-
公开(公告)号:US20090238080A1
公开(公告)日:2009-09-24
申请号:US12090972
申请日:2006-10-30
IPC分类号: H04L12/26
CPC分类号: H04L12/4633 , H04L45/00 , H04L45/18
摘要: Disclosed is a technique whereby a tunnel entry point, which encapsulates a packet (generates a tunnel packet), can detect the presence of a tunneling loop causing a packet to loop the same path while encapsulated. According to this technique, upon receipt of a packet from a source node (source) 1100, TEP (tunnel entry point) 1120 inserts it into a tunnel packet header for encapsulation. Upon receipt of tunnel packets from TEP 1120 and TEP 1140, each of TEP 1140 and TEP 1160 copies the identifier of the original tunnel packet header to a new tunnel packet header for encapsulation. When this tunnel packet returns to TEP 1120 due to a tunneling loop, the tunneling loop is detected by referring to the identifier in the received tunnel packet.
摘要翻译: 公开了一种技术,其中封装分组(生成隧道分组)的隧道入口点可以检测出存在引导分组在封装时循环相同路径的隧道循环。 根据该技术,当从源节点(源)1100接收到分组时,TEP(隧道入口点)1120将其插入隧道分组报头以进行封装。 在接收到来自TEP 1120和TEP 1140的隧道分组时,TEP 1140和TEP 1160中的每一个将原始隧道分组报头的标识符复制到新的隧道分组报头以进行封装。 当该隧道报文由于隧道循环而返回给TEP 1120时,通过参考接收到的隧道报文中的标识符来检测隧道环路。
-
公开(公告)号:US20080259848A1
公开(公告)日:2008-10-23
申请号:US11817643
申请日:2006-03-03
申请人: Keigo Aso , Jun Hirano , Tien-Ming Benjamin Koh , Chan Wah Ng , Pek Yew Tan
发明人: Keigo Aso , Jun Hirano , Tien-Ming Benjamin Koh , Chan Wah Ng , Pek Yew Tan
IPC分类号: H04Q7/00
CPC分类号: H04L29/12311 , H04L29/12952 , H04L61/2084 , H04L61/6077 , H04W8/10 , H04W80/04
摘要: A technique is disclosed whereby, in the case of wherein a communication node includes both a mobility management function and a multihoming function, based on a condition that occurs due to moving, an appropriate address can be selected from multiple addresses in a multihomed state. According to the technique, a mobility condition determination unit 126, provided in an MIP controller 120 that manages moving of a communication node, obtains and examines various conditions that has occurred as a communication node is moving, selects an appropriate HoA (e.g., the home address of an MN1) for the current connection situation, and transmits, to a multihoming controller 130, a notification indicating that a set of the selected HoA and a CoA is appropriate addresses to be used. Upon receiving the notification from the mobility condition determination unit, the multihoming controller transmits, to the MIP controller, an address (Addr2) consonant with the received HoA, and the MIP controller performs packet communication using the HoA or the CoA consonant with the address.
