WO2000069129A1 - Network device, apparatus for controlling network device, and method of resource reservation - Google Patents

Network device, apparatus for controlling network device, and method of resource reservation Download PDF

Info

Publication number
WO2000069129A1
WO2000069129A1 PCT/JP1999/002396 JP9902396W WO0069129A1 WO 2000069129 A1 WO2000069129 A1 WO 2000069129A1 JP 9902396 W JP9902396 W JP 9902396W WO 0069129 A1 WO0069129 A1 WO 0069129A1
Authority
WO
WIPO (PCT)
Prior art keywords
network device
bucket
signaling
resource reservation
information
Prior art date
Application number
PCT/JP1999/002396
Other languages
French (fr)
Japanese (ja)
Inventor
Shinya Kano
Original Assignee
Fujitsu Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujitsu Limited filed Critical Fujitsu Limited
Priority to PCT/JP1999/002396 priority Critical patent/WO2000069129A1/en
Publication of WO2000069129A1 publication Critical patent/WO2000069129A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/82Miscellaneous aspects
    • H04L47/822Collecting or measuring resource availability data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/72Admission control; Resource allocation using reservation actions during connection setup
    • H04L47/724Admission control; Resource allocation using reservation actions during connection setup at intermediate nodes, e.g. resource reservation protocol [RSVP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/78Architectures of resource allocation
    • H04L47/781Centralised allocation of resources

Definitions

  • Network device Network device, network device control device, and resource reservation method
  • the present invention relates to a network device, a network device control device, and a resource reservation method, and more particularly to a network in a communication system that performs communication between terminals after securing resources of the network device existing on a path between two terminals.
  • the present invention relates to a device, a network device control device, and a resource reservation method.
  • RSV P a protocol called RSVP (Resourc e Res ervate on Protocol 1) has been used.
  • RSVP RSVP
  • a terminal requesting reservation transmits a RESV bucket (res e rve bucket) to a terminal of a communication partner.
  • the relay device router, etc.
  • the RESV bucket res e rve bucket
  • the reservation conditions bandwidth, priority, etc.
  • Reservation securing of the resource of the relay device ⁇ .
  • the resources are secured in all the relay devices between the reservation requesting terminal and the destination terminal, and communication for guaranteeing the required communication quality is performed between them. Enabled (a resource reservation service is provided).
  • RSVP secures resources in the relay device in the order in which signaling packets (RESV packets) are generated, that is, in the order in which resource reservation (service) is requested. For this reason, there was a problem that it was not possible to perform selective resource allocation such as allocating resources to important users and important applications.
  • a method has been adopted in which a server for managing the resource reservation service is provided, and the server determines whether the resource reservation is permitted or not.
  • the relay apparatus allocates resources according to the determination of the server.
  • FIG. 24 is an explanatory diagram of a resource reservation method in a conventional communication system using a server. In such a system,
  • the terminal (user) A transmits a reservation request packet (RESV packet) to the relay device (router) R1.
  • REV packet a reservation request packet
  • the relay device R1 inquires of the server SVR whether the reservation request may be accepted.
  • the server SVR determines whether or not the terminal A that has transmitted the reservation request has a reservation right.
  • the server SVR notifies the relay device R1 that the reservation is permitted.
  • the relay device R1 having received the reservation permission transfers the reservation request bucket (RESV) received from the terminal A to the next relay device R2.
  • RESV reservation request bucket
  • the relay device R2 that has received the reservation request packet inquires of the server SVR whether the reservation request can be accepted.
  • the server SVR that has received the inquiry determines whether the terminal A that has transmitted the reservation request has a reservation right.
  • the server notifies the relay device R2 that the reservation is permitted.
  • the relay device R 2 that has received the reservation transfers the reservation request packet (RESV) received from the terminal A to the next relay device.
  • RESV reservation request packet
  • resources are secured in all the relay devices R1 to R2 between the reservation request terminal A and the communication partner terminal B, and the communication quality of the reservation request terminal A and the communication partner terminal B is guaranteed (resource reservation). Service is provided).
  • the relay device inquires of the server whether the reservation request can be permitted. For this reason, it is necessary to send and receive an inquiry packet and a response packet a plurality of times before a signaling packet reaches a partner terminal, thereby increasing traffic, and increasing a processing delay due to a plurality of inquiry and response processes. Occurs.
  • an object of the present invention is to make it possible to omit a resource reservation permission inquiry from a second or subsequent relay device to a server, thereby preventing an increase in traffic and an increase in processing delay time.
  • Another object of the present invention is to perform a fine-grained service management according to a user by assigning a grade (priority) to a resource reservation right and permitting the relay device to reserve the resource.
  • Another object of the present invention is to encrypt a queried information inserted into a signaling bucket so that a malicious relay device cannot add the queried information without permission.
  • Another object of the present invention is to make a response of resource reservation permission only when resources can be secured by all the relay devices on the route between communication terminals, thereby ensuring that each relay device secures resources. And control the increase in traffic.
  • It has a relay device (network device) such as a router that configures the network, and a server (network device control device) that performs predetermined processing and responds to requests from the relay device.
  • a relay device network device
  • server network device control device
  • the resources are reserved according to the following (1) to (5).
  • One terminal transmits a signaling bucket to the other terminal for reserving the resources of the relay device existing on the path between the terminals.
  • the first relay device that has received the siddering bucket inquires of the server whether or not resource reservation is possible.
  • the server uses the reference information stored in advance to determine whether to permit the resource reservation, and responds to the relay device with the determination result.
  • the relay apparatus Upon receiving a response from the server that permits resource reservation, the relay apparatus performs processing for resource reservation, and sends a signaling packet containing the queried information to the other terminal.
  • the second and subsequent relay devices that have received the signaling bucket containing the queried information perform resource reservation processing without inquiring of the server whether or not the resource reservation is possible, and signaling containing the queried information.
  • the packet is transmitted to the other terminal.
  • the server holds the resource status of each relay device, finds a relay device on the route between the communication terminals by inquiring for resource reservation, and can secure resources in all the relay devices on the route. It is determined whether or not there is a certain power by referring to the resource status of the relay device. If all the relay devices can secure the resource, a response of resource reservation permission is made. In this way, each relay device can reliably secure resources and communication between communication terminals becomes possible. Also, if resources cannot be secured in any of the relay devices, it is not necessary to transmit the second and subsequent relay device hesidana ringing packets, so that an increase in traffic can be suppressed.
  • the present invention is not limited to the case where a server is inquired about permission for resource reservation and communication is performed based on the permission response. It can be applied to communication.
  • FIG. 1 is an overall configuration diagram of the network.
  • FIG. 2 is a configuration diagram of the relay device.
  • Figure 3 shows the bucket structure
  • Figure 4 is an example of a resource management table.
