[go: up one dir, main page]

CN1411248A - IPV9/IPV4NAT routing apparatus - Google Patents

IPV9/IPV4NAT routing apparatus Download PDF

Info

Publication number
CN1411248A
CN1411248A CN 02145133 CN02145133A CN1411248A CN 1411248 A CN1411248 A CN 1411248A CN 02145133 CN02145133 CN 02145133 CN 02145133 A CN02145133 A CN 02145133A CN 1411248 A CN1411248 A CN 1411248A
Authority
CN
China
Prior art keywords
ipv9
address
protocol
ipv4
protocol stack
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN 02145133
Other languages
Chinese (zh)
Inventor
潘雪增
平玲娣
谢建平
潘虎
陆晗
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang University ZJU
Original Assignee
Zhejiang University ZJU
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang University ZJU filed Critical Zhejiang University ZJU
Priority to CN 02145133 priority Critical patent/CN1411248A/en
Publication of CN1411248A publication Critical patent/CN1411248A/en
Pending legal-status Critical Current

Links

Landscapes

  • Small-Scale Networks (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明公开了一种IPV9/IPV4NAT路由器。IPV9/IPV4NAT路由器域名网关、文件传输网关、路由并接在应用与传输层接口上后依次与传输层、协议、地址翻译管理器串接,IPV9协议栈、静态动态映射、协议翻译器、IPV4协议栈并接在地址翻译管理器上,静态动态映射、协议翻译器并接在地址池上,IPV9协议栈、IPV4协议栈并接在网络接口、网络接口,协议翻译器与IPV9协议栈相接,用户管理界面与路由和地址池相接。本发明透明地实现协议地址翻译,实现了内部网IPv9、IPv4主机与外部Internet的正常通信;解决了IPv9、IPV4专网与Internet通信问题,以及过渡阶段不同协议之间的通信问题。将对顺利地过渡到下一代网络,起到推动作用。

Figure 02145133

The invention discloses an IPV9/IPV4 NAT router. IPV9/IPV4NAT router domain name gateway, file transfer gateway, and routing are connected to the interface of the application and transport layer, and then connected in series with the transport layer, protocol, and address translation manager, IPV9 protocol stack, static dynamic mapping, protocol translator, and IPV4 protocol The stack is connected to the address translation manager, the static and dynamic mapping, and the protocol translator are connected to the address pool, the IPV9 protocol stack and the IPV4 protocol stack are connected to the network interface, and the network interface, and the protocol translator is connected to the IPV9 protocol stack. The management interface connects with routing and address pools. The invention transparently realizes protocol address translation, realizes normal communication between IPv9 and IPv4 hosts in the internal network and the external Internet; solves the communication problems between IPv9 and IPv4 private networks and the Internet, and the communication problems between different protocols in the transitional stage. It will play a role in promoting the smooth transition to the next generation network.

