1. Field of the Invention
Conventionally, the Internet was configured by wired networks typified by Ethernet. In recent years, however, networks configuring the Internet have been diversified, and an IP network using a cellular phone, a PHS, a wireless packet device, etc. has been widely used. To effectively use a given bandwidth in the Internet including wireless networks, an IP router with which an efficient transmission rate can be obtained in a connection between hosts in the case where networks having different natures such as wired and wireless are linked.
The present invention relates to an IP router device having a function for linking different networks and for terminating a TCP connection relaying IP packets between networks in a computer network based on the Internet Protocol (IP).
2. Description of the Related Art
In a wired network, an IP packet loss or delay occurs mainly due to a congestion within an IP router which links networks. In the meantime, in a wireless network, data that is modulated into radio waves in the physical layer is not properly transmitted by being influenced by a state change caused by radio wave attenuation, interference, blocking by an object, etc. so that an IP packet loss or delay occurs.
Currently, the protocol called TCP (Transmission Control Protocol) is used as a standard for making a reliable data transmission in the Internet.
However, as to TCP, it is known that a congestion occurring within a wired network is recognized as a main cause of a packet loss/delay, and an efficient transmission rate cannot be obtained in a wireless network unless the parameters and algorithms for controlling TCP are optimized for a wireless network.
Considered as a solution to the above described problem is an application gateway which uses control parameters and algorithms, which are respectively suitable for TCP connections, by once terminating TCP connections in the TCP layer and by establishing respective TCP connections for networks of different natures, and provides an efficient transmission rate.
Configuration of a conventional IP router device and that of a conventional TCP terminating device are respectively shown in FIGS. 1 and 2. The IP router device shown in FIG. 1 comprises network drivers 11a and 11b, IP stacks 12a and 12b, and an IP forwarding 16. The IP router passes IP packets between networks as shown in FIG. 1. The header configuration of an IP packet, that of a TCP packet, and that of an ICMP packet are respectively shown in FIGS. 3, 4, and 5.
In the header of the IP packet, src-IP (SOURCE IP ADDRESS) indicating the IP address of a transmission source, and dst-IP (DESTINATION IP ADDRESS) indicating the IP address of a connection destination are described as shown in FIG. 3. In the header of the TCP packet, src-port number (SOURCE PORT) indicating the port number of a transmission source, and dst-port number (DESTINATION PORT) indicating the port number of a connection destination are described as shown in FIG. 4. In the header of the ICMP packet, TYPE (type) and an IP header and first 64 bits of a datagram are described.
The flow of the process for inputting an IP packet, which is performed by the IP stacks 12a and 12b of the above described conventional IP router device, is shown in FIG. 6, whereas the flow of the process for outputting an IP packet, which is performed by the IP stacks 12a and 12b of the IP router device, is shown in FIG. 7. In the input process, the IP stack determines whether or not the dst-IP address of an IP packet is addressed to its local host as shown in FIG. 6. If the IP stack determines that the IP packet is addressed to the local host, it passes the packet to a TCP/UDP stack of its local host. If the IP stack determines that the IP packet is not addressed to the local host, it passes the packet to the output process via the IP forwarding.
Additionally, in the output process, the IP stack searches a routing table with the dst-IP address or its subnetwork, and passes the IP packet to a network driver according to the routing table, as shown in FIG. 7.
Since the IP router device only passes an IP packet between networks as described above, fundamentally, an end host is unconscious of the existence of the router. It is possible to make an IP packet uniquely reach between arbitrary hosts via this router device, and there is no change in the information of the src-IP address and the dst-IP address within the header of the IP packet. Additionally, even if a change occurs in the configuration of a router or the number of routers on an end-to-end path, there is no influence.
Namely, one of the natures of the Internet is that each host has a globally unique IP address, a communication can be made from the host to an arbitrary host, and a communication can be made from the arbitrary host to the corresponding host. This nature is called xe2x80x9cend-to-end global connectivity guaranteexe2x80x9d.
In the meantime, the conventional TCP terminating device (application gateway) is composed of network drivers 11a and 11b, IP stacks 12a and 12b, TCP stacks 13a and 13b, a stream transferring unit 14, and a database 20 for holding connection information.
The flowchart of the stream transfer function of the conventional TCP terminating device (application gateway) is shown in FIG. 8. As shown in this figure, the stream transfer function waits for the link of a TCP connection as a server socket (step S1), and establishes a TCP connection with a client (step S2). Then, the stream transfer function obtains the IP address and the port number of the connection destination from the data within a stream (step S3), and establishes a TCP connection at the connection destination as a client socket (step S4).
