1. Field of the Invention
The present invention relates to management of data communications networks. More particularly, the present invention relates to an IP (Internet Protocol) address management system and method for managing IP addresses on a data communications network utilizing dynamic IP address assignment.
2. The Background
Data communications networks are widespread and there are many different types of networks, including LANs (Local Area Networks), MANs (Metropolitan Area Networks), and WANs (Wide Area Networks). They are used for providing numerous services, both for companies and for individuals. They provide a powerful communication mechanism and allow access to various kinds of remote information. Two or more networks connected together form an internetwork (or internet). The xe2x80x9cInternetxe2x80x9d is a worldwide internet widely used to connect universities, government offices, companies, and private individuals. Every host (or end-user""s machine running user applications) and router interface on the Internet has an IP address, which encodes its network number and host number. The combination is unique and no two machines have the same IP address. IP addresses are typically 32 bits long and are used in the source address and destination address fields of IP packets. The Source Address is the ultimate source of the IP packet; the Destination Address is the ultimate destination of the IP packet.
FIG. 1 illustrates IP address formats well known to those of ordinary skill in the art. The IP address formats are divided into five classes. The class A format, which begins with a xe2x80x9c0xe2x80x9d bit for indicating the class and has a 7-bit network address field and a 24-bit host address field, allows up to 126 networks with 16 million hosts each. The class B format beginning with the bit pattern xe2x80x9c10xe2x80x9d allows 16382 networks with up to 64K hosts each. The class C format beginning with the bit pattern xe2x80x9c110xe2x80x9d allows 2 million networks (e.g., LANS) with up to 254 hosts each. The class D format beginning with xe2x80x9c1110xe2x80x9d is for multicast in which a packet is directed to multiple hosts. Finally, the Class E format beginning with the bit pattern xe2x80x9c11110xe2x80x9d is reserved for future use. Network numbers are assigned by the InterNIC (Internet Network Information Center) or another administrative body in order to avoid conflicts.
These binary IP addresses are, however, rarely used by computer programs and humans to refer to hosts, mailboxes (for email), and other resources. Instead of binary numbers, ASCII strings, such as xe2x80x9ccompany.comxe2x80x9d are used. In order to avoid host name conflicts, these names are managed by the Domain Name System (DNS) (central to a domain), the Internet""s official naming system. The DNS provides a hierarchical, domain-based naming scheme and a distributed database system for implementing this naming scheme. That is, conceptually, the Internet is divided into several hundred top-level domains, where each domain covers many hosts. Each domain is partitioned into subdomains, which are further partitioned, and so on.
In the hierarchical scheme, each domain controls how it allocates its subdomains (i.e., the domains under it). To create a new domain, permission is required of the domain in which it will be included. Once a new domain has been created and registered, it can create subdomains without permission from any higher domain, and keep track of all of its own subdomains. The DNS is primarily used for mapping host names to IP addresses, but it can be used for other purposes.
Every domain, whether it represents a single host or is a top-level domain, can have a set of resource records associated with it. A resource record is, for example, a five-tuple including the fields of Domain_name, Time_to_live, Class, Type, and Value. The Domain_name field tells the domain to which the record applied, and thus the primary search key used to satisfy queries. When a query is made about a domain, all the matching records of the class requested are returned by the DNS. The Time_to_live field gives an indication of how stable the record is. Information that is highly stable is assigned a large value, such as 86400 (the number of seconds in one day). Information that is highly volatile is assigned a small value, such as 60 (one minute). For Internet information, the Class field is always xe2x80x9cINxe2x80x9d. The Type field tells what kind of record this is. The important types are, for example, SOA (Start of Authority), A (Address), MX (Mail exchange), NS (Name Server), PTR (Pointer), HINFO (Host information), TXT (Text), and the like. Finally, the Value field provides an actual value for the record. For example, an SOA record provides the name of the primary source of information about the name server""s zone (described below), and its value is parameters of this zone. The most important record type is the A (Address) record. It holds a 32-bit IP address for a certain host. Every Internet host must have at least one IP address, so that other machines can communicate with it. Some hosts have two or more network connections (through different interfaces), in which case they will have one type A resource record (e.g., IP address) per network connection.
The naming scheme of the DNS is implemented as a corresponding hierarchical database system. The DNS name space is divided up into non-overlapping zones. Each zone contains name servers holding the authoritative information about the zone. Normally, a zone has one primary name server and one or more secondary name servers. The primary server gets its information from a file on its disk, and secondary servers get their information from the primary name server.
To obtain resource records for a domain name, for example, to get the IP address for a host name, an application program calls a library procedure called the resolver, passing it the domain name as a parameter. The resolver sends a UDP (User Datagram Protocol) packet to one of the local name servers. For example, to map a host name onto an IP address, a resolver can send a query about the host name to a local name server. If the local name server has resource records for the domain (that is, the local name server has jurisdiction over the host name being sought), it returns the authoritative resource records. The xe2x80x9cauthoritativexe2x80x9d record is one that comes from the authority that manages the record and thus is always correct.
If, however, the domain is remote and no information about the requested domain is available locally, the name server sends a query message to the top-level name server for the domain requested. For example, when a user (DNS client) in San Francisco (SF) makes a query about John.rd.company.com for a local name server in SF, which does not have records for the host, the SF name server sends a UDP packet to the server for corn given in its database, com-server.net. It is unlikely that the com-server.net knows John.rd.company.com or rd.company.com, but it definitely knows company.com that is one of its own subdomains. Thus, com-server.net forwards the inquiry to company.com. In turn, company.com forwards the request to rd.company.com, which must have the authoritative resource records. The resource records requested are sent backward from rd.company.com to the SF name server.