摘要翻译: 公开了一种技术,其中,在通信节点同时包括移动性管理功能和多重归属功能的情况下,基于由于移动而发生的状况,可以从多宿主状态中的多个地址中选择适当的地址。 根据该技术,设置在管理移动通信节点的MIP控制器120中的移动性条件确定单元126获取并检查通信节点正在移动时已经发生的各种状况,选择适当的HoA(例如,家庭 MN1的地址),并且向多重控制器130发送指示所选HoA和CoA的集合是要被使用的适当地址的通知。 在从移动性条件确定单元接收到通知的情况下,多宿主控制器向MIP控制器发送与所接收的HoA协调的地址(Addr2),并且MIP控制器使用HoA或与该地址的CoA辅音进行分组通信。
-
公开(公告)号:US08731547B2
公开(公告)日:2014-05-20
申请号:US12678729
申请日:2008-09-19
申请人: Keigo Aso , Jun Hirano , Chan Wah Ng , Pek Yew Tan , Chun Keong Benjamin Lim , Tien Ming Benjamin Koh
发明人: Keigo Aso , Jun Hirano , Chan Wah Ng , Pek Yew Tan , Chun Keong Benjamin Lim , Tien Ming Benjamin Koh
IPC分类号: H04W36/34
CPC分类号: H04W36/14 , H04L45/22 , H04W12/08 , H04W28/08 , H04W36/0055 , H04W36/36 , H04W60/005 , H04W76/20 , H04W88/06 , H04W92/02
摘要: A technique is disclosed, according to which a mobile node, having a plurality of interfaces and performing communication according to flow information when an operator is performing communication based on the flow information as defined by a policy, can select an interface suitable for the flow and can perform communication. According to this technique, a mobile node (MN 10) having a plurality of interfaces has a list to indicate domain limited flows to be transmitted only within a specific network (a trusted network), and a list to indicate the trusted networks. When a certain interface performs handover, and in case there is a domain limited flow that uses the interface, it is decided whether the network of handover destination is a trusted network or not, and in case the network of the handover destination is not a trusted network, it is decided whether it is possible or not to transmit and receive the domain limited flow via another interface that is connected to the trusted network.
摘要翻译: 公开了一种技术,根据该技术,根据该技术,具有多个接口的移动节点并且当运营商基于由策略定义的流信息进行通信时根据流信息执行通信,可以选择适合于流的接口,以及 可以进行通信。 根据该技术,具有多个接口的移动节点(MN 10)具有列表,用于指示仅在特定网络(可信网络)内发送的域限制流,以及用于指示可信网络的列表。 当某个接口执行切换时,在存在使用该接口的域限制流的情况下,确定切换目的地的网络是否为可信网络,并且在切换目的地的网络不是可信任的情况下 网络,决定是否可能通过连接到可信网络的另一接口来发送和接收域限制流。
-
14.发明授权Mobile network managing apparatus and mobile information managing apparatus for controlling access requests 有权用于控制访问请求的移动网络管理装置和移动信息管理装置公开(公告)号:US08539554B2
公开(公告)日:2013-09-17
申请号:US12158968
申请日:2006-12-26
申请人: Jun Hirano , Keigo Aso , Chun Keong Benjamin Lim , Chan Wah Ng , Tien Ming Benjamin Koh , Pek Yew Tan
发明人: Jun Hirano , Keigo Aso , Chun Keong Benjamin Lim , Chan Wah Ng , Tien Ming Benjamin Koh , Pek Yew Tan
IPC分类号: G06F7/04
CPC分类号: H04W12/08 , H04L12/2818 , H04L12/283 , H04L12/2898 , H04L12/4633 , H04L63/0272 , H04L63/104 , H04L63/20 , H04W76/10 , H04W80/04 , H04W84/005
摘要: Disclosed is a technique capable of proper execution of access control based on various security policies set by a home user with regards to a packet sent from a visitor node. According to the technique, a MR (Mobile Router) 10 which manages a mobile PAN 30 determines whether a sender of a packet from a communication terminal connected to the mobile PAN is a home user's node which is allowed direct access into a home network or a visitor node (VN 31), and forwards the packet from the home user's node to an HA 20 while forwarding the packet from the visitor node to a policy server 36 located in a DMZ 35. This allows the policy server to perform access control on every packet from a visitor node which attempts to gain access into the home network based on a security policy 36a.
