WO2018138761A1 - Appareil de passerelle - Google Patents

Appareil de passerelle Download PDF

Info

Publication number
WO2018138761A1
WO2018138761A1 PCT/JP2017/002274 JP2017002274W WO2018138761A1 WO 2018138761 A1 WO2018138761 A1 WO 2018138761A1 JP 2017002274 W JP2017002274 W JP 2017002274W WO 2018138761 A1 WO2018138761 A1 WO 2018138761A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
gateway device
gateway
resistance enhancement
control unit
Prior art date
Application number
PCT/JP2017/002274
Other languages
English (en)
Japanese (ja)
Inventor
聖信 大野
Original Assignee
三菱電機株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 三菱電機株式会社 filed Critical 三菱電機株式会社
Priority to PCT/JP2017/002274 priority Critical patent/WO2018138761A1/fr
Priority to JP2018563957A priority patent/JP6612475B2/ja
Publication of WO2018138761A1 publication Critical patent/WO2018138761A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways

Definitions

  • the present invention relates to a gateway device, and more particularly, to a gateway device that includes an active system and a standby system and is used in a redundant communication system.
  • the communication system described in Patent Document 1 is configured with an Active-Standby method in which one gateway device is operated as an active system and the other is a standby system, while suppressing the cost of the gateway device of the mobile network, Downtime at the time of failure has been reduced.
  • the transmission device described in Patent Document 2 detects heat generation due to a failure of the cooling device and switches from the active system to the standby system.
  • a DNS (Domain Name System) server and a security gateway are used as countermeasures against a DoS (Denial of Service) attack against a server set with a fixed IP (Internet Protocol) address. And cooperate.
  • JP 2010-63022 A International Publication No. 2009/081484 International Publication No. 2008/069043
  • the communication system described in Patent Document 1 has a redundant configuration in which active session information is transmitted to a standby system, thereby minimizing service stop time due to a failure.
  • the communication system described in Patent Document 1 does not consider security when attacked via a communication network, and attacks based on IP from a specific attacker via a local terminal or communication network There is a problem when receiving.
  • switching is performed by detecting heat generation due to a failure of the cooling apparatus.
  • switching to the standby gateway occurred due to a temperature increase due to an increase in the load on the CPU (Central Processing Unit) of the gateway device.
  • the standby system receives the same DoS attack and restarts.
  • the standby system when the active gateway device is attacked and the system is switched from the active gateway device to the standby gateway device, the standby system is subjected to the same attack as the active system attack.
  • the purpose is to prevent restart.
  • a gateway device includes an active system and a standby system, and is used together with another gateway device functioning as the active system and the standby system in a redundant communication system.
  • a gateway device that functions as a standby system and includes a plurality of resistance enhancement items that can be enabled or disabled with respect to security, and functions as the active system when the own device functions as the standby system.
  • Communication receiving first device information including first setting information indicating a resistance enhancement item enabled by the other gateway device from among the plurality of resistance enhancement items. And the other gateway device based on the first setting information when the device and the own device function as the standby system. And a device control unit that enables a resistance enhancement item that is invalidated in the other gateway device among the plurality of resistance enhancement items. To do.
  • the attack information is taken over from the active system to the standby system. Since the standby system improves attack resistance based on the information, even if the standby system receives the same attack as the attack on the active system, it can be prevented from being restarted.
  • FIG. 1 is a block diagram schematically showing a configuration of a communication system including a gateway device according to Embodiments 1 to 6.
  • FIG. 6 is a block diagram schematically showing a configuration of a gateway device according to Embodiments 1 to 6.
  • FIG. (A) And (B) is the schematic which shows the example of hardware constitutions.
  • 4 is a flowchart illustrating an operation of a gateway device functioning as an active system in the first embodiment.
  • 4 is a flowchart illustrating an operation of a gateway device functioning as a standby system in the first embodiment.
  • FIG. 6 is a sequence diagram illustrating a system switching operation of a redundant gateway device in the first embodiment.
  • 10 is a flowchart illustrating an operation of a gateway device functioning as an active system in the second embodiment.
  • Embodiment 3 it is the 1st flowchart which shows operation
  • 10 is a second flowchart showing the operation of the gateway device functioning as the active system in the third embodiment.
  • 14 is a flowchart illustrating an operation of a gateway device functioning as a standby system in the fourth embodiment.
  • 14 is a flowchart illustrating an operation of a gateway device functioning as an active system in the fifth embodiment.
  • Embodiment 6 it is the 2nd flowchart which shows operation
  • FIG. 1 is a block diagram schematically illustrating a configuration of a communication system 100 including a gateway device according to the first embodiment.
  • the communication system 100 includes two gateway devices 110A and 110B. Note that the gateway devices 110A and 110B are referred to as gateway devices 110 when it is not necessary to distinguish between them.
  • the communication system 100 includes a gateway device 110 that functions as an active system and a gateway device 110 that functions as a standby system, and is a redundant system.
  • the gateway device 110 includes a plurality of resistance enhancement items that can be enabled or disabled with respect to security.
  • the gateway device 110 is connected to the local terminals 101A, 101B, and 101C and the switching hub device 102. When it is not necessary to distinguish each of the local terminals 101A, 101B, and 101C, they are referred to as local terminals 101.
  • the gateway device 110 enables communication between the local terminal 101 and the network 103 via the switching hub device 102.
  • the two gateway devices 110A and 110B are made redundant.
  • the gateway device 110A is operated as an active system
  • the gateway device 110B is operated as a standby system.
  • the two gateway devices 110A and 110B are connected by wire or wirelessly, and can transmit and receive information.
  • the local terminal 101 is an information device including a portable terminal such as a notebook PC and a stationary apparatus such as a desktop PC.
  • the local terminal 101 is connected to the gateway device 110 by a wired or wireless connection such as a USB (Universal Serial Bus) and a LAN (Local Area Network), and can communicate between the local terminal 101 and the gateway device 110.
  • a wired or wireless connection such as a USB (Universal Serial Bus) and a LAN (Local Area Network)
  • the switching hub device 102 is connected to the gateway device 110 by a wired or wireless connection such as a LAN, and is connected to a network 103 that is a communication network.
  • a network 103 that is a communication network.
  • the switching hub device 102 is unnecessary.
  • the network 103 is a communication network using LTE (Long Term Evolution) and an optical line.
  • FIG. 2 is a block diagram schematically showing the configuration of the gateway device 110.
  • the gateway device 110 includes a data transfer unit 120, an information acquisition unit 130, a device state monitoring unit 140, a device information transmission unit 141, a device control unit 142, and a communication unit 143.
  • the data transfer unit 120 transfers data transmitted / received between the local terminals 101 and between the local terminals 101 and the network 103.
  • the data transfer unit 120 includes a plurality of interfaces (hereinafter referred to as I / F) 121A to 121D.
