WO2015015785A1 - 通信システム、通信装置、制御装置、ネットワークデバイス、通信方法、制御方法、および、プログラム - Google Patents
通信システム、通信装置、制御装置、ネットワークデバイス、通信方法、制御方法、および、プログラム Download PDFInfo
- Publication number
- WO2015015785A1 WO2015015785A1 PCT/JP2014/003939 JP2014003939W WO2015015785A1 WO 2015015785 A1 WO2015015785 A1 WO 2015015785A1 JP 2014003939 W JP2014003939 W JP 2014003939W WO 2015015785 A1 WO2015015785 A1 WO 2015015785A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- group
- network
- label
- packet
- communication
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/64—Hybrid switching systems
- H04L12/6418—Hybrid transport
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/50—Routing or path finding of packets in data switching networks using label swapping, e.g. multi-protocol label switch [MPLS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/16—Arrangements for providing special services to substations
- H04L12/18—Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
- H04L12/185—Arrangements for providing special services to substations for broadcast or conference, e.g. multicast with management of multicast group membership
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/38—Flow based routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/64—Routing or path finding of packets in data switching networks using an overlay routing layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/35—Network arrangements, protocols or services for addressing or naming involving non-standard use of addresses for implementing network functionalities, e.g. coding subscription information within the address or functional addressing, i.e. assigning an address to a function
Definitions
- the present invention relates to a network function for executing a communication service in a communication system.
- communication by a user of the communication system receives a communication service executed by the network function via a network function (CPE (Customer Premises Equipment), BRAS (Broadband Remote Access Server), etc.).
- CPE Customer Premises Equipment
- BRAS Broadband Remote Access Server
- Patent Document 1 discloses a mobile network configuration.
- a terminal such as a PC (Personal Computer) accesses the Internet via CPE and BRAS.
- Communication from a terminal enjoys a communication service for accessing the Internet by CPE and BRAS.
- the communication system disclosed in Patent Document 1 has a problem that a communication service that can be provided by the communication system depends on the configuration of the communication system.
- a communication service that can be provided by the communication system depends on the configuration of the communication system.
- it is assumed that communication services that can be enjoyed by a terminal accessing the Internet are limited to services executed by CPE and BRAS. That is, in a communication system as disclosed in Patent Document 1, it is difficult to change a network service through which a user's communication passes to change a communication service provided to the user.
- An object of the present invention is to provide a technology that makes it possible to change a communication service that can be provided by a communication system.
- the communication system of the present invention assigns a label corresponding to a network address assigned to a group of the network function to a packet belonging to the group, the first means capable of executing a network function for providing a communication service. And a second means for transmitting the packet to the network function for performing packet transfer within the group based on the label.
- the communication apparatus includes a first means for assigning a label corresponding to a network address assigned to a group of network functions for providing a communication service to a packet belonging to the group, and the label provided with the label. Second means for transmitting packets to the network function for performing packet forwarding within the group based on the labels.
- the control device of the present invention includes a first means for instructing the communication device to attach a label corresponding to a network address assigned to a group of network functions for providing a communication service to a packet belonging to the group. And second means for instructing at least one network function of the group to perform packet forwarding within the group based on the label.
- the network device of the present invention is based on a first means capable of executing communication processing by a network function for providing a communication service, and a label corresponding to a network address assigned to the group of network functions. And a second means capable of transferring the packet to another network function belonging to.
- a label corresponding to a network address assigned to a group of network functions for providing a communication service is assigned to a packet belonging to the group, and the packet to which the label is attached is assigned to the group
- the packet is transmitted to the network function that executes the packet transfer based on the label.
- the control method of the present invention instructs a communication device to attach a label corresponding to a network address assigned to a group of network functions for providing a communication service to a packet belonging to the group, and at least one of the groups One network function is instructed to perform packet forwarding within the group based on the label.
- the communication method of the present invention performs communication processing by a network function for providing a communication service, and based on a label corresponding to a network address assigned to the group formed by the network function, The packet is transferred to the network function.
- the program of the present invention is a process for instructing a communication device to attach a label corresponding to a network address assigned to a group formed by a network function for providing a communication service to a packet belonging to the group; Causing at least one network function of the group to execute a process of instructing a packet transfer within the group to be performed based on the label.
- the program of the present invention belongs to the group based on a process for executing a communication process by a network function for providing a communication service and a label corresponding to a network address assigned to the group formed by the network function. causes the computer to execute a process of transferring the packet to another network function.
- the present invention can provide a technology that makes it possible to change the communication service that the communication system can provide.
- FIG. 1 is a diagram showing an example of a system configuration according to the first embodiment of the present invention.
- FIG. 2 is a diagram illustrating an example of the configuration of the communication apparatus according to the first embodiment.
- FIG. 3 is a diagram showing an example of the configuration of the group management table.
- FIG. 4 is a diagram illustrating an example of a configuration of a packet processing table in one communication apparatus.
- FIG. 5 is a diagram showing an example of the configuration of a packet processing table in the other communication apparatus.
- FIG. 6 is a diagram showing an example of the configuration of the routing table in the network function NF.
- FIG. 7 is a sequence diagram illustrating an operation example of the first embodiment.
- FIG. 8 is a diagram showing an example of a system configuration according to the second embodiment of the present invention.
- FIG. 1 is a diagram showing an example of a system configuration according to the first embodiment of the present invention.
- FIG. 2 is a diagram illustrating an example of the configuration of the communication apparatus according to the first embodiment.
- FIG. 9 is a diagram showing an example of the configuration of the controller.
- FIG. 10 is a diagram showing an example of the configuration of the user management table.
- FIG. 11 is a diagram illustrating another example of the system configuration of the second embodiment.
- FIG. 12 is a diagram showing an example of the configuration of the network control apparatus shown in FIG.
- FIG. 13 is a diagram illustrating an example of the configuration of the network function NF.
- FIG. 14 is a diagram illustrating an example of the configuration of the network function management apparatus.
- FIG. 15 is a diagram showing an operation example of the system according to the third embodiment of the present invention.
- FIG. 16 is a diagram showing an example of the configuration of the group management table.
- FIG. 17 is a diagram illustrating an example of a system configuration according to the third embodiment.
- FIG. 18 is a diagram showing an operation example of the system according to the fourth embodiment of the present invention.
- FIG. 19 is a diagram illustrating an operation example of the group management table in the fourth embodiment.
- FIG. 20 is a diagram illustrating an operation example of the system according to the fourth embodiment.
- FIG. 21 is a diagram illustrating an operation example of the system according to the fourth embodiment.
- FIG. 22 is a diagram showing an example of the configuration of the group management table.
- FIG. 23 is a diagram illustrating an example of a configuration of a packet processing table in one communication apparatus.
- FIG. 24 is a diagram showing an example of the configuration of a packet processing table in the other communication apparatus.
- FIG. 25 is a diagram illustrating an operation example of the system according to the fourth embodiment.
- FIG. 20 is a diagram illustrating an operation example of the system according to the fourth embodiment.
- FIG. 21 is a diagram illustrating an operation example of the system according to the fourth embodiment.
- FIG. 22 is a diagram showing an example of the configuration
- FIG. 26 is a diagram showing an example of a system configuration according to the fifth embodiment of the present invention.
- FIG. 27 is a diagram showing an example of a user interface of the system according to the fifth embodiment.
- FIG. 28 is a diagram showing an example of a network function group in the system according to the fifth embodiment.
- FIG. 29 is a diagram showing an example of a user interface in another example of the system configuration according to the fifth embodiment.
- FIG. 30 is a diagram showing another example of the network function group in the system according to the fifth embodiment.
- FIG. 31 is a diagram showing an example of a system configuration according to the sixth embodiment of the present invention.
- FIG. 32 is a diagram illustrating a configuration example of a controller.
- FIG. 33 is a diagram illustrating a configuration example of a packet processing table in one communication apparatus.
- FIG. 34 is a diagram showing a configuration example of a packet processing table in the other communication apparatus.
- FIG. 35 is a diagram showing a configuration example of a routing table in the network function NF.
- FIG. 36 is a diagram showing an example of a system configuration according to the seventh embodiment of the present invention.
- FIG. 37 is a diagram illustrating a configuration example of a packet processing table in one communication apparatus.
- FIG. 38 is a diagram illustrating a configuration example of a packet processing table in the other communication apparatus.
- FIG. 39 is a diagram showing a configuration example of a routing table in the network function NF.
- FIG. 1 shows a configuration example of a communication system according to the first embodiment of the present invention.
- Network Function (NF) Network Function
- Each NF 2 provides a communication service corresponding to the function of each NF 2. That is, the communication service that the communication data enjoys differs depending on the network function group through which the communication data passes. For example, in the example of FIG. 1, the communication data passing through the network function group (1) and the communication data passing through the network function group (2) enjoy different communication services by the NF 2 belonging to each group.
