HK1086963B - Internet connection system and server for routing connection to client device - Google Patents
Internet connection system and server for routing connection to client device Download PDFInfo
- Publication number
- HK1086963B HK1086963B HK06107027.6A HK06107027A HK1086963B HK 1086963 B HK1086963 B HK 1086963B HK 06107027 A HK06107027 A HK 06107027A HK 1086963 B HK1086963 B HK 1086963B
- Authority
- HK
- Hong Kong
- Prior art keywords
- client
- protocol
- server
- relay device
- unit
- Prior art date
Links
Description
CROSS-REFERENCE TO RELATED APPLICATIONS
The present application claims priority from the Paris treaty section 4 (and the regulations of the respective countries corresponding thereto) of Japanese patent application Nos. 2002-.
The present invention relates to a system for providing a service from a server to an IPv6 environment in a home by using an IPv6(Internet Protocol version 6: 6 th version Internet Protocol) network configuration as a next-generation IP under a current infrastructure environment in which IPv4(Internet Protocol version 4: 4 th version Internet Protocol) has become widespread, and to the server used for the system.
In general, in a service providing environment through a public network centered on the internet, the value of all information is not concentrated on the client side but on the server side.
That is, each terminal as a client is basically a simple viewer for viewing information on the internet. In addition, each client sends various information requests to the internet side, which can obtain such information from each client. That is, all information is concentrated on the internet side, and only the fixed information is unilaterally provided from the internet side. Therefore, it is now the case that it is difficult for manufacturers who manufacture client terminals to generate added value.
To change this situation, the access must be reversed, reversing the server and client perspectives. That is, when there is an in-home network connected to the internet, it is necessary to start accessing the in-home network from the internet side, and to generate a state in which a service is provided from the in-home network to the internet side.
Therefore, each machine connected to the home network must be uniquely identified from the internet side, and the problem of routing and security in the home must be solved. In response to this problem, there is IPv6(internet protocol version 6, internet protocol generation 6) as one of the solutions found.
However, in view of the environment surrounding the current japanese communication bearers and internet service providers, it is considered that the popularization of IPv6 takes a considerable time. For example, the IPv4 material used at present takes a minimum of 2 to 3 years for depreciation, and only performs test service.
Although IPv6 is now implemented immediately by manufacturers for networks that can only serve up to the ISP level, it is impractical for many manufacturers because of the very high cost.
The situation of the in-home network is widely varied and the structure of the communication carrier and the ISP connection is also widely varied, and it is necessary to have a structure for realizing the IPv6 environment in a uniform manner by taking care of these differences.
To achieve the above object, according to a 1 st main aspect of the present invention, there is provided an internet connection system comprising: a relay device connected to the client and provided in a 1 st network that performs communication in a 1 st communication protocol; a server connected to the relay device via a 2 nd network according to a 2 nd communication protocol, wherein the relay device includes: a client global address storage unit that stores a global address in the 1 st communication protocol of the client; a server address storage unit for storing a global address in a 2 nd protocol of the server; a 1 st routing means for routing, via the server, a connection to another client existing in another 1 st network via the 2 nd network, the connection being sent from the client, based on a global address of the server stored in the storage unit; a 1 st packet processing device for establishing a protocol tunnel connection of a 1 st protocol with the server by packetizing/depacketizing a packet in the 1 st protocol in a 2 nd protocol; the server is provided with: a 2 nd packet processing device for packetizing/depacketizing packets in the 1 st protocol in a 2 nd protocol so as to enable a tunnel connection between the server and the relay device; a terminal global address management device for managing the global address in the 1 st protocol of the client connected to the relay device in association with the global address in the 2 nd protocol of the relay device; a 2 nd routing device for routing the relay device based on the global address of the terminal managed by the management device, and a model discrimination unit for discriminating whether the client and/or the relay device is of a predetermined model.
With this configuration, the IPv6 packet is transmitted and received between the home network and the internet server via the protocol tunnel connection. Thus, the terminal existing in the home network can be uniquely identified and controlled from the outside through the server. Accordingly, since all communications can be performed by the internet server regardless of the communication carrier and the ISP, all the terminals in the home and all the connections to the terminals can be freely set and controlled by the owner of the internet server.
That is, the problems of individual identification, in-home routing, and security of IPv6 machines in a mixture of IPv6 and IPv4, which have been conventionally problems, can all be solved, and extremely open and closed network construction can be realized.
Here, the 1 st protocol and the 2 nd protocol may be different protocols or the same protocol, and in a preferred embodiment, the 1 st protocol is IPv6 and the 2 nd protocol is IPv 4.
According to an embodiment of the present invention, the server is provided with a model determination unit that determines whether the client and/or the relay device is of a predetermined model. In this case, it is preferable that the server further includes a communication session disconnection unit configured to disconnect the communication session or restrict transmission and reception of a packet based on the determination that the client or the relay device is not of the predetermined type by the type determination unit. Preferably, the apparatus further includes a command conversion unit for converting a command transmitted to the client into a command of a predetermined format for controlling the client based on a result of the determination by the model determination unit. In the server, it is preferable that a client control unit for controlling the client based on a determination result of the model determination unit is provided.
According to another embodiment of the present invention, the server is further provided with a network type determination unit that determines whether or not the environment of the 1 st network connected to the client and/or the relay device is of a predetermined type. In this case, it is preferable that the server includes a communication session disconnection unit configured to disconnect the communication session or to restrict transmission and reception of a packet based on a determination that the non-public network environment connected to the client or the relay device is not of the predetermined type. In this case, it is preferable that the server includes a state information acquisition unit configured to acquire at least one or more of an operation state, a use state, and position information of the client and/or the relay device, and more preferably, the state information acquisition unit is configured to acquire at least one or more of the operation state, the use state, and the position information of the client by a method according to a type of the client.
According to still another embodiment, the server includes a search unit that searches the client or the relay device based on combination information of at least one or more of address, operation state, use state, and position information of the client or the relay device. In this case, it is preferable that the search unit includes a means for displaying a list of clients connected to the relay device for each of the relay devices. In this case, it is preferable that the server further includes a client control unit for controlling the client, and the client control unit selects a specific client from the list display to start a client control program corresponding to the client.
According to still another embodiment, the server is provided with a client address search unit which searches for a global address in the 1 st protocol of the client based on a connection request to the client. In this case. Preferably, the server is provided with a connection requester recognizing unit that recognizes a person who makes a connection request to the client and permits or denies the connection to the client.
According to still another embodiment, the system further includes a protocol tunnel connection information management device that manages protocol tunnel connection information between the relay device and the server, and the protocol tunnel connection information management device notifies the relay device of a global address in the 2 nd protocol of the server, and notifies the server of the global address in the 2 nd protocol of the relay device and the global address in the 1 st protocol of the client or a part thereof. In this case, it is preferable that the protocol tunnel connection information management device recognizes the relay device or the server, and performs the notification when the result is affirmative.