  • I / F interfaces
  • Each of the plurality of I / Fs 121A to 121D is connected to either the local terminal 101 or the switching hub device 102, for example.
  • Each of the plurality of I / Fs 121A to 121D includes temperature sensors 122A to 122D as temperature detection units for detecting the respective temperatures.
  • I / F 121 when it is not necessary to particularly distinguish each of the plurality of I / Fs 121A to 121D, this is referred to as I / F 121.
  • the temperature This is referred to as sensor 122.
  • the information acquisition unit 130 acquires various types of information in the gateway device 110. For example, the information acquisition unit 130 acquires abnormality determination information necessary for determining abnormality in the own device.
  • the information acquisition unit 130 includes a temperature information acquisition unit 131, a CPU information acquisition unit 132, a memory information acquisition unit 133, and a communication information acquisition unit 134.
  • the temperature information acquisition unit 131 acquires temperature information indicating the temperature of the data transfer unit 120. For example, the temperature information acquisition unit 131 reads temperature information indicating the temperature from the temperature sensor 122 provided in the I / F 121.
  • the CPU information acquisition unit 132 acquires CPU resource information indicating the state of a CPU resource described later provided in the gateway device 110, the operating status of the gateway device 110, and a restart factor.
  • the restart factor of the gateway device 110 is, for example, a factor such as reception of a restart command from software executed by the CPU provided in the gateway device 110 and stop of the operation of the software.
  • the memory information acquisition unit 133 acquires memory resource information indicating a state of a memory resource described later provided in the gateway device 110.
  • the communication information acquisition unit 134 acquires traffic information indicating the traffic state of the data transfer unit 120.
  • the device status monitoring unit 140 receives the information acquired by the information acquisition unit 130 and periodically checks the received information. For example, the device state monitoring unit 140 monitors the state of the own device based on the abnormality determination information acquired by the information acquisition unit 130, determines whether or not the own device needs to be restarted, The presence or absence of is determined.
  • the I / F 121 is a communication interface such as a wired LAN, a wireless LAN, or a USB, and the device state monitoring unit 140 includes the temperature, communication speed, communication direction, connection destination, and function of each of the I / Fs 121A to 121D. The validity or invalidity of the packet and the packet data during communication can be confirmed.
  • the device information transmission unit 141 transmits various information such as information from the device state monitoring unit 140 to the other gateway device 110 via the communication unit 143.
  • the device information transmission unit 141 when the own device is functioning as an active system, setting information indicating a resistance enhancement item enabled by the own device, takeover information for taking over the processing of the own device, And the apparatus information containing abnormality determination information required for determination of the presence or absence of abnormality in the own apparatus is transmitted to the gateway apparatus 110 functioning as a standby system.
  • the device information transmission unit 141 causes the communication unit 143 to transmit device information when the device state monitoring unit 140 determines that restart is necessary.
  • the device control unit 142 controls the internal operation of the gateway device 110 based on various types of information such as information from the device information transmission unit 141. For example, when the device control unit 142 is functioning as a standby system, the device control unit 142 is enabled by the gateway device 110 from the gateway device 110 functioning as the active system via the communication unit 143. Device information including setting information indicating a resistance enhancement item, takeover information for taking over the processing of the gateway device 110, and abnormality determination information necessary for determining whether there is an abnormality in the gateway device 110 is received. Then, based on the device information, the device control unit 142 sets the resistance enhancement item enabled in the active gateway device 110 and the resistance enhancement item disabled in the gateway device 110 in its own device. To enable. In the first embodiment, since the gateway device 110 functioning as the active system transmits device information when restarting, the device control unit 142 receives the device information from the communication unit 143. When this is done, the current processing is taken over and the resistance enhancement item is enabled as described above.
  • the communication unit 143 is a communication interface for communicating with another gateway device 110.
  • the communication unit 143 receives device information from the gateway device 110 functioning as an active system.
  • the communication unit 143 transmits the device information to the gateway device 110 functioning as a standby system when the own device functions as the active system.
  • the device information received by the communication unit 143 is also referred to as first device information.
  • the setting information, the takeover information, and the abnormality determination information included in the first device information are the first setting information, the first information, This is also referred to as takeover information and first abnormality determination information.
  • the device information transmitted from the communication unit 143 is also referred to as second device information.
  • the setting information, the takeover information, and the abnormality determination information included in the second device information are respectively set to the second setting information, the second information, It is also called takeover information and second abnormality determination information.
  • a part or all of the information acquisition unit 130, the device state monitoring unit 140, the device information transmission unit 141, and the device control unit 142 described above may include, for example, the memory 10 as illustrated in FIG. And a processor 11 such as a CPU that executes a program stored in the memory 10. Such a program may be provided through a network, or may be provided by being recorded on a recording medium.
  • a part or all of the information acquisition unit 130, the device state monitoring unit 140, the device information transmission unit 141, and the device control unit 142 may be configured as a single circuit, a composite, as illustrated in FIG. A circuit, a programmed processor, a parallel programmed processor, an ASIC (Application Specific Integrated Circuits), or an FPGA (Field Programmable Gate Array) can also be configured.
  • a circuit a programmed processor, a parallel programmed processor, an ASIC (Application Specific Integrated Circuits), or an FPGA (Field Programmable Gate Array) can also be configured.
  • FIG. 4 is a flowchart showing the operation of the gateway device 110 functioning as the active system.
  • Each unit included in the information acquisition unit 130 sends a predetermined fixed signal to the apparatus state monitoring unit 140 regularly or irregularly.
  • the fixed signal indicates information acquired by each unit included in the information acquisition unit 130.
  • the device state monitoring unit 140 monitors the restart factor based on the information sent from the CPU information acquisition unit 132 (S10). Then, the device status monitoring unit 140 detects whether or not the gateway device 110 has been requested to restart (S11). For example, when the information sent from the CPU information acquisition unit 132 indicates a software restart command or a software operation stop, the device state monitoring unit 140 detects that there is a restart request. If there is a request for restart (Yes in S11), the process proceeds to step S12.
