CN2591884Y - New generation IPV9 protocol router - Google Patents
New generation IPV9 protocol router Download PDFInfo
- Publication number
- CN2591884Y CN2591884Y CN 02261332 CN02261332U CN2591884Y CN 2591884 Y CN2591884 Y CN 2591884Y CN 02261332 CN02261332 CN 02261332 CN 02261332 U CN02261332 U CN 02261332U CN 2591884 Y CN2591884 Y CN 2591884Y
- Authority
- CN
- China
- Prior art keywords
- ipv9
- module
- router
- ipv4
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The utility model discloses a new generation IPV9 protocol router, which is provided with a protocol algorithm and management layer, a tcp / udp layer of an IPV4 edition and an IPV9 edition, an IPV 4 and IPV 9 dual stack protocol layer, a driver and link converting interface management layer, and a hardware layer which are connected in turn. The utility model has the advantages that dual stacks are simultaneously supported, and the security of networks is enhanced; the IPV 9 edition supports QoS, and multiple route protocols are simultaneously supported. The router simultaneously supports various routing protocols comprising the RIP1, the RIP2, the RIPngIPV9, the OSPF, the OSPFv2, and the BGP-4, and the OSPF, the OSPFv2, and the BGP-4 of the IPV9 edition can enable the router to almost suit for requirements of various networks.
Description
Technical field
The utility model relates to the computer network communication technology field, relates in particular to IPV9 agreement router of new generation.
Background technology
The IPV4 agreement is born in the seventies, is an extremely successful Internet agreement, but along with the blast or the growth of www net, and the extensive use of miscellaneous service, and expose limitation and the critical defect thereof of IPV4: 1) the IP address is about to exhausted; Have only 232 to be 4,000,000,000 addresses, the U.S. is unreasonable to the classification on IP ground in addition, and the deficient crisis in the IP address of the country beyond the U.S. is more serious.2), produced address assignment unbalanced of IPV4 because internet development unbalanced.Continuous IPV4 address is also discontinuous physically, makes to use the route cascade, has directly caused the routing table of the Internet basic routing line router sharply to expand, and has had a strong impact on the network switching performance.3) the IPV4 agreement lacks fail safe; 4) IPV4 lacks the QOS support, has seriously hindered multimedia and has used in real time; 5) address disposes very trouble automatically, is difficult to plug and play; 6) the non-China of IPV4, IPV6 independent intellectual property right, the agreement U.S. works out, the control of network security system is weighed in his staff.
Summary of the invention
The purpose of this utility model provides a kind of IPV9 agreement router of new generation.
It has tcp/udp layer, IPV4, IPV9 dual stack layer, driver and the management of link translation interface, the hardware layer of protocol algorithm and management level, IPV4, IPV9 version successively and joins.
The utility model has the advantages that:
1) supports dual stack simultaneously
The IP network of main flow is used the IP address (IPV4) of using 32 at present.Because the rapid growth of the unreasonable and network of IP address assignment, the IP address has faced exhaustion.And IPV4 fail safe support is not enough, lack service quality assurance etc., and all these has a strong impact on further developing of IP network.More rational solution is to adopt the IPV6 of bigger address space, also can be the safety of IP network and QoS etc. simultaneously solution is provided.At the long-term needs of the mankind, our design further proposes the IPV9 replacement IPV6 of China's independent intellectual property right.IPV9 is actually the improvement of IPV6, adopts 256 bit address.The needs that face the future in such address can be supported to move and wait the equipment addressing as phone.
IPV9 compares with IPV4 many important improvement, mainly comprises: network management etc. is simplified in bigger address space, the IP header and the automatic configuration that provide better fail safe support, QoS to support, simplify.
IPV9 uses 256 IP address.Because long address can need more resources in router, therefore by 32 bit address of IPV4 in 256 bit address transient process, more should plan the distribution and the use of address.IPV9 uses the address structure of layering, comprises that schemes such as address classes, top polymerization, next stage polymerization, website polymerization and hostid support rationally using and managing of IP address.
