[go: up one dir, main page]

CN1529480B - A method of IP network protocol conversion - Google Patents

A method of IP network protocol conversion Download PDF

Info

Publication number
CN1529480B
CN1529480B CN2003101007194A CN200310100719A CN1529480B CN 1529480 B CN1529480 B CN 1529480B CN 2003101007194 A CN2003101007194 A CN 2003101007194A CN 200310100719 A CN200310100719 A CN 200310100719A CN 1529480 B CN1529480 B CN 1529480B
Authority
CN
China
Prior art keywords
ipv6
ipv4
address
host
protocol
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN2003101007194A
Other languages
Chinese (zh)
Other versions
CN1529480A (en
Inventor
蔡一兵
石晶林
刘敏
李忠诚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Computing Technology of CAS
Original Assignee
Institute of Computing Technology of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Computing Technology of CAS filed Critical Institute of Computing Technology of CAS
Priority to CN2003101007194A priority Critical patent/CN1529480B/en
Publication of CN1529480A publication Critical patent/CN1529480A/en
Application granted granted Critical
Publication of CN1529480B publication Critical patent/CN1529480B/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明涉及计算机网络通信技术领域,一种IPV6报文穿透IPV4NATs方法是一种IPV4和IPV6共存时期的网络协议转换技术,该方法主要解决以下问题:为位于一个或多个IPV4 NATs后面的IPV6/IPV4双协议主机提供通用IPV6地址配置、支持IPV6/IPV4双协议主机之间、IPV6/IPV4双协议主机和IPV6主机之间的IPV6报文通信。为了穿透IPV4NATs,IPV6报文被封装在IPV4-UDP(IPV4-UDP,IPV4 User DatagramProtocol,IPV4用户数据报协议)报文中。方法的特点:1:分配的IPV6地址为通用IPV6地址,不需要在IPV6地址中包含捕获的主机外部IPV4地址和外部端日参数,也不需要向IANA申请特定的前缀。2:通过WEB方式获取IPV6接入路由器的IPV4地址。3:支持IPV6报文穿透各种类型IPV4 NATs。

Figure 200310100719

The invention relates to the technical field of computer network communication. A method for IPV6 message penetration through IPV4NATs is a network protocol conversion technology during the coexistence period of IPV4 and IPV6. The method mainly solves the following problems: for IPV6 behind one or more IPV4 NATs The /IPV4 dual-protocol host provides general IPV6 address configuration, supports IPV6 message communication between IPV6/IPV4 dual-protocol hosts, and between IPV6/IPV4 dual-protocol hosts and IPV6 hosts. In order to penetrate IPV4NATs, IPV6 packets are encapsulated in IPV4-UDP (IPV4-UDP, IPV4 User Datagram Protocol, IPV4 User Datagram Protocol) packets. Features of the method: 1: The assigned IPV6 address is a general IPV6 address, and it is not necessary to include the captured external IPV4 address of the host computer and external endpoint parameters in the IPV6 address, nor does it need to apply for a specific prefix from IANA. 2: Obtain the IPV4 address of the IPV6 access router through WEB. 3: Support IPV6 packets to penetrate various types of IPV4 NATs.

Figure 200310100719

Description

一种IP网络协议转换的方法A method of IP network protocol conversion

技术领域technical field

本发明涉及计算机网络通信技术领域,特别是一种IPV6报文穿透IPV4NATs方法。一种IPV6(IPV6,Internet Protocol Version 6,第6版网际协议)报文穿透IPV4 NATs(IPV4NATs,Internet Protocol Version 4Network Address Translators,第4版网际协议网络地址转换器)方法是一种IPV4和IPV6共存时期的网络协议转换技术。该方法主要解决以下问题:为位于一个或多个IPV4NATs后面的IPV6/IPV4双协议主机提供通用IPV6地址配置、支持IPV6/IPV4双协议主机之间、IPV6/IPV4双协议主机和IPV6主机之间的IPV6报文通信。为了穿透IPV4NATs,IPV6报文被封装在IPV4-UDP(IPV4-UDP,IPV4 User Datagram Protocol,IPV4用户数据报协议)报文中。The invention relates to the technical field of computer network communication, in particular to a method for IPV6 messages to penetrate IPV4NATs. A kind of IPV6 (IPV6, Internet Protocol Version 6, the 6th edition Internet Protocol) message penetrates IPV4 NATs (IPV4NATs, Internet Protocol Version 4 Network Address Translators, the 4th edition Internet Protocol Network Address Translator) method is a kind of IPV4 and IPV6 Network protocol conversion technology in the period of coexistence. The method mainly solves the following problems: providing general IPV6 address configuration for IPV6/IPV4 dual-protocol hosts located behind one or more IPV4NATs, supporting communication between IPV6/IPV4 dual-protocol hosts, and between IPV6/IPV4 dual-protocol hosts and IPV6 hosts IPv6 message communication. In order to penetrate IPV4NATs, IPV6 packets are encapsulated in IPV4-UDP (IPV4-UDP, IPV4 User Datagram Protocol, IPV4 User Datagram Protocol) packets.

背景技术Background technique

在IPV4和IPV6共存时期,为了解决位于IPV4网络中的IPV6主机和IPV6网络的IPV6主机之间的IPV6报文互通问题,人们提出众多解决方案,如6to4协议、ISATAP协议(ISATAP,Intrasite automatic tunnelAddressing Protocol,内部集自动隧道地址协议)等等。这些协议的共同特点是把IPV6报文封装到IPV4报文,通过IPV4网络来传送IPV6报文。但采用上述方法无法解决IPV6报文穿透IPV4 NATs问题。该问题具体描述为:位于IPV4 NATs后面的IPV6/IPV4双协议主机,通过IPV4 NATs和IPV4网络,和IPV6主机之间相互传送IPV6报文;或者位于IPV4 NATs后面的IPV6/IPV4双协议主机,通过IPV4 NATs和IPV4网络,和位于IPV4 NATs后面的IPV6/IPV4双协议主机之间相互传送IPV6报文。During the coexistence period of IPV4 and IPV6, in order to solve the problem of IPV6 packet intercommunication between the IPV6 host in the IPV4 network and the IPV6 host in the IPV6 network, many solutions have been proposed, such as 6to4 protocol, ISATAP protocol (ISATAP, Intrasite automatic tunnelAddressing Protocol , Internal Set Automatic Tunnel Address Protocol) and so on. The common feature of these protocols is that the IPV6 packets are encapsulated into the IPV4 packets, and the IPV6 packets are transmitted through the IPV4 network. However, the above method cannot solve the problem of IPV6 packets penetrating IPV4 NATs. The problem is specifically described as: the IPV6/IPV4 dual-protocol host behind the IPV4 NATs transmits IPV6 packets with the IPV6 host through the IPV4 NATs and IPV4 network; or the IPV6/IPV4 dual-protocol host behind the IPV4 NATs, through IPV4 NATs and IPV4 networks, and IPV6/IPV4 dual-protocol hosts behind IPV4 NATs transmit IPV6 packets to each other.

按照IPV4协议规定:TCP报文封装在IPV4报文中,需要将IPV4首部的协议字段值设为6;UDP报文封装在IPV4报文中,需要将IPV4首部的协议字段值设为17;IPV6报文封装在IPV4报文中,需要将IPV4首部的协议字段值设为41。典型的IPV4 NATs只传送IPV4首部协议字段值为6或17的IPV4报文,不传送协议字段值为41的IPV4报文,所以封装在IPV4中的IPV6报文无法穿透典型的IPV4 NATs。According to the provisions of the IPV4 protocol: TCP packets are encapsulated in IPV4 packets, and the value of the protocol field of the IPV4 header needs to be set to 6; UDP packets are encapsulated in IPV4 packets, and the value of the protocol field of the IPV4 header needs to be set to 17; IPV6 The packet is encapsulated in an IPV4 packet, and the value of the protocol field in the IPV4 header needs to be set to 41. Typical IPV4 NATs only transmit IPV4 packets with an IPV4 header protocol field value of 6 or 17, and do not transmit IPV4 packets with a protocol field value of 41, so IPV6 packets encapsulated in IPV4 cannot penetrate typical IPV4 NATs.