  • step S12 the device state monitoring unit 140 refers to an abnormality list stored in advance, and whether or not the information acquired by each unit included in the information acquisition unit 130 matches a condition determined to be abnormal. Determine whether. As a result, if the apparatus state monitoring unit 140 determines that an abnormality has occurred in the apparatus (Yes in S13), the process proceeds to step S14.
  • step S ⁇ b> 14 the device information transmission unit 141 receives information sent from each unit included in the information acquisition unit 130 and each I such as MAC address filtering, packet filtering, and bandwidth limitation stored in the device control unit 142.
  • the control information of / F121 is sent as device information to the device control unit 142 of the gateway device 110 that is a standby system via the communication unit 143 (S14).
  • the device control unit 142 stops the operation of the gateway device 110 and enters a standby state (S15).
  • the abnormality of the device in step S12 is an increase or decrease in traffic due to an attack from the outside, communication at an unused port, a sudden temperature change of the I / F 121, a CPU usage rate or a memory usage rate of a running application.
  • the user defines in advance what will be abnormal.
  • FIG. 5 is a flowchart showing the operation of the gateway device 110 functioning as a standby system.
  • the device control unit 142 in the standby state waits until the communication unit 143 receives the device information sent from the device information transmission unit 141 of the active gateway device 110 (S20). If the device information arrives (Yes in S21), the process proceeds to step S22.
  • step S ⁇ b> 22 the device control unit 142 determines whether it is possible to identify a location where an abnormality has occurred from the received device information. In addition, when the location where the abnormality has occurred can be identified, and the content of the abnormality can be identified therefrom, the device control unit 142 also identifies the content of the abnormality. Next, the apparatus control part 142 selects the thing corresponding to the determination result in step S22 from the some tolerance reinforcement
  • the durability enhancement items include, for example, condition changes such as MAC address filtering and packet filtering that are operating in the gateway device 110, application suspension, uninstallation and reinstallation, communication speed limitation or communication suspension of the data transfer unit 120
  • condition changes such as MAC address filtering and packet filtering that are operating in the gateway device 110
  • application suspension uninstallation and reinstallation
  • communication speed limitation or communication suspension of the data transfer unit 120
  • the data transfer unit 120 itself has a power supply stop or a degenerate operation.
  • priorities are set in advance corresponding to the determination result in step S22, and the device control unit 142 selects the resistance enhancement items based on the priorities. For example, when the abnormal part cannot be specified, the abnormal part can be specified but the abnormal content cannot be specified, and when the abnormal part and the abnormal content can be specified, the priority order is set in advance in the resistance enhancement item. Specifically, when an abnormal part cannot be specified, “I / F 121 in which an abnormality is likely to occur is listed in advance in a list so that the order in which the abnormality is likely to occur is known. / F121 is invalidated or priority is given to “stop an application with a high CPU load”. Further, when an abnormal location can be identified but the content of the abnormality cannot be identified, a priority order is set according to the identified abnormal location.
  • a priority is provided for each combination of the abnormal location and the abnormal content. For example, when it is determined that the CPU usage rate is abnormal, a priority order such as “stop in order from an application with a high CPU load” is set. Further, when it is determined that the specific I / F 121 has abnormal heat generation, the resistance enhancement items are selected in the following order of priority 1 to 4.
  • Priority 1 Limit the communication speed of a specific I / F 121.
  • Priority 2 Stop communication of a specific I / F 121.
  • Priority 3 The specific I / F 121 itself is stopped.
  • Priority 4 The communication speed is also limited to the peripheral I / F 121 around the specific I / F 121.
  • the device control unit 142 may hold a history of resistance enhancement items selected by the own device, specify the priority order to be selected based on the history, and perform the selection in step S23.
  • the device control unit 142 determines whether or not the durability enhancement item selected in step S23 is already enabled in the active gateway device 110 that has sent the device information (S24). If it is not enabled, in other words, if it is invalid (No in S24), the process proceeds to step S25. If it is enabled (Yes in S24), the process proceeds to step S26.
  • step S25 the device control unit 142 validates the resistance enhancement item selected in step S23, and sets the resistance enhancement item enabled in the gateway device 110 that has sent the device information acquired in step S21. It is also enabled on its own device. In other words, the resistance enhancement items that are already enabled in the active gateway device 110 and are still disabled in the local device are also enabled.
  • step S26 the device control unit 142 selects a resistance enhancement item according to a predetermined order and validates the resistance enhancement item.
  • the order is determined in advance for the resistance enhancement items, and the device control unit 142 enables the earliest one of the resistance enhancement items that have not yet been enabled.
  • the device control unit 142 also enables the resistance enhancement item enabled by the gateway device 110 that has transmitted the device information acquired in step S21 also in the own device.
  • the device control unit 142 starts the activation of the gateway device 110 and operates as an active system (S27).
  • the device control unit 142 takes over the processing in the active gateway device 110 based on the takeover information included in the received device information.
  • FIG. 6 is a sequence diagram showing a system switching operation of the gateway device 110 made redundant.
  • “# 1” is given to the reference numerals of the respective parts constituting the gateway device 110A
  • “# 2” is assigned to the reference numerals of the respective parts constituting the gateway apparatus 110B.
  • the device information transmission unit 141 # 1 sends the device information to the gateway device 110B, and the gateway device 110A enters a standby state. (S31).
  • the device control unit 142 # 2 of the gateway device 110B adds a new resistance enhancement item based on the received device information, and activates and activates the resistance enhancement item (S40, S41).
  • the device state monitoring unit 140 # 2 of the gateway device 110B detects a restart request (S42)
  • the device information transmission unit 141 # 2 sends the device information to the gateway device 110A in the standby state, and the gateway device 110B shifts to a standby state (S43).
  • the device control unit 142 # 1 of the gateway device 110A that has been in the standby state adds another resistance enhancement item based on the received device information, so that another resistance enhancement item activated in step S40 is provided. A resistance enhancement item is added and activated (S32, S33).
  • the device state monitoring unit 140 # 1 of the gateway device 110A detects a restart request (S34)
  • the device information transmission unit 141 # 1 sends the device information to the gateway device 110B in the standby state, and the gateway device 110A shifts to a standby state (S35).
  • the device control unit 142 # 2 of the gateway device 110B adds a new resistance enhancement item based on the received device information, and activates and activates the resistance enhancement item (S44, S45).
  • the gateway device 110A and the gateway device 110B reinforce the resistance against abnormality by repeating the addition of the resistance enhancement item upon restart.
  • the gateway device 110 of the first embodiment each time the gateway device 110 is restarted due to an attack, the resistance becomes strong, and the communication system 100 can continue to operate without repeating the restart. Can do.
