1. Field of the Invention
The present invention relates to a node device and a method for controlling label switching path set up in inter-connected networks that utilize the label switching scheme.
2. Description of the Background Art
In the inter-connected networks such as backbones of campus networks or enterprise networks, or networks of network carriers or Internet service providers (ISP), it is possible to carry out the so called label switching at a node device such as a router for carrying out layer 3 packet communication such as that of IP (Internet Protocol), in which control information for allocating specific channel identifiers (labels) to specific packet streams is exchanged between nodes, and an input side label (and an input interface) and an output side label (and an output interface) allocated to individual stream are stored in each node, such that the actual packet transfer processing (switching processing) can be carried out according to correspondences among stored label values. In general, the label has a fixed length so that it becomes possible to realize a faster processing compared with a conventional scheme of transferring packets by analyzing variable length packet header information (such as a destination IP address pre-fix) while it also becomes possible to realize a flexible routing control.
The concrete applications of the label switching scheme include a case of applying it to the existing switching network such as that of ATM or frame relay, and a case of newly defining a label header to be used by a label switch and connecting the switch to LAN such as IEEE 802.3/Ethernet or PPP-over-SONET link.
A path through which packets are transferred by this label switching is called a label switching path (LSP). A node (a router or a host) that is a starting point of the LSP carries out transmission by assigning the identical label value to each packet stream defined from the header information of packets to be transmitted, while a router that is a relay point carries out transmission by determining an interface and a label value to which the packets are to be transmitted by referring to a label value of the received packet, and a node that is an ending point of the LSP carries out transmission by deleting the label of the received packet and determining an interface to which the packet is to be transmitted by referring to the header information.
By transferring packets using the LSP, it becomes possible for the router at a relay point of the LSP to carry out the packet transfer without referring to the headers of the layer 3 and the upper layer, so that it becomes possible to realize the improved transfer performance and the flexible routing control.
However, the use of LSP is also associated with the following problems. In the following description, physical or logical network units operated under the identical management policy such as the specific campus networks, enterprise networks, or ISP networks, will be referred to as network segments (or segments for short).
First, it is impossible for a relay router of the LSP to carry out the filtering processing (a processing for judging whether a received packet is to be transferred further or not according to the header information of the layer 3 and the upper layer) that has been carried out for each packet by a conventional router. This filtering processing has been carried out mainly for the purpose of limiting packets that flow into or out of some segment to those related to a specific source or destination, or those related to a specific upper layer protocol, in view of the security. When the LSP is used, the packet header cannot be referred if a relay point of the LSP is located at a boundary of segments, so that it becomes impossible to carry out this filtering processing.
Also, conventionally, neighboring segments have been determining a policy as to whether each one should carry out a relaying of packets from another by a mutual contract or the like, and carrying out the packet transfer permit/reject control (peering control) through a routing protocol according to the result of that determination (by not giving the routing information to a specific neighboring segment or by notifying the own preference regarding the segment passing along with the routing information). Although it is possible to carry out the similar control through the routing protocol even for the LSP set up that extends over segments, it is currently impossible to limit the LSP set up with respect to the neighboring segment according to conditions different from those of the routing protocol.
For example, since the label resource for the label switching is finite, there can be cases in which it is desired to execute such a policy control that the hop-by-hop packet relay transfer as carried out the ordinary router can still be carried out but the packet transfer based on LSP (the LSP set up that extends over segments) is limited. However, it is impossible to realize such a policy regarding the LSP set up according to the currently used routing protocol.
It is therefore an object of the present invention to provide a node device and a method for controlling label switching path set up, which are capable of maintaining the equivalent security function as the filtering function that has been carried out for each packet by a conventional router, by limiting the LSP set up and/or packet streams transferred by the LSP (which are identified by the address information such as source/destination addresses. the information regarding the upper layer, etc.), even in the case utilizing the label switching.
It is another object of the present invention to provide a node device and a method for controlling label switching path set up, which are capable of realizing the control regarding packet transfer with respect to the neighboring segment as realized in the conventional case while also realizing the control regarding the LSP set up permit/reject with respect to the neighboring segment or the control regarding acceptance permit/reject for packet streams flowing on the LSP, even in the case utilizing the label switching.
According to one aspect of the present invention there is provided a router device, comprising: a switch unit for carrying out a label switching with respect to entered packets according to a correspondence between an input side label for identifying a channel from which a packet stream is to be entered and an output side label for identifying a channel from which the packet stream is to be outputted; a memory unit for storing a policy information indicating a permitted starting point of a label switching path for which a packet transfer by the label switching is to be permitted; a receiving unit for receiving a request message for requesting a set up of a requested label switching path through the router device, the request message containing a starting point information indicating a starting point node/network of the requested label switching path and a stream information indicating a desired packet stream to be transferred through the requested label switching path; and a control unit for judging whether or not to permit the set up of the requested label switching path by comparing the starting point information contained in the request message as received by the receiving unit with the policy information as stored in the memory unit, and setting up the requested label switching path through the router device for the desired packet stream indicated by the stream information contained in the request message as received by the receiving unit when the set up of the requested label switching path is judged as permitted.
