信息。 拆除单元 705 , 用于在接收单元 704接收了第四地址失效的信息后, 根据 保存单元 702保存的第二映射关系确定第四地址对应第二 TCP连接, 拆除第 二 TCP连接。 The receiving unit 704 is configured to receive the fourth address sent by the first terminal. After the second TCP connection is established, the transmission control protocol connection establishing unit 703 receives the information of the fourth address failure sent by the first terminal. The removing unit 705 is configured to determine, according to the second mapping relationship saved by the saving unit 702, that the fourth address corresponds to the second TCP connection, and remove the second TCP connection, after the receiving unit 704 receives the information of the fourth address failure.
从上可知,本实施例中连接建立装置可以保存第一地址和第二地址与第一 HIP关联的第一映射关系, 从而建立第一地址和第二地址之间的第一 TCP连 接, 并且在建立第一 TCP连接的过程中携带 CID信息, 从而在接收到第一终 端发送的第四地址后, 可以使用该 CID信息建立第三地址与第四地址之间的 第二 TCP连接,从而可以为同一个 TCP应用至少两个 TCP连接,使一个 TCP 应用的不同的 TCP流可以通过不同的路径传输, 使支持多接入的终端在 HIP 网络中发挥出多接入的优势, 同时可以提高终端以及网络的利用效率。 同时, 如果在建立了第二 TCP连接后,接收到第四地址失效的信息,可以将第二 TCP 连接拆除, 使终端和网络的资源可以得到有效的应用。  It can be seen that the connection establishing apparatus in this embodiment can save the first mapping relationship between the first address and the second address and the first HIP, thereby establishing a first TCP connection between the first address and the second address, and The process of establishing the first TCP connection carries the CID information, so after receiving the fourth address sent by the first terminal, the CID information can be used to establish a second TCP connection between the third address and the fourth address, thereby The same TCP application has at least two TCP connections, so that different TCP flows of one TCP application can be transmitted through different paths, so that the terminal supporting multiple access can take advantage of multiple access in the HIP network, and can improve the terminal and The efficiency of the use of the network. At the same time, if the information of the fourth address failure is received after the second TCP connection is established, the second TCP connection can be removed, so that the resources of the terminal and the network can be effectively applied.
图 8描述了本发明一个实施例提供的连接建立装置的结构,包括主机标识 协议关联建立单元 801 , 保存单元 802, 传输控制协议连接建立单元 803和接 收单元 804。  FIG. 8 illustrates the structure of a connection establishing apparatus according to an embodiment of the present invention, including a host identity protocol association establishing unit 801, a saving unit 802, a transmission control protocol connection establishing unit 803, and a receiving unit 804.
主机标识协议关联建立单元 801 , 用于建立第一地址与第一终端的第二地 一 HIP关联;在接收单元 804接收了第一终端发送的第四地址后,建立
Figure imgf000017_0001
The host identity protocol association establishing unit 801 is configured to establish a first address and a second HIP association of the first terminal, and after the receiving unit 804 receives the fourth address sent by the first terminal,
Figure imgf000017_0001
保存单元 802,用于在主机标识协议关联建立单元 801建立第一 HIP关联 后 ,保存第一地址和第二地址与第一 HIP关联的第一映射关系;在主机标识协 议关联建立单元 801建立第二 HIP关联后, 保存第三地址和第四地址与第二 The saving unit 802 is configured to: after the host identity association association unit 801 establishes the first HIP association, save the first mapping relationship between the first address and the second address and the first HIP; and establish the first in the host identity protocol association establishing unit 801. After the second HIP is associated, the third address and the fourth address are saved with the second
HIP关联的第二映射关系。 The second mapping relationship of the HIP association.
传输控制协议连接建立单元 803 , 用于根据保存单元 802保存的第一映射 关系, 通过第一地址向第一终端发送第一 TCP SYN 4艮文, 以建立第一地址与 第二地址的第一 TCP连接,第一 TCP SYN报文包括 CID信息;根据保存单元 The transmission control protocol connection establishing unit 803 is configured to send the first TCP SYN 4 message to the first terminal by using the first address according to the first mapping relationship saved by the saving unit 802, to establish the first address and the first address of the second address. TCP connection, the first TCP SYN message includes CID information; according to the saving unit
802保存的第二映射关系,通过第三地址向第一终端发送第二 TCP SYN报文, 以建立第三地址与第四地址的第二 TCP连接,第二 TCP SYN报文包括该 CID 信息。 The second mapping relationship saved by the 802 sends a second TCP SYN packet to the first terminal by using the third address to establish a second TCP connection between the third address and the fourth address, where the second TCP SYN packet includes the CID information.