- the first embodiment provides a technique for interconnecting NF2 through which each communication passes (that is, a network function group through which each communication passes) so that the communication service enjoyed by each communication can be changed according to the communication. To do.
- the communication device 1 has a function of switching a network function group through which communication between “A” and “B” in the figure passes.
- the communication device 1 adds identification information corresponding to the network function group to the packet, and transmits the packet with the identification information to the NF 2.
- Each NF 2 has a function of transferring a packet to the NF 2 belonging to the network function group corresponding to the identification information based on the identification information. Therefore, the packet transmitted with the identification information added by the communication device 1 is transferred via the NF 2 corresponding to the identification information (that is, the network function group corresponding to the identification information).
- a in the figure is, for example, an access network that is a network to which a user terminal is connected via a wireless base station or a user's home device.
- B in the figure is a core network which is a communication line used as a communication center by the communication system, for example.
- the core network is, for example, LTE (Long Term Evolution) EPC (Evolved Packet Core) or the like.
- LTE Long Term Evolution
- EPC Evolved Packet Core
- Each NF 2 can execute functions such as BRAS, CPE, IPS (Intrusion Prevention System), Firewall, and the like.
- NF (a) corresponds to BRAS
- NF (b) corresponds to Firewall
- NF (c) corresponds to CPE
- NF (d) corresponds to IPS.
- functions that can be executed by the NF 2 of the present invention are not limited to the functions described above.
- FIG. 2 shows a configuration example of the communication device 1.
- the communication device 1 includes a packet processing unit 10, a transfer unit 11, and a table storage unit 12.
- the table storage unit 12 stores, for example, information in the format illustrated in FIG. 3 and FIG. 4 or FIG.
- the information format shown in FIG. 3-5 is an example, and the information format applied to the present invention is not limited to the format shown in FIG. 3-5.
- FIG. 3 shows an example of the group management table 110.
- the group management table 110 manages information related to the network function group of the communication system.
- the network function group represents, for example, a group formed by connecting a plurality of NFs 2.
- the group management table 110 stores a pseudo (Pseudo) network address set for each network function group.
- the group management gain table 110 has, for each network function group, a pseudo network address corresponding to communication destined for the access network (“A”) and a core network (“B”) as the destination.
- a pseudo network address corresponding to communication is stored.
- the pseudo network address is a pseudo network address assigned to each group in order to connect the NF 2 of each group.
- a plurality of pseudo network addresses may be associated with each group.
- the table 110 may store a plurality of pseudo network addresses for communication destined for the access network (“A”).
- the group management table 110 may include information for managing NFs 2 (NF (a)-(d) in the example of FIG. 3) forming each group, as in the example of FIG.
- the pseudo network address is dynamically assigned to the group, for example, in response to the formation of the network function group.
- FIG. 4 shows an example of the packet processing table 111 included in the communication device 1 on the access network (A) side.
- the packet processing table 111 is, for example, a correspondence table between the original address of the packet and the destination address after address conversion.
- the pseudo address (Pseudo Address) corresponds to the identification information corresponding to the network function group described above.
- FIG. 5 shows an example of the packet processing table 111 included in the communication device 1 on the core network (B) side.
- the packet processing table 111 is, for example, a correspondence table between the original address of the packet and the destination address after address conversion.
- the pseudo address corresponds to the identification information described above.
- the packet processing table 111 is generated by, for example, an operation manager of the communication system based on the group management table 110, for example. For example, the operation manager determines a network function group corresponding to user communication for each user of the communication system. In the example of FIG. 3-5, the operation manager assigns the network function group (1) to the user whose ID is “100.64.1.1”. Further, the operation manager assigns the network function group (2) to the user whose ID is “100.64.1.2”. Needless to say, a plurality of user IDs may be assigned to each group.
- the operation manager sends a predetermined ID from the user whose ID is “100.64.1.1” to the packet processing table 111 of the communication device 1 on the access network (A) side.
- the destination address of the packet transmitted to the destination (“100.64.2.1” in the example of FIG. 4) is converted into the pseudo address “10.0.0.1” corresponding to the network function group (1).
- Set the instructions to do For example, the operation manager assigns a pseudo address randomly selected from the addresses belonging to the pseudo network address assigned to the group to each user ID so as not to overlap among users.
- the operation manager adds the destination address converted by the communication device 1 on the access network (A) side to the packet processing table 111 of the communication device 1 on the core network (B) side.
- Set instructions to restore to original address For example, the operation manager instructs the packet processing table 111 to restore the destination address of the packet whose destination address is converted to “10.0.0.1” to the original “100.64.2.1”.
- Set. For example, the operation manager assigns a pseudo address randomly selected from the addresses belonging to the pseudo network address assigned to the group to each user ID so as not to overlap among users.
- the operation manager also sets the same instruction as above in the packet processing table 111 for the packet from the user whose ID is “100.64.1.2”.
- the operation manager indicates that the destination address is a pseudo address (for example, “10.1.0.1”) in the packet processing table 111 of the communication device 1 on the access network (A) side.
- An instruction to convert the destination address of the received packet into the user ID (“100.64.1.1”) of the network function group (1) corresponding to the pseudo address (“10.1.0.1”) is set.
- the operation manager sets a destination address as a pseudo address (for example, “10.1.1.1” in the packet processing table 111 of the communication device 1 on the access network (A) side. )
- the operation manager sets the destination address as the user ID (for example, “100.64.1.1”) in the packet processing table 111 of the communication device 1 on the core network (B) side.
- An instruction to convert the destination address of the received packet to a pseudo address (“10.1.0.1”) corresponding to the network function group (1) is set.
- the operation manager sets the destination address as the user ID (for example, “100.64.1.2” in the packet processing table 111 of the communication device 1 on the core network (B) side.
- An instruction to convert the destination address of the received packet “)” to a pseudo address (“10.1.1.1”) corresponding to the network function group (2) is set.
- the table storage unit 12 of the communication apparatus 1 only needs to hold the packet processing table 111 of FIG. 4, and does not need to hold the group management table 110 of FIG. 3.
- the device used when the operation manager sets the packet processing table 111 in the communication device 1 holds the group management table 110.
- the packet processing unit 10 assigns identification information to the packet based on the packet processing table 111 of the table storage unit 12. For example, the packet processing unit 10 searches the packet processing table 111 for a table entry corresponding to the original address based on the original address of the received packet. The packet processing unit 101 converts the destination address of the received packet into the address indicated by the retrieved entry.
- the transfer unit 11 transfers a packet to which identification information (for example, a pseudo address) is assigned to the NF 2. For example, the transfer unit 11 transfers the packet to the NF 2 corresponding to the identification information. In the example of FIG. 1, the transfer unit 11 transfers the packet whose destination is converted to the pseudo address “10.0.0.1” to the NF (a) belonging to the network function group (1) corresponding to the pseudo address. Forward.
- identification information for example, a pseudo address
- Each NF 2 executes a network function that each NF 2 can provide.
- Each NF 2 may be implemented by a dedicated device or may be implemented by software operating on a virtual machine (Virtual Machine (VM)).
- VM Virtual Machine
- NF2 is a network function corresponding to Firewall, packets are filtered according to a predetermined policy, and access control is executed.
- Each NF 2 (NF (a)-(d) in FIG. 1) has a function of routing a packet based on the identification information (pseudo address) given to the packet by the communication device 1.
- FIG. 6 shows an example of the routing table 20 that each NF 2 has. Each NF 2 routes the packet based on the routing table 20.
- the routing table 20 illustrated in FIG. 6 is a routing table for transferring packets corresponding to each of the network function groups (1) and (2) illustrated in the example of FIG. For example, the operation manager of the communication system creates, updates, and changes the routing table 20.
- the routing table 20 includes a network address corresponding to the pseudo address and next hop information corresponding to the network address (for example, a network interface (port) number corresponding to the next hop).
- next hop information corresponding to the network address (for example, a network interface (port) number corresponding to the next hop).
- NF (b) in the next hop information represents, for example, an address corresponding to NF (b).
- “communication device 1-1” represents the communication device 1 on the access network (A) side
- “communication device 1-2” represents the communication device 1 on the core network (B) side.
- Each NF 2 identifies, for example, the network address to which the pseudo address assigned to the packet by the communication device 1 belongs, and forwards the packet to the address corresponding to the identified next hop.
- FIG. 7 is a sequence diagram showing an operation example of the first embodiment. “A” and “B” in FIG. 7 correspond to “A” (access network) and “B” (core network) in FIG. 1, respectively.
- the communication device 1 When the communication device 1 receives the packet (operation S1), it adds identification information (for example, a pseudo address) to the packet based on the packet processing table 111 (operation S2). The communication device 1 transfers the packet with the identification information to the NF 2.
- identification information for example, a pseudo address
- Each NF 2 executes a network function that can be executed by each NF 2 (operation S3).
