1. Field of the Invention
This invention relates to a router for use in various kinds of networks, such as the Internet.
2. Prior Art
As is well known in the art, communication over the Internet is controlled according to a suite of protocols referred to as Transmission Control Protocol/Internet Protocol (TCP/IP). When data (file) is sent over the Internet, the TCP at the sending end divides the data into packets and add, to each packet, information indicative of a type of application program to which the packets are to be passed at the receiving end, while at the receiving end, the TCP checks whether each packet has any error and reassembles the packets into the file. FIG. 2 shows a format of the TCP header. The IP at the sending end adds, to each packet, an IP address indicative of a destination of the data, while at the receiving end, the IP checks the IP address of the packet to determine whether the packet is addressed to the receiving end. FIG. 3 shows a format of the IP header. In the TCP/IP, the TCP and IP headers are added to each unit of data unit to be sent, to form each packet, and then the packet is transmitted over networks. User Datagram Protocol (UDP) is also utilized besides the TCP. FIG. 4 shows a format of the UDP header.
A router is used for controlling transmission of packets each having the headers added thereto over networks. The router stores a routing table therein, and checks the IP address of each packet transmitted from another node by referring to the routing table, to thereby determine the next destination or node of the packet and sends out the packet to the next destination.
In recent years, it is realized that resources of 32-bit IP addresses are becoming short, so that routers are often provided with a NAT (Network Address Translation) function, an IP masquerade function, and so forth, to compensate for the shortage of the IP addresses. The NAT function translates a private IP address used in a LAN (Local Area Network) into a global IP address, and then transmits each packet having the global address onto the Internet, or translates a global IP address of each packet received via the Internet into a private IP address, and then transmits the packet to a destination computer having the private IP address within the LAN. The NAT includes static NAT and dynamic NAT. According to the static NAT, a private IP address and a corresponding global IP address for translation therebetween are predetermined (preset), while according to the dynamic NAT, a private IP address of a node which starts communication is automatically set at the start of the communication as an address for translation into a global IP address.
The IP masquerade is used to perform not only translation of IP addresses but also translation of corresponding port numbers of the TCP/UDP protocols as upper-layer protocols functioning over the IP layer, thereby enabling a plurality of computers within the LAN to connect to a computer outside the network by using a single global IP address. The IP masquerade also includes static IP masquerade and dynamic IP masquerade (usually, the latter is simply referred to as xe2x80x9cthe IP masqueradexe2x80x9d). According to the static IP masquerade, a private IP address and a global IP address for translation therebetween, and port numbers for the respective private and global IP addresses, are preset, whereas according to the dynamic IP masquerade, a private IP address for translation and its port number are set automatically at the start of communication.
FIG. 1 shows the arrangement of a conventional router 100 of this kind. The router 100 is comprised of a routing system 101, a BRI (integrated services digital network (ISDN) Basic Rate Interface) controller 102 for performing physical control of data transmission between the routing system 101 and an ISDN line, and an Ethernet controller 103 for performing physical control of data transmission between the routing system 101 and a LAN.
The routing system 101 includes a CPU (central processing unit), a ROM (read only memory) storing various programs which are executed by the CPU, and a RAM (random access memory) for use in temporary storage of data. In FIG. 1, each block shows a function implemented by a corresponding program module. Reference numeral 104 indicates the function of IP routing for routing each packet to be transmitted. Reference numerals 105 and 106 designate interfaces for performing address translation and line connection by NAT or IP masquerade.
However, the above conventional router suffers from the following problems:
(1) The router 100 is designed exclusively for connection with the Internet, and hence the interfaces 105 and 106 are provided only for connection with the ISDN line, which makes it impossible to use the router 100 e.g. for transmission of data between two LAN systems constructed within an office.
(2) It is impossible to assign more than one function to each interface, which leads to drawbacks of incapability of application of both dynamic NAT and dynamic IP masquerade, a limited possible combination of private IP addresses and global IP addresses by static NAT, and incapability of complex network address translation.
It is an object of the present invention to provide a router which is so flexible that it permits setting a plurality of functions to each interface and can be adapted to transmission of data between LAN systems.
To attain the above object, the present invention provides a router that has an address translation capability of performing address translation between private addresses and global addresses, the router comprising:
a first storage block that stores data for translation, the data being set by a user;
a second storage block that stores information for applying the data stored in the first storage block to each interface, the information being set by the user;
a control block that generates translation management information for the each interface, based on the data stored in the first storage block and the information stored in the second storage block; and
a translation block that translates an address contained in each packet, based on the translation management information.
Preferably, the data stored in the first storage block comprises data of a first list that defines ranges of the global addresses, data of a second list that defines ranges of the private addresses, and data of a third list that defines correspondence between each of the global addresses and each of the private addresses.
Preferably, the second storage block stores a plurality of sets of the information each in association with the each interface.
More preferably the data stored in the first storage block further includes data of a fourth list defining corresponding between each of port numbers and each of the private addresses, and wherein the translation block carries out translation of a private address or a global address and a port number associated with the private address or the global address, the private address or the global address and the port number being contained in each packet.
Preferably, the translation management information generated by the control block includes a network address translation management table in which a plurality of global addresses and a plurality of private addresses correlated to part of the plurality of global addresses, respectively, are written in advance for use in static network address translation, and a private address is written in a manner correlated to one of the remainder of the plurality of global addresses at a start of communication via the router, for use in dynamic network address translation.
Preferably, the translation management information generated by the control block includes a masquerade management table in which a combination of a protocol, a private address, and a port number associated with the private address are written in advance, and a destination address, a destination port number, a global address, and a life are written in a manner correlated to the combination, at a start of communication via the router, for use in static IP masquerade. More preferably, a combination of a protocol, a private address, a port number associated with the private address, a destination address, a destination port number, a global address, and a life are written in the masquerade management table at a start of communication via the router, for use in dynamic IP masquerade.
The above and other objects, features, and advantages of the invention will become more apparent from the following detailed description taken in conjunction with the accompanying drawings.