如图 8所示, 在本发明的一个实施例中, 传输控制协议连接建立单元 803 可以包括报文发送单元 8031和报文接收单元 8032。报文发送单元 8031 , 用于 根据第一映射关系通过第一地址向第一终端发送第一 TCP SYN报文; 在报文 接收单元 8032接收了第一 TCP SYN/ACK报文后, 通过第一地址向第二地址 发送 TCP ACK报文, 完成第一 TCP连接的建立。 报文接收单元 8032, 用于 接收第二地址返回的第一 TCP SYN/ACK报文,第一 TCP SYN/ACK报文包括 CID信息, 第一 TCP SYN/ACK报文由第二地址接收到第一终端转发的第一 TCP SYN报文后发送,第一终端根据保存的第一映射关系将第一 TCP SYN报 文转发给第二地址。 As shown in FIG. 8, in one embodiment of the present invention, a transmission control protocol connection establishing unit 803 A message transmitting unit 8031 and a message receiving unit 8032 may be included. The message sending unit 8031 is configured to send, by using the first address, the first TCP SYN message to the first terminal according to the first mapping relationship; after the message receiving unit 8032 receives the first TCP SYN/ACK message, pass the first The address sends a TCP ACK packet to the second address to complete the establishment of the first TCP connection. The message receiving unit 8032 is configured to receive a first TCP SYN/ACK message returned by the second address, where the first TCP SYN/ACK message includes CID information, and the first TCP SYN/ACK message is received by the second address. After the first TCP SYN packet is forwarded by the terminal, the first terminal forwards the first TCP SYN packet to the second address according to the saved first mapping relationship.
接收单元 804, 用于接收第一终端发送的第四地址。  The receiving unit 804 is configured to receive a fourth address sent by the first terminal.
从上可知,本实施例中连接建立装置可以保存第一地址和第二地址与第一 As can be seen from the above, the connection establishing apparatus in this embodiment can save the first address and the second address and the first
HIP关联的第一映射关系, 从而建立第一地址和第二地址之间的第一 TCP连 接, 并且在建立第一 TCP连接的过程中携带 CID信息, 从而在接收到第一终 端发送的第四地址后, 可以使用该 CID信息建立第三地址与第四地址之间的 第二 TCP连接,从而可以为同一个 TCP应用至少两个 TCP连接,使一个 TCP 应用的不同的 TCP流可以通过不同的路径传输, 使支持多接入的终端在 HIP 网络中发挥出多接入的优势, 同时可以提高终端以及网络的利用效率。 a first mapping relationship associated with the HIP, thereby establishing a first TCP connection between the first address and the second address, and carrying CID information in the process of establishing the first TCP connection, thereby receiving the fourth sent by the first terminal After the address, the CID information can be used to establish a second TCP connection between the third address and the fourth address, so that at least two TCP connections can be applied to the same TCP, so that different TCP flows of one TCP application can pass different The path transmission enables the terminal supporting multiple access to take advantage of multiple access in the HIP network, and at the same time can improve the utilization efficiency of the terminal and the network.
本发明一个实施例还提供了通信系统,该通信系统包括本发明实施例提供 的连接建立装置。  An embodiment of the present invention further provides a communication system, which includes the connection establishment apparatus provided by the embodiment of the present invention.
上述装置和系统内的各模块之间的信息交互、执行过程等内容, 由于与本 发明方法实施例基于同一构思, 具体内容可参见本发明方法实施例中的叙述, 此处不再赘述。  For the information exchange, the execution process, and the like between the above-mentioned devices and the modules in the system, the content is the same as that of the method embodiment of the present invention. For details, refer to the description in the method embodiment of the present invention, and details are not described herein again.
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程, 是可以通过计算机程序来指令相关的硬件来完成,所述的程序可存储于一计算 机可读取存储介质中,该程序在执行时,可包括如上述各方法的实施例的流程。 其中,所述的存储介质可为磁碟、光盘、只读存储记忆体(Read-Only Memory, ROM )或随机存储记忆体 ( Random Access Memory, RAM )等。 例的说明只是用于帮助理解本发明的方法及其思想; 同时,对于本领域的一般 技术人员,依据本发明的思想,在具体实施方式及应用范围上均会有改变之处, 综上所述, 本说明书内容不应理解为对本发明的限制。 A person skilled in the art can understand that all or part of the process of implementing the above embodiment method can be completed by a computer program to instruct related hardware, and the program can be stored in a computer readable storage medium, the program When executed, the flow of an embodiment of the methods as described above may be included. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM). The description of the examples is only for helping to understand the method and the idea of the present invention; at the same time, for those skilled in the art, according to the idea of the present invention, there are some changes in the specific embodiments and application scopes. In summary, the content of the specification should not be construed as limiting the invention.