为了实现IPV6报文穿透IPV4 NATs,美国微软公司提出Teredo协议,该协议基本方法是将IPV6报文封装在IPV4 UDP报文,通过UDP报文承载实现IPV6报文穿透IPV4 NATs。截至到本发明申请期为止,Teredo协议还在完善之中,微软公司向IETF(Internet Engineering Task Force,Internet工程任务组)提交的Teredo协议处于草案阶段;同时微软公司已经在Windows XP部署了Teredo协议。In order to achieve IPV6 packets to penetrate IPV4 NATs, Microsoft Corporation of the United States proposed the Teredo protocol. The basic method of this protocol is to encapsulate IPV6 packets in IPV4 UDP packets, and implement IPV6 packets to penetrate IPV4 NATs through UDP packets. As of the application period of the present invention, the Teredo protocol is still being perfected, and the Teredo protocol submitted by Microsoft to the IETF (Internet Engineering Task Force, Internet Engineering Task Force) is in the draft stage; meanwhile, Microsoft has deployed the Teredo protocol on Windows XP .

截至到本发明申请为止,Teredo协议需要给IPV4 NATs后面的双协议主机分配特定格式的IPV6地址——Teredo地址。Teredo地址包含一个长度为32比特的固定前缀,该固定前缀在互联网上的合法使用必须得到IANA(IANA,The Internet Assigned Numbers Authority,互联网指派号机构)批准。Teredo地址同时还包含IPV4 NATs分配的外部IPV4地址和外部UDP端口信息,后者是一个动态变化的参数,这将造成Teredo地址具有动态性。这种特性将给移动IPV6应用、基于DNS的高层应用、基于IPV6地址过滤的安全机制带来不利影响。除此外,截至到本发明申请为止,Teredo协议不提供位于symmetric NAT类型的IPV4 NATs后面的双协议主机的IPV6报文通信的支持。As far as the application of the present invention, the Teredo protocol needs to assign the IPV6 address of a specific format to the dual-protocol host behind the IPV4 NATs—the Teredo address. The Teredo address contains a fixed prefix with a length of 32 bits. The legal use of the fixed prefix on the Internet must be approved by IANA (IANA, The Internet Assigned Numbers Authority, Internet Assigned Numbers Authority). The Teredo address also includes the external IPV4 address assigned by IPV4 NATs and the external UDP port information. The latter is a dynamically changing parameter, which will cause the Teredo address to be dynamic. This feature will bring adverse effects to mobile IPV6 applications, high-level applications based on DNS, and security mechanisms based on IPV6 address filtering. In addition, as of the application of the present invention, the Teredo protocol does not provide support for the IPV6 message communication of the dual-protocol host behind the IPV4 NATs of the symmetric NAT type.

本发明提出的方法,给IPV4 NATs后面的双协议主机分配的是通用IPV6地址,不需要在IPV6地址中包含由IPV4 NATs分配的外部IPV4地址和外部UDP端口信息,全面支持移动IPV6应用、基于DNS的高层应用、基于IPV6地址过滤的安全机制。由于不包含特定前缀,所以也不需要向IANA机构申请特殊前缀。除此外,本发明提供对各种类型的IPV4 NATs后面的双协议主机的IPV6连通性支持——即双协议主机和IPV6主机之间、双协议主机和双协议主机之间的IPV6报文通信。基于本发明原理,已经实现了IPV6报文穿透IPV4 NATs相关设备原理样机。The method proposed by the present invention distributes the general IPV6 address to the dual-protocol host behind the IPV4 NATs, does not need to include the external IPV4 address and external UDP port information distributed by the IPV4 NATs in the IPV6 address, fully supports mobile IPV6 applications, and is based on DNS High-level application, security mechanism based on IPV6 address filtering. Since it does not contain a specific prefix, there is no need to apply for a special prefix from the IANA agency. In addition, the present invention provides IPV6 connectivity support for dual-protocol hosts behind various types of IPV4 NATs—that is, IPV6 message communication between dual-protocol hosts and IPV6 hosts, and between dual-protocol hosts and dual-protocol hosts. Based on the principle of the present invention, the principle prototype of IPV6 message penetration IPV4 NATs related equipment has been realized.

发明内容Contents of the invention

本发明的目的在于提供一种IPV6报文穿透IPV4 NATs方法。The object of the present invention is to provide a kind of IPV6 message penetration IPV4 NATs method.

本发明的技术方案:Technical scheme of the present invention:

为位于一个或多个IPV4 NATs后面的IPV6/IPV4双协议主机提供通用IPV6地址配置、支持IPV6/IPV4双协议主机之间、IPV6/IPV4双协议主机和IPV6主机之间的IPV6报文通信,该方法具体步骤如下:Provide general IPV6 address configuration for IPV6/IPV4 dual-protocol hosts located behind one or more IPV4 NATs, support IPV6 message communication between IPV6/IPV4 dual-protocol hosts, and between IPV6/IPV4 dual-protocol hosts and IPV6 hosts. The specific steps of the method are as follows:

步骤1:基于WEB方式的IPV6网络接入路由器参数配置;Step 1: IPV6 network access router parameter configuration based on WEB mode;

步骤2:建立双协议主机和NAR之间的IPV4 UDP隧道;Step 2: Establish an IPV4 UDP tunnel between the dual-protocol host and NAR;

步骤3:主机之间的IPV6报文通信。Step 3: IPV6 packet communication between hosts.

其中步骤1——基于WEB方式的IPV6网络接入路由器参数配置:IPV6网络接入路由器将设备信息,包括以下内容:IPV4地址、设备名字、设备所在地区、服务资费,发布到NARP,供用户选择。Step 1——IPV6 network access router parameter configuration based on WEB: The IPV6 network access router publishes device information, including the following: IPV4 address, device name, device location, and service fee, to NARP for user selection .

其中步骤1——基于WEB方式的IPV6网络接入路由器参数配置:用户采用WEB方式配置NAR的IPV4地址参数,并将NAR的IPV4地址参数保存到双协议主机的通信配置文件中。Wherein step 1——IPV6 network access router parameter configuration based on WEB mode: the user adopts WEB mode to configure the IPV4 address parameters of the NAR, and save the IPV4 address parameters of the NAR to the communication configuration file of the dual-protocol host.

其中步骤2——建立双协议主机和NAR之间IPV4 UDP隧道,双协议主机与NAR建立IPV4 UDP隧道之前,从双协议主机通信配置文件中获取NAR的IPV4地址。其中步骤2——建立双协议主机和NAR之间IPV4 UDP隧道,IPV6网络接入路由器从双协议主机发送的UDP报文中捕获双协议主机的外部UDP端口和IPV4地址参数;然后分配给双协议主机一个通用IPV6地址;同时分配给双协议主机一个空闲UDP端口号,该端口号用于建立双协议主机和NAR之间的IPV4 UDP隧道;最后将三种参数之间的映射关系保存在IPV6网络接入路由器的IPV4 UDP隧道映射关系文件中。Among them, step 2——establish an IPV4 UDP tunnel between the dual-protocol host and the NAR, before the dual-protocol host establishes an IPV4 UDP tunnel with the NAR, obtain the IPV4 address of the NAR from the dual-protocol host communication configuration file. Wherein step 2——establish IPV4 UDP tunnel between dual-protocol host and NAR, IPV6 network access router captures the external UDP port and IPV4 address parameter of dual-protocol host from the UDP message that dual-protocol host sends; Assign to dual-protocol then A common IPV6 address for the host; at the same time, an idle UDP port number is assigned to the dual-protocol host, which is used to establish an IPV4 UDP tunnel between the dual-protocol host and NAR; finally, the mapping relationship between the three parameters is saved in the IPV6 network In the IPV4 UDP tunnel mapping relationship file of the access router.

