(1) Field of the Invention
The present invention relates to a packet forwarding system and, more particularly, to a packet forwarding apparatus and system forming a layer 2 network and to a packet forwarding method.
(2) Description of Related Art
Nowadays, an authentication-based Internet connection service using high-speed access lines, such as Asymmetric Digital Subscriber Line (ADSL), Fiber to The Home (FTTH), and wireless Local Area Network (LAN) has come into popular use and a communication environment enabling efficient transfer of a large volume of content data to user terminals is being developed. Each user terminal is connected via a high-speed access line to a Broadband Access Server (BAS) located as a high-speed access network termination node in a transit network which is operated by an Internet Service Provider (ISP) or a communications company.
The BAS terminates communication protocols such as a Point to Point Protocol over Ethernet (PPPoE) and a Point to Point Protocol (PPP) for establishing a connection between terminals and sends an authentication request for a terminal user to an authentication server such as a Remote Authentication Dial-In User Service (RADIUS) server. Upon receiving successful user authentication result from the RADIUS, the BAS notifies the user terminal of information for layer 3 network connection, such as an IP address. By applying the connection information (the IP address) notified from the BAS to transmission packets, the user terminal becomes able to perform layer 3 packet transmission over the Internet. In this way, an authentication based high-speed Internet connection service is carried out.
In such high-speed remote access service, however, the transit network imposes restrictions on the layer 3 packet forwarding service and the service provider is not always able to provide a communication service desired by users. For example, in a case where a user wishes to perform communication by the latest Internet Protocol Version 6 (IPv6) or a special protocol for a general purpose computers if a layer 3 network forming the transit network cannot support such protocol, the user cannot use the desired communication protocol. When the PPPoE is used, for example, the PPPoE header restricts transmission packet length. In some situation, a forwarding packet has to be fragmented when the BAS encapsulates the packet with the PPPoE header and this may result in a decrease in data transfer efficiency.
Meanwhile, because a protocol-free layer 2 network is free of such a problem as discussed above, a new authentication and connection service is being launched to connect above-mentioned high-speed access lines to a transit network comprising of an Ethernet network via a layer 2 packet forwarding node (hereinafter referred to as L2GW). In the authentication and connection service at the layer 2 level, each user terminal sends a user authentication request to the L2GW, using a communication protocol according to an IEEE (the Institute of Electrical and Electronic Engineers) 802.1X. When succeeded in user authentication, layer 2 network connection and layer 2 packet forwarding can be carried out between the user terminal and the Ethernet network as the transit network.
Japanese Published Unexamined Patent Application No. 2003-224577 proposes a packet (Ethernet frame) relay node for connecting each user terminal to the Internet based on a general Ethernet protocol, wherein an ISP performs user authentication according to IEEE 802.1X protocol and delivers an Internet Protocol (IP) address to an authenticated user terminal, using, e.g., a Dynamic Host Configuration Protocol (DHCP) or an Internet Protocol Control Protocol (IPCP).
The layer 3 network connection service now in use applies the PPPoE protocol to connection control between a BAS and each user terminal. In this case, it is possible to take redundant BAS configuration and load distribution by locating multiple BASs in the same layer 3 network. In the case of PPPoE, each user can specify a BAS to which a PPPoE session should be connected, by designating a service name the user desired in a service name field of a PPPoE Active Discovery Initiation (PADI) packet that is initially transmitted from the user terminal. However, when the PPPoE protocol is applied to set up a connection between a user terminal and a BAS (ISP network), a PPPoE header must be attached to each communication packet transmitted in an IP forwarding phase. This poses a problem of decreasing the efficiency of data transmission across the access network and transit network.
On the other hand, in the case of the layer 2 connection service using IEEE 802.1X, as descried in Japanese Published Unexamined Patent Application No. 2003-224577, since the connection between each user terminal and a frame relay node is fixed in a one-to-one static relation, it is difficult to adopt a redundant configuration in L2GW function by using a plurality of L2GWs in order to distribute L2GW load. Accordingly, each user cannot specify a server to be connected with the user terminal by designating a service name in the manner using PPPoE.