According to still another embodiment, the server includes a filtering processing device for filtering communications transmitted to and from the client according to a predetermined rule. In this case, it is preferable that the server further includes a filtering rule setting unit that provides an interface for editing the predetermined rule.
According to still another embodiment, the relay device is provided with a model determination unit that determines whether the client is of a predetermined model. In this case, it is preferable that the relay device includes a communication session disconnection unit configured to disconnect the communication session when the client is determined not to be the predetermined model by the model determination unit.
According to a 2 nd main aspect of the present invention, there is provided an internet connection system characterized by comprising: a relay device connected to the client and provided in a 1 st network that performs communication in a 1 st communication protocol; a server connected to the relay device via a 2 nd network according to a 2 nd communication protocol, wherein the relay device includes: a client global address storage unit that stores a global address in the 1 st communication protocol of the client; a server address storage unit for storing a global address in a 2 nd protocol of the server; a 1 st routing means for routing, via the server, a connection to another client existing in another 1 st network via the 2 nd network, the connection being sent from the client, based on a global address of the server stored in the storage unit; a 1 st packet processing device for establishing a protocol tunnel connection of a 1 st protocol with the server by packetizing/depacketizing a packet in the 1 st protocol in a 2 nd protocol; the server is provided with: a 2 nd packet processing device for packetizing/depacketizing packets in the 1 st protocol in a 2 nd protocol so as to enable a tunnel connection between the server and the relay device; a terminal global address management device for managing the global address in the 1 st protocol of the client connected to the relay device in association with the global address in the 2 nd protocol of the relay device; a 2 nd routing device for routing the relay device based on the global address of the terminal managed by the management device; and a network type determination unit configured to determine whether or not the environment of the 1 st network connected to the client and/or the relay device is a predetermined type.
According to a 3 rd main aspect of the present invention, there is provided an internet connection system comprising: a relay device connected to the client and provided in a 1 st network that performs communication in a 1 st communication protocol; a server connected to the relay device via a 2 nd network according to a 2 nd communication protocol, wherein the relay device includes: a client global address storage unit that stores a global address in the 1 st communication protocol of the client; a server address storage unit for storing a global address in a 2 nd protocol of the server; a 1 st routing means for routing, via the server, a connection to another client existing in another 1 st network via the 2 nd network, the connection being sent from the client, based on a global address of the server stored in the storage unit; a 1 st packet processing device for establishing a protocol tunnel connection of a 1 st protocol with the server by packetizing/depacketizing a packet in the 1 st protocol in a 2 nd protocol; and a model identification unit that identifies whether the client is of a predetermined model, wherein the server includes: a 2 nd packet processing device for packetizing/depacketizing packets in the 1 st protocol in a 2 nd protocol so as to enable a tunnel connection between the server and the relay device; a terminal global address management device for managing the global address in the 1 st protocol of the client connected to the relay device in association with the global address in the 2 nd protocol of the relay device; and a 2 nd routing device for routing the relay device based on the global address of the terminal device managed by the management device.
According to a 4 th main aspect of the present invention, there is provided a server for use in an internet connection system having: a relay device provided in the 1 st network; the server for use in the internet connection system, in which a client connected to the 1 st network is connected to the server via the relay device and the internet, includes: a client address management device that manages an address of the client connected to the relay device in association with an address of the relay device; a routing device that routes a connection from the internet to the client to a relay device connected to the client, based on an address of the client managed by the management device; a model determination unit configured to determine whether the client and/or the relay device is a predetermined model; and a command conversion unit that converts the command transmitted to the client into a command of a predetermined format for controlling the client, based on the determination result of the model determination unit.
With this configuration, the terminal existing in the home network can be uniquely identified from the outside by the server. Accordingly, since all communications can be performed by the internet server regardless of the communication carrier and the ISP, all the terminals in the home and all the connections to the terminals can be freely set and controlled by the owner of the internet server.
According to an embodiment of the present invention, the communication session disconnection unit is further provided for disconnecting the communication session or limiting transmission and reception of a packet in response to the determination that the client or the relay device is not of the predetermined model by the model determination unit.
In addition, according to another embodiment of the present invention, the client may communicate with the relay device, but includes a peripheral device which cannot connect to the internet.
According to still another embodiment, a network type determination unit is further provided for determining whether or not the environment of the 1 st network connected to the client and/or the relay device is of a predetermined type. In this case, it is preferable that the communication system further includes a communication session disconnection unit configured to disconnect the communication session or to restrict transmission and reception of a packet based on a determination that the non-public network environment connected to the client or the relay device is not of the predetermined type.
According to still another embodiment, the communication apparatus further includes a state information acquiring unit configured to acquire at least one or more of an operation state, a use state, and position information of the client and/or the relay device. In this case, it is preferable that the state information acquiring unit acquires at least one or more of an operation state, a use state, and position information of the client by a method according to a type of the client. More preferably, the client control unit further includes a means for displaying at least one of the operation state, the use state, and the position information of the client to a user.
The server also includes a search unit that searches the client or the relay device based on combination information of at least one or more of the address, the operating state, the use state, and the position information of the client or the relay device. Preferably, the search unit includes a list display means for displaying a list of the searched clients together with the operating states thereof. The list display means displays a list of clients connected to the relay device for each of the relay devices. Preferably, the client control unit is further provided for controlling the client, and the client control unit selects a specific client from the list display to start a client control program corresponding to the client.
According to still another embodiment, the relay device is provided in the client.
According to another embodiment, there is further provided: a 2 nd packet processing device for packing/unpacking the packet in the 1 st protocol by the 2 nd protocol in order to make the protocol channel connection with the relay device possible; a terminal global address management device for managing the global address in the 1 st protocol of the client connected to the relay device in association with the global address in the 2 nd protocol of the relay device; and a 2 nd routing device for performing routing to the relay device based on the global address of the terminal managed by the management device. The 1 st protocol and the 2 nd protocol may be different protocols or the same protocol.
Preferably, the client apparatus further includes a client address search unit configured to search for a global address in the 1 st protocol of the client based on a connection request to the client. In this case. Preferably, the client device further includes a connection requester recognizing unit configured to recognize a person who requests connection to the client device and to permit or deny connection to the client device.
The server further includes a protocol tunnel connection information management device that manages protocol tunnel connection information between the relay device and the server, and the protocol tunnel connection information management device notifies the relay device of a global address in the 2 nd protocol of the server, and acquires the global address in the 2 nd protocol of the relay device and the global address in the 1 st protocol of the client, or a part thereof. Here, it is preferable that the protocol tunnel connection information management device recognizes the relay device and notifies the relay device when the result is affirmative.
