1. Field of the Invention
The present invention relates to a relay device and a server which relays a data packet, and particularly to a relay device capable of performing dynamic port forward setting and a setting method thereof.
2. Description of the Related Art
In order to always perform a connection to a wide area network such as an internet, the spread of a CATV has become serious and the spread of a broad band router has also become remarkable. However, the absolute number of global IP addresses (hereinafter referred to as external IP addresses) is insufficient in an existing IP protocol IPv4. For this reason, a countermeasure is taken against the shortage of the external IP address by using an NAT (Network Address Translation) function and a port forwarding function (a static IP masquerade).
The NAT function serves to convert a local IP address (an internal IP address which will be hereinafter referred to as an IP address) into an external IP address on the WAN side of a router when access is given from a CP on an LAN side to an internet. Consequently, the CP on the LAN side can give access to the internet by using the external IP address of the router.
On the other hand, the port forwarding function serves to transfer a packet directed to the external IP address and external port number of the router to a corresponding internal IP address and port number by using a preset port mapping table. Consequently, access can be given from the internet to a specific CP on the LAN side. More specifically, a conversion table (a port mapping table) for a port number and an IP address is first preset to the router, and the external IP address and external port number of the router is designated when access is given from the internet. The router accepting the access converts the external IP address into the IP address in accordance with the preset port mapping table. By the conversion, access can be given to the CP in the LAN having the IP address.
By the port forwarding function and the NAT function, a conventional router relieves the exhaustion of the external IP address and connects a plurality of user CPs in a LAN to an internet. However, a user is to obtain the port number of the CP and to manually perform setting and changes.
However, the manual setting is troublesome, and furthermore, is insufficient in respect of the practical utilization of a port. For this reason, there was created a standard for dynamically performing port forward setting (port mapping) by a UPnP forum (see a UPnP standard, internet <URL: http://www.upnp.org/standardizeddcps/default.asp>). In the setting of the standard, an external port is designated from a terminal to be a follower to a router to give a request for port forward setting and the router performs a registration if possible and the terminal sends a request again if impossible, and this is repeated until a determination is performed.
Specific description will be given to dynamic port forward setting to be executed based on a UPnP standard to be performed when an apparatus (a Control Point which will be hereinafter referred to as a CP) such as a computer device to a router to which an external IP address “60. 50. 40. 3” is assigned.
First of all, when the CP is connected to the router, it transmits a DHCP discovery packet and a DHCP server assigns an unused IP address “192. 168. 0. 1” to the CP. Subsequently, the CP transmits a router discovery packet and the router responds thereto. Upon receipt of the response, the CP transmits a port forward setting request specifying an external port number so that the router assigns the external port number to a port mapping table and responds thereto. The IP address and the port number of a CP to be a request source and the external port number of the router are designated for the port forward setting request. For example, when a port forward setting request specifying the IP address “192. 168. 0. 1” of the CP, a port number “80” of the CP and a router external port number “8081” is given from the CP, a port mapping table relating the IP address “192. 168. 0. 1” and the port number “80” of the CP to the router external port number “8081” is generated and stored by the router.
When the port mapping table is thus generated automatically and access is then given with “http//:60. 50. 40. 3 : 8081” from the client terminal of an external IP address “232. 0. 0. 2” connected to an internet, the router performs port forwarding over the packet to “http//:192. 168. 0. 1 : 80” in accordance with the port mapping table generated dynamically.
As described above, the dynamic port forwarding setting function of the UPnP standard of the conventional router sends a request for the port forward setting from the CP to be the follower to the router, and the router performs a registration if possible, and the terminal sends a request again if impossible. This operation is repeated until a determination is performed.
However, the CP can set the port forward to only the router in a subnet. In the case in which another router is required for the connection to the internet, it does not know the presence of the CP. After all, it is impossible to ensure a router to which access is given from the WAN side.