  • FIG. 5 is a configuration diagram of the server.
  • FIG. 6 shows an example of user information stored in the server.
  • FIG. 7 is a flowchart of a resource reservation process according to the first embodiment.
  • FIG. 8 is an explanatory diagram of various bucket structures.
  • FIG. 9 shows a resource reservation processing flow according to the second embodiment.
  • FIG. 10 shows an example of the structure of the permission response bucket according to the second embodiment.
  • FIG. 11 shows a resource reservation processing flow according to the third embodiment.
  • FIG. 12 is a flowchart of a resource securing process considering priority.
  • Figure 13 shows an example of a resource management table.
  • FIG. 14 is an explanatory diagram of various bucket structures.
  • FIG. 15 shows the resource reservation processing flow of the fourth embodiment.
  • FIG. 16 shows an example of the structure of the permission response bucket according to the fourth embodiment.
  • FIG. 17 is a server configuration diagram of the fifth embodiment.
  • Figure 18 shows an example of router information stored in the server.
  • FIG. 19 is a chart showing the topology of network devices.
  • FIG. 20 is a flowchart of the reservation permission determination process of the server of the fifth embodiment.
  • FIG. 21 shows a resource reservation processing flow according to the sixth embodiment.
  • FIG. 22 is a configuration example of a signaling bucket according to the sixth embodiment.
  • FIG. 23 is an explanatory diagram of a procedure when a signaling bucket having a sequential number is used.
  • FIG. 24 is an explanatory diagram of a resource reservation method using a conventional server.
  • 1 ⁇ Li in overall configuration diagram of a network to which the present invention can be applied 1 1, 1 2 End terminal (a host device) such as a personal computer, such as 1 3 ⁇ 1 3 2 constitutes a network router
  • the relay device 14 is a server that performs a predetermined process and responds with permission / rejection of reservation when an inquiry about resource reservation is made from the relay devices 13 to 1332.
  • terminal resources e.g. bandwidth
  • Terminal (user) requesting resource reservation 11 1 is a signal requesting a desired bandwidth.
  • a ring bucket (RESV bucket) is transmitted to the terminal 12 of the communication partner.
  • the relay device 13 that first receives the signaling packet transmits a permission request bucket for inquiring whether to permit the resource reservation request to the server 14 that manages the resource reservation service. .
  • the server 14 that has received the permission request packet determines whether to permit the resource reservation request with reference to the user information and the like stored in the database.
  • a permission response packet is transmitted to the relay device 13i to notify the reservation request permission.
  • the relay device 13 i Upon receiving the permission response packet instructing the reservation request permission, the relay device 13 i performs a process of securing the requested resource (bandwidth) at the terminal 11.
  • the relay device 13 attaches the already-inquired information to the signaling packet (information indicating that the resource reservation permission has already been inquired to the server). The next relay device 1 3 2 is transmitted.
  • the relay device 1 3 2 Upon receiving the signaling bucket to which the inquired information is attached, the relay device 1 3 2 immediately secures the resource (bandwidth) requested from the terminal without inquiring the server 14 of the resource reservation permission. To perform the process.
  • the relay device 1 3 2 if ensured requested resource (band), and transmits the signaling bucket bets query Align completion information is attached to the next repeater. Thereafter, in the same manner, the resource reservation service is completed when the communication counterpart terminal 12 of the terminal 11 which has finally requested the resource reservation receives the signaling bucket.
  • FIG. 2 is a configuration diagram of the relay device.
  • Reference numerals 13a and 13b denote a bucket receiving unit and a bucket transmitting unit, which transmit and receive packets (signaling packets and data buckets) in accordance with IP (intrenet Protocol).
  • the IP bucket is composed of an IP header 21 and a data part 22 as shown in FIG.
  • Reference numeral 13c denotes a signaling processing unit which performs analysis of received signaling packets, determination of necessity of inquiry to a server, instruction of resource reservation to the admission processing unit, instruction of generation of signaling packets, and the like.
  • 13d is a packet in the signaling bucket generating unit, and makes an inquiry about resource reservation permission according to an instruction from the signaling processing unit 13c.
  • 13 e is a routing table that holds routing information for determining the repacket sending route based on the destination IP address
  • 13 f is a resource management table that manages the resources of the relay device and its use
  • 13 g is a resource management table.
  • a resource securing processing unit 13h for controlling, 13h is a data communication unit for determining and transmitting a bucket transmission route with reference to a destination IP address and a routing table of the received data bucket.
  • the resource management table 13f has a bandwidth management table 13f-l and an allocated bandwidth management table 13f-2 as shown in FIGS. 4 (a) and 4 (b).
  • the allocated bandwidth management table 13 ⁇ -2 is the packet identifier. And manages the correspondence of the allocated bandwidth. As the packet identifier, the source IP address or a combination of the source IP address / destination IP address can be used.
  • the allocated bandwidth Fa is increased by f in the table of (a)
  • the remaining bandwidth Fe is reduced by f
  • the table of (b) is The allocated bandwidth f is registered corresponding to the packet identifier.
  • FIG. 5 is a configuration diagram of the server 14.
  • the server 14 includes: 1) a database unit 14a storing various information necessary for determining permission of resource reservation Z determination of non-permission; and 2) a permission request bucket for receiving a bucket for inquiring permission / non-permission of resource reservation from the relay device.
  • Receiving section 14b, 3 When receiving a permission request bucket, a reservation permission judgment processing section 14c, which determines permission / non-permission of resource reservation by referring to the information of the database section 14a, ⁇ permission / non-permission of resource reservation.
  • An authorization response bucket generating unit 14d for generating a bucket including information indicating permission is provided.
  • An authorization response bucket transmitting unit 14e for transmitting the authorization response bucket to the relay device.
  • Database 14a is a network resource that holds topology routing information and device-specific information.
  • a source information holding unit 14a-1 and a policy information holding unit 14a-2 for holding user information and the like are provided.
  • Fig. 6 shows an example of user information (1), the attributes of user (terminal) A, (1) user identifier (terminal IP address), (2) priority when the user uses the network, and (3) when the user uses the network. ⁇ ⁇ and other user-specific information.
  • the topology information and device-specific information will be explained when they are needed for explanation.
  • FIG. 7 is a flowchart of a resource reservation process according to the first embodiment of the present invention.
  • (A) is a process flow of the relay device, and
  • (b) is a process flow of the server.
  • FIG. 8 is an explanatory diagram of various packet structures used in the first embodiment.
  • (A) is a signaling packet
  • (b) is a permission request packet
  • (c) is a permission response packet. It has the same configuration as that shown in Fig. 2), and shows only a part of the IP header 21 and the data part 22.