Claims

权 利 要 求 Rights request
1、 一种连接建立方法, 其特征在于, 包括:  A connection establishment method, comprising:
第二终端建立第二终端的第一地址与第一终端的第二地址的第一主机标 识协议关联后 ,第二终端保存所述第一地址和第二地址与所述第一主机标识协 议关联的第一映射关系;  After the second terminal establishes that the first address of the second terminal is associated with the first host identity protocol of the second address of the first terminal, the second terminal saves that the first address and the second address are associated with the first host identity protocol First mapping relationship;
第二终端根据所述第一映射关系通过所述第一地址向所述第一终端发送 第一传输控制协议同步 ·^艮文 ,以建立所述第一地址与所述第二地址的第一传输 控制协议连接, 所述第一传输控制协议同步报文包括连接标识符信息;  Transmitting, by the first terminal, the first transmission control protocol synchronization message to the first terminal by using the first address, to establish a first address of the first address and the second address, according to the first mapping relationship a transmission control protocol connection, where the first transmission control protocol synchronization message includes connection identifier information;
第二终端接收所述第一终端发送的第一终端的第四地址;  Receiving, by the second terminal, a fourth address of the first terminal sent by the first terminal;
第二终端建立第二终端的第三地址与所述第四地址的第二主机标识协议 关联,第二终端保存所述第三地址和第四地址与所述第二主机标识协议关联的 第二映射关系;  Establishing, by the second terminal, a third address of the second terminal and a second host identity protocol of the fourth address, where the second terminal saves the third address and the fourth address are associated with the second host identity protocol Mapping relations;
第二终端根据所述第二映射关系通过所述第三地址向所述第一终端发送 第二传输控制协议同步 ·^艮文 ,以建立所述第三地址与所述第四地址的第二传输 控制协议连接,所述第二传输控制协议同步报文包括与所述第一传输控制协议 同步报文相同的连接标识符信息。  The second terminal sends a second transmission control protocol synchronization message to the first terminal by using the third address according to the second mapping relationship, to establish the third address and the second address of the fourth address. a transmission control protocol connection, the second transmission control protocol synchronization message including the same connection identifier information as the first transmission control protocol synchronization message.
2、 如权利要求 1所述的连接建立方法, 其特征在于, 建立所述第一地址 与所述第二地址的第一传输控制协议连接后进一步包括:  The connection establishment method according to claim 1, wherein the establishing the first address and the second address of the first transmission control protocol connection further comprises:
第二终端向所述第一终端发送第二终端的第五地址,以便于所述第一终端 发起建立第一终端的第六地址与所述第五地址的第三传输控制协议连接。  The second terminal sends the fifth address of the second terminal to the first terminal, so that the first terminal initiates establishing a third transmission control protocol connection between the sixth address of the first terminal and the fifth address.
3、 如权利要求 1所述的连接建立方法, 其特征在于, 建立所述第三地址 与所述第四地址的第二传输控制协议连接后进一步包括:  The method for establishing a connection according to claim 1, wherein the establishing the third address and the second transmission control protocol of the fourth address further comprises:
第二终端接收所述第一终端发送的所述第四地址失效的信息;  Receiving, by the second terminal, information that the fourth address is invalid, that is sent by the first terminal;
第二终端根据所述第二映射关系确定所述第四地址对应第二传输控制协 议连接, 拆除所述第二传输控制协议连接。  The second terminal determines, according to the second mapping relationship, that the fourth address corresponds to the second transmission control protocol connection, and removes the second transmission control protocol connection.
4、 如权利要求 1至 3任一所述的连接建立方法, 其特征在于, 所述第二 终端根据所述第一映射关系通过所述第一地址向所述第一终端发送第一传输 控制协议同步 4艮文,以建立所述第一地址与所述第二地址的第一传输控制协议 连接包括: 第二终端根据所述第一映射关系通过第一地址向所述第一终端发送第一 传输控制协议同步报文; The method for establishing a connection according to any one of claims 1 to 3, wherein the second terminal sends the first transmission control to the first terminal by using the first address according to the first mapping relationship. The protocol synchronization is configured to establish the first transmission control protocol connection between the first address and the second address, including: Transmitting, by the second terminal, the first transmission control protocol synchronization message to the first terminal by using the first address according to the first mapping relationship;