  • FIG. 1 the communication system 200 according to the second embodiment includes two gateway devices 210A and 210B. Note that the gateway devices 210A and 210B are referred to as gateway devices 210 when it is not necessary to distinguish between them.
  • the gateway device 210 includes a data transfer unit 120, an information acquisition unit 130, a device state monitoring unit 240, a device information transmission unit 141, and a device control unit. 242 and a communication unit 143.
  • the gateway device 210 according to the second embodiment is configured in the same manner as the gateway device 110 according to the first embodiment except for the device state monitoring unit 240 and the device control unit 242.
  • the device state monitoring unit 240 receives the information acquired by the information acquisition unit 130 and periodically checks the received information.
  • the apparatus state monitoring unit 140 determines whether or not the above has been made after detecting whether or not there has been a request for restart based on the information acquired by the information acquisition unit 130.
  • the apparatus state monitoring unit 240 in the second mode detects whether or not there is a restart request after determining the presence or absence of an abnormality based on the information acquired by the information acquisition unit 130.
  • the device control unit 242 controls the operation inside the gateway device 210 based on various information such as information from the device information transmission unit 141.
  • the device control unit 142 in the first embodiment adds and validates the resistance enhancement item when starting up, but the device control unit 242 in the second embodiment has an abnormality in the device state monitoring unit 240.
  • resistance enhancement items are added and activated.
  • the apparatus control unit 242 adds and activates a resistance enhancement item when the apparatus state monitoring unit 240 determines abnormality without waiting for detection of restart of the gateway apparatus 210, and copes with the abnormality. Try.
  • the device control unit 242 shifts the processing to the gateway device 210 functioning as a standby system with enhanced durability.
  • the second embodiment is different from the first embodiment in that the resistance enhancement item is not added and activated at the time of restart, but the resistance enhancement item is added and activated when an abnormality is detected. ing.
  • FIG. 7 is a flowchart showing the operation of the gateway device 210 functioning as the active system.
  • the apparatus state monitoring unit 240 periodically collects information from the information acquisition unit 130 (S50). Then, the device state monitoring unit 240 refers to an abnormality list stored in advance, and determines whether or not the information acquired by each unit included in the information acquisition unit 130 matches a condition determined to be abnormal. judge. As a result, when the apparatus state monitoring unit 240 determines that an abnormality has occurred in the apparatus (Yes in S52), the process proceeds to step S53.
  • step S53 the device state monitoring unit 240 detects whether the gateway device 210 has been requested to restart. If there is a request for restart (Yes in S53), the process proceeds to step S54. If there is no request for restart (No in S53), the process proceeds to step S56.
  • step S54 the device information transmission unit 141 sends the device information to the device control unit 242 of the gateway device 210 that is a standby system. Thereafter, the device control unit 242 stops the operation of the gateway device 210 and enters a standby state (S55).
  • step S ⁇ b> 56 the device control unit 242 determines whether it is possible to identify the location where an abnormality has occurred from the information collected by the device state monitoring unit 240. In addition, when the location where the abnormality has occurred can be identified, the device control unit 242 also identifies the content of the abnormality. Next, the apparatus control part 242 selects the thing corresponding to the determination result in step S56 from a plurality of predetermined resistance enhancement items (S57).
  • the durability enhancement item has a priority for the determination result in step S56, and the device control unit 242 selects the resistance enhancement item based on the priority.
  • the resistance enhancement items selected here are limited to those that can be enabled without requiring a restart.
  • the device control unit 242 determines whether or not the resistance enhancement item selected in step S57 is already enabled (S58). If not enabled, in other words, if disabled (No in S58), the process proceeds to step S59. If enabled (Yes in S58), the process proceeds to step S60.
  • step S59 the device control unit 242 validates the tolerance enhancement item selected in step S57.
  • step S60 the device control unit 242 selects a resistance enhancement item according to a predetermined order and validates the resistance enhancement item.
  • the order of the resistance enhancement items is determined in advance, and the device control unit 242 validates the item with the earliest order among the resistance enhancement items that have not yet been validated.
  • the resistance enhancement items that are enabled here are limited to those that can be enabled without requiring a restart.
  • gateway device 210 functioning as a standby system is the same as in the first embodiment.
  • the second embodiment has an effect of reducing the number of times of switching between the gateway devices 210 by enabling the resistance enhancement and attempting early recovery without waiting for detection of restart. Further, by strengthening the durability enhancement in the gateway device 210 functioning as the active system, the gateway device 210 functioning as the standby system can be started up with a further enhanced resistance.
  • Embodiment 3 FIG. As shown in FIG. 1, the communication system 300 according to the third embodiment includes two gateway devices 310A and 310B. When there is no need to distinguish between the two gateway devices 310A and 310B, they are referred to as gateway devices 310.
  • the gateway device 310 includes a data transfer unit 120, an information acquisition unit 130, a device state monitoring unit 340, a device information transmission unit 141, and a device control unit. 342 and a communication unit 143.
  • the gateway device 310 according to the third embodiment is configured in the same manner as the gateway device 110 according to the first embodiment except for the device state monitoring unit 340 and the device control unit 342.
  • the device state monitoring unit 340 receives the information acquired by the information acquisition unit 130 and periodically checks the received information.
  • the device state monitoring unit 140 determines whether there is an abnormality after detecting whether there is a restart request based on the information acquired by the information acquisition unit 130.
  • the device state monitoring unit 340 in the third form detects whether or not there is a restart request after determining whether there is an abnormality based on the information acquired by the information acquisition unit 130.
  • the device control unit 342 controls the internal operation of the gateway device 310 based on various information such as information from the device information transmission unit 141.
  • the device control unit 142 according to the first embodiment adds and validates the resistance enhancement item when activated, but the device control unit 342 according to the third embodiment is similar to the device control unit 242 according to the second embodiment.
  • the apparatus state monitoring unit 340 determines that there is an abnormality
  • the resistance enhancement item is added and validated.
  • the device control unit 242 in the second embodiment performs addition and validation of a resistance enhancement item that does not need to be restarted, but the device control unit 342 in the third embodiment has a tolerance that requires restart. Strengthening items have also been added and activated.
  • the device control unit 342 causes the device information transmission unit 141 and the communication unit 143 to transmit device information to the standby gateway device 310 so that it can be used as the active system. After the processing is handed over to the standby gateway apparatus 310, the tolerance enhancement item is enabled.