Once these records get back to the SF name server, they will be entered into a cache there (local cache), in case they are needed later. However, this information is not authoritative, since changes made at rd.company.com will not be propagated to all the caches of local name servers that may know about it. For this reason, entries in a local cache should not live too long (i.e., the Time_to_live field is set to a small value).
The above query method is recursive, since each server that does not have the requested information goes and finds it somewhere, then reports back. Alternatively, when one local name server fails to find the desired records, it may return the name of the next local name server along the line to try. For example, SF name server may give the name of the San Jose name server when it cannot find a resource record for John.rd.company.com. This gives a DNS client more control over the search process.
The growth of the Internet appears to be exponential. Tens of thousands of networks are now connected to the Internet, and the number is close to doubling every year. Unfortunately, however, IP addresses are not infinite and it is rather expensive to procure more IP addresses. With the increase in the number of users of the Internet, Telcos (Telecommunication companies) and ISPs (Internet Service Providers) are faced with an increasing shortage of IP addresses.
The Dynamic Host Configuration Protocol (DHCP) has been developed to provide an automated assignment of IP addresses and to help solve the shortage of IP addresses. Conventional DHCP operation is as follows: When a DHCP client computer attempts an Internet connection, it broadcasts a DHCP request asking for any DHCP server on the network to provide it with an IP address and configuration parameters. A DHCP server on the network that is authorized to configure this client will offer an IP address by sending a reply to the client. Upon receiving this offer, the client may decide to accept it or wait for additional offers from other DHCP servers on the network. At the end, the client chooses and accepts one offer, and the chosen DHCP server sends an acknowledgement with the offered IP address having an associated xe2x80x9cleasexe2x80x9d time (and any other configuration parameters the client might have requested). During the lifetime of the lease, the client will repeatedly ask the server to renew. If the client chooses not to renew or if the client machine is shut down, the lease eventually expires. Once the lease expires, the IP address can be xe2x80x9crecycledxe2x80x9d and given to another machine.
The same IP address may not be issued to more than one user on the network. DHCP servers commonly verify addresses by using a xe2x80x9cpingxe2x80x9d service to determine that an IP address is not already in use. The ping utility broadcasts packets with a specific IP destination address. If there is a computer using that IP address on the network, it sends back a reply. However, this ping utility only works effectively in a small system such as a LAN and when all users on the network are running their computers. Also, depending upon the network load, routers are not obliged to respond to pings, hence ping is an unreliable mechanism. Ping is governed by the KMP protocol known to those of ordinary skill in the art.
Currently, the only solution for Telcos and ISPs to manage the shortage of IP addresses is to configure a Network Access Server (NAS) in each PoP (point of presence) so as to implement DHCP-like functionality with IP address pools so as to dynamically allocate IP addresses. That is, the NAS hands out IP addresses to users (end-users of the Telco or ISP) when the users log-in, and revokes them when the users log-out, making those IP addresses available to other users. Such mechanisms make it impossible to reliably (a) locate users by name; and (b) account for usage. A distributed DHCP server, for example, in a PoP, leases IP addresses from its IP address pool to be assigned to hosts on a temporary basis. This mechanism is more xe2x80x9cgranularxe2x80x9d and addresses the problems stated above. These xe2x80x9cdynamicxe2x80x9d IP addresses are compared with xe2x80x9cstaticxe2x80x9d IP addresses that are practically permanently allocated and recorded, typically, in DNS servers.
A DHCP server may maintain the lease information of IP addresses allocated to users. However, when a user logs-out, the IP address and the user name are removed from that lease information. Therefore, a user (or one machine) may be assigned more than one IP address on any given day. In cases where the address is managed by a NAS, the allocated address is not dynamically recorded in the DNS. In cases where a DHCP server hands out the IP address, the IP address record in the DNS may be dynamically updated. Such information on dynamic IP addresses is locally handled by respective DNS servers, for example, in respective PoPs, and is always changing. Therefore, when a dynamic IP address is handed to a user at a local NAS in a PoP, Telcos and ISPs, as well as any other NAS and peer users, have no way to reliably identify or account for network usage of the user (usually known by a fully-qualified domain name).
Some systems handle dynamic updates of IP addresses in DNS servers, in which DHCP servers automatically send IP address lease information to DNS servers. However, these xe2x80x9cDynamic DNSxe2x80x9d solutions are not scaleable for dealing with multiple DHCP servers spread across multiple PoPs. Because DHCP servers are currently all centralized servers, all IP requests and updates from the physically distributed users are back-hauled to the centralized DHCP server. Hence, apart from handling the IP address allocations, the DHCP servers also have to deal with updating the DNS server for every transaction.
Thus, a primary DNS server has no way to reliably identify users by their fully qualified domain names or IP addresses if the IP addresses are handed out by the NAS. This inability to identify users by their respective fully-qualified domain names or IP addresses is constantly being exacerbated because of (a) the increasing demand for network access; (b) the desire to use private IP addresses; and (c) the requirements of mobile or roaming users.
Accordingly, there is a need for a much more scaleable and distributed solution for managing dynamic IP addresses. Further, it is required that any solution use open and well-understood standards.
A method and apparatus for managing dynamic IP address allocation in a data communications network having a point of presence, a network access device associated with said point of presence, and user connections to users formed through the network access device. The system includes a protocol gateway in communication with the network access device, an authentication, authorization and accounting (AAA) server in communication with the protocol gateway, a dynamic IP allocation server in communication with the protocol gateway, a local memory in communication with the protocol gateway; and a local memory publisher, which periodically publishes the contents of the local memory over an information bus so that the contents may be received by subscribing entities.