Because the IPV4 network also can be used at present, just in experimental stage, therefore adopt two stack architecture to realize the IPV9 agreement at China IPV9, can realize smooth transition or the coexistence of IPV4 to IPV9.Use two protocol stacks of IPV4 and IPV9 in the router simultaneously, both had the IPV4 address, also have the IPV9 address, thereby can receive and dispatch IPV4 and two kinds of IP packets of IPV9.This realization, can with the coexistence of present IPV4 network, the support of IPV9 is provided simultaneously, both can satisfy the IPV9 network test and use, also can directly provide large-scale IPV9 to use, finally realize by the smooth transition of IPV4 to the IPV9 network.
2) strengthen internet security
The IPV9 agreement realizes by supporting the IPSec serial protocols.IPSec provides two kinds of security mechanisms: authentication and encryption.Authentication mechanism makes communicating pair can confirm separately whether true identity and data are distorted in transmission course.Encryption mechanism guarantees the confidentiality of data by data are encoded, in case data are intercepted and captured by other people in transmission course and given away secrets.The important notion of another of IPSec is security association (SA), generally comprises identifying algorithm, cryptographic algorithm, is used for authentication and encrypted secret key.SA is created and safeguarded to IPSec use encryption key distribution and exchange agreement such as Internet security association and IKMP (ISAKMP), thereby realize secure communication.
3) IPV9 supports QoS
IPV9 provides communication stream type and data flow label.Compare these 28 with IPV4 and can distinguish specific data flow more subtly.
8 classification field in the IPV9 head make source node can identify the definite level of its desired data packet delivery, and yes for other packets that send from same node.The value of classification is divided into two scopes: value 0 to 7 is used to specify the information priority level that Congestion Control is provided by source node, promptly faces crowded and information that lag behind and send, as the priority of TCP information.Value 8 to 15 is used to specify and faces crowded and the information that sends that lags behind is defined the level really, i.e. " in real time " priority of data packets that transmits with fixed rate.
For the information that is not subjected to crowded restriction, minimum deciding grade and level value really 8 should be used for the sender and wish most that under congested conditions the packet (as high-fidelity video information) that abandons, the highest deciding grade and level value really 15 should be used for the sender and least wish the packet (as the Lo-Fi audio-frequency information) that abandons.Not defined the level really by crowded restriction and be subjected to there is not corresponding ordinal relation between the crowded priority that restricts.
4) support the multirouting agreement simultaneously
Route has the branch of sound, and static routing is a kind of special route, and it is set by the keeper is manual.Though all routes of manual configuration can make network run well, after network topology changed, static routing can not change automatically, and network manager's intervention must be arranged.In order to make routing table need the algorithm that uses Routing Protocol to provide with the network topology structure dynamic change.
The last Routing Protocol of a large amount of operations now of Internet has RIP, OSPF and BGP.RIP, OSPF are Interior Gateway Protocols, are applicable to the operation of the unified Routing Protocol of single ISP, and the network of being runed by an ISP is called an autonomous system (AS).BGP is the Routing Protocol between autonomous system, is a kind of Exterior Gateway Protocol.
RIP is the longest Routing Protocol of release time, also is the simplest Routing Protocol.It is the abbreviation of " routing information protocol ", mainly transmits routing iinformation (routing table) and broadcasts route: every 30 seconds, broadcast one time routing table, safeguard the relation of neighboring router, calculate the routing table of oneself simultaneously according to the routing table of receiving.The RIP operation is simple, is applicable to mininet, is also using RIP in part on the Internet.
Ospf protocol is the abbreviation of " open shortest path is preferential ".Open to the outside world is at some producer " privately owned " Routing Protocol at that time, exactly because and the agreement opening just causes OSPF great vitality today and purposes widely.Ospf protocol exchanges link-state information between neighbours, so that router is set up LSD (LSD), safeguard the oriented topological diagram of network of throwing the net, and utilizes minimal spanning tree algorithm (SPF algorithm) to obtain routing table.The key property of OSPF comprises: support VLSM (elongated subnet is covered), convergence rapidly, bandwidth usage is low or the like.