Then, the stream transfer function determines whether or not the stream continues (step S5). If the stream does not continue, the process is terminated. If the stream continues, the stream transfer function reads data the amount of which is equal to or smaller than a predetermined amount from the stream from the client (step S6), and writes the data to the stream to the server (step S7).
The above described TCP terminating device (application gateway) has a problem such that the global connectivity guarantee cannot be made for the following reasons.
(a) Many protocol-dependent application gateways make TCP termination only for a particular protocol. Therefore, an IP packet or a TCP stream does not flow with an unsupported application.
(b) Since a gateway that does not store end-to-end information makes TCP termination, the host of the gateway is misidentified as an end host as opposed to a partner end host. Namely, the end hosts cannot identify their counterparts mutually.
One of the important things to implement the TCP terminating device (application gateway) is that the information of a connection destination must be notified from a client host by some means or another.
As a specific example, http handling web data supports a communication via an application gateway referred to as a proxy. With http, the information of the IP address or the port number of a connection destination can be written.
However, since such a method is not supported by all of application protocols, it can be said that service scalability is significantly low.
In the meantime, there is a method using software (middleware) for a client host, which operates in coordination with an application gateway.
This software is intended to direct all TCP connections toward an application gateway, and, therefore, its service scalability is significantly improved in comparison with a normal proxy.
However, this software cannot cope with a protocol to be described below, according to which a connection is established in two stages, and a second connection is established in a reverse direction of a first connection.
Taken as a specific example is the use of a data transfer application ftp by an application gateway.
First of all, it is possible to establish a control session from a client to a server. However, attempts are unsuccessfully made to establish a data session, which makes a data transfer, from the server to the client. The reason why the first control session is established is that a stream flows in the direction from the client to the server.
However, the end host viewed from the server of the control session is a gateway. Although the server attempts to establish the data session toward the gateway, it fails in the attempts to establish the data session. This is because the gateway is not passive-open.
As far as ftp is concerned, this problem can be avoided by using the passive mode of the client software. However, other protocols that establish a connection in two stages exist, and service scalability is still problematic if a possible future increase in such protocols is considered.
As described above, reachability of an IP packet or a stream has a problem in an end-to-end connection on which a conventional TCP terminating device is arranged, and the end-to-end connectivity guarantee cannot be made.
A summary of one of the problems of the conventional TCP terminating device, that is, non-storage of end-to-end information, is shown in FIGS. 10A and 10B.
As shown in FIG. 10A, no change occurs in the information of the IP address and the port number within the IP packet header even if the packet passes through a normal IP router, as shown in FIG. 10A.
However, if an IP packet passes through the conventional TCP terminating device (actually, after the IP packet is once reconfigured into a stream, it is reassembled to a packet). As shown in FIG. 10B, the IP address and the port number of the IP packet replace the IP address and the port number of a gateway as a new end host.
Currently, many application gateways and NAT routers which perform the conversion between a private address and a global address provide, in order to avoid such a problem, the mechanism for respectively coping with each application protocol and for transmitting a TCP or a UDP packet from a server to a original client.
However, also with other application protocols, not a few cases exist in which the IP address of a client is obtained from the first session, and a TCP connection is established from a server to the client or a UDP packet is transmitted based on the obtained information. Furthermore, because the above described mechanism has a problem such that some measures must be taken each time a new application or protocol appears, it can be said that this mechanism is lack of service scalability.
The present invention was developed in the above described background, and aims at implementing an IP router device having a function for terminating a TCP connection which guarantees global connectivity important as one nature of the Internet while adopting the mechanism for terminating a TCP connection in order to make an efficient transmission in a TCP connection.
A router device according to the present invention is a router device having a function for linking a plurality of different IP networks and terminating a TCP connection. This router device comprises: a first converting unit rewriting part of the IP address information and the port number information within a plurality of IP packets according to a predetermined rule when the plurality of IP packets to be relayed, which form a TCP connection, pass through the router device; and a unit extracting information indicating an original connection destination of the TCP connection, generating a TCP connection from the router to the connection destination, and linking the two TCP connections with streams, and a second converting unit rewriting part of the IP address information and the port number information within the plurality of IP packets forming the TCP connection according to a predetermined rule for a TCP connection from the router to the connection destination, wherein the first and the second converting units handle the above described two TCP connections as a pair, assigns a unique identification number to the TCP connection pair, and manages the two TCP connections according to the unique identification number stored in the database.
According to the present invention, an IP router device guaranteeing the global connectivity which is important as one nature of the Internet while adopting the mechanism for terminating a TCP connection is realized to make an efficient transmission in the TCP connection straddling networks of different natures.