  • step S70 to S78 shown in FIGS. 8 and 9 are flowcharts showing the operation of the gateway device 310 functioning as the active system.
  • the processing from step S70 to S78 shown in FIGS. 8 and 9 is the same as the processing from step S50 to S58 shown in FIG.
  • step S78 of FIG. 9 if the selected resistance enhancement item is not validated, in other words, if the selected tolerance enhancement item is invalidated (No in S78), the process proceeds to step S78.
  • the process proceeds to S79, and if the selected resistance enhancement item is enabled (Yes in S78), the process proceeds to step S81.
  • step S79 the device control unit 342 determines whether or not the resistance enhancement item selected in step S77 requires restarting. If restart is not necessary (No in S79), the process proceeds to step S80. If restart is necessary (Yes in S79), the process proceeds to step S83. In step S80, the device control unit 342 validates the resistance enhancement item selected in step S77. Then, the process returns to step S70 in FIG.
  • step S78 if the selected resistance enhancement item is enabled (Yes in S78), the process proceeds to step S81.
  • step S81 the device control unit 342 selects a resistance enhancement item according to a predetermined order, and determines whether or not the selected resistance enhancement item requires restart. If the restart is not necessary (No in S81), the process proceeds to Step S82, and if the restart is necessary (Yes in S81), the process proceeds to Step S83.
  • step S82 the apparatus control unit 342 enables the resistance enhancement item selected in step S81. Then, the process returns to step S70 in FIG.
  • step S83 the device information transmission unit 141 sends the device information to the device control unit 342 of the gateway device 310 that is a standby system via the communication unit 143.
  • the device control unit 342 periodically checks the state of the gateway device 310 that is the standby system (S84), and determines whether the standby system is ready for operation (S85). If the standby system is ready for operation (Yes in S84), the process proceeds to step S86. In step S86, the device control unit 342 stops the operation of the gateway device 310 and enters a standby state.
  • the operation of the gateway device 310 functioning as a standby system is the same as in the first embodiment.
  • the device control unit 342 of the gateway device 310 functioning as a standby system starts to start the gateway device 310 when receiving the device information.
  • the device control unit 342 of the gateway device 310 functioning as a standby system functions as an active system via the device information transmission unit 141 and the communication unit 143 when the activation is completed to a predetermined stage. It reports to the gateway device 310 that the activation has been completed. Based on such a report, the apparatus control unit 342 performs the determination in step S85 of FIG.
  • the gateway device 310 instead of restarting due to an attack or the like, the gateway device 310 itself determines whether it is necessary, restarts, and performs system switching. There is an effect that can be shortened. Further, by receiving the activation completion of the gateway device 310, it is possible to perform the system switching process after confirming that the system switching destination is operating reliably.
  • Embodiment 4 FIG. As shown in FIG. 1, the communication system 400 according to the fourth embodiment includes two gateway devices 410A and 410B. In addition, when there is no need to distinguish each of the two gateway devices 410A and 410B, they are referred to as gateway devices 410.
  • the gateway device 410 according to the fourth embodiment includes a data transfer unit 120, an information acquisition unit 130, a device state monitoring unit 440, a device information transmission unit 441, and a device control unit. 442 and a communication unit 143.
  • the gateway device 410 according to the fourth embodiment is configured in the same manner as the gateway device 110 according to the first embodiment, except for the device state monitoring unit 440, the device information transmission unit 441, and the device control unit 442.
  • the device status monitoring unit 440 receives the information acquired by the information acquisition unit 130 and periodically checks the received information. As in the first embodiment, the apparatus state monitoring unit 440 according to the fourth embodiment detects whether there is an abnormality after detecting whether there is a restart request based on the information acquired by the information acquisition unit 130. Judgment.
  • the device information transmission unit 441 sends the device information to the device control unit 442 of the gateway device 410 that is a standby system sequentially via the communication unit 143 as well as at the time of system switching.
  • the device control unit 442 controls the internal operation of the gateway device 410 based on various information such as information from the device information transmission unit 441.
  • device information is sent from the gateway device 110 functioning as the active system at the time of system switching.
  • device information is sent not only at the time of system switching but also sequentially. Come.
  • the device control unit 442 according to the fourth embodiment determines whether to activate the resistance enhancement item or perform activation based on the transmitted device information.
  • the operation of the gateway device 410 functioning as the active system is the same as that of the first embodiment. However, as described above, the device status monitoring unit 440 sequentially transmits device information to the standby system.
  • FIG. 10 is a flowchart showing the operation of the gateway device 410 functioning as a standby system.
  • the communication unit 143 receives the device information sent from the device information transmission unit 441 of the active gateway device 410 (S90)
  • the device control unit 442 in the standby state receives the active device information based on the received device information. It is determined whether or not an abnormality has occurred in the gateway device 410 (S91).
  • the abnormality here includes a case where the device information from the working gateway device 410 is interrupted.
  • the device control unit 442 determines that an abnormality has occurred even when device information from the active gateway device 410 is not received for a predetermined period. If an abnormality has occurred (Yes in S91), the process proceeds to step S92.
  • step S92 the device control unit 442 determines whether it is possible to identify a location where an abnormality has occurred from the received device information.
  • the device control unit 442 also specifies the content of the abnormality.
  • the I / F 121 and the application that have been operating immediately before are determined as an abnormality occurrence location from the device information received immediately before.
  • the device control unit 442 selects the item corresponding to the determination result in step S92 from a plurality of predetermined resistance enhancement items based on the predetermined priority (S93).
  • the device control unit 442 determines whether or not the durability enhancement item selected in step S93 is already enabled in the standby gateway device 310 (S94). If the selected resistance enhancement item is not enabled, in other words, if the selected resistance enhancement item is invalid (No in S94), the process proceeds to step S95, and the selected resistance enhancement item is selected. If it is enabled (Yes in S94), the process proceeds to step S96.
  • step S95 the device control unit 442 validates the resistance enhancement item selected in step S93 and selects the resistance enhancement item validated in the gateway device 310 that has sent the device information acquired in step S90. It is also enabled on its own device. When an abnormality that the device information is interrupted is detected, the device control unit 442 may specify the resistance enhancement item to be activated from the device information received immediately before. On the other hand, in step S96, the device control unit 442 selects a resistance enhancement item according to a predetermined order and validates the resistance enhancement item. Furthermore, the device control unit 442 enables the resistance enhancement item enabled by the gateway device 310 that has transmitted the device information acquired in step S90 also in the own device. When an abnormality that the device information is interrupted is detected, the device control unit 442 may specify the resistance enhancement item to be activated from the device information received immediately before.