OSPF, RIP are the Routing Protocols of autonomous system inside, are suitable for single ISP (autonomous system) and use.In general, whole Internet also is not suitable for running single Routing Protocol, because each ISP has the interests of oneself, is unwilling to provide self network detailed routing iinformation.In order to guarantee each ISP interests, standardization body has formulated the Routing Protocol BGP between ISP.
BGP is the abbreviation of " Border Gateway Protocol ", handles the route transmission between each ISP.Be characterized in abundant routing policy, this is that agreements such as RIP, OSPF can't be accomplished, because they need the information calculations routing table of the overall situation.BGP adds certain strategy by the router on ISP border, selects to filter route, and the route of RIP, OSPF, BGP etc. is sent to the other side.Global scope, Internet is the example that BGP handles the route between a plurality of ISP widely.The appearance of BGP has caused the major transformation of Internet, and it organically couples together a plurality of ISP, really becomes the network in the global range.
The major issue that convergence is run into when being the routing algorithm selection.Convergence time is meant from topology of networks all associated routers that changes on the network all learns this variation, and correspondingly makes a change the needed time.This time is short more, and network change is just more little to the disturbance of the whole network.The long meeting of convergence time causes the appearance of route circulation.
In the routing algorithm, the convergence time of RIP is longer relatively in above-mentioned several territories, all is the number of minutes magnitude; OSPF will lack, and can restrain in tens of seconds.
Consider that each Routing Protocol all has the advantage of oneself, thus we the design router support various Routing Protocols simultaneously, comprise RIP1, RIP2, RIPngIPV9; OSPF, OSPFv2 and BGP-4; The OSPF of IPV9, OSPFv2 and BGP-4.Make the needs that almost go for diverse network of router.
Description of drawings
Fig. 1 is an IPV9 router layer model structure schematic diagram;
Fig. 2 is that IPV9 route system structure is formed schematic diagram.
Embodiment
IPV9 agreement router has tcp/udp layer 2, IPV4, IPV9 dual stack layer 3, driver and link translation interface management 4, the hardware layer 5 of protocol algorithm and management level 1, PV4, IPV9 version successively and joins.
The route primary module 12 of IPV9 agreement router, control desk module 7, Routing Protocol module 11 are attempted by on the audit log module 6, route primary module 12, control desk module 7, SNMP module 8, Routing Protocol administration module 9, Routing Protocol module 11 are attempted by on the access control module 13, access control module 13 has the relevant control module 14 of system, IPV4, IPV9 dual stack stack 15, ZDOS16, hardware layer 17 serial connections successively, and control desk module 7 is joined with configuration file 10, SNMP module 8, route primary module 12, access control module 13; Route primary module 12 joins with Routing Protocol administration module 9.
As shown in Figure 1 among the figure
(1) Routing Protocol algorithm and management level.Mainly comprise Routing Protocol: RIPv1, RIPv2, OSPF (being applicable to IPV4) RIPngV9, the BGP-4+V9 of OSPFv9 (being applicable to IPV9) and BGP-4+ (border Routing Protocol) and IPV9
(2) the tcp/udp layer of V4, IPV9 version.
(3) IPV4, IPV9 dual stack layer (data forwarding, route etc.): IPV4, IPV9, ICMP, ICMPv9 protocol module.
(4) driver and link translation interface management.
(5) hardware layer comprises Ethernet card, token network interface card, FDDI network interface card.
As shown in Figure 2, among the figure
(6) audit log module
Normal and the abnormal operation incident of log pattern record.So that investigate all kinds of anomalous events that take place on the router afterwards, particularly security-related incident, the Debugging message of output system and operation information produce statistics.(6) to carrying out record from the audits and compliance incident of (7), (11), (12).
(7) control desk module
Comprise configuration module, command line interface module and user log-in block.Configuration module and command line interface module provide the function of configuration router, and produce CONFIG.SYS (10).The user can change configuration of routers by revising configuration file.Also can revise configuration by the mode of order line.And, support the Remote configuration router by an operation background program.Support SNMP simple net tube module (8).