According to another aspect of the present invention there is provided a router device, comprising: a switch unit for carrying out a label switching with respect to entered packets according to a correspondence between an input side label for identifying a channel from which a packet stream is to be entered and an output side label for identifying a channel from which the packet stream is to be outputted; a memory unit for storing a policy information indicating a permitted neighboring node/network from which a packet transfer by the label switching is to be permitted; a receiving unit for receiving a request message for requesting a set up of a requested label switching path through the router device, the request message containing a message source information indicating a source of the request message and a stream information indicating a desired packet stream to be transferred through the requested label switching path; and a control unit for judging whether or not to permit the set up of the requested label switching path by comparing the message source information contained in the request message as received by the receiving unit with the policy information as stored in the memory unit, and setting up the requested label switching path through the router device for the desired packet stream indicated by the stream information contained in the request message as received by the receiving unit when the set up of the requested label switching path is judged as permitted.
According to another aspect of the present invention there is provided a router device, comprising: a switch unit for carrying out a label switching with respect to entered packets according to a correspondence between an input side label for identifying a channel from which a packet stream is to be entered and an output side label for identifying a channel from which the packet stream is to be outputted; a memory unit for storing a policy information indicating a permitted packet stream for which a packet transfer by the label switching is to be permitted; a receiving unit for receiving a request message for requesting a set up of a requested label switching path through the router device, the request message containing a stream information indicating a desired packet stream to be transferred through the requested label switching path; and a control unit for judging whether or not to permit the set up of the requested label switching path by comparing the stream information contained in the request message as received by the receiving unit with the policy information as stored in the memory unit, and setting up the requested label switching path through the router device for the desired packet stream indicated by the stream information contained in the request message as received by the receiving unit when the set up of the requested label switching path is judged as permitted.
According to another aspect of the present invention there is provided a router device, comprising: a switch unit for carrying out a label switching with respect to entered packets according to a correspondence between an input side label for identifying a channel from which a packet stream is to be entered and an output side label for identifying a channel from which the packet stream is to be outputted; a memory unit for storing a policy information indicating a permitted ending point of a label switching path for which a packet transfer by the label switching is to be permitted; a receiving unit for receiving a request message for requesting a set up of a requested label switching path through the router device, the request message containing a stream information indicating a desired packet stream to be transferred through the requested label switching path; and a control unit for judging whether or not to permit the set up of the requested label switching path by comparing an ending point information, which is either contained in the request message as received by the receiving unit or derived from the stream information contained in the request message as received by the receiving unit, with the policy information as stored in the memory unit, and setting up the requested label switching path through the router device for the desired packet stream indicated by the stream information contained in the request message as received by the receiving unit when the set up of the requested label switching path is judged as permitted.
According to another aspect of the present invention there is provided a method for controlling label switching path set up at a router device, comprising the steps of: storing a policy information indicating a permitted starting point of a label switching path for which a packet transfer by a label switching is to be permitted; receiving a request message for requesting a set up of a requested label switching path through the router device, the request message containing a starting point information indicating a starting point node/network of the requested label switching path and a stream information indicating a desired packet stream to be transferred through the requested label switching path; judging whether or not to permit the set up of the requested label switching path by comparing the starting point information contained in the request message as received by the receiving step with the policy information as stored by the storing step; and setting up the requested label switching path through the router device for the desired packet stream indicated by the stream information contained in the request message as received by the receiving step when the set up of the requested label switching path is judged as permitted by the judging step.
According to another aspect of the present invention there is provided a method for controlling label switching path set up at a router device, comprising the steps of: storing a policy information indicating a permitted neighboring node/network from which a packet transfer by a label switching is to be permitted; receiving a request message for requesting a set up of a requested label switching path through the router device, the request message containing a message source information indicating a source of the request message and a stream information indicating a desired packet stream to be transferred through the requested label switching path; judging whether or not to permit the set up of the requested label switching path by comparing the message source information contained in the request message as received by the receiving step with the policy information as stored by the storing step; and setting up the requested label switching path through the router device for the desired packet stream indicated by the stream information contained in the request message as received by the receiving step when the set up of the requested label switching path is judged as permitted by the judging step.
According to another aspect of the present invention there is provided a method for controlling label switching path set up at a router device, comprising the steps of: storing a policy information indicating a permitted packet stream for which a packet transfer by a label switching is to be permitted; receiving a request message for requesting a set up of a requested label switching path through the router device, the request message containing a stream information indicating a desired packet stream to be transferred through the requested label switching path; judging whether or not to permit the set up of the requested label switching path by comparing the stream information contained in the request message as received by the receiving step with the policy information as stored by the storing step; and setting up the requested label switching path through the router device for the desired packet stream indicated by the stream information contained in the request message as received by the receiving step when the set up of the requested label switching path is judged as permitted by the judging step.
According to another aspect of the present invention there is provided a method for controlling label switching path set up at a router device, comprising the steps of: storing a policy information indicating a permitted ending point of a label switching path for which a packet transfer by a label switching is to be permitted; receiving a request message for requesting a set up of a requested label switching path through the router device, the request message containing a stream information indicating a desired packet stream to be transferred through the requested label switching path; judging whether or not to permit the set up of the requested label switching path by comparing an ending point information, which is either contained in the request message as received by the receiving step or derived from the stream information contained in the request message as received by the receiving step, with the policy information as stored by the storing step; and setting up the requested label switching path through the router device for the desired packet stream indicated by the stream information contained in the request message as received by the receiving step when the set up of the requested label switching path is judged as permitted by the judging step.
Other features and advantages of the present invention will become apparent from the following description taken in conjunction with the accompanying drawings.