其中步骤2——建立双协议主机和NAR之间IPV4 UDP隧道,IPV6网络接入路由器分配给双协议主机的是通用IPV6地址,该地址是一个在IPV6网络中可路由的、属于IPV6网络接入路由器路由域的IPV6地址,不需要在IPV6地址中包含由IPV4 NATs分配的外部IPV4地址和外部UDP端口信息,也不需要包含特定地址前缀。Among them, step 2——establish an IPV4 UDP tunnel between the dual-protocol host and NAR, and the IPV6 network access router assigns the dual-protocol host a general IPV6 address, which is a routable IPV6 network and belongs to the IPV6 network access The IPV6 address of the router's routing domain does not need to include the external IPV4 address and external UDP port information assigned by IPV4 NATs in the IPV6 address, nor does it need to contain a specific address prefix.

其中步骤3——主机之间的IPV6报文通信,IPV6网络接入路由器收到从IPV6网络方向来的IPV6报文后,根据报文中的目的地址,从步骤2中建立的IPV4 UDP隧道映射关系文件中查找对应的UDP隧道,如果存在对应映射关系,则将IPV6报文转发到该映射所指示的UDP隧道。Wherein step 3—IPV6 message communication between hosts, after the IPV6 network access router receives the IPV6 message from the direction of the IPV6 network, according to the destination address in the message, map from the IPV4 UDP tunnel established in step 2 The corresponding UDP tunnel is searched in the relationship file, and if there is a corresponding mapping relationship, the IPV6 message is forwarded to the UDP tunnel indicated by the mapping.

其中步骤3——主机之间的IPV6报文通信,步骤2中IPV6网络接入路由器分配给双协议主机的是一个在IPV6网络中可路由的、属于IPV6网络接入路由器路由域的通用IPV6地址,主机之间进行IPV6报文通信时,将该地址作为IPV6报文中的源地址或者目的地址构建IPV6报文,符合IPV6报文路由寻址原理,该报文最终能够寻址到达IPV6主机或者IPV6接入路由器。Wherein step 3—IPV6 message communication between hosts, in step 2, what the IPV6 network access router assigns to the dual-protocol host is a general IPV6 address that is routable in the IPV6 network and belongs to the routing domain of the IPV6 network access router , when communicating with IPV6 packets between hosts, use this address as the source address or destination address in the IPV6 packet to construct an IPV6 packet, which conforms to the principle of IPV6 packet routing and addressing, and the packet can finally be addressed to reach the IPV6 host or IPV6 access router.

1、概述1 Overview

本发明涉及IPV6报文穿透IPV4 NATs通信方法。提供双协议主机之间、双协议主机和IPV6主机之间的IPV6报文互通性支持,其中双协议主机可以位于NAT域或者IPV4网络。The invention relates to an IPV6 message penetration IPV4 NATs communication method. Provide support for IPV6 packet interoperability between dual-protocol hosts, and between dual-protocol hosts and IPV6 hosts. The dual-protocol hosts can be located in NAT domains or IPV4 networks.

本发明与Teredo协议相比,具有以下特点:1、分配的IPV6地址为通用IPV6地址,不需要在IPV6地址中包含IPV4 NATs分配给双协议主机使用的外部IPV4地址和外部端口参数,也不需要向IANA机构申请特定的前缀。2、通过WEB方式获取IPV6接入路由器的IPV4服务地址。3、支持IPV6报文穿透各种类型IPV4 NATs。Compared with the Teredo protocol, the present invention has the following characteristics: 1. The IPV6 address assigned is a general IPV6 address, and does not need to include the external IPV4 address and external port parameters that the IPV4 NATs are assigned to the dual-protocol host in the IPV6 address, nor does it need Apply to the IANA agency for a specific prefix. 2. Obtain the IPV4 service address of the IPV6 access router through WEB. 3. Support IPV6 packets to penetrate various types of IPV4 NATs.

2、网络拓扑结构说明2. Network topology description

本发明主要包括三种功能单元,功能定义如下:The present invention mainly comprises three kinds of functional units, and function definition is as follows:

●IPV6网络接入路由器:路由器,完成IPV4 UDP隧道集中管理和IPV6网络接入服务功能。●IPV6 network access router: a router that completes the centralized management of IPV4 UDP tunnels and the functions of IPV6 network access services.

●网络接入路由器导航器:WWW服务器,用于保存IPV6网络接入路由器设备信息。●Network access router navigator: WWW server, used to save IPV6 network access router equipment information.

●主机隧道管理器:IPV4 UDP隧道维护软件,安装在双协议主机上。●Host tunnel manager: IPV4 UDP tunnel maintenance software, installed on the dual-protocol host.

为了描述方便,以下将IPV6网络接入路由器简称为NAR(NetworkAccess Router),将网络接入路由器导航器简称为NARP(Network AccessRouter Pilot),将主机隧道管理器简称为HTM(Host Tunnel Manager),将IPV4网络地址转换器简称为IPV4 NATs(IPv4 network addresstranslators)For the convenience of description, the IPV6 network access router is referred to as NAR (NetworkAccess Router), the network access router navigator is referred to as NARP (Network AccessRouter Pilot), and the host tunnel manager is referred to as HTM (Host Tunnel Manager). IPV4 network address translators are referred to as IPV4 NATs (IPv4 network address translators)

附图说明Description of drawings

图1是本发明的网络拓扑结构和IPV4 UDP隧道建立过程图;Fig. 1 is a network topology of the present invention and an IPV4 UDP tunnel establishment process diagram;

图2是本发明的双协议主机和IPV6主机之间IPV6报文通信图;Fig. 2 is an IPV6 message communication diagram between the dual-protocol host and the IPV6 host of the present invention;

图3是本发明的位于不同NAT域的双协议主机之间IPV6报文通图;Fig. 3 is the communication figure of IPV6 message between the dual-protocol hosts located in different NAT domains of the present invention;

图4是本发明的位于NAT域和位于IPV4网络双协议主机之间IPV6报文通信图;Fig. 4 is located in the NAT domain of the present invention and is located in the IPV6 message communication figure between the IPV4 network dual-protocol host;

图5是本发明的基于WEB方式的IPV6网络接入路由器参数配置图。Fig. 5 is a parameter configuration diagram of the WEB-based IPV6 network access router of the present invention.

与本发明方法相关的网络拓扑结构见附图1。The network topology related to the method of the present invention is shown in Figure 1.

在图1中存在三种性质的网络:There are three types of networks in Figure 1:

●NAT域,位于该域的主机由IPV4 NATs分配私有IPV4地址;●NAT domain, hosts located in this domain are assigned private IPV4 addresses by IPV4 NATs;

●IPV4网络,位于该网络的主机拥有公有IPV4地址;●IPV4 network, hosts located on this network have public IPV4 addresses;

●IPV6网络,位于该网络的主机拥有IPV6地址。●IPV6 network, hosts located in this network have IPv6 addresses.

其中IPV4 NATs位于NAT域和IPV4网络结合处,具有私有IPV4地址和公有IPV4地址;NAR位于IPV4网络和IPV6网络结合处,具有公有IPV4地址和IPV6地址。NARP具有公有IPV4地址,位于IPV4网络中。HTM安装在双协议主机上,该主机位于NAT域或者IPV4网络。Among them, IPV4 NATs is located at the junction of NAT domain and IPV4 network, with private IPV4 address and public IPV4 address; NAR is located at the junction of IPV4 network and IPV6 network, with public IPV4 address and IPV6 address. NARP has a public IPV4 address and is located in an IPV4 network. HTM is installed on a dual-protocol host, which is located in a NAT domain or an IPV4 network.