User log-in block, checking IPV9 route system keeper's identity and general management person's identity are guaranteed safety.
(8) SNMP module
Network management module provides the function of Long-distance Control router.Use methods such as authentication, can effectively discern camouflage information, revise the illegal operation of information sequential scheduling.
(9) Routing Protocol administration module
This module provides the interface of communication between route primary module (12) and the Routing Protocol module (11).Comprise the socket structure that communication is used, the concrete form of communication data packets etc.
(10) configuration file
The configuration information of the IPV9 router that record (7) generates
(11) Routing Protocol module
Form with the BGP-4+V9 of IPV9 by RIPIPV4, RiPng IPV9, OSPF IPV4, OSPF IPV9, BGP-4+ (border Routing Protocol).The corresponding Routing Protocol module of each agreement, these modules realize on the details different, but also something in common.At first, all need to safeguard a network topology structure figure (route_map); Secondly, all there are corresponding neighbours to find algorithm; Once more, by unique Routing Protocol administration module (9) interface with route primary module program exchange message.
(12) route primary module
The route primary module mainly plays the effect of overall situation control, simultaneously, coordinates each Routing Protocol module through (9).
The route primary module mainly contains following important function:
The Control Network interface message is safeguarded a grid interface chained list, and the state variation of opening special thread detection network interface is arranged.
Maintaining routing list, this is the part of router most critical.In order to manage and operate routing table easily, in dual-stack router, four routing tables should be arranged, be respectively static IP V4, dynamic IP V4, static IP V9, dynamic IP V9.Interface is provided in the main program, can changes easily and the table of query and routing content.
Carry out communication by the Routing Protocol administration module with each Routing Protocol module.Obtain more new routing information from the Routing Protocol module, thus the change routing table.Main program passes to the Routing Protocol module to the information such as state variation of grid interface by this interface simultaneously, thereby reaches the purpose that information bidirectional exchanges.
The routing broadcast function.Routing broadcast is finished by main program rather than is finished by the Routing Protocol module, and this is because have only a router from physical concept, and may have plural Routing Protocol module simultaneously.
The data forwarding function, this is a background program, is waken up when the packet of needs forwarding arrives router.The visit data bag, the inquiry route is revised route data corresponding in the packet, transmits packet.
(13) access control module
Safeguard an access control chained list,, prevent that the disabled user from destroying router, improve the security performance of router according to certain control law.
(14) the relevant control module of system
Connect (13) module on this module, connect (15) dual stack module down.This module comprises internal memory control module, thread control module and network control module.
The internal memory control module realizes management such as HASH table, LIST chained list, BUFFER buffering area by the internal memory operation module.
Thread control module management and scheduling multithreading and chained list thereof.
Network control module provides network I/O and socket management function, and provides and the communication interface of lower floor (15).
(15) IPV4, IPV9 dual stack stack
Transmission is provided, and the network data forwarding capability is realized IPV4, IPV9, ICMP, ICMPv9 agreement.
(16) the embedded OS of ZDOS Zhejiang University independent research.
(17) hardware layer IPV9 router hardware part.
Through the multianalysis to the router operation principle, the IPV9 dual-stack router should have following function and technical indicator:
1), network interconnection function
Map addresses: realize the different network addresss and the mapping between the subnet physical address.
Data transaction (IPV4): the i.e. segmentation of data and assembling: when a plurality of networks were interconnected by router, the size of the packet of each Network Transmission may be inequality, and this just needs router that segmentation or assembling are carried out in grouping.Be that router can and be packaged into little grouping back with the big packet segmentation that receives and transmits, the little packet group that maybe will receive is dressed up forwarding after the big grouping.
This function does not need in IPV9.
Route Selection: when grouping when interconnected network arrives router, router can be selected best route according to the destination address of grouping by certain routing policy, packet forward is gone out, and can adjust routing table automatically with the variation of network topology.