- Each NF 2 routes the packet based on the identification information given to the packet (operation S4).
- the communication device 1 When the communication device 1 receives the packet with the identification information, the communication device 1 deletes the identification information from the packet and restores the packet (operation S5).
- the destination address of the packet is rewritten with identification information (for example, a pseudo address)
- the communication device 1 that has received the packet via each NF 2 restores the rewritten destination address to the original address, and sends the packet to the destination Forward to address.
- Operations S1-S5 indicate operations related to communication transmitted from the access network (A) to the core network (B).
- Operations related to communication transmitted from the core network (B) to the access network (A) are shown in operations S6-S8. Since these operations are the same as the operations S1-S5, detailed description thereof is omitted.
- the communication device 1 adds identification information corresponding to the network function group to the packet, and transmits the packet with the identification information to the NF 2.
- Each NF 2 has a function of transferring a packet to the NF 2 belonging to the network function group corresponding to the identification information based on the identification information. That is, the packet transmitted with the identification information added by the communication device 1 is transferred via the NF 2 corresponding to the identification information (that is, the network function group corresponding to the identification information). Therefore, in the first embodiment, the communication service that can be provided by the communication system can be changed according to the communication.
- each NF 2 may manage only the network address corresponding to the network function group to which each NF 2 belongs by using the routing table 20. Therefore, each NF 2 may perform routing based on the network address, and may not have a special process or device for solving the problem of the present invention.
- the controller 3 centrally controls the operations of the plurality of communication devices 1. Since a plurality of communication devices 1 can be controlled in a centralized manner, the management efficiency of system operation by the operation manager of the communication system is improved.
- FIG. 8 shows a configuration example of the communication system of the second embodiment. A detailed description of the configuration already described in the first embodiment is omitted.
- the controller 3 controls the operation of the communication device 1 by a predetermined control protocol (for example, OpenFlow, I2RS (Interface to the Routing System), ForCES (Forwarding and Control Element Separation)).
- a predetermined control protocol for example, OpenFlow, I2RS (Interface to the Routing System), ForCES (Forwarding and Control Element Separation)
- the controller 3 controls the operation of the communication device 1 by creating / updating / changing the contents of the packet processing table 111 included in the communication device 1.
- FIG. 9 shows a configuration example of the controller 3.
- the controller 3 includes a table storage unit 30, an NF management unit 31, a table management unit 32, a control unit 33, and a user information storage unit 34.
- the table storage unit 30 stores, for example, the group management table 110 illustrated in FIG.
- the user information storage unit 34 stores a user management table 112 illustrated in FIG.
- the user management table 112 stores user IDs of various communication services provided by the communication system and network function groups associated with each user.
- the NF management unit 31 manages NF2 existing in the communication system.
- the NF management unit 31 manages network functions that can be executed by each NF 2 (that is, the type of NF such as CPE, BRAS, etc.), the connection configuration of each NF 2 (that is, the network topology configured by NF 2), and the like.
- the table management unit 32 creates a group management table 110 based on information managed by the NF management unit 31 and stores the group management table 110 in the table storage unit 30, for example. For example, the table management unit 32 acquires, from the NF management unit 31, information related to the NF 2 existing in the communication system and the network functions that can be executed by each NF 2. The table management unit 32 determines a network function group based on the acquired information. The table management unit 32 may determine a network function group based on an instruction from an operation manager of the communication system. Further, the table management unit 32 determines a pseudo network address to be assigned to each network function group. The table management unit 32 may determine a pseudo network address based on an instruction from an operation manager of the communication system, or may automatically determine a pseudo network address regardless of an instruction from the operation manager.
- the control unit 33 manages the packet processing table 111 of the communication device 1 based on the information stored in the user information storage unit 34 and the table storage unit 30. For example, the control unit 33 executes creation / update / change of the packet processing table 111 of the communication device 1 based on the user management table 112 and the group management table 110.
- the control unit 33 determines the correspondence between the ID of each user and the network function group based on the user management table 112 and the group management table 110, for example. For example, the control unit 33 associates the user ID “100.64.1.1” with the group (1). For example, the control unit 33 determines the correspondence between the user ID and the network function group based on a policy set by the operation manager (for example, an SLA (Service Level Agreement) contracted by each user). For example, the control unit 33 assigns groups to users so that the quality of communication services (for example, security level and communication quality) provided by the network function group assigned to the users corresponds to the user's SLA.
- a policy set by the operation manager for example, an SLA (Service Level Agreement) contracted by each user.
- SLA Service Level Agreement
- the control unit 33 stores the packet having the user ID “100.64.1.1” in the packet processing table 111 of the communication device 1 on the access network (A) side.
- An instruction to convert the destination address to a pseudo address “10.0.0.1” corresponding to the group (1) is set.
- the control unit 33 sets an instruction for restoring the destination address converted by the communication device 1 on the access network (A) side in the communication device 1 on the core network (B) side.
- the control unit 33 stores the packet whose destination address is the pseudo address “10.0.0.1” in the packet processing table 111 of the communication device 1 on the core network (B) side.
- An instruction to restore the destination address to the original destination address “100.64.2.1” is set.
- the control unit 33 converts the original destination address converted into a pseudo address by a certain communication device 1 (for example, a device on the access network (A) side) into the opposite communication device 1 (for example, the core network (B) side). Device). For example, the control unit 33 acquires the original destination address before conversion from the communication device 1 that has converted the destination address into a pseudo address. Based on the acquired original destination address, the control unit 33 sets an instruction for restoring the packet in which the destination address is converted, to the opposite communication device 1.
- a certain communication device 1 for example, a device on the access network (A) side
- the opposite communication device 1 for example, the core network (B) side.
- Device for example, the control unit 33 acquires the original destination address before conversion from the communication device 1 that has converted the destination address into a pseudo address. Based on the acquired original destination address, the control unit 33 sets an instruction for restoring the packet in which the destination address is converted, to the opposite communication device 1.
- the type of communication service for example, video distribution service
- the operation manager and the controller 3 can know in advance a destination (for example, a moving image distribution server) accessed by the user. Therefore, in such a case, the control unit 33 can set the packet processing table 111 in the packet processing table 111 of the communication apparatus 1 based on an address assumed as a destination accessed by the user. For example, in the example of FIG.
- the control unit 33 stores an address (for example, “100.64.2.1”, which is assumed as a user destination in the packet processing table 111 of the communication device 1 on the access network (A) side.
- An entry for address conversion is set based on “100.64.2.2” or the like.
- the packet processing unit 10 of the communication device 1 may inquire the controller 3.
- the communication device 1 on the access network (A) side receives a packet with a source address “100.64.1.1” and a destination address “100.64.2.1”. Assume that there is no entry for address translation of the packet.
- the packet processing unit 10 of the communication device 1 requests the controller 3 for an entry corresponding to the packet.
- the controller 33 of the controller 3 sets the destination address of the packet having the source address “100.64.1.1” and the destination address “100.64.2.1” as the pseudo address “10.0.0.1”.
- the entry to be converted to “ is set in the communication device 1 on the access network (A) side.
- the control unit 33 sets an entry for restoring the converted destination address to the original address “100.64.2.1” in the communication device 1 on the core network (B) side.
- Each communication device 1 can process subsequent similar packets by the entry set by the above operation.
- the controller 3 may transmit an instruction to the communication apparatus 1 via the network control apparatus 4 instead of directly transmitting an instruction to the communication apparatus 1.
- FIG. 11 shows an example in which the controller 3 transmits an instruction to the communication device 1 via the network control device 4.
- the controller 33 of the controller 3 instructs the network control device 4 to control the communication device 1.
- FIG. 12 shows a configuration example of the network control device 4.
- the network control device 4 includes a table storage unit 40, a control interface 41, and an NW control unit 42.
- the control interface 41 is a communication interface with the controller 3.
- the control interface 41 receives the group management table 110 from the control unit 33 of the controller 3 and stores the group management table 110 in the table storage unit 40.
- the control interface 41 receives user information (for example, a user ID, a policy such as SLA) managed by the controller 3.
- the NW control unit 42 executes creation / update / change of the packet processing table 111 of the communication apparatus 1 based on the information acquired from the controller 3 via the control interface 41 in the same manner as the control unit 33 described above. To do.
- FIG. 13 shows a configuration example of the network function (NF) 2.
- the NF 2 includes a routing table 20, a packet transfer unit 21, and a network function execution unit 22.
- the NF 2 may be a hardware device that executes a predetermined network function (for example, a network device 200 such as a server or an L2 / L3 device), or software that is executed on a virtual machine that is started by the network device 200. Good.
- a network device 200 such as a server or an L2 / L3 device
- software that is executed on a virtual machine that is started by the network device 200.
- the NF 2 is software
- the function of the NF 2 is executed by, for example, an application that operates in a virtual machine activated by the network device 200.