  • the signaling packets sent from the source terminal and each relay device are included in the IP header part 21 as 1 destination address (destination terminal address), 2 source address (source terminal address)
  • the data section 22 has 2) packet type (resource reservation request packet), 2) inquired information (flag information indicating whether or not the server has been inquired of permission or non-permission of resource reservation), 3) system It has identification information of the data bucket targeted by the dunning packet, and 4 data bucket quality information. However, the inquired information in 2 does not necessarily need to be included in the signaling bucket from the source terminal.
  • the data bucket identification information includes a destination address, a source address, a protocol type, a destination port number, a source port number, etc., but these are all unnecessary and may be appropriately combined, for example, a combination of a destination address and a source address.
  • the data packet quality information includes a required relay delay, a required bandwidth, a required priority, and the like. However, any one or more qualities, for example, only the bandwidth, can be set as the required quality.
  • Bucket for permitting resource reservation sent from the relay device Z has (1) a destination address (server address) and (2) a source address (relay device address) in the IP header section 21 as shown in FIG. It has bucket type (permission request bucket), 2 data bucket identification information, and 3 data bucket quality information.
  • the response packet to the resource reservation inquiry transmitted from the server contains (1) the destination address (relay device address) and (2) the source address (server address) in the IP header section 21.
  • the data section 22 has (1) packet type (permission response packet) and (2) permission determination information (information indicating permission or non-permission).
  • the relay device 13 waits for reception of a signaling packet (step 101), and the server 14 waits for reception of a permission request packet (step 201).
  • the relay device 13 when the relay device 13 receives the signaling packet, it checks whether the packet is a resource reservation bucket by referring to the bucket type, and if the packet is a resource reservation bucket, checks whether the queried flag is set. (Step 102). If the queried flag is not set, the relay device 13 creates a permission request packet and queries the server 14 for permission or non-permission of resource reservation (step 10 3). Waiting for reception (step 104).
  • the server 14 Upon receiving the permission request bucket, the server 14 identifies the IP address of the source terminal from the data bucket identification information and recognizes the requested resource (for example, the requested bandwidth). Then, referring to the user information stored in the database section 14a, it is checked whether the source terminal (user) has the right to communicate using the requested band.
  • the requested resource for example, the requested bandwidth
  • the server 214 creates a response packet including the determination result and sends it to the relay device 13 (step 203).
  • the relay device 13 When the relay device 13 receives the response bucket, it determines whether the reservation is permitted or not. Is checked (step 105). If the reservation is not permitted, the resource reservation service is rejected (step 106). Thereafter, the processing is terminated and the reception of the next signaling bucket is waited.
  • step 105 if reservation permission is instructed, resource reservation control is executed, and it is determined whether or not the required band can be reserved (steps 107 and 108). For example, referring to the resource management table (FIG. 4 (a)), it is checked whether the required bandwidth is available.
  • the resource reservation service is rejected (step 106), and thereafter the processing is terminated and the reception of the next signaling packet is waited. If resources can be secured, the resource management tables (Figs. 4 (a) and 4 (b)) are updated, a signaling bucket with the queried flag set is created, and transmitted to the destination terminal side (step 109). This signaling packet is obtained by changing the queried flag to “set” in the signaling bucket received in step 101.
  • step 102 if the queried flag of the signaling bucket is set, the resource securing control is executed immediately without inquiring of the resource reservation permission / non-permission to the server to secure the required bandwidth. Determine whether the force is possible or not (steps 111, 112).
  • the resource reservation service is rejected (step 106), and thereafter the processing is terminated and the reception of the next signaling packet is waited. If resources can be secured, the resource management table is updated, and the received signaling packet (signaling bucket with the queried flag set) is transmitted to the destination terminal (step 113).
  • a predetermined bandwidth is requested as a resource from the user.
  • the server refers to the user information and requests the user to obtain the requested priority.
  • the above priority and the bandwidth more than the required bandwidth are permitted 91
  • Resource reservation is permitted only on -11-, and resource reservation is not permitted otherwise.
  • the signaling bucket is created by the relay device.However, the signaling bucket including the queried information is created in the server, and the signaling bucket is stored in the permission response bucket and transmitted to the relay device.
  • the relay device may be configured to extract the signaling bucket included in the permission response bucket and send the signaling bucket to the partner terminal side. In this way, it is possible to prevent an unauthorized relay device from transmitting a signaling bucket in which the inquired flag is set without permission and performing communication.
  • FIG. 9 shows a resource reservation processing flow of the second embodiment.
  • the same steps as those in the flow of the first embodiment are denoted by the same reference numerals.
  • FIG. 10 is an explanatory diagram of an authorization response bucket used in the second embodiment.
  • the signaling bucket includes queried information in addition to the information of the authorization response packet (see FIG. 8 (c)) of the first embodiment. It is included.
  • the relay device 13 waits for reception of a signaling packet (step 101), and the server 14 waits for reception of a permission request packet (step 201).
  • the relay device 13 checks whether the packet is a resource reservation bucket by referring to the packet type, and if the packet is a resource reservation packet, checks whether the queried flag is set. (Step 102). If the queried flag is not set, the relay device 13 creates a permission request packet and queries the server 14 for permission or non-permission of resource reservation (step 103). Waiting for reception (step 104).
  • the server 14 Upon receiving the permission request bucket, the server 14 identifies the IP address of the source terminal from the data bucket identification information and recognizes the requested resource (for example, the requested bandwidth). Next, by referring to the user information stored in the database unit 14a, it is checked whether the source terminal (user) has the right to communicate in the requested band. If the bandwidth allowed for the user (user bandwidth) is larger than the requested bandwidth, reservation allowed, small If not, it is determined that the reservation is not permitted (step 202).
  • the server 214 creates a response packet (FIG. 8 (c)) similar to that of the first embodiment and transmits it to the relay device 13 (251, 253). However, if the reservation is permitted, a signaling bucket with the queried flag set is created (step 252), and then a permission response packet having the signaling packet in the data section (see FIG. 10). Is created and transmitted to the relay device 13 (25 3).
  • the relay device 13 Upon receiving the permission response bucket, the relay device 13 checks whether reservation permission or reservation non-permission has been specified (step 105), and rejects the resource reservation service if reservation non-permission has been specified. Then (step 106), thereafter, the processing is terminated and the reception of the next signaling bucket is waited.
  • step 107 the process from step 107 is executed. Then, after securing the required bandwidth, the signaling packet included in the received response packet is transmitted to the destination terminal side (step 151), and thereafter, the reception of the next signaling bucket is awaited.
  • step 102 If the inquired flag is set in step 102, the processes in and after step 111 are performed as in the first embodiment.
  • the server 14 determines permission or non-permission of resource reservation and only notifies the relay device of the determination result. By permitting reservations, more fine-grained service management according to Liza can be performed.
  • FIG. 11 is a flowchart of a resource reservation process according to a third embodiment for assigning priorities and permitting resource reservation.
  • the same parts as those in the first embodiment in FIG. 7 are denoted by the same reference numerals.
  • FIG. 12 is a flowchart of the resource securing processing of the relay device in consideration of the priority
  • FIG. 13 is an example of a resource management table of the third embodiment
  • FIG. 14 is an example of various packet configurations of the third embodiment.
  • the resource management table manages almost the same contents as the resource management table (FIG. 4) of the first embodiment, but the packet is stored in the allocated bandwidth management table 13f-2. It differs in that it manages the correspondence between identifiers, priorities, and allocated bandwidth.
  • each The packet has substantially the same configuration as the packet of the first embodiment (FIG. 8) as shown in FIG. 14, but (1) a priority item column is provided in the data section 22 of the signaling packet. (2) The difference is that the priority is added to the permission response packet.
  • the relay device 13 waits for reception of a signaling packet (step 101), and the server 14 waits for reception of a permission request packet (step 201).
  • the relay device 13 refers to the packet type and checks whether the packet is a resource reservation packet, and if the packet is a resource reservation packet, checks whether the queried flag is set. (Step 102). If the inquired flag is not set, the relay device 13 creates a permission request bucket and queries the server 14 for permission / non-permission of the resource reservation (step 103), and then waits for the reception of the permission response bucket. (Step 104).
  • the server 14 Upon receiving the permission request bucket, the server 14 identifies the IP address of the source terminal based on the data bucket identification information, and recognizes the requested resource (for example, the requested bandwidth). Next, referring to the user information stored in the database unit 14a, it is checked whether the source terminal (user) has a right to communicate using the requested bandwidth. If the bandwidth (user bandwidth) allowed by the user is larger than the requested bandwidth, it is determined that the reservation is permitted, and if the bandwidth is smaller than the requested bandwidth, it is determined that the reservation is not permitted (step 202), and the priority is determined from the user information (step 261). . If the priority is obtained, the server 14 creates a permission response packet (FIG. 14 (c)) including the priority and transmits it to the relay device 13 (step 203).
  • the server 14 creates a permission response packet (FIG. 14 (c)) including the priority and transmits it to the relay device 13 (step 203).
  • the relay device 13 When receiving the permission response bucket, the relay device 13 checks whether reservation permission or reservation non-permission has been specified (step 105), and rejects the resource reservation service if reservation non-permission has been specified (step 105). Step 106) Thereafter, the processing is terminated and the reception of the next signaling bucket is waited.
  • step 105 if reservation permission is instructed, resource reservation control described later is executed in consideration of priority, and it is determined whether or not the required bandwidth can be reserved (steps 107 'and 108'). ). If the bandwidth cannot be secured, the resource reservation service is rejected (step 106), and thereafter, the processing is terminated and the reception of the next signaling bucket is waited.
  • step 109 If resources can be secured, the resource management tables (FIGS. 13A and 13B) are updated, a signaling bucket in which the queried flag and the priority are set is created, and transmitted to the destination terminal side (step 109). ').
  • This signaling packet changes the queried flag of the signaling bucket received in step 101 to a set, and includes the signaling priority received from the server.
  • the resource securing control described later is immediately executed without inquiring of the server whether the resource reservation is permitted or not. It is determined whether or not it is possible (steps 1 1 1 ', 1 1 2').
  • the resource reservation service is rejected (step 106), and thereafter, the processing is terminated and the reception of the next signaling bucket is waited.
  • the resource management table is updated, and the received signaling packet (signaling packet with the queried flag set) is transmitted to the destination terminal (step 113 ').
  • fine-grained service management according to the user can be performed.
  • resource allocation can be performed preferentially for users with high priority.
  • FIG. 12 is a processing flow of the resource securing control in step 107 'and step 11 1' of FIG.
  • step 301 it is determined whether the remaining bandwidth F e is larger than the required bandwidth (step 301). If Fe ⁇ Fr, the resource reservation service is accepted (step 302), and the resource management table is updated (step 303). The process ends.
  • step 301 If the requested bandwidth Fr is larger than the remaining bandwidth Fe in step 301, refer to the allocated bandwidth management table in FIG. 13 (b) and check if there is a reserved packet with a lower priority than the priority specified by the server. If it is not checked (step 304), rejection of the resource reservation service is rejected (step 305), and the process ends.
  • step 304 the priority lower than the priority specified by the server If there is a previously reserved bucket, the total bandwidth including the reserved bandwidth of the low priority and the remaining bandwidth is compared with the required bandwidth Fr (step 310). If the required bandwidth is larger, the resource reservation service is performed. Is rejected (step 305), and the process ends.
  • the reservation of the low priority reserved data packet is discarded (step 307), and the resource reservation is performed.
  • the service is accepted (step 302), the resource management table is updated (step 303), and the process is terminated.
  • the signaling bucket is created by the relay device.
  • a signaling bucket containing information indicating that the inquiry has been completed at the server and the priority is created, and the signaling bucket is stored in the permission response bucket to store the signaling bucket.
  • the relay device can extract the signaling bucket included in the authorization response bucket and send it to the partner terminal side.
  • FIG. 15 shows the resource reservation processing flow of the fourth embodiment.
  • the same steps as those in the processing flow of the third embodiment (FIG. 11) are given the same numbers.
  • FIG. 16 is an explanatory diagram of the permission / response bucket used in the fourth embodiment.
  • the signaling priority information is deleted from the permission / response packet of the third embodiment (see FIG. 14 (c)).
  • a signaling bucket containing queried information and signaling priority is stored.
  • the relay device 13 is waiting for reception of a signaling packet (step 101), and the server 14 is waiting for reception of a permission request packet (step 201).
  • the relay device 13 when receiving the signaling bucket, the relay device 13 refers to the packet type and checks whether the packet is a resource reservation packet, and if the packet is a resource reservation packet, checks whether the queried flag is set. (Step 102). If the queried flag is not set, the relay device 13 creates a permission request packet and queries the server 14 for permission / non-permission of resource reservation. (Step 104), and after that, it waits for the reception of the permission response packet (step 104).
  • the server 14 Upon receiving the permission request bucket, the server 14 identifies the IP address of the source terminal from the data bucket identification information, and recognizes the requested resource (eg, request band) of the source terminal. Then, referring to the user information stored in the database section 14a, it is checked whether or not the source terminal (user) has the right to communicate using the requested bandwidth. If the band allowed by the user (user band) is larger than the requested band, it is determined that the reservation is permitted, and if the band is smaller, the reservation is not permitted (step 202).
  • the server 14 creates a response packet (FIG. 8 (c)) similar to that of the first embodiment and sends it to the relay device 13 (271, 274). However, if the reservation is permitted, a priority is obtained from the user information (step 2722), and a signaling packet containing the priority and having the inquired flag set is created (step 2732). ). Next, the server 14 creates an authorization response packet (see FIG. 16) storing the signaling packet, and transmits it to the relay device 13 (274).