  • the device control unit 442 refers to the received device information and determines whether or not the gateway device 410 functioning as the active system is restarted (S97). If the gateway device 410 functioning as the active system restarts (Yes in S97), the process proceeds to step S98, and if the gateway device 410 functioning as the active system does not restart (S97) No), the process returns to step S90.
  • the device control unit 442 determines that the gateway device 410 functioning as the active system is restarted even when the device information is interrupted.
  • step S98 the device control unit 442 starts activation of the gateway device 410 and operates as an active system.
  • the gateway device 410 that is a standby system receives information from before the occurrence of an abnormality in the active gateway device 410, instead of receiving information when the system is restarted.
  • the gateway device 410 that is a standby system can enhance tolerance even when an abnormality occurs in the gateway device 410 that is an active system and device information cannot be received.
  • the gateway device 410 that is the active system stops and the device information is interrupted the system can continue to operate.
  • Embodiment 5 the communication system 500 according to the fifth embodiment includes two gateway devices 510A and 510B. Note that the gateway devices 510A and 510B are referred to as gateway devices 510 when it is not necessary to distinguish between them.
  • the gateway device 510 includes a data transfer unit 120, an information acquisition unit 130, a device state monitoring unit 540, a device information transmission unit 541, and a device control unit. 542 and a communication unit 143.
  • the gateway device 510 according to the fifth embodiment is configured in the same manner as the gateway device 110 according to the first embodiment except for the device state monitoring unit 540, the device information transmission unit 541, and the device control unit 542.
  • the device state monitoring unit 540 receives the information acquired by the information acquisition unit 130 and periodically checks the received information.
  • the device state monitoring unit 140 determines whether there is an abnormality after detecting whether there is a restart request based on the information acquired by the information acquisition unit 130.
  • the device state monitoring unit 540 in the fifth embodiment detects whether there is a restart request after determining the presence or absence of an abnormality based on the information acquired by the information acquisition unit 130, as in the second embodiment. .
  • the device information transmission unit 541 not only at the time of system switching, but every time the device control unit 542 newly activates the resistance enhancement item, the device control unit 542 of the gateway device 510 that is a standby system via the communication unit 143. Send to.
  • the device control unit 542 controls the operation inside the gateway device 510 based on various information such as information from the device information transmission unit 541.
  • the device control unit 142 according to the first embodiment adds and validates the resistance enhancement item when activated, but the device control unit 542 according to the fifth embodiment is similar to the second embodiment in the device state. Even when the monitoring unit 540 detects that there is an abnormality, it adds and activates a resistance enhancement item.
  • device information is sent from the gateway device 110 functioning as the active system at the time of system switching. However, in the fifth embodiment, not only the system switching but also a new resistance enhancement item is effective. The device information is sent each time it is set.
  • the device control unit 542 according to the fifth embodiment determines whether to activate the resistance enhancement item or perform activation based on the transmitted device information.
  • FIG. 11 is a flowchart showing the operation of the gateway device 510 functioning as the active system.
  • the processing from step S100 to S110 shown in FIG. 11 is the same as the processing from step S50 to S60 shown in FIG. However, the processing proceeds to step S111 after the processing of steps S109 and S110 in FIG.
  • step S111 the device information transmission unit 541 sends the device information to the device control unit 542 of the gateway device 510 which is a standby system via the communication unit 143.
  • gateway device 510 functioning as a standby system is the same as in the fourth embodiment.
  • the active gateway device 510 stops and the device information is interrupted.
  • the standby gateway apparatus 510 can be activated in a state where the tolerance is strengthened.
  • Embodiment 6 the communication system 600 according to the sixth embodiment includes two gateway devices 610A and 610B. Note that the gateway devices 610 ⁇ / b> A and 610 ⁇ / b> B are referred to as gateway devices 610 when it is not necessary to distinguish between them.
  • the gateway device 610 includes a data transfer unit 120, an information acquisition unit 130, a device state monitoring unit 640, a device information transmission unit 641, and a device control unit. 642 and a communication unit 143.
  • the gateway device 610 according to the sixth embodiment is configured in the same manner as the gateway device 110 according to the first embodiment, except for the device state monitoring unit 640, the device information transmission unit 641, and the device control unit 642.
  • the device status monitoring unit 640 receives the information acquired by the information acquisition unit 130 and periodically checks the received information.
  • the device state monitoring unit 140 determines whether there is an abnormality after detecting whether there is a restart request based on the information acquired by the information acquisition unit 130.
  • the device state monitoring unit 640 according to the sixth aspect detects whether there is a restart request after determining whether there is an abnormality based on the information acquired by the information acquisition unit 130.
  • the device information transmission unit 641 sends the device information to the gateway device 610 that is a standby system via the communication unit 143 every time the device control unit 642 newly activates the durability enhancement item, not only at the time of system switching. It is sent to the control unit 642.
  • the device control unit 642 controls the internal operation of the gateway device 610 based on various information such as information from the device information transmission unit 641.
  • the device control unit 142 according to the first embodiment adds and validates the resistance enhancement item when activated, but the device control unit 642 according to the sixth embodiment is similar to the device control unit 342 according to the third embodiment.
  • the apparatus state monitoring unit 640 detects that there is an abnormality, the resistance enhancement item is added and validated.
  • step S120 to S136 shown in FIGS. 12 and 13 are flowcharts showing the operation of the gateway device 610 functioning as the active system.
  • the process from step S120 to S136 shown in FIGS. 12 and 13 is the same as the process from step S70 to S86 shown in FIGS.
  • step S137 the process proceeds to step S137
  • step S138 of FIG. 13 the process proceeds to step S138.
  • the device information transmission unit 641 sends the device information to the device control unit 642 of the gateway device 610 that is a standby system via the communication unit 143.
  • gateway device 610 functioning as a standby system is the same as in the fourth embodiment.
  • the active gateway device 610 stops and the device information is interrupted.
  • the standby gateway device 610 can be activated in a state in which resistance is strengthened.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