- the packet transfer unit 21 transfers the received packet to the network function execution unit 22.
- the network function execution unit 22 processes the transferred packet based on a predetermined network function.
- the packet transfer unit 21 transfers the packet processed by the network function execution unit 22 based on the routing table 20.
- the routing table 20 is, for example, the table illustrated in FIG.
- the NF 2 When the NF 2 is implemented by software operating on a virtual machine (VM), for example, the NF 2 is managed by the network function management device 6 (see FIG. 14).
- VM virtual machine
- the current communication system uses a dedicated appliance that is a hardware device for each network function in order to perform various network functions. Since such a dedicated appliance is required for the construction of the communication system, for example, when a new network service is started, the network operator is forced to introduce a new dedicated appliance. In order to introduce a dedicated appliance, the network operator pays a great deal of cost for purchasing the dedicated appliance, installation space, and the like.
- the network operator since the life cycle of the dedicated appliance is becoming shorter in recent years, the network operator has a problem that the life cycle of the appliance ends without obtaining sufficient profit from the installed dedicated appliance.
- the technology that builds the network function of the dedicated appliance by software can be a solution to the above-mentioned problems.
- a technique for dynamically connecting the network functions to construct a chain of network functions becomes more important. This is because it is assumed that the network function constructed by software is dynamically started up by a virtual machine or the like, and the network function of the system is frequently added. This is because it is assumed that it is required to provide a communication service connected to the network.
- FIG. 14 shows a configuration example of the network function management device 6.
- the network function management device 6 includes a communication unit 60 and a VM (Virtual Machine) manager 61.
- VM Virtual Machine
- the communication unit 60 is a communication interface with the controller 3.
- the VM manager 61 starts and stops the NF 2 by using a virtual machine, for example.
- the VM manager 61 moves (migrate) a virtual machine running on the server to another server.
- the operation manager of the communication system uses the VM manager 61 to start, stop, migrate, etc. the NF 2.
- the VM manager 61 notifies the controller 3 of information related to, for example, the NF 2 existing in the communication system and the network functions that can be executed by each NF 2.
- the controller 3 centrally controls the operations of the plurality of communication devices 1. Since a plurality of communication devices 1 can be controlled in a centralized manner, the management efficiency of system operation by the operation manager of the communication system is improved.
- a third embodiment of the present invention will be described.
- at least one of the first and second embodiments described above can be applied.
- the controller 3 controls the routing table 20 of NF2. Since the controller 3 can centrally manage the routing table 20 of each NF 2, the operational efficiency of the communication system is improved.
- FIG. 15 shows an example of the third embodiment.
- the controller 3 controls the routing table 20 of each NF 2 in the communication system illustrated in FIG.
- the controller 3 executes creation / change / update / deletion of the routing table 20.
- the control unit 33 of the controller 3 executes creation / change / update / deletion of the routing table 20.
- the configuration example of the controller 3 is the same as that of the above-described second embodiment, and thus detailed description thereof is omitted.
- the controller 3 controls the routing table 20 based on, for example, the group management table 110-2 illustrated in FIG.
- the group management table 110-2 has information indicating the connection configuration of the NF2.
- the controller 3 refers to the table 110-2 and recognizes the connection configuration of the NF 2 in each network function group.
- the controller 3 controls the routing table 20 based on the recognized connection configuration. For example, the controller 3 forms a chain of each NF 2 in the order of NF (c), NF (d), and NF (b) in the group (2) of FIG. Recognize that Therefore, in the communication from the access network (A) to the core network (B), the controller 3 has NF (d) as the next hop of NF (c) and NF (b) as the next hop of NF (d). Recognizing that there is, the routing table 20 of each NF 2 can be controlled.
- the controller 3 may control the routing table 20 of each NF 2 via the network control device 4 as shown in the example of FIG. Since the configuration example of the network control device 4 is the same as that of the second embodiment, detailed description thereof is omitted.
- the controller 3 controls the packet processing table 111 of the communication device 1 and the routing table 20 of the NF 2 according to the change or addition of the network function group. According to the fourth embodiment, the operation efficiency of the communication system is further improved.
- FIG. 18 shows an operation example of the fourth embodiment.
- the configuration of the network function group (1) in the communication system illustrated in FIG. 1 is changed.
- the connection configuration of the NF 2 in the network function group (1) is changed from “NF (a) -NF (b)” to “NF (a) -NF (d) -NF (b)”.
- FIG. 19 shows an example in which the group management table 110-2 is changed in accordance with the change of the NF2 connection configuration in the network function group.
- the NF2 connection configuration in the network function group (1) is changed, but the pseudo network address corresponding to the group (1) is not changed.
- the connection configuration of NF2 in each network function group is changed, the number of entries in the routing table 20 to be changed is suppressed by not changing the pseudo network address corresponding to each group. Can do.
- FIG. 20 shows an example of the changing operation of the routing table 20 in accordance with the change of the NF2 connection configuration exemplified in FIGS. 18 and 19.
- the controller 3 changes the entry of the routing table 20 in accordance with the change of the group management table 110-2.
- the controller 3 changes only the entry related to the change of the network function group.
- the first entry of NF (a) and the second entry of NF (b) are changed, and the third and fourth entries of NF (d) are changed.
- FIG. 21 shows an example when a new network function group is added.
- a network function group (3) formed by NF (e) and NF (b) is added.
- FIG. 22 shows an example of the group management table 110-2 to which an entry related to the group (3) is added.
- a new pseudo network address is added.
- the table management unit 32 of the controller 3 determines a pseudo network address to be assigned to the added group and sets it in the table 110-2.
- the controller 3 automatically assigns a pseudo network address to the added group, thereby reducing the management cost of the operation manager of the communication system.
- the controller 3 updates the packet processing table 111 of the communication device 1 in response to the update of the table 110-2.
- 23 and 24 show examples of the table 111 updated by the controller 3.
- the controller 3 determines users belonging to the added group (3) in accordance with, for example, an instruction from the operation manager. In the example of FIGS. 23 and 24, the controller 3 assigns a user whose user ID is “100.64.1.3” to the group (3).
- FIG. 23 shows an example of the packet processing table 111 of the communication device 1 on the access network (A) side.
- the controller 3 sets the destination address of the packet whose source is “100.64.1.3” to a pseudo address corresponding to the pseudo network address of the group (3) (in the example of FIG. 23, “10.2.0. An entry to be converted into 1 ′′) is set in the table 111.
- the controller 3 may automatically determine the pseudo address corresponding to the user ID from the pseudo addresses belonging to the range of the pseudo network address and set the pseudo addresses in the table 111. For example, the controller 3 randomly determines a pseudo address from addresses belonging to the range of the pseudo network address. Since the controller 3 automatically determines the pseudo address, the management cost of the operation manager of the communication system is reduced.
- the controller 3 changes the destination address of the packet (packet from the core network (B) to the access network (A)) destined for the pseudo address “10.2.1.1” of the group (3) to the group ( An entry for conversion to a user ID corresponding to 3) (“100.64.1.3” in the example of FIG. 23) is set in the table 111.
- FIG. 24 shows an example of the packet processing table 111 of the communication device 1 on the core network (B) side.
- the controller 3 sets the destination address of the packet whose destination is “100.64.1.3” to a pseudo address corresponding to the pseudo network address of the group (3) (in the example of FIG. 24, “10.2.1.1.1”).
- the entry to be converted into “) is set in the table 111.
- the controller 3 may automatically determine the pseudo address corresponding to the user ID from the pseudo addresses belonging to the range of the pseudo network address and set the pseudo addresses in the table 111. For example, the controller 3 randomly determines a pseudo address from addresses belonging to the range of the pseudo network address. Since the controller 3 automatically determines the pseudo address, the management cost of the operation manager of the communication system is reduced.
- the controller 3 converts the destination address of the packet (the packet from the access network (A) to the core network (B)) destined for the pseudo address “10.2.0.1” of the group (3) before the conversion.
- An entry for restoring to the destination address (“100.64.2.3" in the example of FIG. 24) is set in the table 111.
- FIG. 25 shows an example in which the controller 3 controls the routing table 20 of the NF 2 in accordance with the addition of the network function group.
- the controller 3 creates the NF (e) routing table 3 which is a network function newly added to the communication system. Further, the controller 3 adds a new entry corresponding to the added network function group (3) to the routing table 20 of the NF (b).
- the fifth embodiment includes a management device 5 for an operation manager of the communication system to manage the NF 2 and the network function group.
- the operation manager can manage the NF 2 and the network function group by using, for example, the GUI (Graphical User Interface) of the management apparatus 5, and the operation efficiency of the system is improved.
- GUI Graphic User Interface
- FIG. 26 shows a configuration example of the fifth embodiment.
- the controller 3 and the network function management device 6 are the same as the configuration examples shown in the above-described embodiments, and detailed description thereof is omitted.
- the configuration example of the communication system is the same as that in FIG.