为了实现IPV6报文穿透IPV4 NATs,本发明包括以下三个关键步骤:建立IPV4 UDP隧道;双协议主机、IPV6主机之间的IPV6报文通信、基于WEB方式的IPV6网络接入路由器参数配置。具体实施方式如下:In order to realize that the IPV6 message penetrates the IPV4 NATs, the present invention includes the following three key steps: establishing an IPV4 UDP tunnel; IPV6 message communication between the dual-protocol host and the IPV6 host, and IPV6 network access router parameter configuration based on the WEB mode. The specific implementation is as follows:

3、建立双协议主机和NAR之间的IPV4 UDP隧道3. Establish an IPV4 UDP tunnel between the dual-protocol host and NAR

双协议主机和NAR之间建立IPV4 UDP隧道的方法具体描述如下,流程参见附图1。具体过程如图中数字表示的箭头所示。The method for establishing an IPV4 UDP tunnel between the dual-protocol host and NAR is described in detail as follows, and the process is shown in Figure 1. The specific process is shown by the arrow indicated by the number in the figure.

(1)位于NAT域的双协议主机通过IPV4 NATs接入IPV4网络后(位于IPV4网络的双协议主机直接接入IPV4网络),HTM访问NARP,获取NAR的IPV4地址,保存到HTM的通信配置文件。(1) After the dual-protocol host in the NAT domain accesses the IPV4 network through IPV4 NATs (the dual-protocol host in the IPV4 network directly accesses the IPV4 network), HTM accesses NARP, obtains the IPV4 address of NAR, and saves it in the communication configuration file of HTM .

(2)HTM根据保存在HTM的通信配置文件中的NAR的IPV4地址,向NAR对应的UDP监听服务端口发送UDP隧道资源请求消息。(2) According to the IPV4 address of the NAR stored in the communication configuration file of the HTM, the HTM sends a UDP tunnel resource request message to the UDP listening service port corresponding to the NAR.

(3)NAR收到该请求后,从HTM发送的UDP报文中捕获IPV4 NATs分配给双协议主机使用的参数:包括IPV4地址和UDP端口号;然后分配给双协议主机一个IPV6地址,该地址属于IPV6网络接入路由器路由域,在IPV6网络中可路由;同时分配给双协议主机一个空闲UDP端口号,该端口号用于建立双协议主机和NAR之间的IPV4 UDP隧道;最后将三种参数之间的映射关系保存在IPV6网络接入路由器的IPV4 UDP隧道映射关系文件中。(3) After NAR receives the request, it captures the parameters that IPV4 NATs assigns to the dual-protocol host from the UDP message sent by HTM: including the IPV4 address and UDP port number; and then assigns an IPV6 address to the dual-protocol host, the address It belongs to the routing domain of the IPV6 network access router and can be routed in the IPV6 network; at the same time, a free UDP port number is assigned to the dual-protocol host, which is used to establish an IPV4 UDP tunnel between the dual-protocol host and NAR; finally, the three The mapping relationship between parameters is stored in the IPV4 UDP tunnel mapping relationship file of the IPV6 network access router.

(4)NAR将NAR(3)中相应的IPV4 UDP隧道映射关系参数发送给HTM,HTM将三个参数添加到HTM的通信配置文件中。(4) NAR sends the corresponding IPV4 UDP tunnel mapping relationship parameters in NAR (3) to HTM, and HTM adds three parameters to the communication configuration file of HTM.

(5)HTM和NAR之间根据附录中的IPV4 NATs类型测试算法,对IPV4 NATs类型进行测试。NAR将测试结果传递给HTM,HTM把该参数添加到HTM的通信配置文件。(5) Between HTM and NAR, test the IPV4 NATs type according to the IPV4 NATs type test algorithm in the appendix. NAR passes the test result to HTM, and HTM adds this parameter to the communication configuration file of HTM.

(6)HTM和NAR之间动态维护UDP隧道,HTM通过定期发送Hello包来维护在IPV4 NATs中的映射,发送周期小于IPV4 NATs的映射生存时间。(6) UDP tunnel is dynamically maintained between HTM and NAR. HTM maintains the mapping in IPV4 NATs by periodically sending Hello packets, and the sending cycle is shorter than the mapping lifetime of IPV4 NATs.

4、主机之间IPV6报文通信4. IPV6 message communication between hosts

4.1、双协议主机和IPV6主机之间IPV6报文通信4.1, IPV6 message communication between dual-protocol host and IPV6 host

位于NAT域的双协议主机和位于IPV6网络的IPV6主机之间要进行IPV6报文通信,首先需要建立双协议主机和NAR之间的IPV4 UDP隧道。双协议主机向位于IPV6网络的IPV6主机发送IPV6报文,IPV6报文通过IPV4 UDP隧道,穿透IPV4 NATs和IPV4网络,到达NAR,NAR转发到IPV6网络,自动路由到对应IPV6主机;IPV6主机发送给双协议主机的IPV6报文,在IPV6网络中自动路由到NAR,NAR将IPV6报文通过UDP隧道,穿透IPV4网络和IPV4 NATs,传送到达双协议主机。To perform IPv6 message communication between the dual-protocol host in the NAT domain and the IPV6 host in the IPV6 network, it is first necessary to establish an IPV4 UDP tunnel between the dual-protocol host and the NAR. The dual-protocol host sends an IPV6 packet to the IPV6 host on the IPV6 network. The IPV6 packet passes through the IPV4 UDP tunnel, penetrates the IPV4 NATs and the IPV4 network, and reaches the NAR. The NAR is forwarded to the IPV6 network and automatically routed to the corresponding IPV6 host; the IPV6 host sends The IPV6 message to the dual-protocol host is automatically routed to the NAR in the IPV6 network, and the NAR passes the IPv6 message through the UDP tunnel, penetrates the IPV4 network and IPV4 NATs, and transmits it to the dual-protocol host.

具体分为两种情况:双协议主机向IPV6主机发送IPV6报文和IPV6主机向双协议主机发送IPV6报文。参见附图2。具体过程如图中数字表示的箭头所示。Specifically, there are two situations: the dual-protocol host sends an IPV6 message to the IPV6 host, and the IPV6 host sends an IPV6 message to a dual-protocol host. See attached drawing 2. The specific process is shown by the arrow indicated by the number in the figure.

4.1.1双协议主机向IPV6主机发送IPV6报文4.1.1 Dual-protocol hosts send IPV6 packets to IPV6 hosts

(1)双协议主机的HTM将需要发送的IPV6报文封装在IPV4 UDP报文中,其中IPV6报文的源地址是IPV6网络接入路由器分配的IPV6地址,目的地址是IPV6网络中的IPV6主机地址。(1) The HTM of the dual-protocol host encapsulates the IPV6 message to be sent in an IPV4 UDP message, where the source address of the IPV6 message is the IPV6 address assigned by the IPV6 network access router, and the destination address is the IPV6 host in the IPV6 network address.

(2)封装了IPV6报文的IPV4 UDP报文通过IPV4 NATs转发到IPV4网络,到达NAR。(2) The IPV4 UDP packet encapsulated with the IPV6 packet is forwarded to the IPV4 network through the IPV4 NATs and reaches the NAR.

(3)NAR收到后,从IPV4 UDP报文中取出IPV6报文,直接转发到IPV6网络。(3) After the NAR receives it, it takes out the IPV6 message from the IPV4 UDP message and forwards it directly to the IPV6 network.

(4)由于该报文的IPV6地址符合IPV6报文路由寻址原理,该报文最终将通过IPV6路由系统传送到目的IPV6主机。(4) Since the IPV6 address of the message complies with the IPV6 message routing addressing principle, the message will eventually be transmitted to the destination IPV6 host through the IPV6 routing system.

4.1.2IPV6主机向双协议主机发送IPV6报文4.1.2 IPV6 hosts send IPV6 packets to dual-protocol hosts

(5)IPV6网络中IPV6主机向双协议主机发送IPV6报文,IPV6报文中源地址是IPV6主机的IPV6地址,目的地址是双协议主机的IPV6地址。(5) In the IPV6 network, the IPV6 host sends an IPV6 message to the dual-protocol host. The source address in the IPV6 message is the IPV6 address of the IPV6 host, and the destination address is the IPV6 address of the dual-protocol host.