Protocol conversion: can change to the agreement of network layer and following each layer thereof.
2), network isolation function
Router identification IP address, IP is distributed by the network manager address, is that logical address and IP address have hierarchical structure, be divided into network number and host number, can be used to divide subnet easily, divide subnet and can dwindle broadcast domain, reduce the influence of broadcast storm network.Each interface of router connects a subnet, and broadcasting packet can not be gone out through router broadcast, and the subnet that is connected the router distinct interface belongs to different sub-network, and subnet scoping is by the router physical division.
3), flow control function
Router not only has buffering area, and can also control the receiving-transmitting sides data traffic, and both are mated more.
4), Network Management Function
Router is the Rendezvous Point that connects multiple network, and grouping all will be passed through it between net, here the grouping in the network, equipment is monitored and manages.Therefore, the utility model router has all disposed Network Management Function, so that improve network operating efficiency, reliability and maintainability.
5), network security capability
In the TCP/IP network, router be unique can be to the message at all levels equipment controlling and write down of turnover network.Realize strict protection of resources by router.
By realizing ip packet filter (IP Filter), can limit the message of turnover network effectively.
By the particular arrangement (as Static ARP) of border router, prevent the message turnover network of spoofed IP address (IPSpoofing).
By the Routing Protocol of operation band authentication function, prevent that false routing iinformation from changing the flow direction of message.
On router, dispose encryption function, outside IP content of message is encrypted.
The IP message of transmitting through router is accurate to the complete documentation of application layer data, in order to regular safety inspection.
By the emergency mode setting, guarantee the network information security under wartime or the defense emergency.
But set of applications forming table example of the present utility model
1) establishment IPV9/IPV4 in transition period uses net with
One of the core technology of IPV9 router dual stack can constitute IPV9/IPV4 hybrid network in transition period, Network Transmission IPV9 bag or IPV4 bag on the same physical circuit, and the network investment that the protection of networking instant noodles is original, and also the IPV9 packets of information obtains safeguard protection.Because the IPV9 agreement router of China's independent intellectual property right in the state of emergency, by the controlled provisional orders setting of safety of China department, can become urgent net to civilian net and use, and can improve China's network information controllable safety greatly.
2) set up the IPV9 private network
Set up the private network that the IPV9 router constitutes, all walk the IPV9 agreement, security intensity is required higher optional communication authentication (IPV9AH), cryptographic protocol (IPV9ESP) function of increasing of private network, constitute the professional backbone network of China's related service, and on the access border of IPV4 net, then use the IPV9 NAT router of our supporting invention, as with the device that is pressed into of IPV9 private network.
3) the IPV9 router is supported IN IPV4 tunnel mode
Be convenient to set up the IPV9 private network and stride IPV4 net internet, even the IPV9 network more than two strides across the interconnected communication that the big net of IPV4 carries out the IPV9 private network.
4) the IPV9 router is supported IN IPV9 tunnel mode
Be convenient to set up the IPV4 net and stride IPV9 net internet, even the IPV4 network more than two strides across the interconnected communication that the IPV9 private network carries out the IPV9 tunnel style.
5) support of the utility model IPV9 router is by type of service priority rating forwarding mechanism, and that can satisfy modern broadband realtime graphic, voice, video transmission presses for guaranteed qos.
6) the utility model IPV9 router supports the address cluster to transmit, and can reduce the routing broadcast amount of information, improves network performance; Can greatly suppress the rapid expansion of backbone router routing table,, also reduce the operation cost of investment of ISP from the manufacturing cost of saving equipment itself.
7) the utility model IPV9 router supports IPV9 client computer global address plug and play to dispose automatically by IPV9 address prefix broadcasting, and with the MAC Address binding of client computer, convenient and safe.
Claims (4)
1. IPV9 agreement router, it has tcp/udp floor (2), IPV4, IPV9 dual stack floor (3), driver and link translation interface management level (4), the hardware layer (5) of Routing Protocol algorithm and management level (1), IPV4, IPV9 version successively and joins to it is characterized in that the road.