Figure 02145133

Description

The IPV9/IPV4NAT router
Technical field
The present invention relates to the computer network communication technology field, relate in particular to a kind of IPV9/IPV4NAT router.
Background technology
The IPV4 agreement is born in the seventies, is an extremely successful Internet agreement, but along with the blast or the growth of www net, and the extensive use of miscellaneous service, and expose limitation and the critical defect thereof of IPV4: 1) the IP address is about to exhausted; Have only 232 to be 4,000,000,000 addresses, the U.S. is unreasonable to the classification on IP ground in addition, and the deficient crisis in the IP address of the country beyond the U.S. is more serious.2), produced address assignment unbalanced of Ipv4 because internet development unbalanced.Continuous Ipv4 address is also discontinuous physically, makes to use the route cascade, has directly caused the routing table of the Internet basic routing line router sharply to expand, and has had a strong impact on the network switching performance.3) the IPV4 agreement lacks fail safe; 4) IPV4 lacks the QOS support, has seriously hindered multimedia and has used in real time; 5) address disposes very trouble automatically, is difficult to plug and play; 6) the non-China of IPV4, IPV6 independent intellectual property right, the agreement U.S. works out, the control of network security system is weighed in his staff.
China is independent in order to build, the controlled IPV9 internet of safety, and the present invention proposes IPV9/IPV4NAT method for routing technology and device, solve visit that the IPV9 net nets to IPV4 and transition period the Internet smooth migration.
Summary of the invention
The purpose of this invention is to provide a kind of IPV9/IPV4NAT router.
IPV9/IPV4NAT router domain name gateway, file transfer gateway, route be attempted by use with transport layer interface on after be connected in series with transport layer, agreement, address translation manager successively, the dynamically mapping of IPV9 protocol stack, static state, protocol translator, IPV4 protocol stack are attempted by on the address translation manager, static dynamically mapping, protocol translator are attempted by on the address pool, IPV9 protocol stack, IPV4 protocol stack are attempted by network interface, network interface, protocol translator and IPV9 protocol stack join, and subscriber administration interface and route and address pool are joined.
Advantage of the present invention is:
1) the NAT router is positioned at inner private network and outside worker nternet adjoining position, between the two ends of communication, realizes the protocol address translation pellucidly, has realized the proper communication of in-house network IPv9, IPv4 main frame and exterior I nternet;
2) introducing of NAT router, make IPv9 experimental network and IPv4 private network be that basic Internet backbone network interconnects with the IPv4 agreement at present, solved IPv9, IPV4 private network and Internet communication issue, and the communication issue between the transition stage different agreement.To play a role in promoting to successfully carrying out the transition to next generation network;
3) realize IPV9/IPV4 mixing private network agreement, address, the port bi-directional conversion of (or claiming private network).Realize realization border, limit route;
4) realize that the IPV4 private network connects conversion to the address of public network.Make the IPV4 net obtain safeguard protection.Visit wall with flues as the IP address filtering.
Description of drawings
Fig. 1 is an IPV9NAT-router architecture block diagram;
Fig. 2 is the systematic square frame schematic diagram.
Embodiment
IPV9/IPV4NAT router domain name gateway 1, file transfer gateway 2, route 14 be attempted by use with transport layer interface 3 on after successively with transport layer 4, agreement, address translation manager 5 serial connections, IPV9 protocol stack 6, static dynamically mapping 7, protocol translator 8, IPV4 protocol stack 9 is attempted by on the address translation manager 5, static dynamically mapping 7, protocol translator 8 is attempted by on the address pool 10, IPV9 protocol stack 6, IPV4 protocol stack 9 is attempted by network interface 12, network interface 13, protocol translator 8 is joined with IPV9 protocol stack 6, and subscriber administration interface 11 joins with route 14 and address pool 10.
As shown in Figure 1, among the figure
1) domain name gateway (DNS-ALG): finish inquiry of the domain name, address, protocol conversion etc.
2) file transfer gateway (FTP-ALG): finish address, protocol conversion of file transfer etc.
3) use and transport layer interface (SOCKET layer): the interface of realizing application layer and TCP/UDP layer;
4) transport layer (TCP/UDP layer): finish transport layer association translation function,
5) agreement, address translation manager (Ipv9/IPv4 Translation Manager): the Task Distribution of management 21 and 22 modules etc.;
6) IPV9 protocol stack: realize IP version 9 protocol functions;
7) dynamically mapping:, carry out the dynamic mapping function in address by NA (P) T-PT Ipv9/IPv4 mapping table;
8) protocol translator: realize ICMP4 and ICMP9 between IPv4 and Ipv9 agreement, IP4 and IP9 address and packet header translation function;
9) IPV4 protocol stack; Realize IP version 4 protocol functions;
10) address pool: IPV4, ground, IPV9 address, dynamic, static address conversion is realized in maintenance system IPv4, IPV9 address;
11) subscriber administration interface: static state, dynamic address and port are configured, route is configured.
12), 13) network interface layer (data link and physical layer).
14) route: realize the border routing function.
As shown in Figure 2, the present invention uses realization network is divided into three zones: 1) .15,16 forms the public network zones; 2) .21,22,23,24 forms private network zone private.com; 3) .17,18,19,20 forms outer web area external.com.
Public network 15,16 regions are global I PV4 address space, and 15 is the root dns server, and 16 is the IPV4 public network.
