1. Field
This disclosure generally teaches techniques related to a network connection apparatus and method. Specifically, the teachings relate to a network connection apparatus and method capable of connecting a first network device that forms part of a first arbitrary home network with a second network device that forms part of a second home network.
2. Description of the Related Art
High speed communication networks such as ADSL, cable modem, etc, are currently being used in homes widely. Further variety of home appliances, such as internet refrigerators, digital TVs, set-top boxes, and so on, are available that are capable of connecting to the internet and obtain digital information to assist in their functionality. New home networks or home area networks are emerging that include home appliances with network functions as well as serving as information terminals.
Since electric/electronic products that form part of a home network are connected to the internet using wire or in a wireless manner, a user can receive and transfer information through the internet and control these products regardless of the user's location. To connect and use such products, new network devices and programs are required. A network device which connects to the internet and a home network and controls network packet flows is called a “home gateway”. An advantage of a home network is that a variety of services can be provided such as in-house work, SOHO, electronic commerce, home automation and remote control, network games, inter-home network connections, etc.
An internet connection to a home at present is provided using a public internet protocol(IP) address allocated by an internet service provider(ISP). A rudimentary home gateway such as an ADSL, cable modem, etc, are used to make the connection. Such a home gateway does not provide a variety of services but only connects a home network device to the internet. However, more complicated and varieties of functionality are demanded of home networks with the progress in network device used in homes. Examples of such devices are SOHO, in-house work activation, automations, remote controls on home appliances, etc.
In order to accommodate such increased demands, a private IP address is used for a home network. When a private IP address is used, the Network Address Port Translation(NAPT) technology is applied to a home gateway in order for plural network devices to share a public IP address and then access the internet. Further, the virtual private network(VPN) technology is used in a home gateway for a remote user in a home network to connect to the internet. Such technologies used in a home gateway enable a home network to connect to the internet or the internet to connect to a home network. However, such technologies do not provide a connection from an arbitrary home network to another home network. Further, since a public IP address allocated to a home gateway varies every time it is allocated, a user has to know a public IP address allocated to a home gateway at present to connect to a home network hooked up to the internet. If the user is unaware of the current IP address of a home network that he needs to connect to, he can not access the home network.
At present, a user at home connects to an ISP by using a home gateway. The ISP allocates a public IP address to a user that requests a connection. However, since plurality of information devices are used in homes within a home network environment, the network can not simultaneously connect the devices using only one public IP address. Accordingly, the NAPT technology is employed to connect devices to the internet with use of private IP addresses in a home and one public IP address.
When a packet from a home network needs to be sent to the internet, a home gateway translates a private IP address of the packet source and the corresponding source port number into a public IP address and another port number. This information is recorded into an NAPT mapping table. Likewise, when packets that merely respond to the above packets are transferred from the internet to the home network, the home gateway translates a public IP address of packet destination and a destination port number into a private IP address and a port number for routing to the destination. The NAPT mapping table is used for this purpose. Packets transferred to a home network from the internet are discarded if the packets are not recorded in the NAPT mapping table.
Clearly, the NAPT technology enables an access to the internet from a home network. Such an access being such that a request is transferred from a home network to the internet. Likewise, a mere response thereto is transferred back to the home network from the internet. That is, it is possible that plural network devices located in a private network share one public IP address and then make access to the internet. However, an access to a home network from the internet that is not a mere response to an access from the home network in the first place is impossible.
In other words an access to the home network that is initiated fresh from the internet and a response thereto that is transferred to the internet from the home network is not possible. This is because it is not possible to know information related to a home network device. The information that is required for the access include, the private IP address of the home network device and the corresponding port, a port number of the home gateway and the corresponding port number, the public IP address and the corresponding port, IP protocol, and so on. As noted above, such information is recorded in the NAPT mapping table which are necessary for packets sent by an outside user to be translated and routed inside a private network through a home gateway connected to the internet.
VPN is a conventional technology that is used in home gateway that offers a solution to the above problem. Varied VPN technologies exists based on environments and network hierarchy that can be used. However, in relation to home network environments, the PPTP, L2TP, and the like, which use the IP network, a hierarchy is generally employed. A VPN server is located in a home gateway and a remote user connected to the internet operates as a VPN client. First, the VPN client requests the VPN server to generate a tunnel on the internet with use of a public IP address. When the tunnel is generated, the VPN server authenticates the VPN client and allocates a private IP address available in a home network to the VPN client. The VPN client forms a virtual network interface using the allocated private IP address which is connected to the home network and operates as one network. A public IP address of the VPN client is used to generate a tunnel up to the VPN server, and the private IP address is used in the home network connected through the tunnel.
If the NAPT and VPN technologies are used in a home gateway, a plurality of network devices in a home can be connected to the internet from the home network. A remote user using the internet can connect to the home network. However, it is impossible to connect an arbitrary home network with other home networks(Home-to-Home Networking: H2H) at least due to a problem described below.
IP addresses used in a home network are private IP addresses.
Therefore, it is possible that multiple separate home networks using different public IP addresses use the same private IP addresses with the home gateway in each of the home networks operating as the respective VPN servers. This could result in a clash of private IP addresses as discussed below.
If a first network device existing in a first home network requests a connection to a second home network, a tunnel is formed between the first network device and a home gateway of the second home network. The home gateway of the second home network allocates a private IP address used in the second home network to the first network device through the tunnel. The first network device forms a virtual network interface connected to the second home network through the tunnel, and allocates to the interface the private IP address allocated from the second home network.
Accordingly, the first network device is simultaneously allocated with the private IP address used in the first home network to which the first network device belongs and the private IP address used in the second home network. Consequently, the first network device has two private IP addresses belonging to the same network, so it is not clear through which network interface packets should be sent when the packets are intended to be sent. This results in communication failure.
An operating system might prevent creation of a virtual network interface in the case of the above discussed situation.
Further, a home gateway is to be allocated with a public IP address from an ISP in order to be connected to the internet, but the allocated public IP address varies every time the home gateway connects to the ISP, so a user connected to the internet or a different home network should know the public IP address allocated to the current home gateway(VPN server) in order to connect to the home network, and, if the user does not know it, the user can not access a home network be or she wants to connect to. This disclosure is aimed at overcoming some of the disadvantages noted above.