第二终端接收所述第二地址返回的第一传输控制协议同步与确认报文,所 述第一传输控制协议同步与确认报文包括所述连接标识符信息,所述第一传输 控制协议同步与确认报文由所述第二地址接收到所述第一终端转发的所述第 一传输控制协议同步报文后发送,所述第一终端根据保存的所述第一映射关系 将所述第一传输控制协议同步报文转发给所述第二地址;  Receiving, by the second terminal, a first transmission control protocol synchronization and acknowledgement message returned by the second address, where the first transmission control protocol synchronization and acknowledgement message includes the connection identifier information, and the first transmission control protocol is synchronized. And sending, by the second address, the first transmission control protocol synchronization message that is forwarded by the first terminal, and the first terminal, according to the saved first mapping relationship, Transmitting a control control protocol synchronization message to the second address;
第二终端通过所述第一地址向所述第二地址发送传输控制协议确认 4艮文, 完成所述第一传输控制协议连接的建立。  And transmitting, by the first terminal, the transmission control protocol confirmation message to the second address by using the first address, and completing establishment of the first transmission control protocol connection.
5、 一种连接建立装置, 其特征在于, 包括主机标识协议关联建立单元, 保存单元, 传输控制协议连接建立单元和接收单元;  A connection establishing apparatus, comprising: a host identity protocol association establishing unit, a saving unit, a transmission control protocol connection establishing unit, and a receiving unit;
所述主机标识协议关联建立单元,用于建立第一地址与第一终端的第二地 址的第一主机标识协议关联后; 在接收单元接收了第一终端发送的第四地址 后, 建立第三地址与所述第四地址的第二主机标识协议关联;  The host identity protocol association establishing unit is configured to establish a first address associated with the first host identity protocol of the second address of the first terminal; after the receiving unit receives the fourth address sent by the first terminal, establish a third The address is associated with a second host identity protocol of the fourth address;
所述保存单元,用于在所述主机标识协议关联建立单元建立所述第一主机 标识协议关联后 ,保存所述第一地址和第二地址与所述第一主机标识协议关联 的第一映射关系;在所述主机标识协议关联建立单元建立所述第二主机标识协 议关联后 ,保存所述第三地址和第四地址与所述第二主机标识协议关联的第二 映射关系;  The saving unit is configured to save, after the establishing, by the host identity protocol association establishing unit, the first mapping, the first mapping associated with the first host identity protocol a second mapping relationship between the third address and the fourth address and the second host identity protocol is saved after the host identity protocol association establishing unit establishes the second host identity protocol association;
所述传输控制协议连接建立单元,用于根据所述保存单元保存的第一映射 关系,通过所述第一地址向所述第一终端发送第一传输控制协议同步 ·^艮文, 以 建立所述第一地址与所述第二地址的第一传输控制协议连接,所述第一传输控 制协议同步报文包括连接标识符信息; 根据所述保存单元保存的第二映射关 系,通过第三地址向所述第一终端发送第二传输控制协议同步 ·^艮文, 以建立所 述第三地址与所述第四地址的第二传输控制协议连接,所述第二传输控制协议 同步报文包括与所述第一传输控制协议同步报文相同的连接标识符信息; 所述接收单元, 用于接收所述第一终端发送的第四地址。  The transmission control protocol connection establishing unit is configured to send, by using the first address, a first transmission control protocol synchronization message to the first terminal according to the first mapping relationship saved by the saving unit, to establish a The first address is connected to the first transmission control protocol of the second address, the first transmission control protocol synchronization message includes connection identifier information, and the third mapping is performed according to the second mapping relationship saved by the saving unit. Transmitting, by the first terminal, a second transmission control protocol synchronization packet, to establish a connection between the third address and the fourth transmission control protocol, where the second transmission control protocol synchronization packet includes The connection identifier information is the same as the first transmission control protocol synchronization message; the receiving unit is configured to receive the fourth address sent by the first terminal.
