1. Field of the Invention
The present invention relates generally to an intranet gateway, and particularly to a virtual IP gate and the networking system constructed with the same, for connecting a legitimate internet with a plurality of virtual internets. In this networking system, various internets can repeatedly use the internet addresses within the same range, thus, the limited internet addresses can be further expanded.
2. Description of the Related Art
The rapid growth in Internet has obviously depleted the available IP addresses as specified in IPv4 protocol. Consequently, IP addresses of the so-called IPv6 protocol are proposed to expand the length of current IP addresses from 32 bits to 128 bits, so that the capacity of current IP addresses will be greatly increased and the insufficiency of IP addressing be resolved.
However, such a proposition has encountered complication in reality. Since most Internet devices currently used are based on the framework specified in IPv4 protocol and will need to be replaced once IP addresses of IPv4 are changed. This proposition will result in inestimable expenses and restrict the promotion of IP addressing and their developments.
Therefore, a principal object of the present invention is to provide a virtual IP gate, which can operate in the existing IP protocol, reuse the IP addresses in a specific range of IPv4 and further expand available IP address dimensions to resolve the insufficiency of IP addressing.
To achieve the aforementioned object, the present invention provides a virtual IP gate, which is interposed between a legitimate internet and a virtual internet, wherein the virtual internet addresses are selected from a specific range of the legitimate internet addresses. Moreover, the virtual IP gate comprises at least a connection module, a selection module and an address conversion module.
Therein, the connection module establishes a connection with the virtual internet using at least a virtual internet address in the specified range of the legitimate internet addresses and a connection with the legitimate internet using at least an internet address not in the specified range of the legitimate internet addresses.
The selection module corresponds to a selected port number, whereby the selected port number normally represents a specific application, such as the selected port number of Telnet being 23 and the selected port number of FTP being 21; the selection module receives a delivery packet from a processing module of the legitimate internet to the virtual internet when establishing the connection (including connection-oriented and connectionless connections). The &lt;source address: source port number&gt; and &lt;destination address: destination port number&gt; of the delivery packet are &lt;processing internet address: processing port number&gt; of the processing module and &lt;virtual internet address: the selected port number&gt; of the selection module. (Please note: the name server system will respond to the processing module that the virtual internet address of the selection module is the virtual internet address of the virtual IP gate.) Moreover, the selection module can be used to open a window or a list enlisting all console names or connections indices of the virtual internet when the connection is first established, and acquire a virtual internet address of a destination console in the virtual internet for transferring the delivery packet to the destination console. The selection module can process both connection-oriented and connectionless connections. In the case of connection-oriented connection, when the selection module needs to recycle system resources, it can initiate system resources recycling after determining whether it receives a control packet indicating the end of the connection or receives no delivery in a specified time frame. In the case of connectionless connection, the selection will initiate system resources recycling after receiving no delivery in a specified time frame since no control packet indicating the end of the connection will be received.
And an address conversion module, corresponding to an address conversion port number, is for receiving a transmission packet from a first processing module of the virtual internet to a second processing module of the legitimate internet, wherein the &lt;source address: source port number&gt; and &lt;destination address: destination port number&gt; of the transmission packet are &lt;first processing virtual internet address: first processing port number&gt; of the first processing module and &lt;second processing internet address: second processing port number&gt; of the second processing module.
The address conversion module is for recording the &lt;first processing virtual internet address: first processing port number&gt; of the first processing module and taking &lt;internet address of virtual IP gate: address conversion port number&gt; of the address conversion module and &lt;second processing internet address: second processing port number&gt; of the second processing module as the &lt;source address: source port number&gt; and &lt;destination address: destination port number&gt; of the transmission packet for forwarding the transmission packet to the second processing module.