(6)IPV6报文通过IPV6路由系统传送到NAR。(6) The IPV6 message is transmitted to the NAR through the IPV6 routing system.

(7)NAR收到IPV6报文后,根据报文中的目的地址,从IPV4 UDP隧道映射关系文件中查找对应的UDP隧道,如果存在对应映射关系,则将IPV6报文封装在IPV4 UDP报文中,转发IPV4网络。其中IPV4 UDP报文使用的源端口号是NAR分配给双协议主机使用的参数,源IPV4地址是NAR的IPV4地址;目的端口号和目的IPV4地址是IPV4 NATs分配给双协议主机使用的参数。(7) After NAR receives the IPV6 message, it searches for the corresponding UDP tunnel from the IPV4 UDP tunnel mapping relationship file according to the destination address in the message. If there is a corresponding mapping relationship, the IPV6 message is encapsulated in the IPV4 UDP message In, forward the IPV4 network. Among them, the source port number used by the IPV4 UDP message is the parameter assigned by NAR to the dual-protocol host, and the source IPV4 address is the IPV4 address of NAR; the destination port number and destination IPV4 address are the parameters assigned by IPV4 NATs to the dual-protocol host.

(8)包含IPV6报文的IPV4 UDP报文到达IPV4 NATs,通过IPV4 NATs转发到双协议主机。双协议主机的HTM从IPV4 UDP报文中取出IPV6报文。(8) The IPV4 UDP packet containing the IPV6 packet arrives at the IPV4 NATs, and is forwarded to the dual-protocol host through the IPV4 NATs. The HTM of the dual-protocol host takes out the IPv6 message from the IPV4 UDP message.

位于IPV4网络的双协议主机和位于IPV6网络的IPV6主机之间进行IPV6报文通信的方法和过程与上面类似。The method and process for performing IPV6 message communication between the dual-protocol host on the IPV4 network and the IPV6 host on the IPV6 network are similar to the above.

4.2、位于不同NAT域的双协议主机之间IPV6报文通信4.2. IPV6 message communication between dual-protocol hosts located in different NAT domains

位于不同NAT域的双协议主机之间要进行IPV6报文通信,首先需要建立双协议主机和NAR之间的各自IPV4 UDP隧道。双协议主机之间通过各自IPV4 UDP隧道,穿透IPV4 NATs和IPV4网络,通过各自NAR转发功能和IPV6网络路由寻址功能,实现双协议主机之间IPV6报文互通。其中将发送方双协议主机对应的IPV4 NATs称为源IPV4 NATs,NAR称为源NAR;将接收方双协议主机对应的IPV4 NATs称为目的IPV4 NATs,NAR称为目的NAR。参见附图3。具体过程如图中数字表示的箭头所示。To communicate IPV6 packets between dual-protocol hosts located in different NAT domains, it is first necessary to establish respective IPV4 UDP tunnels between the dual-protocol hosts and NAR. Dual-protocol hosts pass through their respective IPV4 UDP tunnels, penetrate IPV4 NATs and IPV4 networks, and realize IPV6 message intercommunication between dual-protocol hosts through their respective NAR forwarding functions and IPV6 network routing addressing functions. The IPV4 NATs corresponding to the sender’s dual-protocol host are called source IPV4 NATs, and the NAR is called source NAR; the IPV4 NATs corresponding to the receiver’s dual-protocol host are called destination IPV4 NATs, and NAR is called destination NAR. See attached drawing 3. The specific process is shown by the arrow indicated by the number in the figure.

具体过程如下:The specific process is as follows:

(1)双协议主机的HTM将需要发送的IPV6报文封装在IPV4 UDP报文中,其中IPV6报文的源地址是IPV6网络接入路由器分配的IPV6地址,目的地址是目的双协议主机的IPV6地址。(1) The HTM of the dual-protocol host encapsulates the IPV6 message to be sent in an IPV4 UDP message, where the source address of the IPV6 message is the IPV6 address assigned by the IPV6 network access router, and the destination address is the IPV6 address of the destination dual-protocol host address.

(2)封装了IPV6报文的IPV4 UDP报文通过源IPV4 NATs转发到IPV4网络,到达源NAR。(2) The IPV4 UDP packet encapsulated with the IPV6 packet is forwarded to the IPV4 network through the source IPV4 NATs and reaches the source NAR.

(3)源NAR收到后,从IPV4 UDP报文中取出IPV6报文,直接转发到IPV6网络。(3) After the source NAR receives it, it takes out the IPV6 message from the IPV4 UDP message and forwards it directly to the IPV6 network.

(4)由于该报文的IPV6地址符合IPV6报文路由寻址原理,该报文最终将通过IPV6路由系统传送到目的NAR。(4) Since the IPV6 address of the message complies with the routing addressing principle of the IPV6 message, the message will eventually be transmitted to the destination NAR through the IPV6 routing system.

(5)目的NAR收到IPV6报文后,根据报文中的目的地址,从IPV4 UDP隧道映射关系文件中查找对应的UDP隧道,如果存在对应映射关系,则将IPV6报文封装在IPV4 UDP报文中,转发IPV4网络。其中IPV4UDP报文使用的源端口号是目的NAR分配给双协议主机使用的参数,源IPV4地址是目的NAR的IPV4地址;目的端口号和目的IPV4地址是目的IPV4 NATs分配给双协议主机使用的参数。(5) After receiving the IPV6 message, the destination NAR searches for the corresponding UDP tunnel from the IPV4 UDP tunnel mapping relationship file according to the destination address in the message. If there is a corresponding mapping relationship, the IPV6 message is encapsulated in the IPV4 UDP message In this article, the IPV4 network is forwarded. The source port number used by the IPV4UDP message is the parameter assigned by the destination NAR to the dual-protocol host, and the source IPV4 address is the IPV4 address of the destination NAR; the destination port number and destination IPV4 address are the parameters assigned by the destination IPV4 NATs to the dual-protocol host .

(6)包含IPV6报文的IPV4 UDP报文到达目的IPV4 NATs,通过目的IPV4NATs转发到目的双协议主机。目的双协议主机的HTM从IPV4 UDP报文中取出IPV6报文。(6) The IPV4 UDP message containing the IPV6 message arrives at the destination IPV4 NATs, and is forwarded to the destination dual-protocol host through the destination IPV4 NATs. The HTM of the destination dual-protocol host takes out the IPv6 message from the IPV4 UDP message.

4.3、位于NAT域和位于IPV4网络双协议主机之间IPV6报文通信4.3. IPV6 message communication between the NAT domain and the dual-protocol host on the IPV4 network

位于NAT域的双协议主机和位于IPV4网络的双协议主机之间要进行IPV6报文通信,首先需要建立双协议主机和NAR之间的各自IPV4 UDP隧道。双协议主机之间通过各自IPV4 UDP隧道,穿透IPV4NATs和IPV4网络,通过各自NAR转发功能和IPV6网络路由寻址功能,实现双协议主机之间IPV6报文互通。其中将发送方双协议主机对应的NAR称为源NAR;将接收方双协议主机对应的NAR称为目的NAR。To perform IPv6 message communication between the dual-protocol host in the NAT domain and the dual-protocol host in the IPV4 network, it is first necessary to establish respective IPV4 UDP tunnels between the dual-protocol host and the NAR. Dual-protocol hosts pass through their respective IPV4 UDP tunnels, penetrate IPV4NATs and IPV4 networks, and realize IPV6 packet intercommunication between dual-protocol hosts through their respective NAR forwarding functions and IPV6 network routing addressing functions. The NAR corresponding to the dual-protocol host of the sender is called the source NAR; the NAR corresponding to the dual-protocol host of the receiver is called the destination NAR.