6、 如权利要求 5所述的连接建立装置, 其特征在于, 所述连接建立装置 还包括: 发送单元,用于在所述传输控制协议连接建立单元建立所述第一传输控制 协议连接后, 向所述第一终端发送第五地址, 以便于所述第一终端发起建立第 六地址与所述第五地址的第三传输控制协议连接。 The connection establishing apparatus according to claim 5, wherein the connection establishing apparatus further comprises: a sending unit, configured to send a fifth address to the first terminal after the first transmission control protocol connection is established by the transmission control protocol connection establishing unit, so that the first terminal initiates establishment of a sixth address and location The third transmission control protocol connection of the fifth address.
7、 如权利要求 5所述的连接建立装置, 其特征在于, 所述接收单元, 还 用于在所述传输控制协议连接建立单元建立所述第二传输控制协议连接后,接 收所述第一终端发送的所述第四地址失效的信息;  The connection establishing apparatus according to claim 5, wherein the receiving unit is further configured to: after the transmission control protocol connection establishing unit establishes the second transmission control protocol connection, receive the first Information that the fourth address is invalidated by the terminal;
所述连接建立装置还包括拆除单元,用于在所述接收单元接收了所述第四 地址失效的信息后,根据所述保存单元保存的第二映射关系确定所述第四地址 对应第二传输控制协议连接, 拆除所述第二传输控制协议连接。  The connection establishing apparatus further includes a removing unit, configured to determine, according to the second mapping relationship saved by the saving unit, that the fourth address corresponds to the second transmission, after the receiving unit receives the information of the fourth address failure Controlling the protocol connection and tearing down the second transmission control protocol connection.
8、 如权利要求 5至 7任一所述的连接建立装置, 其特征在于, 所述传输 控制协议连接建立单元包括报文发送单元和报文接收单元;  The connection establishing apparatus according to any one of claims 5 to 7, wherein the transmission control protocol connection establishing unit comprises a message sending unit and a message receiving unit;
所述报文发送单元,用于根据所述第一映射关系通过第一地址向所述第一 终端发送第一传输控制协议同步报文;在所述报文接收单元接收了所述第一传 输控制协议同步与确认报文后,通过所述第一地址向所述第二地址发送传输控 制协议确认报文, 完成所述第一传输控制协议连接的建立;  The message sending unit is configured to send, by using the first address, a first transmission control protocol synchronization message to the first terminal according to the first mapping relationship; and receiving, by the packet receiving unit, the first transmission After the control protocol is synchronized and acknowledged, the transmission control protocol acknowledgement packet is sent to the second address by using the first address, and the establishment of the first transmission control protocol connection is completed;
所述报文接收单元,用于接收所述第二地址返回的第一传输控制协议同步 与确认报文, 所述第一传输控制协议同步与确认报文包括所述连接标识符信 息,所述第一传输控制协议同步与确认报文由所述第二地址接收到所述第一终 端转发的所述第一传输控制协议同步报文后发送,所述第一终端根据保存的所 述第一映射关系将所述第一传输控制协议同步报文转发给所述第二地址。  The message receiving unit is configured to receive a first transmission control protocol synchronization and acknowledgment message returned by the second address, where the first transmission control protocol synchronization and acknowledgment message includes the connection identifier information, The first transmission control protocol synchronization and acknowledgment message is sent by the second address to the first transmission control protocol synchronization message forwarded by the first terminal, and the first terminal is saved according to the first The mapping relationship forwards the first transmission control protocol synchronization message to the second address.
9、 一种通信系统, 其特征在于, 包括如权利要求 5至 8任一所述的连接 建立装置。  A communication system, comprising the connection establishing device according to any one of claims 5 to 8.
PCT/CN2010/078222 2010-10-29 2010-10-29 Method for establishing connection and apparatus, communication system thereof WO2012055112A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2010/078222 WO2012055112A1 (en) 2010-10-29 2010-10-29 Method for establishing connection and apparatus, communication system thereof
CN201080001916.9A CN102714617B (en) 2010-10-29 2010-10-29 Connection establishment method, device and communication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2010/078222 WO2012055112A1 (en) 2010-10-29 2010-10-29 Method for establishing connection and apparatus, communication system thereof