The address space of private network (21,22,23,24) adopts Ipv9, and so the privately owned address of IPV4 is the still not directly visit concerning public network (outer net) of the address of this private network.22,23 is the IPV9 main frame.Main frame 22 addresses are to use IPV9 address 1015[6] 100/32, domain name is 22.private.com, 24 is the dns server in private.com territory, can explain the IPV9 or the IPV4 domain host address in this territory.
17,18,19,20 is external.com. domain addresses space, is made as the IPV4 main frame and constitutes, and 18,19 is the IPV4 main frame.The public network address that use main frame 18 addresses is 171.68.10.1, and domain name is 18.external.com..20 is the dns server in external.com. territory, can explain the IPV4 domain host address in this territory.
17,21 is the IPV9NAT router, integrated encapsulation/deblocking, two-way NAT and DNS_ALG, FTP_ALOG function.IPV9, IPV4 address pool are provided.20, the 24th, the dns server in privately owned territory is realized the static address mapping by IPV9 NAT_ router and IPV4 public network zone 15,16.
Communication operation principle procedure declaration:
Next coming in order illustrate between each territory main frame how to realize communication, relate to technology such as encapsulation/deblocking, NAT, DNS_ALG therebetween.
A.IPV9 main frame 22 is initiated the course of work of communication to IPV4 main frame 18: IPV9 host's machine 22 visit outer net IPV4 main frames 18
1) main frame 22 sends the inquiry of the domain name message based on UDP, to the IP address of 24 nslookup 18.External.com correspondences.
2) local domain name server 24 is inquired about to root name server 15 by 21, and the source address of query message is 171.68.2.1 (this address is the IP of local domain name server 24), and destination address is 11.1.1.1.21NAT changes the address of IP and UDP heading.Source address becomes 131.108.1.8, and destination address is constant.DNS_ALG does not revise message load.
3) 15 indications 24 of root dns server are to 20 inquiries.Provided 20 public network address 171.68.1.1 in the response message.When this message passed through 21,21NAT changed the destination address in IP and the UDP header: become 171.68.2.1 by 131.108.1.8, address 11.1.1.1 is constant in the source.
In addition, the NDS_ALG on 21 will replace 20 the IP public network address 171.68.1.1 that provides in the response message.It is that 171.68.1.1 distributes a privately owned address that DNS_ALG at first requires NAT, is assumed to be 10.10.1.1.DNS_ALG replaces with 10.10.1.1 to the 171.68.1.1 in the DNS message load then.
4) sample, 24 20 the addresses of knowing are 10.10.1.1.24 IP addresses to 20 inquiry 18.External.com.The worker P source address of request message is 171.68.2.1, destination address 10.10.1.1.After message was through 21 NAT conversion, source address became 131.108.1.8, and destination address becomes 171.68.1.1.
DNS_ALG does not revise the DNS message load.
5) 0 pair of inquiry is made and being replied, and provides the IP address 171.68.10.1 of 18.External.com.When replying through 21 the time, NAT makes corresponding conversion to IP and UDP header: source address becomes 10.10.1.1 by 171.68.1.1, and destination address becomes 171.68.2.1 by 131.108.1.8.
It is home address of 171.68.10.1 mapping that DNS_ALG then asks NAT, is assumed to be 10.11.1.2.DNS_ALG replaces with 10.11.1.2 with the address of 18.External.com in the response message.
6) 24 pairs of main frames 22 are made and being replied.The address that provides 18.External.com is 10.11.1.2.
7) session of main frame 22 initiations and main frame 18.The source address of message is 1015[6] 100/32, destination address 10.11.1.2.When through 21 the time, NAT is home address 1015[6] public network address of 100/32 mapping, be assumed to be 131.108.1.17.
And the address of conversion header: source address becomes 131.108.1.17, and destination address becomes 171.68.10.1.At this moment, NAT is that main frame 22 and main frame 18 have been set up map addresses respectively.22,18 in main frame is set up communication.
Address mapping table during table 1. once connects
Main frame Home address Public network address
22 ?1015[6]100/32 (131.108.1.17 pooled NAT)
18 (10.11.1.2 pooled NAT) 171.68.10.1
24 ?171.68.2.1 (131.108.1.8 static NAT)
20 (10.10.1.1 pooled NAT) 171.68.1.1
B. main frame 18 is initiated the step of communication process to main frame 22: outer net 18 host access intranet hosts 22
1) 18 IP addresses to name server 20 inquiry 22.Private.com correspondences.
2) 20 turn to root name server 15 inquiries.15 reply, and indication 20 is to 24 inquiries.Provide 24 public network address 131.108.1.8 in the response message.
3) 0 IP address to 24 inquiry 22.Private.com.Destination address in the IP head of request message is 24 public network address 131.108.1.8, and the address, source is 20 public network address 171.68.10.1.During through NAT router two 1, NAT is according to being 24 static mappings that are provided with, and destination address replaces with 171.68.2.1; Simultaneously NAT is the home address of a mapping of public network address 171.68.1.1 application of 20, is assumed to be 10.10.1.1, and the address, source of replacing heading then is 10.10.1.1.
4) 4 pairs of inquiries are made and being replied, and provide 22 IP address 1015[6] 100/32.When replying through 21 the time, NAT does conversion to IP header address: source address becomes 131.108.1.8 by .171.68.2.1, and destination address becomes 171.68.1.1 by 10.10.1.1.DNS_ALG request NAT is inner IPV9 address 1015[6] public network address of 100/32 mapping, be assumed to be 131.108.1.17, DNS_ALG is with the address 1015[6 of 22 in the response message] 100/32 replace with 131.108.1.17.
5) 20 pairs of main frames 18 are made and being replied.Providing 22 IP reference address is 131.108.1.17.
6) main frame 18 is initiated communication to main frame 22.The source address of IP message is 171.68.10.1, and destination address is 131.108.1.17.When message through 21 the time, NAT is assumed to be 10.10.1.1 for external address 171.68.10.1 applies for inner mapping address.Address transition then: the address, source becomes 10.10.1.1, and destination address becomes 1015[6] 100/32.
So far, set up map addresses respectively for main frame 22 and 18 on 21.