具体分为两种情况:位于NAT域的双协议主机向位于IPV4网络的双协议主机发送IPV6报文;位于IPV6网络的双协议主机向位于NAT域的双协议主机发送IPV6报文。下面介绍第一种情况的处理方法和过程,具体过程如图4中数字表示的箭头所示。第二种情况类似。Specifically, there are two situations: the dual-protocol host in the NAT domain sends an IPV6 message to the dual-protocol host in the IPV4 network; the dual-protocol host in the IPv6 network sends an IPV6 message to the dual-protocol host in the NAT domain. The processing method and process of the first case are introduced below, and the specific process is shown by the arrow represented by numbers in FIG. 4 . The second case is similar.

(1)位于NAT域的双协议主机的HTM将需要发送的IPV6报文封装在IPV4UDP报文中,其中IPV6报文的源地址是IPV6网络接入路由器分配的IPV6地址,目的地址是目的双协议主机的IPV6地址。(1) The HTM of the dual-protocol host in the NAT domain encapsulates the IPV6 message to be sent in an IPV4UDP message, where the source address of the IPV6 message is the IPV6 address assigned by the IPV6 network access router, and the destination address is the destination dual-protocol The IPV6 address of the host.

(2)封装了IPV6报文的IPV4 UDP报文通过IPV4 NATs转发到IPV4网络,到达源NAR。(2) The IPV4 UDP packet encapsulated with the IPV6 packet is forwarded to the IPV4 network through the IPV4 NATs and reaches the source NAR.

(3)源NAR收到后,从IPV4 UDP报文中取出IPV6报文,直接转发到IPV6网络。(3) After the source NAR receives it, it takes out the IPV6 message from the IPV4 UDP message and forwards it directly to the IPV6 network.

(4)由于该报文的IPV6地址符合IPV6报文路由寻址原理,该报文最终将通过IPV6路由系统传送到目的NAR。(4) Since the IPV6 address of the message complies with the routing addressing principle of the IPV6 message, the message will eventually be transmitted to the destination NAR through the IPV6 routing system.

(5)目的NAR收到IPV6报文后,根据报文中的目的地址,从IPV4 UDP隧道映射关系文件中查找对应的UDP隧道,如果存在对应映射关系,则将IPV6报文封装在IPV4 UDP报文中,转发IPV4网络。其中IPV4UDP报文使用的源端口号是目的NAR分配给双协议主机使用的参数,源IPV4地址是目的NAR的IPV4地址;目的端口号和目的IPV4地址是目的双协议主机使用的参数。(5) After receiving the IPV6 message, the destination NAR searches for the corresponding UDP tunnel from the IPV4 UDP tunnel mapping relationship file according to the destination address in the message. If there is a corresponding mapping relationship, the IPV6 message is encapsulated in the IPV4 UDP message In this article, the IPV4 network is forwarded. The source port number used by the IPV4UDP message is the parameter used by the destination NAR for the dual-protocol host, the source IPV4 address is the IPV4 address of the destination NAR; the destination port number and the destination IPV4 address are parameters used by the destination dual-protocol host.

(6)包含IPV6报文的IPV4UDP报文到达目的双协议主机。目的双协议主机的HTM从IPV4 UDP报文中取出IPV6报文。(6) The IPV4UDP message containing the IPV6 message arrives at the destination dual-protocol host. The HTM of the destination dual-protocol host takes out the IPv6 message from the IPV4 UDP message.

5、基于WEB方式的IPV6网络接入路由器参数配置5. IPV6 network access router parameter configuration based on WEB

在建立双协议主机和NAR之间的IPV4 UDP隧道过程中,双协议主机需要知道IPV6网络接入路由器在IPV4网络侧的IPV4服务地址。用户可以通过手工配置方式在双协议主机配置该参数,但是不方便。In the process of establishing the IPV4 UDP tunnel between the dual-protocol host and NAR, the dual-protocol host needs to know the IPV4 service address of the IPV6 network access router on the IPV4 network side. Users can manually configure this parameter on the dual-protocol host, but it is inconvenient.

本方法提出采用WEB机制,帮助用户选择IPV6网络接入路由器,自动配置所需参数。The method proposes adopting a WEB mechanism to help users select an IPV6 network access router and automatically configure required parameters.

WEB配置过程分为以下两步,具体过程如图5中数字表示的箭头所示。The WEB configuration process is divided into the following two steps, and the specific process is shown by the arrow indicated by the number in Figure 5 .

(1)NAR设备注册过程:NAR将设备信息,包括以下内容:IPV4地址、设备名字、设备所在地区、服务资费,发布到NARP---WWW服务器.(1) NAR device registration process: NAR publishes the device information, including the following content: IPV4 address, device name, device location, service fee, to the NARP---WWW server.

(2)用户查询过程:用户通过WEB方式访问NARP,根据WEB网页的设备信息情况清单,选择最合适的NAR,点击确定后,自动将NAR的IPV4地址加入到双协议主机通信配置文件。(2) User query process: the user accesses NARP through WEB, selects the most suitable NAR according to the device information list on the WEB page, and after clicking OK, the IPV4 address of the NAR is automatically added to the dual-protocol host communication configuration file.

附录——IPV4 NATs类型测试算法Appendix - IPV4 NATs Type Test Algorithm

根据IPV4 NATs处理外来IPV4报文的安全策略,可以分为restricted-NAT和cone-NAT;根据IPV4 NATs对内部IPV4报文的资源分配策略,可以分为symmetric NAT和asymmetric NAT;为此共有四种IPV4 NATs类型:cone-asymmetric-nat、restricted-asymmetrict-nat、cone-symmetric-nat、restricted-symetric-nat。According to the security policy of IPV4 NATs for processing external IPV4 packets, it can be divided into restricted-NAT and cone-NAT; according to the resource allocation strategy of IPV4 NATs for internal IPV4 packets, it can be divided into symmetric NAT and asymmetric NAT; there are four types for this purpose IPV4 NATs types: cone-asymmetric-nat, restricted-asymmetric-nat, cone-symmetric-nat, restricted-symmetric-nat.

通过以下基本算法,可以判断IPV4 NATs类型:The IPV4 NATs type can be judged by the following basic algorithm:

(1)HTM向NAR发送cone-NAT测试请求消息,消息封装在UDP报文中,UDP报文的目的地址和UDP端口号是NAR分配给HTM的UDP隧道专用资源。(1) HTM sends a cone-NAT test request message to NAR, and the message is encapsulated in a UDP message. The destination address and UDP port number of the UDP message are the UDP tunnel dedicated resources allocated by NAR to HTM.

(2)NAR取出UDP包的源地址和源端口地址,取出UDP包的目的地址和目的端口地址;将取出UDP包的源地址和源端口地址,和与取出目的地址不同的NAR另外一个IPV4地址作为NAR的cone-NAT测试响应消息内容;响应消息封装在UDP报文中,以另外IPV4地址作为响应消息的UDP报文的源IPV4地址,向HTM发送;如果HTM收到,则确定HTM在cone-NAT域,否则跳到步骤(5)。(2) NAR takes out the source address and source port address of the UDP packet, takes out the destination address and destination port address of the UDP packet; takes out the source address and source port address of the UDP packet, and another IPV4 address of NAR that is different from the destination address As the content of the cone-NAT test response message of NAR; the response message is encapsulated in a UDP message, and another IPV4 address is used as the source IPV4 address of the UDP message of the response message, and sent to the HTM; if the HTM receives it, it is determined that the HTM is in the cone -NAT domain, otherwise skip to step (5).

(3)如果HTM没有收到cone-NAT测试响应消息,则HTM向NAR发送restricted-NAT测试请求消息,消息封装在UDP报文中,UDP报文的目的地址和UDP端口号是NAR分配给HTM的UDP隧道专用资源。(3) If the HTM does not receive the cone-NAT test response message, the HTM sends a restricted-NAT test request message to the NAR, the message is encapsulated in a UDP message, and the destination address and UDP port number of the UDP message are assigned to the HTM by the NAR Dedicated resources for UDP tunnels.