According to still another embodiment, the communication system further includes a filtering unit for filtering communications sent to and from the client in accordance with a predetermined rule. In this case, it is preferable that the apparatus further includes a filtering rule setting unit that provides an interface for editing the predetermined rule.
According to the server used in the internet connection system of the present invention, it is possible to enjoy the advantages of IPv6 by a relatively simple means and to provide an internet connection method in which a manufacturer of a client-side device can find an independent added value.
According to a 5 th main aspect of the present invention, there is provided a computer processing method for internet connection performed by a server used in an internet connection system having: a relay device provided in the 1 st network; a client connected to the 1 st network, the server connected to the relay device and the internet, the computer processing method comprising the steps of: a client address management step of managing an address of the client connected to the relay device in association with an address of the relay device; a routing step of routing a connection from the internet to the client to the relay device connected to the client, based on an address of the client managed by the management device; a model determination step of determining whether the client and/or the relay device is a predetermined model; and a command conversion step of converting the command transmitted to the client into a command of a predetermined format for controlling the client, based on the determination result of the model determination step.
Still other features and significant effects of the present invention will become apparent to those skilled in the art from the following description of the preferred embodiments and the accompanying drawings, which are set forth in the best mode for carrying out the invention below.
Fig. 1 is a diagram showing an example of a network configuration according to an embodiment of the present invention.
Fig. 2 is a schematic configuration diagram showing an example of the same InterBOX.
Fig. 3 is a schematic configuration diagram showing an example of the same InterServer.
FIG. 4 is a schematic configuration diagram showing a filter unit.
Fig. 5 is a flowchart showing the processing in the filter portion.
Fig. 6 is a schematic configuration diagram showing an IPv6 terminal search unit.
Fig. 7 is an illustration showing a retrieval screen.
Fig. 8 is an illustration showing a retrieval result list display relating to the InterBOX.
Fig. 9 is a conceptual diagram illustrating control by the IPv6 terminal control unit.
Fig. 10 is a functional diagram showing a communication example of this embodiment.
Fig. 11 is a functional diagram showing another communication example of this embodiment.
Fig. 12 is a diagram showing an example of arrangement of an InterBOX or IPv6 terminal.
Fig. 13 is an illustration showing a protocol path connection between the InterBOX and the InterServer.
Embodiments of the present invention will be described below with reference to the drawings.
Fig. 1 is a diagram showing an example of a network configuration according to the present embodiment.
In fig. 1, a home network of IPv6 is connected to various client IPv6 terminals 2 (hereinafter referred to as "IPv 6 terminals") which communicate with IPv6 (1 st communication protocol). The home network 1 is constituted by, for example, a LAN introduced into each home.
The home network 1 is then connected to the internet 4 via the InterBOX and the communication carrier/ISP. The internet 4 communicates with the currently widespread IPv4 (2 nd communication protocol) that is different from the IPv 6.
Then, the internet 4 is connected to an InterServer6 (a "server" according to the present invention) that controls communication with the IPv6 terminal 2 on the home network 1. As will be described in detail later, the InterServer6 has a function of mediating the connection between the IPv6 terminal 2 and all of the IPv6 terminals 2a and 2b and the IPv6 server 7 on the internet 4 or other home/global networks 1a and 1 b.
The InterBOX3 and the InterServer6 are devices that are intended to be manufactured by the same manufacturer or under a unified standard, and are designed in advance to be interlocked. Therefore, the InterBOX3 stores the private address in IPv4 of the InterServer6 in advance, and makes a protocol tunnel connection with the InterServer6 regardless of the ISP and the communication carrier. The IPv6 terminal 2 connected to the home network 1 is also intended to be manufactured by a manufacturer equivalent to the intersubx 3 or under a unified specification, and the type (model) of the terminal on the InterServer6 side can be specified based on the global address of the IPv6 assigned to the IPv6 terminal 2 and other information.
Here, various methods are available for allocating the IPv6 address of the IPv6 terminal 2. The IPv6 address is composed of 128 bits, and includes a "prefix" portion assigned by the NIC and ISP, which is set in the first half, and an "interface ID" portion which is set in the second half and is generated by the user. In this example, it is also composed of an "interface" part generated using a prefix assigned by each manufacturer and a MAC address unique to each terminal. The IPv6 address may be determined before the terminal 2 leaves the factory, or may be automatically generated by connecting to the InterBOX3 using the IPv6 address prefix of the InterBOX3 and its own MAC address. The IPv6 terminal 2 may be a home appliance such as a video recorder or a television which cannot be connected to the internet. In this case, the InterBOX is provided with an interface (IEEE1394) through which the home appliance can communicate, and a virtual IP address can be assigned to an ID (unique ID) of each home appliance.
Fig. 2 is a schematic configuration diagram showing the above-described InterBOX 3.
The InterBOX3 includes: a server address storage unit 10 for storing the global address in the IPv4 of the InterServer 6; a protocol tunnel session establishing unit 11 for establishing a protocol tunnel connection with the InterServer6 based on the address of the InterServer 6; a packet processing unit 12 for packetizing/depacketizing packets in IPv6 in IPv4 and transmitting/receiving a protocol tunnel to/from the InterServer 6; a routing processor 13 for routing and connecting the depacketized packet from the InterServer6 to a desired IPv6 terminal 2; and a packet transmitting/receiving unit 14 for transmitting and receiving packets. The InterBOX3 is provided with a prefix storage unit 15 (address generation unit) for generating an address of the IPv6 terminal 2 using the prefix assigned to the InterBOX 3.
With this configuration, the packet from the IPv6 terminal 2 or the packet addressed to the IPv6 terminal 2 can be transmitted and received through the IPv4 channel established between the InterServer6 and the intersox 3.
Fig. 3 is a schematic configuration diagram showing the InterServer 6.
The InterServer6 includes: an address storage unit 16 for storing the global address 16a in the IPv4 of the InterBOX3 and the global address 16b in the IPv6 of the client in association with each other; a protocol tunnel session establishing unit 17 for establishing a protocol tunnel connection with the InterBOX3 based on the address of the relay device 3; a packet processing unit 18 for packetizing/depacketizing the packet in IPv6 in IPv4 so as to enable communication with the network home appliance 2; and a routing unit 19 for routing the communication between the IPv6 terminal 2 and another terminal/server. Further, the InterServer6 includes: a model identification unit 21 for identifying the type of the IPv6 terminal 2 based on the IPv6 address of the IPv6 terminal 2; a command setting unit 22 for converting the command to be issued to the IPv6 terminal 2 into a predetermined command and setting the predetermined command based on the result of the determination; a filter unit 23 for filtering the IPv6 packet transmitted from the tunnel according to a predetermined rule; and a communication session disconnection unit 24 for disconnecting a communication session of a predetermined occasion. Then, the transmission/reception processing unit 25 transmits/receives the packet.
The InterServer6 is connected to the user management server 30. As described in detail below, the user management server 30 is a server that manages information of users of the respective interboxes 3 and the respective IPv6 terminals 2, and includes a user information management DB31 that stores member information such as IDs, passwords, and credit information of the respective users, and also stores IPv6 prefixes, model information, and the like.
Further, the InterServer6 has a Web server 32 disclosed on the internet 4(IPv4 network), and can perform various settings in response to requests from the user of the intersox 3 and IPv6 terminal 2. For example, at least a part of the filtering rules of the filtering unit 23 can be changed by the user as appropriate through the Web server 32. The access to the Web server 32 may be performed via the InterBOX3 and the InterServer6, or may be performed via the internet 4 without passing through these.
As shown in fig. 4, the filter unit 23 includes a filter rule storage unit 33 and a filter rule setting unit 34. The filter rule storage 33 and the filter rule setting unit 34 are connected to the Web server 32 disclosed on the internet, and as shown in fig. 3, an InterServer session interface generation unit 35 is installed in the Web server 32. The user connected to the Web server 32 can input and change the filtering rule by displaying the interface generated by the interface generating unit 35 on the terminal of the user. As the filter rules that can be set here, for example, filter rules relating to security can be considered.
As a filtering rule in terms of security, there are roughly: first, no access to the home network side from outside is approved; no access from outside to the home network side is authorized except for the server (Web site) and the network which are authorized in advance; and there is no restriction on any access to the home network from the outside. In this case, the filtering method may be a method of not granting any access, or may be a method of passing only a specific port.
Here, if access to the outside from the home network 1 can be restricted so that access to a server set in advance is not possible, it is possible to prevent children from accessing harmful contents or users from accessing a site (which is provided with a trap) which is generally illegal.
The setting of the filter rule may be performed after the recognition of the IP address and password by the user recognition unit 36 connectable to the user management server 30 provided in the Web server 32.
The filtering rule setting unit 34 may set the filtering rule based on the input of the user as described above, or may have a function of automatically generating the filtering rule based on the member information (the credit information and the terminal model information) stored in the user management server 30 without depending on the setting from the user. For example, a gateway that does not permit connection or only allows connection to a specific server or the like is set according to the attributes of the members and the payment situation.
As a filtering rule for this gateway, it can be used to control the providers that provide the charging service through this InterServer 6. For example, as shown in fig. 3, the InterServer6 may be provided with a proxy server 38 and the DB39 may manage the access destination of the user, or the user may be allowed to connect only the access destination set by the filter rule setting unit 34. In this case, it is desirable to install a function of managing which service (server) the user signs up for with what condition and controlling the transaction processing according to the condition, in addition to the user ID and password, in the user management DB 31. In addition, for a specific vendor, it may be set so that a user who has not completed the login procedure can see only the sample page but not the main body part.
Fig. 5 is a flowchart showing the processing in this filter section 23. First, after the protocol tunnel session is started, a filtering rule is set based on the member information received from the user management server 30 (step S1). Next, information of the connection request destination of the user (for example, the address of the Web site) is received from the proxy server 38 (step S2). Next, the information of the connection destination is applied to the filter rule to determine whether or not the connection is possible (step S3), and when the connection is not permitted, the communication session is disconnected by the communication session disconnection unit 24 (step S4). When connection is permitted, it is determined whether or not the session is valid (step S5), and when valid, the above-described steps S2 to S5 are repeated. If not, the process is terminated.
The proxy server 38 may measure the amount of data traffic and not grant access from the unpaid payer. In this case, the provider is notified of only the ID of the user and does not notify the password and IP address of the user. Therefore, the user can manage only one pair of ID and password for the InterServer 6. Further, since the IP address may change depending on the relationship of the user or other reasons, it is preferable to confirm the ID with the key every time in terms of the consistency of the system, and it is preferable to eliminate the risk of unauthorized access due to data being provided to the provider side.
The execution of the filtering rule and the disconnection and connection of the communication session based on the filtering rule can be performed by the communication session disconnection unit 24. In addition, since a filtering method using the set filtering rule, a gateway method, and other methods are known, descriptions thereof are omitted.
The InterServer6 has an IPv6 terminal search unit 26 (fig. 3) that provides a function for allowing a person who does not know the address of the IPv6 terminal 2 to search for the IPv6 terminal 2. The search unit 26 can search and identify a desired IPv6 terminal 2 based on information specified by the user, for example, the operating state of the IPv6 terminal 2 and the operating state of the network.
Therefore, as shown in fig. 6, the search unit 26 includes a state information receiving unit 40 that receives state information such as the operating state and network state of the IPv6 terminal 2 connected to the IPv6 network and the InterBOX 3; a status information accumulation unit 41 for associating and accumulating this information with the IP address of the IPv6 terminal and the IP address of the InterBOX 3; and an IPv6 terminal control unit 42.
The state information receiving unit 40 receives the state of each IPv6 terminal 2 for each prefix or domain (IPv6 network or intersox 3) in which the IPv6 terminal 2 is stored. The status information receiving unit 40 may receive the status by inquiring the status at a predetermined cycle for each of the prefixes and the domains, or may acquire the status by inquiring when there is a request for reference to each of the prefixes and the domains. In the former method, for example, the inquiry of the ON/OFF of the power of each terminal 2 is performed every 1 minute for each relay device registered in the InterBOX address storage section 16 a.
The state information accumulating unit 41 stores the state information of each IPv6 terminal 2 in association with the IPv6 terminal and the InterBOX 3. Here, the acquired state information can be roughly classified into: information indicating an operation state, a use state, position information, and a characteristic; information held by the nodes (InterBOX3 and IPv6 terminal 2) is shown; is at least one or more of the information valid for determining other nodes.
The operation information is at least one or more of a state of a power supply, a network connection state, and a communication state. The usage state is at least one or more of information relating to a user, information relating to an operation time, and information relating to a load. The location information is at least geographic location and coordinate information, postal numbers, house numbers, and the like. The information showing the characteristics is one or more of information of the kind, function, shape, color, device information, software information, function, administrator, and the like of the node.
The model identified by the IPv6 model identifying unit 21 is also stored as status information. The state information receiving unit 40 specifies the information obtained from the IPv6 terminal 2 based on the model information, and can obtain necessary information in a form suitable therefor.
The search unit 26 further includes a connection request recognizing unit 27 for recognizing, permitting search and requesting connection to a person who is connected to the user management server 30 and makes the search or request for connection. For example, for a user's home network (InterBOX3), both search and connection are not permitted for the network except for a specific user who is permitted to connect. When the recognition unit 27 determines that the determination is affirmative, the search unit 26 accesses the state information accumulation unit 41 and the address storage unit 16 to search for the address of the desired terminal 2 (specify the InterBOX 3).