Publications (1)

Publication Number Publication Date
WO2012055112A1 true WO2012055112A1 (en) 2012-05-03

Family

ID=45993072

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2010/078222 WO2012055112A1 (en) 2010-10-29 2010-10-29 Method for establishing connection and apparatus, communication system thereof

Country Status (2)

Country Link
CN (1) CN102714617B (en)
WO (1) WO2012055112A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104601541A (en) * 2014-12-05 2015-05-06 华为技术有限公司 Data transmission method, server and user equipment
WO2018018897A1 (en) * 2016-07-26 2018-02-01 华为技术有限公司 Apparatus communication method, device and system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1939000A (en) * 2004-04-15 2007-03-28 艾利森电话股份有限公司 Identification method and apparatus for establishing host identity protocol (hip) connections between legacy and hip nodes
CN1938999A (en) * 2004-02-13 2007-03-28 艾利森电话股份有限公司 Addressing method and method and apparatus for establishing host identity protocol (hip) connections between legacy and hip nodes
WO2008116972A1 (en) * 2007-03-28 2008-10-02 Teliasonera Ab Authentication and encryption protocol in wireless communications system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2426672B (en) * 2005-05-27 2009-12-16 Ericsson Telefon Ab L M Host identity protocol method and apparatus

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1938999A (en) * 2004-02-13 2007-03-28 艾利森电话股份有限公司 Addressing method and method and apparatus for establishing host identity protocol (hip) connections between legacy and hip nodes
CN1939000A (en) * 2004-04-15 2007-03-28 艾利森电话股份有限公司 Identification method and apparatus for establishing host identity protocol (hip) connections between legacy and hip nodes
WO2008116972A1 (en) * 2007-03-28 2008-10-02 Teliasonera Ab Authentication and encryption protocol in wireless communications system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104601541A (en) * 2014-12-05 2015-05-06 华为技术有限公司 Data transmission method, server and user equipment
WO2018018897A1 (en) * 2016-07-26 2018-02-01 华为技术有限公司 Apparatus communication method, device and system

Also Published As

Publication number Publication date
CN102714617B (en) 2015-10-21
CN102714617A (en) 2012-10-03

Similar Documents

Publication Publication Date Title
US11122116B2 (en) Load balancing system, method, and apparatus
JP4579934B2 (en) Addressing method and apparatus for establishing a Host Identity Protocol (HIP) connection between a legacy node and a HIP node
WO2011006324A1 (en) Method and terminal for file transmission
US9131004B2 (en) Method and apparatus for network address resolution
US9712649B2 (en) CCN fragmentation gateway
US20120331160A1 (en) Multi-path transmission control protocol proxy service
US20160182368A1 (en) Multi-nonce enabled interest packet design for named-data networking
WO2020084335A1 (en) Using location indentifier separation protocol to implement a distributed user plane function architecture for 5g mobility
WO2010006528A1 (en) Pseudo wire establishing method, device and system
US20100303072A1 (en) Multicast Source Mobility
WO2012130083A1 (en) Address resolution protocol (arp) table entry configuration method and device
WO2020083269A1 (en) Method, apparatus and system for establishing subflows of multipath connection
WO2011032462A1 (en) Method for data transmission and receiving, system and router thereof
WO2011032447A1 (en) Method, system and communication terminal for implementing inter-communication between new network and internet
WO2012130128A1 (en) Method, device, and system for implementing network identifier conversion
WO2017175033A1 (en) Method and apparatus for enabling non stop routing (nsr) in a packet network
TW200840282A (en) Systems and methods for transporting data across an air interface using reduced address headers
WO2015085746A1 (en) Method and apparatus for processing virtual route forwarding instance
WO2012055112A1 (en) Method for establishing connection and apparatus, communication system thereof
US20110113145A1 (en) Stateless Transmission Control Protocol Rendezvous Solution For Border Gateway Function
JP2009055418A (en) Communicating system, relay device, terminal, relay processing method, and its program
WO2011044810A1 (en) Method, device and system for implementing multiparty communication
EP3364624A1 (en) A method of distributing a sub-flow associated with a session and a network apparatus
WO2013117154A1 (en) Method and device for passing through isolation device in monitoring network
JP2007166146A (en) Communication device whose address can be changed during communication, system, and communication method

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 201080001916.9

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10858841

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10858841

Country of ref document: EP

Kind code of ref document: A1