摘要翻译: 公开了一种能够基于由用户对由访问者节点发送的分组设置的各种安全策略来适当地执行访问控制的技术。 根据该技术,管理移动PAN30的MR(移动路由器)10确定来自连接到移动PAN的通信终端的分组的发送者是否是被允许直接访问家庭网络的家庭用户节点,或者 访问节点(VN31),并且将分组从归属用户节点转发到HA 20,同时将分组从访问节点转发到位于DMZ 35中的策略服务器36.这允许策略服务器对每个 来自访问节点的分组,其尝试基于安全策略36a来访问归属网络。
-
公开(公告)号:US08249086B2
公开(公告)日:2012-08-21
申请号:US12302845
申请日:2007-06-14
申请人: Jun Hirano , Keigo Aso , Chun Keong Benjamin Lim , Chan Wah Ng , Tien Ming Benjamin Koh , Pek Yew Tan
发明人: Jun Hirano , Keigo Aso , Chun Keong Benjamin Lim , Chan Wah Ng , Tien Ming Benjamin Koh , Pek Yew Tan
IPC分类号: H04L12/56
CPC分类号: H04L47/2491 , H04L12/66 , H04L29/12226 , H04L45/38 , H04L61/2015 , H04L61/2061 , H04W8/26 , H04W28/10 , H04W60/005 , H04W80/04 , H04W84/005
摘要: Disclosed is a technique which enables a mobile node (MN) connected to a mobile router (MR) to carry out flow filtering in a mobile network. This technique allows an MN 25 in a mobile network 24 to set a policy needed for the flow filtering in an MR 10 and, in the present invention, an MR inserts an egress characteristic thereof into, for example, a router advertisement message so that the egress characteristic, a node in a mobile network cannot grasp originally, can be advertised to the interior of the mobile network. Thus, the MN can grasp a characteristic of an access network (characteristic of access system 20) even in a case in which it is connected to the MR, which achieves intelligent flow filtering.
摘要翻译: 公开了一种使与移动路由器(MR)连接的移动节点(MN)能够在移动网络中进行流量过滤的技术。 该技术允许移动网络24中的MN 25设置MR 10中的流量过滤所需的策略,并且在本发明中,MR将其出口特性插入到例如路由器通告消息中,使得 出口特性,移动网络中的一个节点最初无法掌握,可以通告给移动网络的内部。 因此,即使在连接到MR的情况下,MN也可以掌握接入网络的特性(接入系统20的特性),从而实现智能流量过滤。
-
16.发明申请ADDRESS ALLOCATION METHOD, ADDRESS ALLOCATION SYSTEM, MOBILE NODE, AND PROXY NODE 审中-公开地址分配方法,地址分配系统,移动节点和代理节点公开(公告)号:US20100268804A1
公开(公告)日:2010-10-21
申请号:US12742631
申请日:2008-11-18
申请人: Keigo Aso , Jun Hirano , Chun Keong Benjamin Lim , Mohana Dhamayanthi Jeyatharan , Chan Wah Ng , Tien Ming Benjamin Koh , Pek Yew Tan
发明人: Keigo Aso , Jun Hirano , Chun Keong Benjamin Lim , Mohana Dhamayanthi Jeyatharan , Chan Wah Ng , Tien Ming Benjamin Koh , Pek Yew Tan
IPC分类号: G06F15/177
CPC分类号: H04L61/2007 , H04L29/12216 , H04L29/12952 , H04L61/6077 , H04W8/26 , H04W60/005 , H04W80/04
摘要: Disclosed is a technique for switching a forwarding address of a packet destined for a mobile node in a local mobility domain when the mobile node has a plurality of interfaces so that the packet will be forwarded to the mobile node. According to the technique, an MN 101 receives network information 40 including a domain ID 402 from a network through two or more IFs 1010 and 1011. Based on the domain ID 402 in the network information received, when determining that the IFs 1010 and 1011 are attached to the same domain, the MN 101 decides to allocate the same address to the IFs 1010 and 1011, and requests MAGs 111 and 112 connected to the IFs 1010 and 1011, respectively, to bind the same address to each of link identifiers of the IFs 1010 and 1011. Based on the request, the MAGs 111 and 112 perform binding to forward, to the MN 101, packets destined to the same address of the MN 101.
