1. Field of the Invention
The present invention relates to a technique virtually grouping an arbitrary host connected by a communication network and providing a private network.
2. Description of the Related Art
Recent years have been witnessing transitions of networks to Internet Protocol (IP) networks. Recent IP networks also enable a connection of a host in addition to a personal computer (abbreviated as “PC” hereinafter). Here, a host other than a PC generally means equipment such as home electric appliances enabled for an IP communication.
A host connected to an IP network has predominantly been a highly-functional PC in the past; home electric appliances compatible with the IP (noted as “IP compatible home electric appliance” hereinafter) are now beginning to be connected. Therefore, the usage aspects of the IP network extend now to a control of an IP compatible home electric appliance and an exchange of contents between the IP compatible home electric appliances. This in turn increases the number and kind of equipment (noted as “host” hereinafter) capable of performing an IP communication. A low-functional host, which has not conventionally been connected, is also beginning to be connected now.
As the number of hosts connected to the IP network thusly increases, arisen is a necessity of an easy host management by grouping the hosts. Increase of low-functional hosts, which are connected IP network, brings about a necessity of accomplishing an inter-group communication by a simple method with a less load on the hosts.
This makes one consider a method for building up a grouping by means of a virtual private network (VPN) to accomplish a communication between the hosts. What is set up in this case is a tunnel connection or such which considers a security between networks setting up a VPN. Here, the tunnel connection means, supposing there is a connection structure of a PC1 to a GW1 to a GW2 to a PC2, a tunnel connection between the GW1 and GW2 in the case of structuring a VPN between the PC1 and PC2. Note that the PC1 and PC2 are personal computers, and the GW1 and GW2 are gateways. In the thusly tunnel-connected network, a temporary IP address is assigned to each host. And communication between the hosts is accomplished by an IP routing processing using the temporary IP address.
The present applicant of the present invention has filed, through a PCT application, an invention (i.e., a first conventional invention) related to an intra-group communication (i.e., an inter-group member communication) in which hosts (i.e., group members) belonging to the same group carry out a closed IP packet communication within a group (refer to a patent document 1). Also filed with the Japan Patent Office is an invention (i.e., a second conventional invention) related to a packet relay apparatus capable of transferring a function, which a GW building up a virtual closed network transfers a broadcast/multicast-use packet within the virtual closed network, by a virtual multicast address/virtual broadcast address which is closed between the GWs, as an invention further progressed from the above described invention (refer to a patent document 2). Also filed with the Japan Patent Office is an invention (i.e., a third conventional invention) related to a method for improving packet transfer efficiency between GWs by adding a unique header to an IP packet in a communication between the GWs which are tunnel-connected, and for a client side to add a unique header to the IP packet by extending the tunnel connection to a section between the GW and client (refer to a patent document 3). A method according to the third conventional invention is configured to carry out a communication between the GWs through a tunnel connection, thereby enabling a direct communication between the GWs. Because of this, it is configured to transfer by applying the process for converting an address part of an IP header into a serial number, group number (i.e., an inter-GW header) or such, or for adding the serial number, group number or such to the IP header, so as to enable an efficient packet transfer between the GWs without using an IP address. Furthermore, a client is enabled to process the inter-GW header so that the client can establish a tunnel connection to the GW.
Patent document 1: WO 2005/027438 A1
Patent document 2: PCT/JP 2005/003788
Patent document 3: PCT/JP 2006/305840
Non-patent document 1: RFC 1631
Non-patent document 2: RFC 23911
However, the already-filed conventional inventions described above are faced with the problems as shown in the following paragraphs 1) and 2).
1) In a communication between clients (i.e., terminals) and between GWs which are close to each other, respectively, in terms of network, an extraneous packet transfer occurs depending on a path of a tunnel connection; and
2) Recently, a single client (i.e., a terminal) comprises various communication means such as a wired line/wireless for an IP communication with a capability of selecting communication means to be used from among the plurality thereof when the client carrying out an IP communication. However, the client is not seamlessly enabled the plurality of communication means to switch over in the midst of an IP communication.
Referring to the accompanying drawing explains the specific of the problem of the above paragraph 1).