- the management device 5 is a device for managing the NF 2 and the network function group in cooperation with the controller 3 and the network function management device 6, for example.
- the management device 5, the controller 3, and the network function management device 6 are separate devices, but the functions of the controller 3 or the network function management device 6 may be implemented in the management device 5.
- the management device 5 includes a UI (User Interface) display unit 500, a control unit 501, a communication unit 502, and a display 503.
- UI User Interface
- the UI display unit 500 has a function of displaying on the display 503 a UI for a user (operation manager or the like) of the management apparatus 5 to operate.
- the display 503 may be incorporated in the management device 5 or may be a device different from the management device 5.
- the communication unit 502 has a function of communicating with the controller 3 and the network function management device 6.
- the control unit 501 and the UI display unit 500 communicate with the controller 3 and the network function management device 6 via the communication unit 502.
- control unit 501 exchanges information regarding the network function group and NF 2 with the controller 3 and the network function management device 6 via the communication unit 502.
- the control unit 501 exchanges the controller 3 with the network function group management table 110 or 110-2.
- the control unit 501 exchanges, for example, information regarding the NF existing in the communication system (for example, information regarding the type of NF such as CPE, BRAS) with the network function management device 6.
- the UI display unit 500 displays a UI for the operation manager to operate on the display 503 using the information received from the controller 3 or the network function management device 6 by the control unit 501.
- the control unit 501 can generate information on the network function group (for example, group ID, pseudo network address corresponding to the group, type of NF2 included in the group, connection configuration of NF2 included in the group, and the like). It is.
- the control unit 501 generates the above information when, for example, a new network function group is created by the operator, or when the configuration of each group is changed.
- the table management unit 32 of the controller 3 receives the information created by the control unit 501 from the management device 5.
- the table management unit 32 can create, change or update the group management table 110 based on the received information, for example.
- the control unit 501 can instruct the controller 3 to control the communication device 1 or NF2.
- the control unit 501 can instruct the controller 3 to create, change, or update the packet processing table 111 of the communication device 1.
- the control unit 501 can instruct the controller 3 to create, change, or update the routing table 20 of NF2, for example.
- the control unit 33 of the controller 3 controls the communication device 1 and the NF 2 in accordance with an instruction from the management device 5.
- FIG. 27 shows an example of the design GUI 50 displayed on the display 503 by the UI display unit 500.
- the operation manager uses the design GUI 50 to manage the network function group.
- the design GUI 50 shown in FIG. 27 is an example, and the present invention is not limited to the GUI shown in FIG.
- the design GUI 50 includes, for example, an NF component window 51, a design window 52, and a group window 53.
- the NF component window 51 displays, for example, an icon representing NF2 that exists in the communication system and can be operated by the operation manager.
- icons representing BRAS, CPE, and Firewall are displayed as NF2.
- the UI display unit 500 displays an icon based on, for example, information acquired from the network function management device 6 (such as the type of NF 2 existing in the system).
- the operation manager can select an icon displayed in the window 51 by clicking with a mouse or the like, and move the icon to the design window 52 by a drag and drop (“Drag & Drop”) operation.
- a drag and drop (“Drag & Drop”) operation.
- the operation manager can create a network function group by, for example, performing an operation of linking icons moved to the design window 52.
- the icons “Downlink” and “Uplink” displayed in the design window 52 correspond to the access network (A) and the core network (B) shown in the example of the communication system of FIG. To do.
- the control unit 501 when the operation manager clicks the registration button 54 displayed in the design window 52, the control unit 501 generates information on the created network function group (for example, group ID, pseudo network address, etc.) Display on Box 55.
- the controller 3 may generate information such as a group ID and a pseudo network address.
- the control unit 501 receives these pieces of information from the controller 3 and displays them on the Box 55.
- the registered network function group ID and pseudo network address are added to the group window 53.
- the control unit 501 refers to, for example, the group management table 110 acquired from the controller 3 and determines a pseudo network address to be assigned to a newly created group from network addresses that are not assigned to existing groups. For example, the control unit 501 determines a pseudo network address corresponding to each of the uplink and downlink communication directions. The determined pseudo network address is displayed in Box 55. The control unit 501 may automatically determine an ID to be assigned to a newly created group. The determined ID is displayed in Box 55. As described above, when the controller 3 generates the group ID and the pseudo network address, for example, the table management unit 32 of the controller 3 determines the group ID and the pseudo network address by the same operation as the control unit 501 described above. To do.
- the control unit 501 notifies the table management unit 32 of the controller 3 that, for example, a network function group has been newly created.
- the control unit 501 transmits information on the newly created network function group (for example, the connection configuration of NF2 and NF2 belonging to the group, a pseudo network address, etc.) to the controller 3 via the communication unit 502.
- the NF management unit 31 and the table management unit 32 of the controller 3 update the network function group management table 110 based on the information received from the management device 5.
- the control unit 33 of the controller 3 can create, change, or update the routing table 20 of the NF 2 based on information about the newly created group in response to a notification from the control unit 501. is there.
- control unit 33 of the controller 3 executes creation, change, or update of the packet processing table 111 of the communication device 1 based on information about the newly created group in response to a notification from the control unit 501, for example. Is possible.
- the function of the controller 3 may be mounted on the management device 5, and the management device 5 may directly control the communication device 1 or NF 2.
- FIG. 28 shows a configuration example of a communication system including a newly created network function group.
- the controller 3 communicates with the communication device 1 (the communication device 1-1 on the access network (A) side and the communication device 1-2 on the core network (B) side). And NF2 (NF (BRAS) and NF (Firewall)) are controlled.
- NF2 NF (BRAS) and NF (Firewall)
- the control unit 501 notifies the controller 3 of the user assigned to the newly added group. For example, the operator inputs a list of users to be assigned to the group to the management device 5.
- the control unit 501 of the management device 5 can notify the controller 3 of the input list.
- the controller 3 updates the user information storage unit 34 based on the list notified from the management device 5. Based on the user ID assigned to the group and information on the group transmitted from the management device 5 (such as the connection configuration of the NF 2 in the group), the controller 3 performs packet processing tables of the communication devices 1-1 and 1-2. In 111, a new entry is set. Further, the controller 3 sets an entry in the routing table 20 of the NF 2 belonging to the newly added group.
- the controller 3 may control the communication device 1 and the NF 2 via the network control device 4.
- FIG. 29 shows an example in which the management apparatus 5 adds a new NF 2 to an already existing network function group.
- the UI display unit 500 displays the NF belonging to the group corresponding to the clicked ID in the design window 52.
- the group with the group ID “0002” includes NF (BRAS) and NF (Firewall).
- the UI display unit 500 displays information (such as a pseudo network address) regarding the group corresponding to the clicked ID. Also good.
- the operation manager drags and drops NF (CPE) and moves it to the design window 52, and creates a link between the NF (CPE), NF (BRAS), and the “Downlink” icon.
- CPE NF
- CPE is added to the group.
- the control unit 501 of the management apparatus 5 sends information related to the updated network function group to the controller 3 via the communication unit 502 (for example, the type of NF2 belonging to the group type, the connection configuration of NF2 in the group, and the pseudo network address) Etc.) to the controller 3.
- the NF management unit 31 and the table management unit 32 of the controller 3 update the network function group management table 110 based on the information received from the management device 5.
- the control unit 501 notifies the controller 3 that the connection configuration of the NF 2 of the group has been changed, and the controller 3 controls the communication device 1 and the NF 2 according to the notification.
- the function of the controller 3 may be mounted on the management device 5, and the management device 5 may directly control the communication device 1 or NF 2.
- FIG. 30 shows a configuration example of a communication system including a newly created network function group.
- the controller 3 communicates with the communication device 1 (the communication device 1-1 on the access network (A) side and the communication device 1-2 on the core network (B) side).
- NF2 NF (CPE), NF (BRAS), NF (Firewall)
- the control unit 501 notifies the controller 3 of the user assigned to the newly added group. For example, the operator inputs a list of users to be assigned to the group to the management device 5.
- the control unit 501 of the management device 5 can notify the controller 3 of the input list.
- the controller 3 updates the user information storage unit 34 based on the list notified from the management device 5.
- the controller 3 sets a new entry in the packet processing table 111 of the communication apparatuses 1-1 and 1-2 based on the user ID assigned to the group. Further, the controller 3 sets an entry in the routing table 20 of each NF2.
- the controller 3 may control the communication device 1 and the NF 2 via the network control device 4.
- the controller 3 or the network control device 4 can autonomously control the communication device 1 and the NF 2 according to the GUI operation by the operation manager. Therefore, the operation efficiency of the system by the operation manager is improved.
- each NF 2 performs packet transfer using a label by using a technology such as MPLS (Multi Protocol Label Switching).
- MPLS Multi Protocol Label Switching
- IP Internet Protocol
- other layer protocols can be supported.
