1. Field of the Invention
The present invention relates to packet transfer apparatuses, and more specifically, to a packet transfer apparatus which terminates Layer 2 Tunneling Protocol (L2TP) at a subscriber side or at an Internet service provider (ISP) side.
2. Description of the Related Art
One known method uses Point-to-Point Protocol (PPP) to authenticate a subscriber as a user when a subscriber terminal is connected via an ISP to the Internet.
PPP is a protocol for making a one-to-one connection between a subscriber terminal and an ISP access point. PPP was originally used in an environment where a terminal is connected directly to an ISP access point by dialup connection through a phone line, authenticated, and then connected to the Internet.
As continuous access to the Internet has become common, the connection between the subscriber terminal and the ISP server is currently made through an access carrier network (access network NW1) utilizing Internet Protocol (IP), besides the telephone network. Because access network NW1 is formed in layer 3 of the OSI model, a means for transferring a PPP packet to an ISP-side PPP terminating apparatus is required to perform PPP authentication through access network NW1. One such transfer means is L2TP.
L2TP is a technology used to encapsulate a PPP packet into an IP packet. This protocol establishes a virtual communication path by generating a virtual tunnel on a public telecommunications network and making a PPP connection in the tunnel.
Generally, PPP for making a dialup connection by phone line is used to make a connection to a remote party (ISP in this specification). This connection, however, requires the establishment of a virtual channel (tunnel) between the local network and the remote network, over the public network. L2TP is used to establish the tunnel.
The L2TP tunnel allows PPP to be terminated at an ISP-side exit from access network NW1 although PPP is conventionally terminated at a host-side entry to access network NW1 (this will be described later in further detail, with reference to FIG. 3).
The logical private channel is referred to as an L2TP connection, an L2TP tunnel, and an L2TP session. The L2TP connection is made by a subscriber-side L2TP terminating apparatus (LAC) and an ISP-side L2TP terminating apparatus (LNS). Via the L2TP connection, a PPP packet is transferred to LNS (2), which terminates both L2TP and PPP on the ISP side.
Further details will be described next with reference to a figure.
FIG. 3 shows the configuration of a conventional communication system.
A plurality of communication terminals (hosts) H-1 to H-n and h-1 to h-n are connected to access network NW1 and then via ISP networks NW2 to Internet NW3. A variety of services are available through this connection.
Access network NW1 can serve a variety of ISPs. One example of the access network is a local IP network of Nippon Telegraph and Telephone Corporation (Japan). Each of ISP networks NW2 is managed by an ISP.
The shown system has two LACs and two ISPs. Each host accesses Internet NW3 under a subscription to a related ISP.
When a logical private channel is established in access network NW1, tunnel T1 is established between LAC1 used by host H-1 and LNS1 managed by the ISP which host H-1 subscribes to. The figure shows that host H-n uses the same tunnel.
Like host H-1, host H-m uses LAC1 as an access point. However, hosts H-m and H-1 subscribe to different ISPs. Accordingly, tunnel T2 is formed to LNS2 managed by the corresponding ISP.
LAC and LNS make it possible to provide a virtual path that functions like a private channel across access network NW1 to an ISP.
The tunnel will be described next in further detail.
FIG. 4 shows a plurality of hosts connected through an ISP to Internet NW3.
When a host accesses Internet NW3, LAC (1) and LNS (2) form tunnel T1 across access network NW1 to ISP network NW2, in the same way as shown in FIG. 3.
Logical tunnel T1 contains seven physical routers R1 to R7 to route data between LAC (1) and LNS (2). Not all of these routers are exclusively allocated to tunnel T1, and some of the routers may also be used in another tunnel. A tunnel is just a logical communication channel. For instance, if access network NW1 contains physical routers R1 to R50 and provides a plurality of tunnels T1 to Tn, routers R1, R4, R6, R45, R50 and others may be used physically in tunnel T2, routers R1, R6, R30, R37, R41, and others may be used physically in tunnel T3, and routers R2, R3, R21, R27, and others may be used physically in tunnel Tn.
FIG. 4 shows that logical tunnel T1 has three physical paths 1, 2, and 3 between LAC (1) and LNS (2). Path 1 passes routers R1, R2, and R3; path 2 passes routers R4 and R5; path 3 passes through routers R6 and R7.
With the technologies disclosed in Japanese Unexamined Patent Application Publication No. 2000-253058 and Japanese Unexamined Patent Application Publication No. 2003-198591, just the optimum path, P2 in this case, will be used for data communication unless another path is specified beforehand. The other paths will not be used even if they have available line capacity.
The reason will be described next with reference to a figure.
FIG. 7 shows packet formats used in the configuration shown in FIG. 3.
Packets are transferred in packet format 7-PK3 between a host and LAC, in packet format 7-PK2 between LAC and LNS, and in packet format 7-PK1 between LNS and NW3.
In this configuration, routers and other network apparatuses of hosts H-1, H-2, and H-n, ISP network NW2, and Internet NW3 are managed by their global IP addresses while apparatuses in access network NW1 are managed by their private IP addresses. Routers R1 to R7 in NW1 and the terminating positions of the L2TP tunnel are managed by their private IP addresses. The private IP address of LAC is 192.168.128.1, and the private IP address of LNS is 192.168.0.1.
Packet format 7-PK3 contains a global IP address in the IP2 field of the IP header. When the packet is sent from LAC (1) to access network NW1, the IP1 field containing a private IP address is added to the IP header as a result of L2TP encapsulation.
The source address (SA) in the IP1 field is the IP address of LAC (1) terminating L2TP tunnel T1, or 192.168.128.1. The destination address (DA) in the IP1 field is the IP address of LNS (2) terminating L2TP tunnel T1, or 192.168.0.1.
Accordingly, when host H-1, H-2, or H-n accesses NW2 and NW3 through L2TP tunnel T1, DA is always 192.168.0.1 and SA is always 192.168.128.1 in the IP1 header, regardless of the target IP apparatuses in NW2 and NW3.
LAC and LNS select one optimum upstream transfer path and one optimum downstream transfer path respectively, in accordance with DA in the IP header. Packets are transferred just in the selected path.
With the disclosed technologies, the data of a plurality of users served by a single L2TP tunnel will be transferred through a common physical path (P2 in FIG. 4). The other paths (P1 and P3 in FIG. 4) will not be used.