  • the relay device 13 Upon receiving the permission response bucket, the relay device 13 checks whether reservation permission or reservation non-permission has been specified (step 105), and rejects the resource reservation service if reservation non-permission has been specified. Then (step 106), thereafter, the processing is terminated and the reception of the next signaling bucket is waited.
  • step 107 the process from step 107 'is executed thereafter. Then, after securing the requested bandwidth, it transmits the signaling bucket included in the received response packet to the destination terminal side (step 161), and thereafter waits for reception of the next signaling bucket.
  • step 102 If the inquired flag is set in step 102, the processing from step 111 is performed in the same manner as in the third embodiment.
  • the server reserves or denies the resource reservation to the relay device based on whether or not the user has the right to communicate using the resource requested by the user. there were.
  • the relay device in addition to the above conditions, If the relay device can secure the required resources, the resource reservation is permitted.
  • FIG. 17 is a configuration diagram of a server 14 that performs resource reservation control according to the fifth embodiment.
  • This server 14 is composed of 1) a database section 14a for storing various information necessary for determining permission / non-permission of resource reservation, and 2) a bucket for inquiring permission / non-permission of resource reservation from the relay device.
  • ⁇ Information indicating permission of resource reservation Z not permitted Acknowledgment bucket generating unit 14 d for generating a bucket including: ⁇ an acknowledgment bucket transmitting unit 14 e for transmitting the acknowledgment bucket to the relay device, IP the IP address of the source terminal, the IP address of the destination terminal and the topology It has a relay device specifying unit 14f that specifies the relay device on the route between the two terminals using the information.
  • the database unit 14a includes a network resource information holding unit 14a-1 and a policy information holding unit 14a-2.
  • the network resource information holding unit 14a-1 holds topology route information and device specific information, and policy information.
  • the holding unit 14a-2 holds user information and operation policy information.
  • user information indicates the attributes of the user (terminal) (Fig. 6).
  • the device-specific information indicates the attributes of the relay device (router, etc.) as shown in Fig. 18; 1) the IP address of the router, 2) the maximum available bandwidth, 3) the allocated bandwidth, 4) the remaining bandwidth, and 4) other information.
  • Has router-specific information is included in Fig. 18.
  • the topology information indicates the connection relationship of the relay devices as shown in Figs. 19 (a) and (b).
  • the topology information of router A is a list of IP addresses of neighboring routers as shown in Fig. 19 (a).
  • the topology information of Router B is a list of IP addresses of neighboring routers. That is, FIG. 19 (a) shows that router A having an IP address of 192.168.15.1 is connected to three routers B to D. Of the three routers, router B with an address of 192.168.10.1 indicates that there are two adjacent routers A and E as shown in Fig. 19 (b).
  • a list of routers connected to a certain router is represented as a single table, and the number of nodes is prepared to represent and hold the topology of the network.
  • the configuration of the packet used in the fifth embodiment is the same as that of FIG. 8, and the entire resource reservation process is the same as the process of the first embodiment in FIG. The difference is the reservation permission determination process of the server 14.
  • FIG. 20 is a flowchart of a reservation permission determination process of the server 14 in the fifth embodiment.
  • the server 14 receives the permission request bucket from the relay device 13 (step 401)
  • the server 14 identifies the IP address of the source terminal from the data packet identification information, and outputs the required resources (for example, the required bandwidth). Recognize.
  • the required resources for example, the required bandwidth.
  • the source terminal (user) has the right to communicate in the requested band. For example, it is checked whether the bandwidth allowed for the user (user bandwidth) is larger than the required bandwidth, and it is determined that the reservation is possible if the user bandwidth is larger than the required bandwidth, and that the reservation is impossible if the user bandwidth is smaller than the required bandwidth (step 40). 2).
  • the server 14 creates a response packet indicating that the reservation is not permitted and sends it to the relay device (step 404). Thereafter, the next permission request bucket is transmitted. Wait for reception.
  • the server 14 obtains a communication route between the two terminals using the IP address and the topology information of the source terminal and the destination terminal included in the packet identification information, and performs the communication. All the relay devices on the route are specified (Step 405). For example, the server 14 calculates the shortest path between the two terminals using the Dijkstra Dijkstra algorithm, obtains IP routing information from the source terminal to the destination terminal from the path information, and obtains the IP routing information. Using the information, identify all the relay devices that relay between both terminals.
  • step 406 by referring to the router information of all the relay devices on the communication path, it is checked whether or not there is a remaining bandwidth exceeding the required band in all the relay devices (step 406). If the band does not exist, a response bucket indicating that the reservation is not permitted is created and transmitted to the relay device (step 404).
  • a response packet indicating reservation permission is created and transmitted to the relay device (step 407), and thereafter, the next permission request bucket is received. Wait for.
  • the resources can be reliably secured in each relay device, Communication between terminals becomes possible. Also, if resources cannot be secured in any of the relay devices, there is no need to transmit a signaling bucket to the second and subsequent relay devices, so that an increase in traffic can be suppressed.
  • the information already inquired into the signaling bucket is input without encryption and transmitted as it is.
  • By encrypting and inserting it is possible to prevent unauthorized communication by a malicious relay device. .
  • FIG. 21 is a flowchart of a resource reservation process according to the sixth embodiment for encrypting the queried information, and the same reference numerals are given to the same parts as those in the first embodiment in FIG. The difference from the first embodiment is that
  • step 101 decoding processing is executed (step 501), and the presence or absence of the queried information is determined based on the decoding result.
  • step 108 After securing the bandwidth for resource securing control (step 108), encrypt the queried information (step 502), and create and transmit a signaling packet containing encrypted data (step 5). 0 3).
  • the queried information is encrypted independently.
  • the encryption method (encryption key) may be easily discovered and misused. Therefore, when encrypting, a sequential number is generated, and the sequential number and the queried information are integrally encrypted. In this way, since the information to be encrypted does not have a constant value, it is possible to easily prevent the ⁇ key from being seen, and to prevent abuse.
  • FIG. 22 is a configuration example of a signaling bucket provided with a sequential number
  • FIG. 23 is an explanatory diagram of a procedure when the signaling bucket is used.
  • a procedure when a signaling packet having a sequential number is used will be described.
  • the terminal 11 requesting resource reservation transmits a reservation request signaling bucket (RESV) to the terminal 12 of the communication partner.
  • RESV reservation request signaling bucket
  • the relay device 13 1 that first receives the signaling packet (RESV) requests the server 14 that manages the resource reservation service to inquire whether the resource reservation request can be permitted. Send a packet.
  • RESV signaling packet
  • the server 14 that has received the permission request packet determines whether the reservation request may be permitted.
  • a permission response packet is transmitted to the relay device 13i to notify the reservation permission.