- FIG. 31 shows a configuration example of the system of the sixth embodiment.
- the sixth embodiment has a controller 3A. Further, each NF 2 and the communication device 1 can execute packet transfer using labels.
- the configuration of the communication system is the same as the example shown in FIG.
- FIG. 32 shows a configuration example of the controller 3A.
- the controller 3 ⁇ / b> A has a label control unit 35 instead of the control unit 33. Since other configurations are the same as those of the above-described embodiment, detailed description thereof is omitted.
- the label control unit 35 controls the labels used by the communication device 1 and the NF 2 for packet transfer based on the group management table 110 and the user management table 112.
- the label control unit 35 refers to the group management table 110 and the user management table 112 to grasp the correspondence relationship between the user and the network function group. Based on the correspondence between the user and the network function group, the label control unit 35 sets an entry for executing label assignment (or label deletion) to the packet in the packet processing table 111 of the communication device 1. To do.
- the label control unit 35 refers to the group management table 110 and grasps the pseudo network address associated with each network function group.
- the label control unit 35 sets an entry for packet transfer using a label in the routing table 20 of each NF 2 based on the pseudo network address associated with each group.
- the table 111-2 is a table of the communication device 1 on the access network (A) side
- the table 111-3 is a table of the communication device 1 on the core network (B) side.
- FIG. 35 shows an example of the routing table 20-2 in the sixth embodiment.
- the group management table 110 is the same as the example shown in FIG.
- the label control unit 35 uses labels “A” and “A” to be used for packets belonging to the network function group (1) (packets from the access network (A) to the core network (B)). B ”and“ C ”are determined. Further, the label control unit 35 determines the labels used for the packets belonging to the group (1) (packets from the core network (B) to the access network (A)) as “Z”, “Y”, and “X”. To do.
- the label control unit 35 uses labels “a”, “a” used for packets belonging to the network function group (2) (packets from the access network (A) to the core network (B)). b ”and“ c ”are determined. Also, the label control unit 35 uses labels used for packets belonging to the group (2) (packets from the core network (B) to the access network (A)) “z”, “y”, “x”, “ w "” is determined.
- the label control unit 35 grasps the correspondence between the user and the group and the user ID (for example, the user's IP address) based on the group management table 110 and the user management table 112. Based on the grasped information, the label control unit 35 adds an entry instructing to give the label “A” to the packet belonging to the group (1) in the packet processing table 111-2 as shown in the example of FIG. Set. In the example of FIG. 33, the label control unit 35 sets an entry instructing the label “A” to be given to the packet whose transmission source is “100.64.1.1”. Further, as shown in the example of FIG.
- the label control unit 35 sets an entry instructing to delete a label when a packet belonging to the group (1) is received from the access network (A) side, as shown in the packet processing table 111. Set to -3. In the example of FIG. 34, the label control unit 35 sets an entry instructing to delete the packet label whose transmission source is “100.64.1.1”.
- the label control unit 35 sets an entry instructing to give the label “Z” to the packet belonging to the group (1) in the packet processing table 111-3. In the example of FIG. 34, the label control unit 35 sets an entry instructing to attach a label “Z” to a packet whose destination is “100.64.1.1”. In addition, as shown in the example of FIG. 33, the label control unit 35 sets an entry instructing to delete a label when a packet belonging to the group (1) is received from the core network (B) side, to the packet processing table 111. Set to -2. In the example of FIG. 33, the label control unit 35 sets an entry instructing to delete the label of the packet whose destination is “100.64.1.1”.
- the label control unit 35 performs the same setting as described above for the packets belonging to the group (2).
- the label control unit 35 sets an entry in the routing table 20-2 of each NF.
- the label control unit 35 selects the next hop according to “In Label” in the example of FIG. 35, that is, the label given to the received packet, and sets the label of the packet to be transferred to the label shown in “Out Label”. Set an entry to instruct replacement.
- the NF (a) belonging to the group (1) sets the next hop to NF according to the label “A” given to the packet by the communication device 1-1 according to the entry set by the label control unit 35. It determines with (b), and changes the label of the packet forwarded to NF (b) to "B". Further, the NF (b) belonging to the group (1) determines that the next hop is the communication device 1-2 based on the label “B” given by the NF (a) according to the entry set by the label control unit 35, and the communication The label of the packet transferred to the device 1-2 is changed to “C”. Receiving the packet with the label “C”, the communication device 1-2 deletes the label “C” according to the packet processing table 111-3 in FIG.
- NF2 at the edge of each network function group (for example, NF (c) and NF (b) in group (2) in the example of FIG. 31) has the same function as that of communication device 1. That's fine.
- each NF 2 performs packet transfer using a label using a technique such as MPLS.
- a technique such as MPLS.
- IP Internet Protocol
- other layer protocols can be supported.
- the label is determined for the pseudo network address corresponding to the network function group, an effect that the number of entries set in the communication device 1 or NF 2 can be reduced can be obtained.
- labels are determined based on destination addresses that can exist innumerably according to communication, it is assumed that the number of entries becomes enormous.
- the communication destination addresses are virtually aggregated by the pseudo network address assigned to the network function group, and each NF 2 performs packet routing based on the pseudo network address. By collecting the destination addresses into pseudo network addresses, the number of entries in the routing table of each NF 2 is compressed.
- a seventh embodiment of the present invention will be described.
- at least one of the above-described first to sixth embodiments can be applied.
- each NF 2 performs packet transfer by label using a technique such as MPLS.
- each NF 2 can further improve communication security by using a technology such as MPLS-VPN (Virtual Private Network).
- MPLS-VPN Virtual Private Network
- FIG. 36 shows a configuration example of the system of the seventh embodiment.
- the seventh embodiment includes a controller 3B. Further, each NF 2 and the communication device 1 can execute packet transfer using labels.
- the configuration of the communication system is the same as the example shown in FIG.
- the label control unit 35 of the controller 3B can control a VPN label to be added to the packet. Regarding the function of the label control unit 35, the description of the function described in the sixth embodiment is omitted.
- the label control unit 35 determines a virtual network label corresponding to each network function group.
- the label control unit 35 sets an entry related to the assignment or deletion of the virtual network label in the communication device 1 or NF2.
- the table 111-4 is a table of the communication device 1 on the access network (A) side
- the table 111-5 is a table of the communication device 1 on the core network (B) side.
- FIG. 39 shows an example of the routing table 20-3 in the seventh embodiment.
- the label control unit 35 determines “ ⁇ ” as the virtual network label used for packets belonging to the network function group (1).
- the label control unit 35 determines “ ⁇ ” as the virtual network label used for packets belonging to the network function group (2).
- the communication apparatus 1 executes the assignment and deletion of the virtual network label according to the packet processing tables 111-4 and 111-5 set by the label control unit 35.
- Each NF 2 forwards the packet based on the label attached to the packet.
- Each NF 2 transfers the packet without changing the virtual network label attached to the packet. Therefore, the value of the virtual network label of the packet does not change while passing through each NF2.
- the communication device 1 can separate the communication interface used for packet transfer according to the virtual network label.
- Each NF 2 can separate a communication interface used for packet transfer according to a virtual network label. That is, the packet passing through each NF 2 is virtually separated according to the virtual network label. Therefore, communication is separated for each network function group, and communication security is improved.
- the present invention is not limited to the above-described example, and for example, a configuration without the communication device 1 may be used.
- the NF 2 at the edge of each network function group for example, NF (c) and NF (b) in the group (2) in the example of FIG. 36
- the NF 2 at the edge of each network function group has the same function as the communication device 1. That's fine.