The address conversion module is also for receiving a response packet from the second processing module to the first processing module, wherein the &lt;source address: source port number&gt; and &lt;destination address: destination port number&gt; of the response packet are &lt;second processing internet address: second processing port number&gt; of the second processing module and &lt;internet address of virtual IP gate: address conversion port number&gt; of the address conversion module, the address conversion module replaces &lt;internet address of virtual IP gate: address conversion port number&gt; with &lt;first processing internet address: first processing port number&gt; of the first processing module recorded in the address conversion module as the &lt;destination address: destination port number&gt; of the response packet, whereas &lt;source address: source port number&gt; of the responses packet remain unchanged, for transmitting the response packet back to the first processing module.
Furthermore, the above address conversion module can be used for receiving a second transmission packet from a third processing module of the legitimate internet to a fourth processing module of the virtual internet, wherein the &lt;source address: source port number&gt; and &lt;destination address: destination port number&gt; of the second transmission packet are &lt;third processing internet address: third processing number&gt; of the third processing module and &lt;fourth processing internet address: fourth processing port number&gt; of the fourth processing module. (Please note: the name server system will respond to the third processing module, the fourth processing internet address is the internet address of the virtual IP gate.)
When the second transmission packet is transmitted to the virtual IP gate, the selection module is then activated in response to the third processing module to notify the third processing module of all console names or connection indices on the virtual internet, including the console name of the fourth processing module. The third processing module then convert the console name of the fourth processing module into virtual internet address of the fourth processing module based on the name selection signal of the fourth processing module provided by the third processing module, and reactivate the address conversion module after being inquired by the virtual IP gate.
The address conversion module records the connection relationship between &lt;third processing internet address: third processing port number&gt; of the third processing module and &lt;virtual internet address of virtual IP gate: fourth processing port number&gt;, and takes &lt;virtual internet address of virtual IP gate: address conversion port number&gt; of the address conversion module and &lt;fourth processing virtual internet address: fourth processing port number&gt; of the fourth processing module as the &lt;source address: source port number&gt; and &lt;destination address: destination port number&gt; of the second transmission packet, so as to transmit the second transmission packet to the fourth processing module of the virtual internet.
And the address conversion module is used for receiving a second response packet transmitted from the fourth processing module to the third processing module, wherein the &lt;source address: source port number&gt; and &lt;destination address: destination port number&gt; of the second response packet are &lt;fourth processing virtual internet address: fourth processing port number&gt; of the fourth processing module and &lt;virtual internet address of virtual IP gate: address conversion port number&gt; of the address conversion module, the address conversion module replaces &lt;source address: source port number&gt; with &lt;destination address: destination port number&gt; based on the recorded corresponding relationship, take &lt;internet address of virtual IP gate: fourth processing port number&gt; and &lt;third processing internet address: third processing port number&gt; of the third processing module as the &lt;source address: source port number&gt; and &lt;destination address: destination port address&gt; of the second response packet, and transmits the second response packet back to the third processing module of the legitimate internet.
Moreover, in the virtual IP gate of this invention, the source console corresponding to the transmission packet may also comprise a name recording module for recording destination console names when the connection is initiated.
And the virtual IP gate further comprises an automatic connection module for inquiring the source console when the delivery packet is received for the first time and for acquiring the destination console name of the delivery packet. The destination console name is recorded in the name recording module of the aforementioned source console. The virtual IP gate, upon receiving the destination console name, then transfers the delivery packet to the destination console on the virtual internet based on the virtual internet address it has acquired from the destination console name.
Furthermore, in the virtual IP gate of this invention, a legitimate internet comprises a name server module for recording part of legitimate console names and their corresponding legitimate internet addresses and for assigning the internet address corresponding to each console name on the virtual internet as legitimate internet address of the virtual IP gate, and further check for insufficiency through the name server system on the internet upon inquiring about the corresponding internet address according to console name.
Moreover, the networking framework constructed with the aforementioned virtual IP gate may be connected to a legitimate internet and a plurality of virtual internets by virtue of a plurality of IP gates, and hence the virtual internets may extend the limitation of internet addresses by using the legitimate internet addresses within the same range.