  • the relay device 13i Upon receiving the permission response packet indicating reservation permission, the relay device 13i performs a process for resource reservation. Then, a sequential number is created, and the created sequential number and the inquired information are combined and encrypted using an encryption key.
  • the encrypted inquiry information is attached to the signaling packet (RESV) and transmitted to the destination terminal.
  • a signaling packet (RESV) storing the received encrypted inquiry information is transmitted to the destination terminal.
  • relay device network device
  • server network device control device
  • One terminal transmits a signaling bucket requesting the start of a predetermined service to a relay device existing on a path between terminals, from one terminal to another terminal.
  • the relay device that has received the shidanering bucket inquires of the relay device control device (server) whether or not the service can be started.
  • the server uses the reference information stored in advance to determine whether service can be started or not, and returns the determination result to the relay device.
  • the relay device Upon receiving the response from the server to permit the start of the service, the relay device secures resources necessary for service execution and sends a signaling bucket containing the queried information to the next stage.
  • the relay device Upon receiving the signaling bucket containing the queried information, the relay device secures the resources required for service execution without inquiring of the server whether the service can be started or not, and relays the signaling packet containing the queried information to the next device. Send to the next step.
  • the server creates a signaling bucket containing the queried information, includes the signaling bucket in the response bucket notifying the relay device of the determination result, and extracts the signaling bucket included in the response bucket. It can also be configured to send the data to the communication partner terminal.
  • the reservation request permission between the second and subsequent relay devices and the server is It is possible to omit the inquiry, and it is possible to suppress an increase in traffic and an increase in relay delay of the signaling bucket.
  • the resource reservation right is assigned a grade (priority) to permit the relay apparatus to reserve the resource, it is possible to perform detailed service management according to the user. For example, resources can be allocated preferentially to users with high priority.
  • resources can be allocated preferentially to users with high priority.
  • by encrypting the queried information to be input to the signaling bucket only valid relay devices can input the queried information, and the malicious relay device adds the queried information without permission. Things can be avoided.
  • by encrypting the sequential number in addition to the inquiry information it is possible to avoid a situation in which a malicious relay device adds the inquired information without permission.
  • the server holds the resource status of each relay device, obtains a route between the remote communication terminals by inquiring for resource reservation, and all the relay devices on the route can secure required resources. It is determined whether or not there is any resource by referring to the resource status. If resources can be secured in all the relay devices, a response to resource reservation permission is made, so that the resources can be securely secured in each relay device. Communication between communication terminals becomes possible. Also, if resources cannot be secured in any of the relay devices, there is no need to transmit the sidan ringing bucket to the second and subsequent relay devices, so that an increase in traffic can be suppressed.
  • the present invention is not limited to the case where communication is performed by inquiring of the server for permission of the resource reservation service. It is also applicable when performing.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A signaling packet for reserving resources of a repeater located between terminals is transmitted from one terminal to another. Upon receiving the signaling packet, the repeater inquires the availability of a resource of the server. In response to the inquiry, the server determines whether the resource is available or not by referring to the stored reference information, and sends the result to the repeater. If the resource is available, the repeater reserves the resource and sends another terminal a signaling packet including the inquired information. When receiving the signaling packet including the inquired information, the repeater reserves the resource without asking the server.

Description

明 細 書  Specification
ネットワーク機器、 ネットワーク機器制御装置及び資源予約方法  Network device, network device control device, and resource reservation method
技術分野  Technical field
本発明はネットワーク機器、 ネットワーク機器制御装置及び資源予約方法に係 り、 特に、 2つの端末間の経路上に存在するネットワーク機器の資源を確保して から該端末間で通信を行う通信システムにおけるネットワーク機器、 ネットヮー ク機器制御装置及び資源予約方法に関する。  The present invention relates to a network device, a network device control device, and a resource reservation method, and more particularly to a network in a communication system that performs communication between terminals after securing resources of the network device existing on a path between two terminals. The present invention relates to a device, a network device control device, and a resource reservation method.
背景技術  Background art
ネットワークで提供されるサ一ビスの 1つとして、 通信品質を保証するための 資源予約サービスがある。 従来、 この品質保証サービスを実現するために、 RSVP (Res ou r c e Res erva t i on P ro t oco 1)と呼ばれるプロトコルが用いられてきた。 RSV Pでは、 予約を要求する端末が通信相手の端末へ RESVバケツト(r e s e rveバケツト) を送信する。 そして、 予約要求を行った端末とその通信相手端末間の経路上にあ る中継装置(ルータ等)は RESVバケツトを中継するとともに、 RESVバケツト中の予 約条件 (帯域、 優先度など)に従って自中継装置內の資源の予約 (確保)を行う。 そ して、 RESVパケットが最終的に相手端末に到着したとき、 予約要求端末と相手端 末間のすべての中継装置で資¾¾が確保され、 その間で所要の通信品質を保証する ための通信が可能になる(資源予約サービスが提供される)。  One of the services provided by the network is a resource reservation service to guarantee communication quality. Conventionally, to realize this quality assurance service, a protocol called RSVP (Resourc e Res ervate on Protocol 1) has been used. In RSV P, a terminal requesting reservation transmits a RESV bucket (res e rve bucket) to a terminal of a communication partner. Then, the relay device (router, etc.) on the route between the terminal that made the reservation request and the communication partner terminal relays the RESV bucket, and according to the reservation conditions (bandwidth, priority, etc.) in the RESV bucket, automatically. Reservation (securing) of the resource of the relay device 內. When the RESV packet finally arrives at the destination terminal, the resources are secured in all the relay devices between the reservation requesting terminal and the destination terminal, and communication for guaranteeing the required communication quality is performed between them. Enabled (a resource reservation service is provided).
し力 し、 この RSVPでは、 シグナリングパケット (RESVパケット) が発生した順 番に、 つまり、 資源予約(サービス)が要求される順番に中継装置内の資源を確保 していく。 このため、 重要なユーザや重要なアプリケーションに資源を割リ当て るような選択的な資源割リ当てを行うことができない問題があった。  However, RSVP secures resources in the relay device in the order in which signaling packets (RESV packets) are generated, that is, in the order in which resource reservation (service) is requested. For this reason, there was a problem that it was not possible to perform selective resource allocation such as allocating resources to important users and important applications.
そこで、 資源予約サービスを管理するサーバを設け、 該サーバに資源予約の許 可、 不許可を判断させ、 中継装置は該サーバの判断に従って資源割リ当てを行う 手法が取られている。  Therefore, a method has been adopted in which a server for managing the resource reservation service is provided, and the server determines whether the resource reservation is permitted or not. The relay apparatus allocates resources according to the determination of the server.