As a result of the search, for example, when the user searches the InterBOX3 of his home network from the outside using a personal computer, the results may be displayed in a list together with the statuses of all IPv6 terminals 2 connected to the InterBOX 3. Fig. 7 shows an example of a retrieval screen, and fig. 8 is an illustration showing a list display of the InterBOX3 involved in determining a retrieval result. In the example of the search interface shown in fig. 7, an input field 43 for searching the InterBOX3 and an input field 44 for searching the IPv6 terminal 2 are provided, and the search can be performed from either one of them.
In the example of the search result list display in fig. 8, all the terminals 2 connected to the InterBOX3 are displayed in a list together with information on the owner, status, type, and model name. Then, each time an operation screen display button shown at 45 in the drawing is pressed, the terminal control unit 42 is activated to display an operation screen (not shown) corresponding to the type and model of the terminal 2 concerned.
Fig. 9 is a conceptual diagram illustrating control by the control unit 42.
First, when the InterBOX3 is connected to the InterServer6 through the protocol tunnel session, the IPv6 terminal 2 notifies the status of the operation thereof by a request from the status information receiving unit 40 (step S11). In this case, the operation state may not be acquired without registering the IPv6 terminal 2 to the control unit 42. The operation state is acquired at a constant cycle, and is accumulated in the state information accumulation unit 41 and updated (step S12).
Next, the user of the IPv6 terminal 2 logs in from the outside using the ID and the password, identifies a terminal to be controlled from the list as described above, and activates the control unit 42 (step S13). The control unit 42 processes all commands at the server site, transmits appropriate commands to the terminal, and controls the terminal.
Further, by selecting a terminal name from the list, a connection may be made by routing to the selected IPv6 terminal. Alternatively, the terminal may be directly connected to the terminal when the terminal is found by inputting the state determined by the search condition and searching. In addition, when the terminal is searched from the outside through the Web site regardless of the protocol tunnel connection through the InterServer6, the connection with the terminal is performed after the protocol tunnel connection is established.
Here, the "protocol tunnel" is a technique for connecting IPv6 networks (routers) to each other via an IPv4 network, and is a technique for exchanging IPv6 packets with IPv4 packets between specific routers.
Each of the components 10 to 42 of the InterBOX3 and the InterServer6 is actually constituted by a fixed area secured by a hard disk provided in a computer system and a computer software program installed therein, and a peripheral device such as a CPU, a RAM, or other input/output device for controlling the hard disk to read out and execute the program.
The InterBOX3 is preferably constituted by one computer system including each terminal 2, and the InterServer6 is preferably constituted by a plurality of computer systems connected to each other for load distribution. For example, the network home appliance search unit 26 that manages the states of the InterBOX3, the IPv6 terminal 2, and the home network is preferably configured by a server having a dedicated transmission/reception interface and a control unit. This is because a so-called session for managing ON/OFF and other states of each device is expected to be expanded, and the load must be distributed. In the case where one InterServer6 corresponds to interboxes and IPv6 terminals of a plurality of different manufacturers, a plurality of packet processing units 18, command setting units 22, filter units 23, and the like may be provided.
The operation of the above-described InterBOX3 and InterServer6 will be described in detail with reference to the following communication example of fig. 10.
Fig. 10 shows a case where communication is performed between an IPv6 terminal 2 of a home network connected to an InterBOX3 and an IPv6 server 7 connected to the InterServer6 directly or via an IPv6 home network 1 a.
In this example, in the InterServer6, as shown in the figure, it is assumed that the IPv6 address 16a of the IPv6 terminal 2 and the IPv4 global address 16b of the intersox are stored in advance. Therefore, the IPv6 terminal 2 must notify the InterServer6 of its IPv6 address in advance, for example, by the intersbox 3 or other means. This operation may be implemented, for example, by a user connecting the IPv6 terminal 2 to the home network 1 and automatically establishing a protocol tunnel connection with the InterBOX3 with the InterServer6 by using a plug and play function. The InterServer6, knowing the IPv6 address of the IPv6 terminal 2 or a part thereof (IPv6 address prefix of the InterServer 6), notifies (broadcasts) other ISP routers so that routing of the IPv6 address is performed through the InterServer 6.
When the IPv6 address of the IPv6 terminal 2 depends on the prefix assigned to the InterBOX3, the IPv6 prefix of the InterBOX3 constituting a part of the address 16a may be stored as the address 16a of the IPv6 terminal 2 stored in the InterServer 6. In this case, the InterServer6 notifies other ISP routers of the routing information of the prefix.
In a state where the above processing and setting (protocol tunnel connection) are completed, after a connection request from the IPv6 server 7 to the IPv6 terminal 2 is made, a connection route from the IPv6 server 7 is selected to the InterServer 6. The InterServer6 separates the IPv4 address of the intersox 3 from the address 16a of the IPv6 terminal 2, and establishes a communication session in a protocol tunnel connection with the intersox 3 by the protocol tunnel session establishment units 17 and 11.
When a protocol tunnel communication session is established, a packet addressed to the command setting section IPv6 terminal 2 is packetized and transmitted by the packet processing section 18 as an IPv4 packet addressed to the InterBOX 3. The InterBOX3 is configured such that the packet processing unit 12 unpacks the packet, and the routing processing unit 13 performs routing processing to the IPv6 terminal 2 based on the address of the IPv6 terminal 2 included in the packet. In this way, for example, connection to the IPv6 terminal 2 on the home network can be made by activation from the external IPv6 server 7.
For example, when the network home appliance 2 is an in-home monitoring camera, even when the network home appliance is out, by connecting a PDA or the like to a nearby IPv6 network, the camera can be activated and controlled via the InterServer6 and the intersox 3.
In this example, the IPv6 terminal model determination unit 21, the command setting unit 22, and the filter unit 23 provided in the InterServer6 can be operated in accordance with the model of the terminal 2.
The model determination unit 21 may determine the model and network environment of the IPv6 terminal 2 based on, for example, the IPv6 address (the address itself or information associated with the address) of the IPv6 terminal. In the present embodiment, assuming that the IPv6 terminal 2 and the InterServer6 are manufactured by the same manufacturer or according to a unified specification, in this case, by setting a certain rule for the IPv6 address assigned (or generated) to each IPv6 terminal 2 in advance, it is possible to easily determine such a model and network environment if such an address is known. In this embodiment, the manufacturer and the model are determined based on the prefix portion and the MAC address portion in the IPv6 address.
When a special command is required for controlling the IPv6 terminal 2, the model command setting unit 22 may set a command included in the communication from the IPv6 server 7 to be converted into a command for the model. For example, the prescribed command may be generated from a message described in the Html language. Further, the command issued by one server 7 may be converted into a command for a plurality of IPv6 terminals 2.