(4)NAR取出UDP包的源地址和源端口地址,取出UDP包的目的地址和目的端口地址,以及在步骤(2)中获取的UDP包的UDP包的源地址和源端口地址,作为NAR的restricted-NAT测试响应消息内容;响应消息封装在UDP报文中,以取出目的UDP端口号和IPV4地址作为响应消息的UDP报文的源UDP端口号和IPV4地,向HTM发送;如果HTM收到,则确认HTM在restricted-NAT域。(4) NAR takes out the source address and the source port address of the UDP packet, takes out the destination address and the destination port address of the UDP packet, and the source address and the source port address of the UDP packet of the UDP packet obtained in step (2), as NAR The restricted-NAT test response message content; the response message is encapsulated in a UDP packet, and the destination UDP port number and IPV4 address are taken out as the source UDP port number and IPV4 address of the UDP packet of the response message, and sent to the HTM; if the HTM receives If it is found, confirm that the HTM is in the restricted-NAT domain.

(5)HTM向NAR发送symmetric NAT测试请求消息,消息封装在UDP包中,UDP包的目的地址是NAR的另外IPV4地址。(5) The HTM sends a symmetric NAT test request message to the NAR, the message is encapsulated in a UDP packet, and the destination address of the UDP packet is another IPV4 address of the NAR.

(6)NAR取出UDP包的源地址和源端口地址,取出UDP包的目的地址和目的端口地址,作为symmetric NAT测试响应消息内容;响应消息封装在UDP报文中,以取出目的UDP端口号和IPV4地址作为响应消息的UDP报文的源UDP端口号和IPV4地址,向HTM发送。(6) NAR takes out the source address and source port address of the UDP packet, takes out the destination address and the destination port address of the UDP packet, and uses them as the content of the symmetric NAT test response message; the response message is encapsulated in a UDP message to take out the destination UDP port number and The IPV4 address is sent to the HTM as the source UDP port number and IPV4 address of the UDP packet of the response message.

(7)HTM根据symmetric NAT测试响应消息、以前收到的cone-NAT测试响应消息或者restricted-NAT测试响应消息,判断在源端口和IPV4地址相同,目的端口和IPV4地址不同情况下,IPV4 NATs分配的外部端口和外部IPV4地址是否相同。如果不同,则确定HTM在symmetric-NAT域;反之,在asymmetric-NAT域。(7) According to the symmetric NAT test response message, the previously received cone-NAT test response message or the restricted-NAT test response message, HTM judges that the source port and IPV4 address are the same, and the destination port and IPV4 address are different. IPV4 NATs allocation Whether the external port and external IPV4 address of the IP address are the same. If they are different, it is determined that the HTM is in the symmetric-NAT domain; otherwise, it is in the asymmetric-NAT domain.

Claims (6)

1.一种IP网络协议转换的方法,该方法包括以下功能单元:IPV6网络接入路由器是完成IPV4UDP隧道集中管理和IPV6网络接入服务功能路由器;IPV6网络接入路由器导航器是用于保存IPV6网络接入路由器设备信息的WWW服务器;主机隧道管理器是安装在双协议主机上的IPV4UDP隧道维护软件;其特征在于,为位于一个或多个IPV4网络地址转换器后面的IPV6/IPV4双协议主机提供通用IPV6地址配置、支持IPV6/IPV4双协议主机之间、IPV6/IPV4双协议主机和IPV6主机之间的IPV6报文通信,该方法具体步骤如下:1. A method for IP network protocol conversion, the method comprising the following functional units: the IPV6 network access router is to complete the IPV4UDP tunnel centralized management and the IPV6 network access service function router; the IPV6 network access router navigator is used to preserve the IPV6 The WWW server of network access router device information; The host tunnel manager is the IPV4UDP tunnel maintenance software installed on the dual-protocol host; it is characterized in that it is an IPV6/IPV4 dual-protocol host behind one or more IPV4 network address translators Provide general IPV6 address configuration, support IPV6 message communication between IPV6/IPV4 dual-protocol hosts, between IPV6/IPV4 dual-protocol hosts and IPV6 hosts, the specific steps of this method are as follows: 步骤1:基于WEB方式的IPV6网络接入路由器参数配置;Step 1: IPV6 network access router parameter configuration based on WEB mode; 步骤2:建立双协议主机和IPV6网络接入路由器之间的IPV4UDP隧道;(1)位于网络地址转换域的双协议主机通过IPV4网络地址转换器接入IPV4网络后,主机隧道管理器访问IPV6网络接入路由器导航器,获取IPV6网络接入路由器的IPV4地址后,向IPV6网络接入路由器对应的UDP监听服务端口发送UDP隧道资源请求消息;(2)IPV6网络接入路由器收到该请求后,从主机隧道管理器发送的UDP报文中捕获IPV4网络地址转换器分配给双协议主机使用的参数:包括IPV4地址和UDP端口号;然后分配给双协议主机一个IPV6地址,该地址属于IPV6网络接入路由器路由域,在IPV6网络中可路由;同时分配给双协议主机一个空闲UDP端口号,该端口号用于建立双协议主机和IPV6网络接入路由器之间的IPV4UDP隧道;最后将三种参数之间的映射关系保存在IPV6网络接入路由器的IPV4UDP隧道映射关系文件中;(3)IPV6网络接入路由器将获得的相应的IPV4UDP隧道映射关系参数发送给主机隧道管理器,主机隧道管理器将三个参数添加到主机隧道管理器的通信配置文件中;(4)主机隧道管理器和IPV6网络接入路由器之间对IPV4网络地址转换器类型进行测试,IPV6网络接入路由器将测试结果传递给主机隧道管理器,主机隧道管理器把IPV4网络地址转换器类型的测试结果添加到主机隧道管理器的通信配置文件;(5)主机隧道管理器和IPV6网络接入路由器之间动态维护UDP隧道,主机隧道管理器通过定期发送Hello包来维护在IPV4网络地址转换器中的映射,发送周期小于IPV4网络地址转换器的映射生存时间;Step 2: set up the IPV4UDP tunnel between dual-protocol host and IPV6 network access router; Access the router navigator, after obtaining the IPV4 address of the IPV6 network access router, send a UDP tunnel resource request message to the corresponding UDP monitoring service port of the IPV6 network access router; (2) after the IPV6 network access router receives the request, Capture the parameters used by the IPV4 network address translator for the dual-protocol host from the UDP message sent by the host tunnel manager: including the IPV4 address and UDP port number; then assign an IPV6 address to the dual-protocol host, which belongs to the IPV6 network interface It can be routed in the IPV6 network; at the same time, a free UDP port number is assigned to the dual-protocol host, which is used to establish an IPV4UDP tunnel between the dual-protocol host and the IPV6 network access router; finally, the three parameters The mapping relationship between is stored in the IPV4UDP tunnel mapping relationship file of the IPV6 network access router; (3) the IPV6 network access router sends the obtained corresponding IPV4UDP tunnel mapping relationship parameter to the host tunnel manager, and the host tunnel manager will Three parameters are added to the communication configuration file of the host tunnel manager; (4) the IPV4 network address translator type is tested between the host tunnel manager and the IPV6 network access router, and the IPV6 network access router passes the test result to The host tunnel manager, the host tunnel manager adds the test result of the IPV4 network address translator type to the communication configuration file of the host tunnel manager; (5) dynamically maintains the UDP tunnel between the host tunnel manager and the IPV6 network access router, The host tunnel manager maintains the mapping in the IPV4 network address translator by regularly sending Hello packets, and the sending period is shorter than the mapping lifetime of the IPV4 network address translator; 步骤3:主机之间的IPV6报文通信。Step 3: IPV6 message communication between hosts. 2.根据权利要求1所述IP网络协议转换的方法,其特征在于,其中步骤1——基于WEB方式的IPV6网络接入路由器参数配置:IPV6网络接入路由器将设备信息,包括以下内容:IPV4地址、设备名字、设备所在地区、服务资费,发布到IPV6网络接入路由器导航器,供用户选择。2. according to the method for IP network protocol conversion described in claim 1, it is characterized in that, wherein step 1——IPV6 network access router parameter configuration based on WEB mode: IPV6 network access router will equipment information, comprise following content: IPV4 The address, device name, region where the device is located, and service charges are posted to the navigator of the IPV6 network access router for users to choose. 3.根据权利要求1所述IP网络协议转换的方法,其特征在于,其中步骤1——基于WEB方式的IPV6网络接入路由器参数配置:用户采用WEB方式配置IPV6网络接入路由器的IPV4地址参数,并将IPV6网络接入路由器的IPV4地址参数保存到主机隧道管理器的通信配置文件中。3. according to the method for IP network protocol conversion described in claim 1, it is characterized in that, wherein step 1---the IPV6 network access router parameter configuration based on WEB mode: the user adopts the IPV4 address parameter of WEB mode configuration IPV6 network access router , and save the IPV4 address parameter of the IPV6 network access router to the communication configuration file of the host tunnel manager. 4.根据权利要求1所述IP网络协议转换的方法,其特征在于,其中步骤2——建立双协议主机和IPV6网络接入路由器之间IPV4UDP隧道,双协议主机与IPV6网络接入路由器建立IPV4UDP隧道之前,从主机隧道管理器的通信配置文件中获取IPV6网络接入路由器的IPV4地址。4. according to the method for the described IP network protocol conversion of claim 1, it is characterized in that, wherein step 2---set up IPV4UDP tunnel between dual-protocol host and IPV6 network access router, dual-protocol host establishes IPV4UDP with IPV6 network access router Before tunneling, obtain the IPV4 address of the IPV6 network access router from the communication configuration file of the host tunnel manager. 5.根据权利要求1所述IP网络协议转换的方法,其特征在于,其中步骤3——主机之间的IPV6报文通信,IPV6网络接入路由器收到从IPV6网络方向来的IPV6报文后,根据报文中的目的地址,从步骤2中建立的IPV4UDP隧道映射关系文件中查找对应的UDP隧道,如果存在对应映射关系,则将IPV6报文转发到该映射所指示的UDP隧道。5. according to the method for the described IP network protocol conversion of claim 1, it is characterized in that, wherein step 3---the IPV6 message communication between the host, after the IPV6 network access router receives the IPV6 message that comes from the IPV6 network direction , according to the destination address in the message, search for the corresponding UDP tunnel from the IPV4UDP tunnel mapping relationship file established in step 2, if there is a corresponding mapping relationship, then forward the IPV6 message to the UDP tunnel indicated by the mapping. 6.根据权利要求1所述IP网络协议转换的方法,其特征在于,其中步骤3——主机之间的IPV6报文通信,步骤2中IPV6网络接入路由器分配给双协议主机的是一个在IPV6网络中可路由的、属于IPV6网络接入路由器路由域的通用IPV6地址,主机之间进行IPV6报文通信时,将该地址作为IPV6报文中的源地址或者目的地址构建IPV6报文,符合IPV6报文路由寻址原理,该报文最终能够寻址到达IPV6主机或者IPV6接入路由器。6. according to the method for the described IP network protocol conversion of claim 1, it is characterized in that, wherein step 3---the IPV6 message communication between the host computer, what IPV6 network access router distributes to the dual-protocol host computer in the step 2 is one in A general IPV6 address that is routable in the IPV6 network and belongs to the routing domain of the IPV6 network access router. When communicating with IPV6 packets between hosts, use this address as the source address or destination address in the IPV6 packet to construct an IPV6 packet, which conforms to Based on the principle of IPV6 packet routing and addressing, the packet can finally be addressed to an IPV6 host or an IPV6 access router.
CN2003101007194A 2003-10-08 2003-10-08 A method of IP network protocol conversion Expired - Fee Related CN1529480B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2003101007194A CN1529480B (en) 2003-10-08 2003-10-08 A method of IP network protocol conversion