- each NF 2 can further improve communication security by using a technology such as MPLS-VPN.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
本発明の第1の実施形態を説明する。
本発明の第2の実施形態を説明する。第2の実施形態は、上述の第1の実施形態で開示された技術を適用可能である。
本発明の第3の実施形態を説明する。第3の実施形態は、上述の第1、第2の実施形態の少なくとも1つを適用可能である。
本発明の第4の実施形態を説明する。第4の実施形態は、上述の第1-3の実施形態の少なくとも1つを適用可能である。
本発明の第5の実施形態を説明する。第5の実施形態は、上述の第1-4の実施形態の少なくとも1つを適用可能である。
本発明の第6の実施形態を説明する。第6の実施形態は、上述の第1-5の実施形態の少なくとも1つを適用可能である。
本発明の第7の実施形態を説明する。第7の実施形態は、上述の第1-6の実施形態の少なくとも1つを適用可能である。
10 パケット処理部
11 転送部
110 グループ管理テーブル
111 パケット処理テーブル
112 ユーザ管理テーブル
12 テーブル記憶部
2 ネットワーク機能(NF)
20 ルーティングテーブル
21 パケット転送部
22 ネットワーク機能実行部
200 ネットワークデバイス
3 コントローラ
3A コントローラ
3B コントローラ
30 テーブル記憶部
31 NF管理部
32 テーブル管理部
33 制御部
34 ユーザ情報記憶部
4 ネットワーク制御装置
40 テーブル記憶部
41 制御インターフェース
42 NW制御部
5 管理装置
50 設計GUI
51 NFコンポーネントウィンドウ
52 設計ウィンドウ
53 グループウィンドウ
54 登録ボタン
55 Box
500 UI表示部
501 制御部
502 通信部
503 ディスプレイ
6 ネットワーク機能管理装置
60 通信部
61 VMマネージャー
Claims (36)
- 通信サービスを提供するためのネットワーク機能を実行可能な第一の手段と、
前記ネットワーク機能のグループに割り当てられたネットワークアドレスに対応するラベルを前記グループに属するパケットに付与し、当該パケットを、前記グループ内でのパケット転送を前記ラベルに基づいて実行する前記ネットワーク機能に、送信する第二の手段と
を有することを特徴とする通信システム。 - 前記第二の手段は、前記グループが形成されることに応じて当該グループに割り当てられたネットワークアドレスに対応付けられた前記ラベルを前記パケットに付与する
ことを特徴とする請求項1の通信システム。 - 前記第二の手段は、複数種類の前記ネットワーク機能により形成されたグループに割り当てられたネットワークアドレスに対応するラベルを付与する
ことを特徴とする請求項1または2の通信システム。 - 前記第二の手段は、
前記ネットワーク機能により形成されたグループに割り当てられたネットワークアドレスに対応する前記ラベルを前記パケットに付与し、
前記ラベルに対応する転送先を示す情報を有するテーブルを参照し、前記ラベルに対応する転送先にパケットを転送する前記ネットワーク機能に、前記パケットを送信する
ことを特徴とする請求項1乃至3のいずれか1項に記載の通信システム。 - 前記第一の手段は、前記グループを形成する前記ネットワーク機能が変更されたことに応じて、前記ラベルに対応する転送先を変更することが可能な前記ネットワーク機能を実行可能である
ことを特徴とする請求項1乃至4のいずれか1項の通信システム。 - 前記第一の手段は、複数の前記ネットワーク機能の接続構成が変更されたことに応じて、前記ラベルに対応する転送先を変更することが可能な前記ネットワーク機能を実行可能である
ことを特徴とする請求項1乃至5のいずれか1項の通信システム。 - 前記第二の手段は、前記パケットに付与された前記ラベルを削除する
ことを特徴とする請求項1乃至6のいずれか1項の通信システム。 - 前記第二の手段は、前記グループを経由する通信に割り当てられた仮想ネットワークを識別するための仮想ネットワークラベルを、前記グループに属するパケットに付与する
ことを特徴とする請求項1乃至7のいずれか1項の通信システム。 - 通信サービスを提供するためのネットワーク機能のグループに割り当てられたネットワークアドレスに対応するラベルを前記グループに属するパケットに付与する第一の手段と、
前記ラベルが付与された前記パケットを、前記グループ内でのパケット転送を前記ラベルに基づいて実行する前記ネットワーク機能に送信する第二の手段と
を有することを特徴とする通信装置。 - 前記第一の手段は、前記グループが形成されることに応じて当該グループに割り当てられたネットワークアドレスに対応付けられた前記ラベルを前記パケットに付与する
ことを特徴とする請求項9の通信装置。 - 前記第一の手段は、複数種類の前記ネットワーク機能により形成されたグループに割り当てられたネットワークアドレスに対応するラベルを付与する
ことを特徴とする請求項9または10の通信装置。 - 前記第一の手段は、前記ネットワーク機能により形成されたグループに割り当てられたネットワークアドレスに対応する前記ラベルを前記パケットに付与し、
前記第二の手段は、前記ラベルに対応する転送先を示す情報を有するテーブルを参照して前記ラベルに対応する転送先にパケットを転送する前記ネットワーク機能に、前記ラベルを付与したパケットを送信する
ことを特徴とする請求項9乃至11のいずれか1項に記載の通信装置。 - 前記第二の手段は、前記グループを形成する前記ネットワーク機能が変更されたことに応じて前記ラベルに対応する転送先が変更された前記ネットワーク機能に、前記ラベルを付与したパケットを送信する
ことを特徴とする請求項9乃至12のいずれか1項の通信装置。 - 前記第二の手段は、複数の前記ネットワーク機能の接続構成が変更されたことに応じて前記ラベルに対応する転送先が変更された前記ネットワーク機能に、前記ラベルが付与されたパケットを送信する
ことを特徴とする請求項9乃至13のいずれか1項の通信装置。 - 前記第一の手段は、前記パケットに付与された前記ラベルを削除する
ことを特徴とする請求項9乃至14のいずれか1項の通信装置。 - 前記第一の手段は、前記グループを経由する通信に割り当てられた仮想ネットワークを識別するための仮想ネットワークラベルを、前記グループに属するパケットに付与する
ことを特徴とする請求項9乃至15のいずれか1項の通信装置。 - 通信サービスを提供するためのネットワーク機能のグループに割り当てられたネットワークアドレスに対応するラベルを前記グループに属するパケットに付与することを、通信装置に指示する第一の手段と、
前記グループの少なくとも1つのネットワーク機能に、前記グループ内でのパケット転送を前記ラベルに基づいて実行することを指示する第二の手段と
を有することを特徴とする制御装置。 - 前記第一の手段は、前記グループが形成されることに応じて当該グループに割り当てられたネットワークアドレスに対応付けられた前記ラベルを前記パケットに付与することを、前記通信装置に指示する
ことを特徴とする請求項17の制御装置。 - 前記第一の手段は、複数種類の前記ネットワーク機能により形成されたグループに割り当てられたネットワークアドレスに対応するラベルを付与することを、前記通信装置に指示する
ことを特徴とする請求項17または18の制御装置。 - 前記第一の手段は、前記ネットワーク機能により形成されたグループに割り当てられたネットワークアドレスに対応する前記ラベルを前記パケットに付与することを前記通信装置に指示し、
前記第二の手段は、前記ラベルに対応する転送先を示す情報を有するテーブルを参照して前記ラベルに対応する転送先にパケットを転送することを、前記ネットワーク機能に指示する
ことを特徴とする請求項17乃至19のいずれか1項に記載の制御装置。 - 前記第二の手段は、前記グループを形成する前記ネットワーク機能が変更されたことに応じて、前記ラベルに対応する転送先を変更することを前記ネットワーク機能に指示する
ことを特徴とする請求項17乃至20のいずれか1項の制御装置。 - 前記第二の手段は、複数の前記ネットワーク機能の接続構成が変更されたことに応じて、前記ラベルに対応する転送先を変更することを前記ネットワーク機能に指示する
ことを特徴とする請求項17乃至21のいずれか1項の制御装置。 - 前記第一の手段は、前記パケットに付与された前記ラベルを削除することを前記通信装置に指示する
ことを特徴とする請求項17乃至22のいずれか1項の制御装置。 - 前記第一の手段は、前記グループを経由する通信に割り当てられた仮想ネットワークを識別するための仮想ネットワークラベルを、前記グループに属するパケットに付与することを前記通信装置に指示する
ことを特徴とする請求項17乃至23のいずれか1項の制御装置。 - 通信サービスを提供するためのネットワーク機能による通信処理を実行可能な第一の手段と、
前記ネットワーク機能のグループに割り当てられたネットワークアドレスに対応するラベルに基づいて、前記グループに属する他のネットワーク機能に対して前記パケットを転送可能な第二の手段と
を有することを特徴とするネットワークデバイス。 - 前記第一の手段は、前記グループが形成されることに応じて当該グループに割り当てられたネットワークアドレスに対応する前記ラベルに基づいて前記パケットを転送する
ことを特徴とする請求項25のネットワークデバイス。 - 前記第一の手段は、複数種類の前記ネットワーク機能により形成されたグループに割り当てられたネットワークアドレスに対応する前記ラベルに基づいて前記パケットを転送する
ことを特徴とする請求項25または26のネットワークデバイス。 - 前記第一の手段は、前記ネットワーク機能により形成されたグループに割り当てられたネットワークアドレスに対応する前記ラベルに基づいてパケットの転送先を示す情報を有するテーブルを参照し、前記ラベルに対応する転送先に前記パケットを転送する
ことを特徴とする請求項25乃至27のいずれか1項に記載のネットワークデバイス。 - 前記第二の手段は、前記グループを形成する前記ネットワーク機能が変更されたことに応じて前記ラベルに対応する転送先を変更可能である
ことを特徴とする請求項25乃至28のいずれか1項のネットワークデバイス。 - 前記第二の手段は、複数の前記ネットワーク機能の接続構成が変更されたことに応じて前記ラベルに対応する転送先を変更可能である
ことを特徴とする請求項25乃至29のいずれか1項のネットワークデバイス。 - 前記第二の手段は、前記グループを経由する通信に割り当てられた仮想ネットワークを識別するための仮想ネットワークラベルを、前記グループに属するパケットに付与する
ことを特徴とする請求項25乃至30のいずれか1項のネットワークデバイス。 - 通信サービスを提供するためのネットワーク機能のグループに割り当てられたネットワークアドレスに対応するラベルを前記グループに属するパケットに付与し、
前記ラベルが付与された前記パケットを、前記グループ内でのパケット転送を前記ラベルに基づいて実行する前記ネットワーク機能に送信する
ことを特徴とする通信方法。 - 通信サービスを提供するためのネットワーク機能のグループに割り当てられたネットワークアドレスに対応するラベルを前記グループに属するパケットに付与することを、通信装置に指示し、
前記グループの少なくとも1つのネットワーク機能に、前記グループ内でのパケット転送を前記ラベルに基づいて実行することを指示する
ことを特徴とする制御方法。 - 通信サービスを提供するためのネットワーク機能による通信処理を実行し、
前記ネットワーク機能により形成されるグループに割り当てられたネットワークアドレスに対応するラベルに基づいて、前記グループに属する他のネットワーク機能に対して前記パケットを転送する
ことを特徴とする通信方法。 - 通信サービスを提供するためのネットワーク機能により形成されるグループに割り当てられたネットワークアドレスに対応するラベルを前記グループに属するパケットに付与することを、通信装置に指示する処理と、
前記グループの少なくとも1つのネットワーク機能に、前記グループ内でのパケット転送を前記ラベルに基づいて実行することを指示する処理とを
コンピュータに実行させることを特徴とするプログラム。 - 通信サービスを提供するためのネットワーク機能による通信処理を実行する処理と、
前記ネットワーク機能により形成されるグループに割り当てられたネットワークアドレスに対応するラベルに基づいて、前記グループに属する他のネットワーク機能に対して前記パケットを転送する処理とを
コンピュータに実行させることを特徴とするプログラム。