FIG. 26 is an explanatory view in which a conventional router having a UPnP standard is provided between an internet and a CP in two stages.
In FIG. 26, an upper router 102 has a WAN side I/F portion (not shown) to be connected to a WAN (an internet 101) for a communication through TCP/IP and a LAN side I/F portion (not shown) connectable to a LAN, and can dynamically perform port forward setting in accordance with a UPnP standard. Similarly, a lower router 103 has the WAN side I/F portion (which is connected to the LAN side I/F portion of the upper router 102) to be connected to the WAN for the communication through the TCP/IP and the LAN side I/F portion connectable to the LAN, and can dynamically perform the port forward setting in accordance with the UPnP standard.
The LAN side I/F portion of the lower router 103 is connected to a CP 104 such as a computer device. Accordingly, the internet 101 is connected to the CP 104 through a router having two stages which is constituted by the upper router 102 and the lower router 103.
A computer terminal 105 mounting a browser function is connected to the internet 101.
In case of a conventional UPnP standard compatible router connected in two stages, there is the drawback in routing. More specifically, the CP 104 connected to the router 103 can retrieve only the router 103 present on the same network. Accordingly, the CP 104 can perform the port forward setting for only the router 103 and cannot perform the port forward setting for the upper router 102. For the same reason, the CP 104 can acquire the outer IP address of the router 103 and cannot know the outer IP address of the router 102. When the computer 105 provided on the internet is to be connected to a web server operated on the CP 104 connected to the LAN side of the router 103, accordingly, the connection cannot be performed because the port of the upper router 102 is not opened. In the case in which a P2P communication is to be performed, moreover, the CP 104 can transfer the IP address of the CP 104 or the IP address of the router 103 to a communication partner. These two addresses are private IP addresses. For this reason, it is impossible to establish a communication session from the communication partner.
As the same kind of problems, conventionally, some relay devices for relaying a communication packet between a first network and a second network, for example, a router are caused to have a DHCP function and dynamically assign an IP address to a terminal to be a follower (the second network side).
In such relay devices, a user is to set an address range to be assigned to the terminal to be the follower by a manual operation, and a heavy burden is imposed on a user having no expertise.
Therefore, it can be proposed that an address range to be dynamically assigned to the relay device is preset. However, there is a possibility that the first network and the set address range might be coincident or overlap with each other. In some cases in which the address ranges of the first network and the second network are coincident or overlap with each other, access cannot be given from the terminal to be the follower to the first network. For example, in the case in which the first network and the second network have the same address “192. 168. 2. 1” respectively, a transmission to the second network side is simply performed and a transfer to the first network is not performed even if access is to be given from the second network side to a first network side apparatus “192. 168. 2. 1”.
By assigning a non-overlapping address range is assigned from an upper relay device on the first network side, moreover, it is possible to avoid such a problem (see JP-A-2002-290437, for example). In the case in which there is no upper relay device for assigning an address range for a DHCP to the relay device, the problem cannot be solved.
As described above, in the case in which the addresses overlap with each other at the first network side and the second network side, there is a problem in that the routing of a packet between the networks cannot function well.
Finally, it is necessary to perform transfer setting such as port forward (a static IP masquerade function) for a router device connected between a wide area network and a local network in order to give access from the wide area network to a server connected into the local network. In order to give access from the wide area network side to a server in the local network, accordingly, it is necessary to input a port number to be transferred to a server in addition to the IP address or host name of a router.
Therefore, the applicant has proposed a router capable of dynamically generating a web page linked to a server such as a camera server and giving access from a client terminal to the router, thereby acquiring information from the server as described in JP-A-2003-198586.
As described above, the router proposed by the applicant can dynamically generate the web page linked to the server such as the camera server and can give access from the client terminal to the router, thereby acquiring the information from the server. However, there is not considered a countermeasure to be taken against the case in which a relay device for rewriting an IP address or a port number to transfer a packet is present between a client and a server.