L'invention concerne un appareil de passerelle comprenant : une unité de communication (143) qui, dans un cas où l'appareil de passerelle fonctionne en tant que système de veille, reçoit, en provenance d'un autre appareil de passerelle (110) fonctionnant en tant que système actif, des premières informations d'appareil comprenant des premières informations de réglage indiquant, parmi une pluralité d'éléments d'amélioration de résistance, un élément d'amélioration de résistance qui est activé dans l'autre appareil de passerelle (110) ; et une unité de commande d'appareil (142) qui, dans le cas où l'appareil de passerelle fonctionne en tant que système de veille, active, sur la base des premières informations de réglage, l'élément d'amélioration de résistance activé dans l'autre appareil de passerelle (110) et, parmi la pluralité d'éléments d'amélioration de résistance, un élément d'amélioration de résistance qui est désactivé dans l'autre appareil de passerelle (110).
PCT/JP2017/002274 2017-01-24 2017-01-24 Appareil de passerelle WO2018138761A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/JP2017/002274 WO2018138761A1 (fr) 2017-01-24 2017-01-24 Appareil de passerelle
JP2018563957A JP6612475B2 (ja) 2017-01-24 2017-01-24 ゲートウェイ装置

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2017/002274 WO2018138761A1 (fr) 2017-01-24 2017-01-24 Appareil de passerelle