Claims (1)

1.一种IPV9/IPV4NAT路由器,其特征在于域名网关(1)、文件传输网关(2)、路由(14)并接在应用与传输层接口(3)上后依次与传输层(4)、协议、地址翻译管理器(5)串接,IPV9协议栈(6)、静态动态映射(7)、协议翻译器(8)、IPV4协议栈(9)并接在地址翻译管理器(5)上,静态动态映射(7)、协议翻译器(8)并接在地址池(10)上,IPV9协议栈(6)、IPV4协议栈(9)并接在网络接口(12)、网络接口(13),协议翻译器(8)与IPV9协议栈(6)相接,用户管理界面(11)与路由(14)和地址池(10)相接。1. a kind of IPV9/IPV4NAT router, it is characterized in that domain name gateway (1), file transfer gateway (2), route (14) and be connected with transport layer (4), successively after on application and transport layer interface (3) Protocol and address translation manager (5) are connected in series, IPV9 protocol stack (6), static dynamic mapping (7), protocol translator (8), IPV4 protocol stack (9) are connected to the address translation manager (5) , the static dynamic mapping (7), the protocol translator (8) are connected to the address pool (10), the IPV9 protocol stack (6), the IPV4 protocol stack (9) are connected to the network interface (12), the network interface (13) ), the protocol translator (8) is connected with the IPV9 protocol stack (6), and the user management interface (11) is connected with the routing (14) and the address pool (10).
CN 02145133 2002-11-05 2002-11-05 IPV9/IPV4NAT routing apparatus Pending CN1411248A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 02145133 CN1411248A (en) 2002-11-05 2002-11-05 IPV9/IPV4NAT routing apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 02145133 CN1411248A (en) 2002-11-05 2002-11-05 IPV9/IPV4NAT routing apparatus

Publications (1)

Publication Number Publication Date
CN1411248A true CN1411248A (en) 2003-04-16

Family

ID=4750783

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 02145133 Pending CN1411248A (en) 2002-11-05 2002-11-05 IPV9/IPV4NAT routing apparatus