2. a kind of IPV9 agreement router according to claim 1, it is characterized in that route primary module (12), control desk module (7), Routing Protocol module (11) is attempted by on the audit log module (6), route primary module (12, control desk module (7), SNMP module (8)), Routing Protocol administration module (9), Routing Protocol module (11) is attempted by on the access control module (13), access control module (13) has the relevant control module (14) of system successively, IPV4, IPV9 dual stack stack (15), ZDOS (16), hardware layer (17) serial connection, control desk module (7) and configuration file (10), SNMP module (8), route primary module (12), access control module (13) joins; Route primary module (12) joins with Routing Protocol administration module (9).
3. a kind of IPV9 agreement router according to claim 1 is characterized in that said Routing Protocol algorithm and management level (1) have the BGP-4+V9 of Routing Protocol, RIPv1, RIPv2, OSPF RIPngV9, OSPFv9 and BGP-4+ and IPV9.
4. a kind of IPV9 agreement router according to claim 1 is characterized in that said IPV4, IPV9 dual stack layer (3) have IPV4, IPV9, ICMP, ICMPv9 agreement mould.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 02261332 CN2591884Y (en) | 2002-11-02 | 2002-11-02 | New generation IPV9 protocol router |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 02261332 CN2591884Y (en) | 2002-11-02 | 2002-11-02 | New generation IPV9 protocol router |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN2591884Y true CN2591884Y (en) | 2003-12-10 |
Family
ID=33728148
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 02261332 Expired - Fee Related CN2591884Y (en) | 2002-11-02 | 2002-11-02 | New generation IPV9 protocol router |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN2591884Y (en) |
-
2002
- 2002-11-02 CN CN 02261332 patent/CN2591884Y/en not_active Expired - Fee Related
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP4120647A1 (en) | Packet transmission method, device, and system | |
| CN1192552C (en) | Combined address resolving scheme and combined address route device thereof | |
| CN103905283A (en) | Communication method and apparatus based on expandable virtual local area network | |
| WO2014177097A1 (en) | Flow table entry generation method and corresponding device | |
| WO2008014723A1 (en) | Method and device for implementing vpn based on ipv6 address structure | |
| CN1826769A (en) | Virtual network device | |
| CN1875585A (en) | Dynamic unknown L2 flooding control with MAC limits | |
| CN1585376A (en) | Addressing converting method and mixed addressing converting router for realizing it | |
| CN1812300A (en) | Loop network connection control method, route exchanging equipment and loop network system | |
| CN1428979A (en) | Method for interconnecting multiple RPR ring in wide area RPR network | |
| CN1199405C (en) | Enterprise external virtual special network system and method using virtual router structure | |
| CN103167049B (en) | Demand assigned method for network address translation, equipment and system | |
| CN1297105C (en) | Method for implementing multirole main machine based on virtual local network | |
| CN104853002A (en) | DNS resolution system and DNS resolution method based on SDN | |
| WO2005060275A1 (en) | Multiple isp local area network egress selecting method | |
| CN102340547B (en) | Working level IPv4 is to the smooth transient method of IPv6, equipment and system | |
| WO2007030970A1 (en) | A system for cluster managing in the ethernet switch layer and the method thereof | |
| CN1761226A (en) | The separation and the fusion of hierarchical switched network IPv6 address space | |
| US11595301B2 (en) | Method and system for implementing L3VPN based on two-dimensional routing protocol | |
| CN2591884Y (en) | New generation IPV9 protocol router | |
| CN1494292A (en) | IPV9 protocol routing instrument | |
| CN1455560A (en) | Method of intercommunication of multi-protocol label exchange virtual special network | |
| WO2012068854A1 (en) | Method and apparatus for updating media access control (mac) address | |
| CN1728663A (en) | Mobile access controller, mobile locak area network and metropolitan area network, and access method | |
| Kuliesius et al. | Sdn/legacy hybrid network control system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C19 | Lapse of patent right due to non-payment of the annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |