Recently, opportunities to use various services and access contents through an information device with a wireless interface (communication device) such as a mobile phone have been increasing. However, the wireless network used for such opportunities intrinsically does not provide stable quality, and the bandwidth is generally narrow compared with a wired communication network. Therefore, currently such communication does not always operate seamlessly.
Under these circumstances, technologies to virtually increase bandwidth by using a plurality of peripheral wireless devices are being studied. For example, In one method, a plurality of routes via a plurality of terminals connected to a network by using Mobile IPv4 are bundled, and packets are distributed in each path and aggregated at a Home Agent (HA), thereby virtually increasing bandwidth.
However, this technology has a problem of packet header overhead because it requires IP tunneling by Mobile Internet Protocol (IP) up to the HA where packets are distributed and aggregated upstream in the public network, and further requires more IP tunneling to transfer the packets to another wireless terminal nearby.
More specifically, when a wireless terminal in a local network transmits a packet to a Correspondent Node (CN) in a remote network via a wireless terminal, there is a problem of superimposing encapsulation; that is, performing encapsulation for IP tunneling of Mobile IP and further performing encapsulation for IP tunneling to transfer packets from one wireless terminal to the other wireless terminal.
As Mobile IP itself does not provide sufficient security functions, for example, when trying to ensure security by using VPN (Virtual Private Network), encapsulation for IP (Internet Protocol) tunneling of VPN is further required, resulting in increase of packet overhead. This means, there is a trade-off relation between ensuring security and reducing overhead.
In order to solve these problems, the typical technology distributes and integrates routes by a VPN server. The basic operating principle will be explained by using an example of downstream route integration (CN→wireless terminal MN). In the following explanations, the name of an encapsulated packet gives “( )” to the numeric part (ex. encapsulated packet P1=packet P(1)).
FIG. 19 is an explanatory drawing illustrating an exemplary configuration of conventional integration of a plurality of routes. In FIG. 19, transmissions from CN (e.g., file server 102) to a wireless terminal MN2 are distributed through three routes via wireless terminal MN1 and MN3 and integrated. The wireless terminals MN1 to MN3 have two or more communication interfaces such as wireless LAN, PHS, PC, or 3G, and form a local network connected, for example, by a wireless ad-hoc LAN.
It is assumed that the file server 102 and a VPN server 101 are in a remote network, and the wireless terminals MN1 to MN3 can be connected to the VPN server 101. A VPN connection from Wireless terminals MN1 to MN3 to the file server 102 is applied by using a PHS (or PDC, 3G, etc.) network. When a VPN connection from the wireless terminal MN1 to MN3 to the file server 102 is applied, a packet transmission from the file server 102 to the wireless terminal MN2 is considered. The destination address of a packet 1900 transmitted from the file server 102 is a VPN address of the wireless terminal MN2.
The packet 1900 is encapsulated at the VPN server 101. The address is a global address assigned to PHS (global) interface of the wireless terminal MN2, and the packet 1900 is transmitted as packets 1900-(1) to 1900-(3). After that, the packets from 1900-(1) to 1900-(3) are decapsulated and a packet address which is a VPN address is received at the VPN virtual interfaces.
When transmitting packets 1900-(1) to 1900-(3) from the file server 102 to the wireless terminal MN2 via the wireless terminals MN1 and MN3, the destination address for encapsulating (the destination address after encapsulation) the packet 1900 transmitted from the file server 102 to the VPN server 101 are changed to global addresses of wireless terminals MN1, MN2, and MN3 respectively according to a specific rule.
The packets 1900-(1) to 1900-(3), the destination of which are changed to wireless terminal MN1, MN2, and MN3 respectively, are transmitted to the wireless terminals MN1, MN2, and MN3 respectively. The wireless terminals MN1, MN2, and MN3 decapsulate the packet respectively, and packets 1900-1 to 1900-3, destinations of which are VPN addresses of the wireless terminal MN2, are obtained.