図 2 4は従来のサーバを用いた通信システムにおける資源予約方法の説明図で ある。 かかるシステムにおいて、  FIG. 24 is an explanatory diagram of a resource reservation method in a conventional communication system using a server. In such a system,
(1) 端末(ユーザ) Aは、 予約要求パケット(RESVパケット)を中継装置 (ルータ ) R 1に送信する。 (2) 予約要求パケット(RESV)を受信した中継装置 R 1は、 予約要求を受理して よいか否かをサーバ S V Rへ問い合わせる。 (1) The terminal (user) A transmits a reservation request packet (RESV packet) to the relay device (router) R1. (2) Upon receiving the reservation request packet (RESV), the relay device R1 inquires of the server SVR whether the reservation request may be accepted.
(3) 問い合わせを受けたサーバ S V Rは、 予約要求を送信した端末 Aに予約の 権利があるか否かを判定する。  (3) Upon receiving the inquiry, the server SVR determines whether or not the terminal A that has transmitted the reservation request has a reservation right.
(4) 予約要求を送信した端末 Aに予約の権利があれば、 サーバ S V Rは中継装 置 R 1に予約を許可することを通知する。  (4) If the terminal A that has transmitted the reservation request has the reservation right, the server SVR notifies the relay device R1 that the reservation is permitted.
(5) 予約許可を受けた中継装置 R 1は端末 Aから受信した予約要求バケツト(R ESV)を次の中継装置 R 2に転送する。  (5) The relay device R1 having received the reservation permission transfers the reservation request bucket (RESV) received from the terminal A to the next relay device R2.
(6) (2)と同様に、 予約要求パケット(RESV)を受信した中継装置 R 2は、 予約 要求を受理してよいか否かをサーバ S V Rへ問い合わせる。  (6) Similarly to (2), the relay device R2 that has received the reservation request packet (RESV) inquires of the server SVR whether the reservation request can be accepted.
(7) (3)と同様に問い合わせを受けたサーバ S V Rは、 予約要求を送信した端 末 Aに予約の権利があるか否かを判定する。  (7) In the same manner as in (3), the server SVR that has received the inquiry determines whether the terminal A that has transmitted the reservation request has a reservation right.
(8) (4)と同様に、 予約要求を送信した端末 Aに予約の権利があれば、 サーバ は中継装置 R 2に予約を許可することを通知する。  (8) As in (4), if the terminal A that has transmitted the reservation request has the reservation right, the server notifies the relay device R2 that the reservation is permitted.
(9) (5)と同様に、 予約許可を受けた中継装置 R 2 は、 端末 Aから受信した 予約要求パケット(RESV)を次の中継装置に転送する。  (9) As in (5), the relay device R 2 that has received the reservation transfers the reservation request packet (RESV) received from the terminal A to the next relay device.
(10) 最終的に RESVパケットを通信相手端末 Bが受信すると、 予約が終了する (10) When the communication partner terminal B finally receives the RESV packet, the reservation ends.
。 つまリ、 予約要求端末 Aと通信相手端末 Bとの間のすべての中継装置 R 1〜R 2で資源が確保され、 予約要求端末 Aと通信相手端末 Bの通信品質が保証される (資源予約サービスが提供される)。 . That is, resources are secured in all the relay devices R1 to R2 between the reservation request terminal A and the communication partner terminal B, and the communication quality of the reservation request terminal A and the communication partner terminal B is guaranteed (resource reservation). Service is provided).
しかしながら、 従来の資源予約方法では、 シグナリングパケットが中継装置に 到着する度に、 該中継装置よリサーバに予約要求を許可してよいか否かの問い合 わせを行うものである。 このため、 シグナリングパケットが相手端末に到達する までに複数回の問い合わせバケツト及び応答バケツトの送受が必要になってトラ ヒックが増加すると共に、 複数回の問い合わせ及び応答処理による処理遅延が増 加する問題が発生する。  However, in the conventional resource reservation method, every time a signaling packet arrives at the relay device, the relay device inquires of the server whether the reservation request can be permitted. For this reason, it is necessary to send and receive an inquiry packet and a response packet a plurality of times before a signaling packet reaches a partner terminal, thereby increasing traffic, and increasing a processing delay due to a plurality of inquiry and response processes. Occurs.
以上から本発明の目的は、 第 2番目以降の中継装置からサーバへの資源予約許 可の問い合わせを省略できるようにし、 これにより、 トラフィックの増加及び処 理遅延時間の増加を防止することである。 本発明の別の目的は、 資源予約の権利にグレード (優先度) を付けて中継装置 に資源予約許可をするようにして、 ユーザに応じたよリきめ細かなサービス管理 を行うことである。 In view of the above, an object of the present invention is to make it possible to omit a resource reservation permission inquiry from a second or subsequent relay device to a server, thereby preventing an increase in traffic and an increase in processing delay time. . Another object of the present invention is to perform a fine-grained service management according to a user by assigning a grade (priority) to a resource reservation right and permitting the relay device to reserve the resource.
本発明の別の目的は、 シグナリングバケツトに挿入する問い合わせ済み情報を 暗号化することによリ、 悪意の中継装置が勝手に問い合わせ済み情報を付加でき ないようにすることである。  Another object of the present invention is to encrypt a queried information inserted into a signaling bucket so that a malicious relay device cannot add the queried information without permission.
本発明の別の目的は、 通信端末間の経路上の全ての中継装置で資源確保が可能 な場合にのみ資源予約許可の応答をするようにし、 これによリ確実に各中継装置 が資源確保ができ、 しかも、 トラフィックの増加を抑制することである。  Another object of the present invention is to make a response of resource reservation permission only when resources can be secured by all the relay devices on the route between communication terminals, thereby ensuring that each relay device secures resources. And control the increase in traffic.
発明の開示  Disclosure of the invention
ネットワークを構成するルータ等の中継装置 (ネットワーク機器) と、 中継装 置からの要求に対して所定の処理を行って応答するサーバ (ネットワーク機器制 御装置) を備え、 2つの端末間の経路上に存在する中継装置の資源を確保してか ら該端末間で通信を行う通信システムにおいて、 以下の(1) ~ (5)によリ従って資 源予約する。  It has a relay device (network device) such as a router that configures the network, and a server (network device control device) that performs predetermined processing and responds to requests from the relay device. In a communication system that performs communication between the terminals after securing the resources of the relay device existing in the above, the resources are reserved according to the following (1) to (5).
(1) 一方の端末は他方の端末へ向けて、 端末間の経路上に存在する中継装置の 資源を予約するためのシグナリングバケツトを送信する。  (1) One terminal transmits a signaling bucket to the other terminal for reserving the resources of the relay device existing on the path between the terminals.
(2) 該シダナリングバケツトを受信した最初の中継装置はサーバに資源予約の 可否を問い合わせる。  (2) The first relay device that has received the siddering bucket inquires of the server whether or not resource reservation is possible.