Country Status (1)

Country Link
CN (1) CN1411248A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101248603B (en) * 2003-12-23 2012-06-20 摩托罗拉移动公司 Method for delivering traffic from a source to a cluster of nodes
CN103888554A (en) * 2014-03-24 2014-06-25 广州杰赛科技股份有限公司 IPv4 and IPv6 compatible domain name resolution method and system
CN108632402A (en) * 2018-03-15 2018-10-09 楼培德 A kind of wisdom movie theatre network-building method and system based on IPV9
CN110381299A (en) * 2019-08-22 2019-10-25 湖州米欧康电子科技有限公司 A kind of web camera
CN117118746A (en) * 2023-10-20 2023-11-24 明阳时创(北京)科技有限公司 DNS attack defense method, system, medium and device based on dynamic DNAT

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101248603B (en) * 2003-12-23 2012-06-20 摩托罗拉移动公司 Method for delivering traffic from a source to a cluster of nodes
US8953595B2 (en) 2003-12-23 2015-02-10 Google Technology Holdings LLC Route-optimised mulitcast traffic for a mobile network node
CN103888554A (en) * 2014-03-24 2014-06-25 广州杰赛科技股份有限公司 IPv4 and IPv6 compatible domain name resolution method and system
CN108632402A (en) * 2018-03-15 2018-10-09 楼培德 A kind of wisdom movie theatre network-building method and system based on IPV9
CN108632402B (en) * 2018-03-15 2021-04-23 楼培德 An IPV9-based smart cinema networking method and system
CN110381299A (en) * 2019-08-22 2019-10-25 湖州米欧康电子科技有限公司 A kind of web camera
CN117118746A (en) * 2023-10-20 2023-11-24 明阳时创(北京)科技有限公司 DNS attack defense method, system, medium and device based on dynamic DNAT
CN117118746B (en) * 2023-10-20 2024-01-09 明阳时创(北京)科技有限公司 DNS attack defense method, system, medium and device based on dynamic DNAT

Similar Documents

Publication Publication Date Title
CN1118167C (en) System and method for routing data to a destination on a network using domain name routing
CN1232080C (en) Method of providing internal service apparatus in network for saving IP address
CN1170401C (en) Apparatus and method for assigning internet protocol address to network interface card
TWI441493B (en) System and method for connection of hosts behind nats
CN1585376A (en) Addressing converting method and mixed addressing converting router for realizing it
CN1968226A (en) Method for crossing network address conversion in point-to-point communication
CN1380773A (en) Enhanced NAT-PT protocol scheme
CN101030935A (en) Method for crossing NAT-PT by IPSec
CN1199405C (en) Enterprise external virtual special network system and method using virtual router structure
CN102006338A (en) Concurrent communication method for embedded equipment supporting IPv4/IPv6 protocol
CN1691665A (en) A method for realizing communication between IPv4 network and IPv6 network
CN101068189A (en) A Method of Supporting IPv4 Application Programs Using Tunnel Between Hosts in IPv6
CN1925497A (en) Binding method based on VID, MAC, IP and users
CN1411248A (en) IPV9/IPV4NAT routing apparatus
CN1848802A (en) The Method of Realizing IPv6 High Performance Interconnection Based on P2P on IPv4
CN1235368C (en) Address conversion method for simultaneously supporting one-to-one and many-to-many under the PAT mode
CN1578296A (en) Method for realizing double-stack transition
CN101030936A (en) Telecommunication for switching node from IPv4 network to IPv6 network
CN101277309B (en) IP address system and method for establishing communication connection between users with the same
CN1578238A (en) Ip telecommunication network system and it realizing method
CN1697421A (en) Implementation method of tunnel relay in network for network address translation
CN1249572C (en) Plug-and-play ether net access system and method
CN1243437C (en) An automatic tunnel method capable of traversing network address translation
CN1571360A (en) Method for implementing intra-site automatic tunnel
CN1292565C (en) Method for responding requests from address analysis protocol of network address conversion virtual address

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C12 Rejection of a patent application after its publication
RJ01 Rejection of invention patent application after publication