The filter unit 23 has a function of filtering the IPv6 packet that has passed through the InterServer6, based on a predetermined rule. The rule of this filtering may be set for each IPv6 terminal 2 as a connection destination, or may be set for each network, for example. The communication session disconnection unit may be configured to disconnect the communication session when the model determination unit 21 determines that the model and the network environment are not the predetermined model and when the filter unit 23 determines that the model is not appropriate. Even when the IPv6 terminal to which the connection is to be made cannot be connected because the power supply is OFF, if the connection destination can be replaced by another IPv6 device connected to the same InterBOX, the connection destination can be routed to the other IPv6 terminal based on the device type and type information.
Fig. 11 shows an example in which IPv6 home networks having both relay devices 3 and 3' are connected to each other via an InterServer 6. The case where the IPv6 terminal a and the IPv6 terminal B are connected to each other in each home network and the two IPv6 terminals A, B communicate with each other will be described as an example.
In this case, the InterServer6 stores the address of each IPv6 terminal A, B or a part thereof (IPv6 prefix) in association with the IPv4 address of each intersox 3.
When a connection is requested from one terminal a to another terminal B, first, a communication session is established between the InterBOX3 · a and the InterServer6 on the terminal a side within the tunnel connection. Then, the above-mentioned InterBOX3 · B is identified based on the address of the terminal B included in the packet, and as a result, a protocol tunnel communication session between the InterServer6 and the InterBOX · B is established. In this InterBOX B, routing is performed in the network based on the IPv6 address included in the terminal B in the packet.
Thus, the two IPv6 terminals 2 can communicate with each other via the InterServer6 by using IPv 6.
When two IPv6 terminals 2 are to communicate with each other in this way, the address of the IPv6 terminal to which the terminal is connected may not be known. In this case, the user of the connection source accesses the InterServer6 and activates the network home appliance search unit 26. In this case, for the sake of security, the connection request recognizing unit 27 recognizes the user, and after determining whether the connection request is a valid connection request, permits the search of the IPv6 terminal and the user as the connection destination. Thus, where a required IPv6 terminal can be determined, a tunnel communication session can be established based on the IPv6 address of the terminal.
With the above configuration, all communications involving the IPv6 terminal 2 are performed by the InterServer6 regardless of the communication carrier and ISP, so that the IPv6 terminal 2 and the server 7 on the home network of the home and work can be freely set and controlled by the owner of the InterServer 6. As a result, the problems of individual identification, in-home routing, and security of IPv6 machines in a mixture of IPv6 and IPv4, which have been conventionally problems, can all be solved, and extremely open and closed network construction can be realized.
Here, it is assumed that the owner of the InterServer6 is a manufacturer that is a manufacturer of a normal IPv6 terminal 2. Therefore, the manufacturer can generate additional value added using the internet by adjusting the IPv6 of its own company corresponding to the InterServer 6.
Next, the adjustment of the IPv6 terminal 2 will be described based on fig. 12.
That is, in the above description, the IPv6 address of the IPv6 terminal 2 is received from the InterBOX3 side, and actually, various methods other than this method can be considered. Further, it is considered that the owner of the IPv6 terminal 2 (user) desires to know information about the manufacturer and the owner of the InterServer 6. Further, as for the method of generating the address of the IPv6 terminal 2, as described above, there are cases where the fixed IPv6 address of each network home appliance is written into the RAM or the like at the time of shipment, and there are cases where the address is determined by the IPv6 prefix of the connected InterBOX 3.
Therefore, in the present embodiment, for example, as shown in fig. 12, the user of the IPv6 terminal 2 or the rebox 3 first connects to the user management server 30 and performs user login. This user registration may be performed by the IPv6 terminal 2 through the InterBOX3, or may be performed by an existing IPv4 communication-compliant device such as a microcomputer. The following description will be made with respect to the case of IPv6 terminal 2 and InterBOX 3. In the following, a case where the IPv6 address of the IPv6 terminal 2 is generated by combining the IPv6 address prefix assigned to the above-mentioned InterBOX3 and the MAC address of each terminal 2 will be described as an example.
In this case, first, after the user connects the IPv6 terminal to the InterBOX3, the InterBOX3 is connected to the user management server 30 via the ISP/communication carrier. In this way, the user management server 30 can be notified of information necessary for a protocol tunnel connection with the InterServer6 other than the IPv6 prefix from the InterBOX 3. The user can notify the management server 30 of information for specifying the user, the rebox 3, or the IPv6 terminal 2, information relating to the type of the terminal 2, information relating to the network 1, information necessary for other credit, and the like via the rebox 3. In this example, an ID and a password are issued for each of the interboxes 3 or each user, and the information on the interboxes 3 and the users is associated with the ID and the password and registered in the database 31. The information that must be registered is not limited to this, and other information may be necessary, and conversely, when password, payment verification information, or the like is not necessary, it is not necessary to register such information.
The IPv6 address prefix of the InterBOX3 may be stored in advance in the InterBOX3 at the time of manufacture or the like, or may be notified from the server side at the start of user registration. In the latter case, when a user logs in to the internet using an existing personal computer or the like without passing through the InterBOX3, the IPv6 prefix, the ID, and the password may be manually set in the InterBOX 3. After such user registration is completed, information necessary for connection is also stored in the intersox 3 and the IPv6 terminal 2. In this case, the model discrimination unit provided in the InterServer may perform model discrimination based on information registered by the user.
The user management server 30 may be connected to the InterServer6, or may be provided separately from the InterServer6 on the internet.
On the other hand, fig. 13 is a diagram showing an embodiment of a specific method concerning establishment of a protocol tunnel connection and a communication session therein. The symbols S21 to S26 shown in the figure correspond to the following steps S21 to S27.
First, in the embodiment described above, the InterBOX3 stores the IPv4 address of the InterServer6, but this may be a method of recording the address in the RAM at the time of shipment from the manufacturer or a method of receiving the setting from another server at the time of actual protocol path connection. It is believed that the former method is more efficient when the InterServer6 is single, and the latter method is more efficient when the InterServer6 is multiple.
The example of this figure is the latter case, and channel mediator 52 is therefore provided. The path mediator 52 may refer to the user information management DB 31. The channel broker 52 is connected to an address database 53 storing IPv4 addresses of the InterServer6 and the intersox 3. Therefore, the IPv4 global address of the channel broker 52 is preset in the InterBOX 3. In addition, the ID and the password set in the above are already set in the InterBOX3 (if necessary).
At this time, the InterBOX3 is first connected to the channel broker 52 and transmits the ID and the password (step S21). The channel broker 52 recognizes the InterBOX3 and obtains the IPv6 address prefix of the InterBOX3 (step S22). Next, the tunnel broker 52 selects an InterServer6 for establishing a tunnel connection destination from the address database 53 (step S23), and notifies the InterServer 3 of the IPv4 address of the InterServer6 (step S24). The tunnel broker 52 passes the IPv4 address of the InterBOX3 and the IPv6 prefix (a part of the address of the IPv6 terminal 2) for IPv6 terminal identification to the InterServer6 (step S25). Thus, the InterBOX3 recognizes the InterServer6, and determines the protocol tunneling session (steps S26 and S27). The InterServer6 notifies other routers of the notified routing of the IPv6 prefix. Accordingly, all routes for IPv6 addresses having the prefix are routed by the InterServer 6.