FIG. 1 shows an example of a system that has grouped hosts in an IP network (i.e., a network system).
The IP network shown in FIG. 1 comprises a home network 3000, a parents' home network 4000 and a network at a business trip destination (which is named as “away-office network” hereinafter) 5000, as local networks. The home network 3000 is constituted by a gateway GW-A (abbreviated as GW-A hereinafter), a PC-A (which is a desktop PC) and a Note-C (which is a laptop PC) that are connected to the GW-A.
The parents' home network 4000 is constituted by a gateway GW-B (abbreviated as GW-B hereinafter) and a PC-B (which is a desktop PC) connected to the GW-B. The away-office network 5000 comprises a gateway GW-C (abbreviated as GW-C hereinafter).
Here, each of the GW-A and GW-B is a packet relay apparatus capable of processing an IP packet attached with an inter-GW header disclosed in the patent document 3. Meanwhile, the GW-C is a packet relay apparatus capable of processing only a common IP packet not attached with the inter-GW header. The Note-C is a client (i.e., a terminal) capable of processing an IP packet attached by an inter-GW header disclosed as the fifth embodiment of the patent document 3.
The GW-A and GW-B are mutually connected with a communication line by way of a CE 6001. And the GW-C is connected to the CE 6001 by way of the Internet 7000. The CE 6001 is connected to the Internet 7000 by way of a PE 6011. The GW-C is connected to the Internet 7000 by way of the PE 6012 and PE 6013. The GW-A and GW-B are tunnel-connected together by the IP packet attached with the inter-GW header, and a tunnel 8000 is set between the two.
In the IP network configured as described above, the PC-A and Note-C under the control of the GW-A within the network 3000, and the PC-B under the control of the GW-B with the network 4000 are managed so as to belong to a group 1 (Group1) by the GW-A and GW-B. A packet communication is enabled for the section between the GW-A and GW-B in a unicast, multicast and broadcast by utilizing the tunnel 8000.
Here, the CE 6001 is for example a Customer Edge (CE) device which is a piece of equipment to be terminated and which is an exit for connecting to a Multiprotocol Label Switching (MPLS) backbone of an Internet Service Provider (ISP)/carrier from an end user network in an MPLS-VPN (Virtual Private Network) and such. Also, the PE 6011, PE 6012 and PE 6013 are provider edge (PE) devices that are pieces of equipment placed at the endmost part connecting to the end user network in an MPLS network within an ISP/carrier.
FIG. 2 is a diagram showing the state of the Note-C having moved from the own home network system 3000 to the away-office network 5000 in an IP network. In the case of the Note-C thusly moving to another network within the IP network, the Note-C establishes a tunnel 8001 with the GW-A as an initial connection by utilizing the GW-C (and the tunnel 8001 is set up between the GW-A and Note-C in this event). In the case of the Note-C transferring a packet to the GW-B, the GW-A establishes a packet transfer process for the period between the Note-C and GW-B by utilizing the tunnels 8000 and 8001. In this event, when the PC-B within the network 4000 transfers a file to the Note-C within the network 5000 by File Transfer Protocol (FTP), the packet is transmitted from the PC-B to the Note-C by way of the GW-B, CE 6001, GW-A, CE 6001, PE 6011, PE 6013, PE 6012 and GW-C as indicated by the dotted line in FIG. 2.
In this case, an extraneous packet transfer occurs (i.e., an unnecessary packet path 9001 is formed) between the GW-A and CE 6001, because the packet goes back and forth between the GW-A and CE 6001. A load is levied also on the GW-B for a packet transfer process.
As described above, the packet relay apparatus (i.e., a GW) and terminal apparatus (i.e., a client) according to the invention disclosed by the patent document 3 have been faced with the problem of an extraneous packet transfer occurring by a connection path of a tunnel in a communication between a pair of clients or GWs which are close to each other in terms of a network.
Also, the GW and client according to the invention disclosed by the patent document 3 are not capable of managing a main route and sub-route, and therefore unable to switch over between the main route and sub-route, thus incapable of optimizing a tunnel connection path between the GWs or between the client and GW.