At this time, setting routing of the wireless terminal MN1 and the wireless terminal MN3 to transfer packets to a wireless LAN interface of the wireless terminal MN2 when the address is a VPN address of the wireless terminal MN2, causes packets 1900-1 and 1900-3 to be directed to the VPN address of the wireless terminal MN2 which arrived at the wireless terminals MN1 and MN3 to be transferred to the wireless terminal MN2 via the wireless LAN.
Using this route integration system configured with the VPN server 101 and a plurality of VPN clients, integration of a plurality of routes for devices such as a laptop computer with wireless LAN without implementing any special application will be explained.
FIG. 20 shows an exemplary network configuration in which connection is made from a laptop computer in a local area network to a remote network by way of a wireless terminal serving as a gateway. When connection to the file server 102 is made from a laptop computer to the wireless terminal MN via the wireless terminal MN, the wireless terminal MN can be regarded as a gateway (GW) from the local area network which includes the laptop PC to the external network. Since a private address is used in the local network, Network Address Translation (NAT) function is required.
IP addresses of the same subnet should be assigned to the laptop computers, and a wireless terminal MN is set as a default gateway. Based on this environment, applying the conventional system for integrating routes is considered.
FIGS. 21 and 22 show an exemplary routing control when integration of a plurality of routes are applied to the configuration shown in FIG. 20. In FIGS. 21 and 22, packets are once integrated to the wireless terminal MN1 serving as a GW for the wireless terminal MN3, and then transferred to the wireless terminal MN3. First, an example of control for the upper stream shown in FIG. 21 (from the wireless terminal MN3 to the File server 102) will be explained.
In FIG. 21, the wireless terminal MN3 requests data transfer from the file server 102. The destination address Dst of a packet P1 transmitted from the wireless terminal MN3 is an address of the file server 102, and the source address Src is a local (private) address of the wireless terminal MN3.
When the packet P1 passes through the wireless terminal MN1, the source address of the packet P1 is translated to the VPN address of the wireless terminal MN1 by NAT and the packet P1 turns into a packet P2. The address translation rule at this time is stored in the wireless terminal MN1. Then the packet P2 is encapsulated at the wireless terminal MN 1. The VPN server 101 decapsulates the packet P (2). Then the packet P2 decapsulated from the packet P (2) ultimately arrives at the file server 102.
Now an example of control for downstream (from File server 102 to Laptop PC) operation shown in FIG. 22 will be explained. The destination address of a packet P3 transferred from the file server 102 by return is the VPN address of the wireless terminal MN1. The packet P3 is encapsulated at the VPN server 101 so that the address after encapsulation includes the global addresses of either the wireless terminals MN1 or MN2. The encapsulated packets are P (3-1), and P (3-2) respectively. The Packets P (3-1) and P (3-2) are transferred from the VPN server 101 to the wireless terminal MN1 and MN2 respectively.
The packet P (3-1) at the wireless terminal MN1 is decapsulated at the wireless terminal MN1, and a packet P3-1 is obtained. The packet P (3-2) at the wireless terminal MN2 is decapsulated. The decapsulated packet P3-2 is transferred to the wireless terminal MN1 according to a predetermined routing setting. The packets P3-1 and P3-2 are addressed to the VPN address of the wireless terminal MN1, and after arrival at the wireless terminal MN1, are transferred to the wireless terminal MN3 as a packet P4, after translating the source address Src of the packet P3-1, and P3-2 into the address of the wireless terminal MN3 according to the stored address translation rule.
However, each of the packets P (3-1) and P (3-2) are transferred to the wireless terminal MN3 always by way of the wireless terminal MN1 in order to apply address translation according to the address translation rule. Therefore, the load to the wireless terminal MN1 increases and causes delay in each process in the wireless terminal 1 and increases power consumption as well.
This typical technology uses a wireless LAN network for 1 hop more compared with transferring packets directly from the wireless terminal MN2 to the wireless terminal MN3, and this redundant transfer may reduce End-to-end throughput if terminals using the same channel increase.
Although it is desirable to transfer packets directly from the wireless terminal MN2 to the wireless terminal MN3 to prevent this problem, passing through the wireless terminal MN1 is required in the current method because the destination addresses Dst of packet P3-1 and P3-2 after decapsulation are the VPN address of the wireless terminal MN1.