With this configuration, even when there are a plurality of interservers 6, it is possible to reliably establish a protocol tunnel connection with one of them. In the above description, the protocol path mediator 52 recognizes the user and the terminal, but the present invention is not limited thereto. The protocol path mediator 52 may notify only the address of the InterServer6 to the InterBOX2, and may be recognized by the InterServer 6. In this case, the InterServer6 may assign an arbitrary address to the intersox 2 and the terminal 3.
The embodiment described above is merely one embodiment of the present invention, and various modifications may be made without changing the main idea of the invention.
For example, in the above-described embodiment, protocol path connections can be established from both the InterBOX3 side and the InterServer6 side, but it is considered that the protocol path connections are generally started only from the InterBOX3 side in actual commercial services. This is because the fixed IP service of IPv4 is itself rare. That is, in this case, after the protocol tunnel (actually, IPv4 is connected to itself) is established once, the setting is left unchanged, and it is extremely rare that the IPv4 of the lower InterBOX3 is the same once the session of IPv4 is disconnected, and therefore, when the session of IPv4 is actually disconnected, the routing cannot be performed.
In the above-described embodiment, the example in which the 1 st protocol is IPv6 and the 2 nd protocol is IPv4 has been described, but the present invention is not limited to this. The 2 nd protocol may also be IPv 6. In addition, the 1 st and 2 nd protocols may be both IPv 4. Further, both protocols may be other than the above.
In the above embodiment, the InterBOX3 is provided separately from each terminal, but the InterBOX3 itself may be an IPv6 terminal, or the InterBOX3 may be integrated with any one of the terminals 2 or each of the terminals 2 by hardware or software. In this case, a plurality of the interboxes 3 may be provided in one home network.
Claims (31)
1. An internet connection system, comprising:
a relay device connected to the client and provided in a 1 st network that performs communication in a 1 st communication protocol;
a server connected to the relay device through a 2 nd network in a 2 nd communication protocol,
the relay device includes: a client global address storage unit for storing a global address in the 1 st communication protocol of the client; a server address storage unit for storing a global address in a 2 nd protocol of the server; a protocol tunnel session establishing unit for establishing a protocol tunnel connection with the server based on the global address of the server stored in the storage unit; a 1 st routing device for routing packets from the client to another client existing in another 1 st network via the 2 nd network via a protocol tunnel connection established with the server; a 1 st packet processing device for enabling a 1 st protocol tunnel connection between the server and the 1 st protocol by packetizing/depacketizing the 1 st protocol packets in a 2 nd protocol;
the server is provided with: a 2 nd packet processing device for packetizing/depacketizing packets in the 1 st protocol in a 2 nd protocol so as to enable protocol tunnel connection between the server and the relay device; a terminal global address management device for managing the global address in the 1 st protocol of the client connected to the relay device in association with the global address in the 2 nd protocol of the relay device; a protocol tunnel session establishing unit for establishing a protocol tunnel connection with the relay device based on the global address in the 2 nd protocol of the relay device; a 2 nd routing device for performing routing to the relay device based on the global address of the terminal managed by the terminal global address management device; a model identification unit that identifies whether the client and/or the relay device is a predetermined model; and a communication session disconnection unit configured to disconnect the communication session or restrict transmission and reception of a packet in response to the determination by the device type determination unit that the client or the relay device is not of the predetermined device type.
2. The internet connection system of claim 1, wherein:
the server is provided with a command conversion unit that converts a command transmitted to the client into a command of a predetermined format for controlling the client based on a determination result of the model determination unit.
3. The internet connection system of claim 1, wherein:
the server is provided with a client control unit for controlling the client based on the determination result of the model determination unit.
4. An internet connection system, comprising:
a relay device connected to the client and provided in a 1 st network that performs communication in a 1 st communication protocol;
a server connected to the relay device through a 2 nd network in a 2 nd communication protocol,
the relay device includes: a client global address storage unit for storing a global address in the 1 st communication protocol of the client; a server address storage unit for storing a global address in a 2 nd protocol of the server; a protocol tunnel session establishing unit for establishing a protocol tunnel connection with the server based on the global address of the server stored in the storage unit; a 1 st routing device for routing packets from the client to another client existing in another 1 st network via the 2 nd network via a protocol tunnel connection established with the server; a 1 st packet processing device for enabling a 1 st protocol tunnel connection between the server and the 1 st protocol by packetizing/depacketizing the 1 st protocol packets in a 2 nd protocol;
the server is provided with: a 2 nd packet processing device for packetizing/depacketizing packets in the 1 st protocol in a 2 nd protocol so as to enable protocol tunnel connection between the server and the relay device; a terminal global address management device for managing the global address in the 1 st protocol of the client connected to the relay device in association with the global address in the 2 nd protocol of the relay device; a protocol tunnel session establishing unit for establishing a protocol tunnel connection with the relay device based on the global address in the 2 nd protocol of the relay device; a 2 nd routing device for performing routing to the relay device based on the global address of the terminal managed by the terminal global address management device; a network type determination unit configured to determine whether or not an environment of a 1 st network connected to the client and/or the relay device is a predetermined type; and a communication session disconnection unit configured to disconnect the communication session or restrict transmission and reception of a packet based on the determination that the non-public network environment connected to the client or the relay device is not of the predetermined type.
5. The internet connection system of claim 4, wherein:
the server includes a state information acquisition unit that acquires at least one or more of an operation state, a use state, and position information of the client and/or the relay device.
6. The internet connection system of claim 5, wherein:
the state information acquiring unit acquires at least one or more of information of an operation state, a use state, and position information of the client by a method according to a type of the client.
7. The internet connection system of claim 5, wherein:
the server includes a retrieval unit for retrieving the client or the relay device based on combination information of at least one or more of an address, an operation state, a use state, and position information of the client or the relay device.
8. The internet connection system of claim 7, wherein:
the search unit includes a means for displaying a list of clients connected to the relay device for each of the relay devices.
9. The internet connection system of claim 8, wherein:
the server is provided with a client control unit for controlling the client,
the client control unit selects a specific client from the list display and starts a client control program corresponding to the client.