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2003101007194A CN1529480B (en) 2003-10-08 2003-10-08 A method of IP network protocol conversion

Publications (2)

Publication Number Publication Date
CN1529480A CN1529480A (en) 2004-09-15
CN1529480B true CN1529480B (en) 2010-04-14

Family

ID=34304082

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2003101007194A Expired - Fee Related CN1529480B (en) 2003-10-08 2003-10-08 A method of IP network protocol conversion

Country Status (1)

Country Link
CN (1) CN1529480B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1756259B (en) * 2004-09-27 2011-04-20 国际商业机器公司 Method and system for using a network address translation (nat) in an IP network
KR100636186B1 (en) 2004-10-28 2006-10-19 삼성전자주식회사 Bidirectional tunnel establishment method and system
CN100454891C (en) * 2005-02-02 2009-01-21 横河电机株式会社 IPv6/IPv4 converter
CN100505684C (en) * 2005-03-29 2009-06-24 国际商业机器公司 Network system, traffic balancing method, network monitoring equipment and host
CN1901449B (en) * 2006-07-19 2010-05-12 华为技术有限公司 Network access method and network communication system
CN101123582B (en) * 2007-09-21 2011-08-24 中兴通讯股份有限公司 A communication method between private network terminals
CN101252524A (en) * 2008-04-08 2008-08-27 华为技术有限公司 Apparatus, system and method for transmitting message
CN101610295B (en) * 2009-07-17 2011-11-09 清华大学 Stateless IPv4/IPv6 grouping transformation method using non-specific IPv6 address

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
汤九斌,杨静宇.IPV6 OVER IPV4隧道原理技术与实现.江苏通信技术18 4.2002,18(4),5-8.
汤九斌,杨静宇.IPV6 OVER IPV4隧道原理技术与实现.江苏通信技术18 4.2002,18(4),5-8. *

Also Published As

Publication number Publication date
CN1529480A (en) 2004-09-15

Similar Documents

Publication Publication Date Title
JP4303600B2 (en) Connection setting mechanism between networks with different address areas
US7609701B2 (en) Communication using private IP addresses of local networks
JP4819953B2 (en) Control tunnel and direct tunnel setting method in IPv4 network-based IPv6 service providing system
US6708219B1 (en) Method and system for dual-network address utilization
JP4327142B2 (en) Information processing system, tunnel communication device, tunnel communication method, proxy response device, and proxy response method
US7639686B2 (en) Access network clusterhead for providing local mobility management of a roaming IPv4 node
US20130010614A1 (en) METHOD AND APPARATUS FOR PROCESSING PACKETS IN IPv6 NETWORK
CN101515882B (en) Method, device and system for communication between local area network and public network
JP2003273935A (en) Network-connecting apparatus and method for providing direct connection between network devices in different private networks
CN102347993A (en) Network communication method and equipment
JP2004357292A (en) System for converting data transferred on ip switched network from ipv4 base into ipv6 base
KR101210388B1 (en) Method for constructing closed user network using ip tunneling mechanism and closed user network system
Babatunde et al. A comparative review of internet protocol version 4 (ipv4) and internet protocol version 6 (ipv6)
US20110013647A1 (en) Ipv6 over ipv4 transition method and apparatus for improving performance of control server
CN110691150A (en) SDN-based IPv4 and IPv6 interconnection method and system
CN1529480B (en) A method of IP network protocol conversion
Punithavathani et al. IPv4/IPv6 transition mechanisms
JP4572938B2 (en) Address translation method
Atkinson et al. A proposal for unifying mobility with multi-homing, NAT, & security
EP3395049B1 (en) Router and method for connecting an ipv4 network and an ipv6 network
US20150032898A1 (en) Method for establishing a virtual community network connection and a system for implementing said method
JP2005033250A (en) Relaying apparatus and port forward setting method
WO2009005212A1 (en) Ipv6 over ipv4 transition method and apparatus for improving performance of control server
CN104935677B (en) A NAT64 resource acquisition method and acquisition/allocation device
Hamarsheh Deploying IPv4-only connectivity across local IPv6-only access networks

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20100414

Termination date: 20191008