摘要翻译: 公开了一种用于在移动节点具有多个接口时切换目的地为本地移动性域中的移动节点的分组的转发地址的技术,使得分组将被转发到移动节点。 根据该技术,MN 101通过两个以上的IF 1010和1011从网络接收包括域ID 402的网络信息40.根据接收的网络信息中的域ID 402,当确定IF1010和1011是 MN 101决定向IF1010和1011分配相同的地址,并且分别请求连接到IF1010和1011的MAG111和112将相同的地址绑定到每个链路标识符 IF1010和1011.根据该请求,MAG 111和112向MN 101执行绑定以转发到MN101的相同地址的分组。
-
公开(公告)号:US20100085915A1
公开(公告)日:2010-04-08
申请号:US12527550
申请日:2008-02-26
申请人: Jun Hirano , Chan Wah Ng , Tien Ming Benjamin Koh , Mohana Dhamayanthi Jeyatharan , Pek Yew Tan
发明人: Jun Hirano , Chan Wah Ng , Tien Ming Benjamin Koh , Mohana Dhamayanthi Jeyatharan , Pek Yew Tan
摘要: A technology is disclosed for actualizing route optimization on a network base, even when privacy-sensitive information, such as a position of a mobile node, is not revealed between two different networks. In the technology, a pHA 124 functions as a proxy home agent of a MN 130. When the pHA 124 receives a packet transmitted from the MN 130 (such as a packet destined for a MN 230), the pHA 124 transmits a query message inquiring about a current position to a home network 200 of the MN 230. In response to the query, a HA 220 gives notification of an address of a proxy home agent (pHA 224) in an overlay network to which the MN 230 is subscribing that is present nearest to the pHA 124. As a result, the pHA 124 sends the packet destined for the MN 230 to the pHA 224, and the packet is transmitted via the overlay network to which the MN 230 is subscribing.
摘要翻译: 公开了用于实现网络基础上的路由优化的技术,即使在诸如移动节点的位置的隐私敏感信息在两个不同网络之间没有被显示的情况下也是如此。 在该技术中,pHA124用作MN 130的代理归属代理。当pHA 124接收到从MN 130发送的分组(诸如目的地为MN 230的分组)时,pHA 124发送询问消息 关于MN 230的家庭网络200的当前位置。响应于该查询,HA 220在MN 230正在订阅的覆盖网络中给出代理归属代理(pHA 224)的地址的通知, 出现最接近pHA 124.结果,pHA 124将去往MN 230的分组发送到pHA 224,并且分组经由MN 230正在订阅的覆盖网络传输。
-
公开(公告)号:US20100067381A1
公开(公告)日:2010-03-18
申请号:US12531861
申请日:2008-03-13
CPC分类号: H04W8/12 , H04W60/005 , H04W76/15 , H04W80/04
摘要: A technology is disclosed for appropriately providing a certain service desired by a mobile node, even in an environment including overlay network nodes providing different functions. In the technology, a mobile node (MN) 110 implements Monami6 protocol and transmits a binding update message requesting a service based on the Monami6 protocol. On the other hand, an overlay network is present on a network, the overlay network in which a home agent (MCHA) implementing the Monami6 protocol and a home agent (MSHA) not implementing the Monami6 protocol cooperate to provide functions of an HA. In this instance, for example, an MSHA 150 that receives a message from the mobile node via a path 112 sends the request to an MCHA implementing the Monami6 protocol (such as an MCHA 130) and makes the MCHA process the request.