10. An internet connection system, comprising:
a relay device connected to the client and provided in a 1 st network that performs communication in a 1 st communication protocol;
a server connected to the relay device through a 2 nd network in a 2 nd communication protocol,
the relay device includes: a client global address storage unit for storing a global address in the 1 st communication protocol of the client; a server address storage unit for storing a global address in a 2 nd protocol of the server; a protocol tunnel session establishing unit for establishing a protocol tunnel connection with the server based on the global address of the server stored in the storage unit; a 1 st routing device for routing packets from the client to another client existing in another 1 st network via the 2 nd network via a protocol tunnel connection established with the server; a 1 st packet processing device for enabling a 1 st protocol tunnel connection between the server and the 1 st protocol by packetizing/depacketizing the 1 st protocol packets in a 2 nd protocol; a model discriminating unit for discriminating whether the client is of a predetermined model; a communication session disconnection unit for disconnecting the communication session based on the determination that the client is not the predetermined model by the model determination unit,
the server is provided with: a 2 nd packet processing device for packetizing/depacketizing packets in the 1 st protocol in a 2 nd protocol so as to enable protocol tunnel connection between the server and the relay device; a terminal global address management device for managing the global address in the 1 st protocol of the client connected to the relay device in association with the global address in the 2 nd protocol of the relay device; a protocol tunnel session establishing unit for establishing a protocol tunnel connection with the relay device based on the global address in the 2 nd protocol of the relay device; and a 2 nd routing device for performing routing to the relay device based on the global address of the terminal managed by the terminal global address management device.
11. A server for use in an internet connection system, the internet connection system having: a relay device provided in a 1 st network that performs communication in a 1 st communication protocol; a server in which a client connected to the 1 st network is connected to the 2 nd communication protocol via the relay device and the internet, the server used in the internet connection system comprising:
a client address management device that manages an address in the 1 st communication protocol of the client connected to the relay device in association with an address in the 2 nd communication protocol of the relay device;
a protocol tunnel session establishing unit that establishes a protocol tunnel connection between the server and the relay device based on the address of the relay device;
a packet processing device for packetizing/depacketizing a packet in a 1 st protocol in a 2 nd protocol so as to enable a protocol tunnel connection with the relay device;
a routing device that routes a connection from the internet to the client to a relay device connected to the client, based on an address of the client managed by the management device;
a model determination unit configured to determine whether the client and/or the relay device is a predetermined model; and
and a command conversion unit that converts the command transmitted to the client into a command of a predetermined format for controlling the client, based on the determination result of the model determination unit.
12. The server of claim 11, further comprising:
and a communication session disconnection unit configured to disconnect the communication session or restrict transmission and reception of packets in response to the determination by the type determination unit that the client or the relay device is not of the predetermined type.
13. The server of claim 11, wherein:
the client may communicate with the relay device, and the client may include a peripheral device which cannot be connected to the internet.
14. The server of claim 11, further comprising:
and a network type determination unit configured to determine whether or not the environment of the 1 st network connected to the client and/or the relay device is of a predetermined type.
15. The server of claim 14, further comprising:
and a communication session disconnection unit configured to disconnect the communication session or restrict transmission and reception of packets in response to a determination that the environment of the 1 st network connected to the client or the relay device is not of the predetermined type.
16. The server of claim 11, further comprising:
and a state information acquiring unit configured to acquire at least one or more of an operation state, a use state, and position information of the client and/or the relay device.
17. The server of claim 16, wherein:
the state information acquiring unit acquires at least one or more of information of an operation state, a use state, and position information of the client by a method according to a type of the client.
18. The server of claim 16, further comprising:
a client control part for controlling the client,
the client control unit has a means for displaying at least one of the operation state, the use state, and the position information of the client to a user.
19. The server of claim 16, further comprising:
and a search unit that searches for the client or the relay device based on information obtained by combining at least one or more of address, operating state, use state, and position information of the client or the relay device.
20. The server according to claim 19, wherein:
the search unit includes:
and a list display unit for displaying the searched clients in a list together with the operating states thereof.
21. The server of claim 20, wherein:
the list display means displays a list of clients connected to the relay device for each of the relay devices.
22. The server of claim 20, further comprising:
a client control part for controlling the client,
the client control unit selects a specific client from the list display and starts a client control program corresponding to the client.
23. The server of claim 11, wherein:
the relay device is provided in the client.
24. The server of claim 11, wherein:
the 1 st protocol and the 2 nd protocol are different protocols.
25. The server of claim 11, wherein:
the 1 st protocol and the 2 nd protocol are the same protocol.
26. The server of claim 11, further comprising:
and a client address search unit which searches for the global address in the 1 st protocol of the client based on a connection request to the client.
27. The server of claim 26, further comprising:
a connection requester recognizer recognizes a person who requests connection to the client and permits or denies connection to the client.
28. The server of claim 11, further comprising:
a protocol tunnel connection information management device for managing the protocol tunnel connection information between the relay device and the server,
the protocol tunnel connection information management device notifies the relay device of the global address in the 2 nd protocol of the server, and acquires the global address in the 2 nd protocol of the relay device and the global address in the 1 st protocol of the client or a part thereof.
29. The server according to claim 28, wherein:
the protocol tunnel connection information management device recognizes the relay device and notifies the relay device when the result is affirmative.
30. The server of claim 11, further comprising:
and a filtering processing unit for filtering the communication transmitted to/from the client by a predetermined rule.
31. The server of claim 30, further comprising:
and a filtering rule setting unit that provides an interface for editing the predetermined rule.
Applications Claiming Priority (7)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP2002348543 | 2002-11-29 | ||
| JP2002-348543 | 2002-11-29 | ||
| JP2003161246A JP3649438B2 (en) | 2002-11-29 | 2003-06-05 | Internet connection system |
| JP2003-161246 | 2003-06-05 | ||
| JP2003-345390 | 2003-10-03 | ||
| JP2003345390A JP3649440B2 (en) | 2002-11-29 | 2003-10-03 | Server for routing connections to client devices |
| PCT/JP2003/015342 WO2004051948A1 (en) | 2002-11-29 | 2003-12-01 | Internet connection system and server for routing connection to client device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| HK1086963A1 HK1086963A1 (en) | 2006-09-29 |
| HK1086963B true HK1086963B (en) | 2013-07-12 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7934014B2 (en) | System for the internet connections, and server for routing connections to a client machine | |
| CN1957566B (en) | A server that routes connections to clients | |
| JP4260116B2 (en) | Secure virtual private network | |
| US20080077425A1 (en) | System, method and computer program product for identifying, configuring and accessing a device on a network | |
| JP3649438B2 (en) | Internet connection system | |
| KR100554641B1 (en) | Wireless ??? device, communication control method for the device, and media for recording computer programs for controlling the communication thereof | |
| HK1086963B (en) | Internet connection system and server for routing connection to client device | |
| KR100818977B1 (en) | Server for routing connections to client devices | |
| HK1086683B (en) | Server for routing connection to client devise | |
| HK1173872B (en) | A network-enabled home appliance | |
| WO2008039481A1 (en) | System, method and computer program product for identifying, configuring and accessing a device on a network | |
| HK1106637B (en) | Server for routing connection to client device |