Publications (1)

Publication Number Publication Date
WO2018138761A1 true WO2018138761A1 (fr) 2018-08-02

Family

ID=62979118

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2017/002274 WO2018138761A1 (fr) 2017-01-24 2017-01-24 Appareil de passerelle

Country Status (2)

Country Link
JP (1) JP6612475B2 (fr)
WO (1) WO2018138761A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2020025198A (ja) * 2018-08-07 2020-02-13 日本電信電話株式会社 管理装置および管理方法
JP2021040215A (ja) * 2019-09-02 2021-03-11 富士通株式会社 スイッチ装置及び情報処理システム

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001256138A (ja) * 2000-03-13 2001-09-21 Nippon Telegraph & Telephone East Corp 不正アクセス対応型サーバ切替方法および装置
JP2015008521A (ja) * 2010-06-30 2015-01-15 沖電気工業株式会社 通信制御装置及びプログラム、並びに、通信システム

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001256138A (ja) * 2000-03-13 2001-09-21 Nippon Telegraph & Telephone East Corp 不正アクセス対応型サーバ切替方法および装置
JP2015008521A (ja) * 2010-06-30 2015-01-15 沖電気工業株式会社 通信制御装置及びプログラム、並びに、通信システム

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2020025198A (ja) * 2018-08-07 2020-02-13 日本電信電話株式会社 管理装置および管理方法
JP7073976B2 (ja) 2018-08-07 2022-05-24 日本電信電話株式会社 管理装置および管理方法
US11463515B2 (en) 2018-08-07 2022-10-04 Nippon Telegraph And Telephone Corporation Management device and management method
JP2021040215A (ja) * 2019-09-02 2021-03-11 富士通株式会社 スイッチ装置及び情報処理システム
JP7283314B2 (ja) 2019-09-02 2023-05-30 富士通株式会社 スイッチ装置及び情報処理システム

Also Published As

Publication number Publication date
JP6612475B2 (ja) 2019-11-27
JPWO2018138761A1 (ja) 2019-04-04

Similar Documents

Publication Publication Date Title
US10938710B2 (en) Protection switching method and system, and network device
EP2562970B1 (fr) Commutateur et procédé de régulation avec table des flux
JP5377091B2 (ja) 情報処理装置及びその制御方法
CN106161109B (zh) 网络异常自恢复方法
JP5272263B2 (ja) ロードバランス型ネットワーク環境におけるインテリジェントフェイルオーバー
JP6612475B2 (ja) ゲートウェイ装置
US8874944B2 (en) Communication device
JP2004032103A (ja) ネットワークシステム及びサーバ切り替え方法
CN112835749B (zh) 一种双机热备容灾的软件自动切换控制方法
JP5387227B2 (ja) ネットワークマネージャ機器による設定変更方法及びプログラム、ネットワーク機器の制御方法及びプログラム、ネットワークマネージャ機器及びネットワーク機器
JP2004171370A (ja) 冗長構成におけるクライアント/サーバ間のアドレス制御方式および方法
WO2010126488A1 (fr) Interface de réseau
CN109586986B (zh) 网络设备切换的方法、装置、设备及存储介质
JP2005204189A (ja) アクセスユーザ管理システム、アクセスユーザ管理装置
JP3859490B2 (ja) 通信路のスイッチ接続制御システム
US7730168B2 (en) Method and apparatus for assigning packet addresses to a plurality of devices
CN109286575B (zh) 报文优先级配置方法、装置及网络设备
WO2012132101A1 (fr) Dispositif de traitement d'informations, et programme de réaction aux défaillances
JP2011018106A (ja) 通信プロトコル処理装置およびその方法
JP2007221395A (ja) ネットワーク端末装置
EP3618479B1 (fr) Commande de l'accès d'utilisateurs à un réseau sans fil
JP5675554B2 (ja) ネットワーク通信機器、電子機器、およびプログラム
WO2015067094A1 (fr) Procédé de protection contre les anomalies pour liaison de communications basée sur un terminal h.248
JP6870337B2 (ja) 画像形成装置、アクセス支援方法、およびコンピュータプログラム
JP2006129094A (ja) 冗長サーバシステム及びサーバ装置

Legal Events

Date Code Title Description
ENP Entry into the national phase

Ref document number: 2018563957

Country of ref document: JP

Kind code of ref document: A

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17894241

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17894241

Country of ref document: EP

Kind code of ref document: A1