摘要翻译: 公开了一种用于适当地提供移动节点期望的特定服务的技术,即使在包括提供不同功能的覆盖网络节点的环境中也是如此。 在该技术中,移动节点(MN)110实现Monami6协议,并且基于Monami6协议传送请求服务的绑定更新消息。 另一方面,在网络上存在覆盖网络,其中实现Monami6协议的归属代理(MCHA)和不实现Monami6协议的归属代理(MSHA)协作以提供HA的功能的覆盖网络。 在这种情况下,例如,经由路径112从移动节点接收消息的MSHA 150将请求发送到实施Monami6协议(例如MCHA 130)的MCHA,并使得MCHA处理请求。
-
19.发明申请METHOD AND APPARATUS FOR CONTROLLING PACKET FORWARDING, AND COMMUNICATION MODE 审中-公开用于控制分组转发和通信模式的方法和装置公开(公告)号:US20090316622A1
公开(公告)日:2009-12-24
申请号:US11916023
申请日:2006-05-31
申请人: Jun Hirano , Chan Wah Ng , Pek Yew Tan , Tien-Ming Benjamin Koh
发明人: Jun Hirano , Chan Wah Ng , Pek Yew Tan , Tien-Ming Benjamin Koh
CPC分类号: H04W40/02 , H04L45/36 , H04W8/085 , H04W80/04 , H04W84/005
摘要: A technology is disclosed for reducing the number of encapsulations required when MAP forwards a packet to a mobile node which is layered within mobile networks, with mobile networks nested and multiple mobile routers chained behind MAP (Mobility Anchor Point). When a node 420 with Address A wants to send a packet to a node 450 with Address D, the node with Address A inserts a list of immediate addresses into the packet. The list includes a node 430 with Address B and a node 440 with Address C, and the destination address of the packet is set to a next hop destination Address B. The node with Address B receives the packet and swaps the destination address with Address C described in the list of immediate addresses. Similarly, the node with Address C processes the same swapping process, and then the packet reaches the node with Address D.
摘要翻译: 公开了一种技术,用于减少MAP将数据包转发到移动网络中分层的移动节点所需的封装数量,移动网络嵌套,多个移动路由器链接在MAP(移动锚点)之后。 当具有地址A的节点420想要向具有地址D的节点450发送分组时,具有地址A的节点将立即地址列表插入到分组中。 该列表包括具有地址B的节点430和具有地址C的节点440,并且分组的目的地地址被设置为下一跳目的地地址B.具有地址B的节点接收分组并与目的地地址交换地址C 在立即地址列表中描述。 类似地,具有地址C的节点处理相同的交换过程,然后分组到达具有地址D的节点。
-
公开(公告)号:US20090285103A1
公开(公告)日:2009-11-19
申请号:US12307559
申请日:2007-07-06
IPC分类号: H04L12/26
CPC分类号: H04L12/4633 , H04L45/00 , H04L45/18 , H04L2212/00
摘要: Disclosed is a technique whereby a packet transferring apparatus (particularly, a tunnel entry point made to carry out packet encapsulation) becomes capable of detecting a tunneling loop signifying that a packet loops along the same route while undergoing encapsulation. With this technique, at packet transfer, a loop detection module of a router according to the present invention stores a TEL value (value of tunnel encapsulation limit for limiting the number of times of duplication of tunnel) set in an encapsulation header of this packet or stores a TEL value set in an encapsulation header of a packet sent back as an ICMP error In addition, the loop detection module analyzes an increase/decrease variation pattern of the stored TEL value relative to time and, in a case in which the pattern agrees with a unique pattern (sawtooth-like pattern) appearing at the occurrence of a tunneling loop, estimates that a tunneling loop has occurred.
摘要翻译: 公开了一种技术,其中分组传送装置(特别是用于执行分组封装的隧道入口点)变得能够检测表示分组在进行封装时沿着相同路线循环的隧道循环。 利用这种技术,在分组传送中,根据本发明的路由器的环路检测模块存储设置在该分组的封装头部中的TEL值(用于限制隧道复制次数的隧道封装限制值) 存储在作为ICMP错误发回的分组的封装头部中设置的TEL值。此外,循环检测模块分析存储的TEL值相对于时间的增加/减少变化模式,并且在模式一致的情况下 在出现隧道循环时出现了独特的模式(锯齿状模式),估计已经发生了隧道循环。
-
-
-
-
-
-
-
-
-
搜索结果
105 条记录 (耗时 0.031 秒)