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/909,024 US20160173370A1 (en) | 2013-07-30 | 2014-07-25 | Communication system, communication apparatus, control apparatus, network device, communication method, control method, and program |
JP2015529385A JP6428617B2 (ja) | 2013-07-30 | 2014-07-25 | 通信システム、通信装置、制御装置、ネットワークデバイス、通信方法、制御方法、および、プログラム |
EP14831876.9A EP3029895A4 (en) | 2013-07-30 | 2014-07-25 | Communication system, communication device, control device, network device, communication method, control method, and program |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2013-157945 | 2013-07-30 | ||
JP2013157945 | 2013-07-30 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2015015785A1 true WO2015015785A1 (ja) | 2015-02-05 |
Family
ID=52431343
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2014/003939 WO2015015785A1 (ja) | 2013-07-30 | 2014-07-25 | 通信システム、通信装置、制御装置、ネットワークデバイス、通信方法、制御方法、および、プログラム |
Country Status (4)
Country | Link |
---|---|
US (1) | US20160173370A1 (ja) |
EP (1) | EP3029895A4 (ja) |
JP (1) | JP6428617B2 (ja) |
WO (1) | WO2015015785A1 (ja) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017045586A1 (en) * | 2015-09-15 | 2017-03-23 | Huawei Technologies Co., Ltd. | Software defined topology (sdt) for user plane |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10321166B2 (en) | 2016-06-07 | 2019-06-11 | Orion Labs | Supplemental audio content for group communications |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2012161089A (ja) | 2012-04-13 | 2012-08-23 | Fujitsu Ltd | 無線端末装置 |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7328237B1 (en) * | 2002-07-25 | 2008-02-05 | Cisco Technology, Inc. | Technique for improving load balancing of traffic in a data network using source-side related information |
US7698455B2 (en) * | 2003-08-01 | 2010-04-13 | Foundry Networks, Inc. | Method for providing scalable multicast service in a virtual private LAN service |
US8743885B2 (en) * | 2011-05-03 | 2014-06-03 | Cisco Technology, Inc. | Mobile service routing in a network environment |
US20130124708A1 (en) * | 2011-11-10 | 2013-05-16 | Electronics And Telecommunications Research Institute | Method and system for adaptive composite service path management |
US8830834B2 (en) * | 2011-12-21 | 2014-09-09 | Cisco Technology, Inc. | Overlay-based packet steering |
US9825856B2 (en) * | 2014-01-06 | 2017-11-21 | Futurewei Technologies, Inc. | Service function chaining in a packet network |
-
2014
- 2014-07-25 US US14/909,024 patent/US20160173370A1/en not_active Abandoned
- 2014-07-25 WO PCT/JP2014/003939 patent/WO2015015785A1/ja active Application Filing
- 2014-07-25 EP EP14831876.9A patent/EP3029895A4/en not_active Withdrawn
- 2014-07-25 JP JP2015529385A patent/JP6428617B2/ja active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2012161089A (ja) | 2012-04-13 | 2012-08-23 | Fujitsu Ltd | 無線端末装置 |
Non-Patent Citations (3)
Title |
---|
See also references of EP3029895A4 |
W. LIU ET AL.: "Service Chaining Use Cases", DRAFT-LIU-SERVICE-CHAINING-USE-CASES-01, 15 July 2013 (2013-07-15), XP055313527, Retrieved from the Internet <URL:http://tools.ietf.org/html/draft-liu-service-chaining-use-cases-01> [retrieved on 20141023] * |
Y. JIANG: "An Architecture of Service Chaining", 27 June 2013 (2013-06-27), XP055313528, Retrieved from the Internet <URL:http://tools.ietf.org/html/draft-jiang-service-chaining-arch-00.txt> [retrieved on 20141023] * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017045586A1 (en) * | 2015-09-15 | 2017-03-23 | Huawei Technologies Co., Ltd. | Software defined topology (sdt) for user plane |
US10985990B2 (en) | 2015-09-15 | 2021-04-20 | Huawei Technologies Co., Ltd. | Software defined topology (SDT) for user plane |
Also Published As
Publication number | Publication date |
---|---|
JP6428617B2 (ja) | 2018-11-28 |
JPWO2015015785A1 (ja) | 2017-03-02 |
US20160173370A1 (en) | 2016-06-16 |
EP3029895A1 (en) | 2016-06-08 |
EP3029895A4 (en) | 2017-04-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6583509B2 (ja) | 制御装置、管理装置、制御方法、管理方法、および、プログラム | |
CN105591863B (zh) | 一种实现虚拟私有云网络与外部网络互通的方法和装置 | |
EP3425855B1 (en) | Network system, control device, method and program for building virtual network function | |
WO2016157864A1 (ja) | ネットワークシステム、ネットワーク制御方法および制御装置 | |
US20220360630A1 (en) | Network system, terminal, sensor data collection method, and program | |
JP6076275B2 (ja) | 通信ネットワークの経路制御連携システム及び方法 | |
JP5993817B2 (ja) | キャリア網における経路制御システム及び方法 | |
JP2016100739A (ja) | ネットワークシステム、ネットワークシステムの管理方法及びゲートウェイ装置 | |
JP2015156168A (ja) | データセンタのリソース配分システム及びデータセンタのリソース配分方法 | |
TW201707421A (zh) | 控制裝置、控制方法及程式 | |
WO2015015786A1 (ja) | 通信システム、通信装置、制御装置、ネットワークデバイス、通信方法、制御方法、および、プログラム | |
US20210204191A1 (en) | Inter-slice sharing in 5g core networks | |
US20210203639A1 (en) | Network system, control apparatus, method for constructing a virtual network, and program | |
TW201709699A (zh) | 控制裝置、控制方法及程式 | |
JP2013062775A (ja) | ネットワーク管理システム、及び装置 | |
KR101527377B1 (ko) | Sdn 기반의 서비스 체이닝 시스템 | |
JP6211975B2 (ja) | ネットワーク延伸システム、制御装置、およびネットワーク延伸方法 | |
JP6428617B2 (ja) | 通信システム、通信装置、制御装置、ネットワークデバイス、通信方法、制御方法、および、プログラム | |
WO2014080993A1 (ja) | 通信システム、仮想ネットワーク管理装置、通信ノード、通信方法及びプログラム | |
JP2017034309A (ja) | 仮想スイッチ制御システム及び方法 | |
WO2017017971A1 (ja) | データセンタ連携システム、および、その方法 | |
JP2016192660A (ja) | ネットワークシステム、ネットワーク制御方法、制御装置および運用管理装置 | |
JP2016192661A (ja) | ネットワークシステム、ネットワーク制御方法および制御装置 | |
JP6162831B2 (ja) | パケット通信システム、sdn制御装置、パケット通信方法、及びプログラム | |
TW201701621A (zh) | 控制裝置、控制方法及程式 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 14831876 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2015529385 Country of ref document: JP Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 14909024 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2014831876 Country of ref document: EP |