(3) 該問い合わせによリサーバは、 予め記憶してある参照情報を用いて資源予 約を許可するか否かの判定を行 、、 判定結果を中継装置に応答する。  (3) In response to the inquiry, the server uses the reference information stored in advance to determine whether to permit the resource reservation, and responds to the relay device with the determination result.
(4) 中継装置は、 サーバよリ資源予約を許可する応答を受信すれば資源予約の ための処理を行い、 かつ、 問い合わせ済み情報を含むシグナリングパケットを前 記他方の端末側に送出する。  (4) Upon receiving a response from the server that permits resource reservation, the relay apparatus performs processing for resource reservation, and sends a signaling packet containing the queried information to the other terminal.
(5) 問い合わせ済み情報を含むシグナリングバケツトを受信した第 2番目以降 の中継装置は、 サーバに資源予約の可否の問い合わせをすることなく資源予約の 処理を行い、 かつ、 問い合わせ済み情報を含むシグナリングパケットを前記他方 の端末側に送出する。  (5) The second and subsequent relay devices that have received the signaling bucket containing the queried information perform resource reservation processing without inquiring of the server whether or not the resource reservation is possible, and signaling containing the queried information. The packet is transmitted to the other terminal.
以上のようにすれば、 第 2番目以降の中継装置とサーバ間での資源予約許可の 問い合わせ及び応答を省略でき、 これによリ、 トラフィックの増加及び処理遅延 時間の増加を防止できる。 この場合、 サーバは優先度を付けて資源予約を許可を するようにすれば、 ユーザに応じたよりきめ細かなサービス管理ができる。 例え ば、 優先度の高いユーザに優先的に資源割リ当てを行うことができる。 又、 シグ ナリングバケツトに挿入する問い合わせ済み情報を暗号化するようにすれば、 正 当な中継装置のみが問い合わせ情報を揷入でき、 悪意の中継装置が勝手に問い合 わせ済み情報を付加する事態を回避できる。 In this way, permission for resource reservation between the second and subsequent relay devices and the server can be obtained. Inquiries and responses can be omitted, thereby preventing an increase in traffic and an increase in processing delay time. In this case, if the server assigns priorities and permits resource reservation, more detailed service management according to the user can be performed. For example, resource allocation can be preferentially performed to a user with a higher priority. Also, if the queried information to be inserted into the signaling bucket is encrypted, only the legitimate relay device can input the query information, and the malicious relay device adds the queried information without permission. Things can be avoided.
又、 サーバは各中継装置の資源状態を保持し、 資源予約の問い合わせによリ通 信端末間の経路上の中継装置を求め、 該経路上の全ての中継装 ¾で資源確保が可 能である力否かを前記中継装置の資源状態を参照して判定し、 全ての中継装置で 資源確保が可能であれば、 資源予約許可の応答をするようにする。 このようにす れば、 確実に各中継装置は資源確保ができ、 通信端末間での通信が可能になる。 又、 いずれかの中継装置において資源確保が不可能な場合は、 第 2番目以降の中 継装置ヘシダナリングパケットを送信する必要がないため、 トラフィックの増加 を抑えることができる。  Also, the server holds the resource status of each relay device, finds a relay device on the route between the communication terminals by inquiring for resource reservation, and can secure resources in all the relay devices on the route. It is determined whether or not there is a certain power by referring to the resource status of the relay device. If all the relay devices can secure the resource, a response of resource reservation permission is made. In this way, each relay device can reliably secure resources and communication between communication terminals becomes possible. Also, if resources cannot be secured in any of the relay devices, it is not necessary to transmit the second and subsequent relay device hesidana ringing packets, so that an increase in traffic can be suppressed.
本発明は、 資源予約の許可をサーバに問い合わせ、 その許可応答にに基づいて 通信する場合に限らず、 その他のサービスの提供あるいはサービスの開始をサー バに問い合わせ、 サーバからの許可応答に基づいて通信を行う場合にも適用でき る。  The present invention is not limited to the case where a server is inquired about permission for resource reservation and communication is performed based on the permission response. It can be applied to communication.
図面の簡単な説明  BRIEF DESCRIPTION OF THE FIGURES
図 1はネットワークの全体の構成図である。  FIG. 1 is an overall configuration diagram of the network.
図 2は中継装置の構成図である。  FIG. 2 is a configuration diagram of the relay device.
図 3はバケツト構造図である。  Figure 3 shows the bucket structure.
図 4は資源管理テーブル例である。  Figure 4 is an example of a resource management table.
図 5はサーバの構成図である。  FIG. 5 is a configuration diagram of the server.
図 6はサーバに格納されているユーザ情報例である。  FIG. 6 shows an example of user information stored in the server.
図 7は第 1実施例の資源予約処理フローである。  FIG. 7 is a flowchart of a resource reservation process according to the first embodiment.
図 8は各種バケツト構造説明図である。  FIG. 8 is an explanatory diagram of various bucket structures.
図 9は第 2実施例の資源予約処理フローである。 図 1 0は第 2実施例の許可応答バケツトの構造例である。 FIG. 9 shows a resource reservation processing flow according to the second embodiment. FIG. 10 shows an example of the structure of the permission response bucket according to the second embodiment.
図 1 1は第 3実施例の資源予約処理フローである。  FIG. 11 shows a resource reservation processing flow according to the third embodiment.
図 1 2は優先度を考慮した資源確保処理フローである。  FIG. 12 is a flowchart of a resource securing process considering priority.
図 1 3は資源管理テーブル例である。  Figure 13 shows an example of a resource management table.
図 1 4は各種バケツト構造説明図である。  FIG. 14 is an explanatory diagram of various bucket structures.
図 1 5は第 4実施例の資源予約処理フローである。  FIG. 15 shows the resource reservation processing flow of the fourth embodiment.
図 1 6は第 4実施例の許可応答バケツトの構造例である。  FIG. 16 shows an example of the structure of the permission response bucket according to the fourth embodiment.
図 1 7は第 5実施例のサーバ構成図である。  FIG. 17 is a server configuration diagram of the fifth embodiment.
図 1 8はサーバに格納されているルータ情報例である。  Figure 18 shows an example of router information stored in the server.
図 1 9はネットワーク機器のトポロジを示す図表である。  FIG. 19 is a chart showing the topology of network devices.
図 2 0は第 5実施例のサーバの予約許可判定処理フローである。  FIG. 20 is a flowchart of the reservation permission determination process of the server of the fifth embodiment.
図 2 1は第 6実施例の資源予約処理フローである。  FIG. 21 shows a resource reservation processing flow according to the sixth embodiment.
図 2 2は第 6実施例のシグナリングバケツトの構成例である。  FIG. 22 is a configuration example of a signaling bucket according to the sixth embodiment.
図 2 3はシーケンシャル番号を備えたシグナリングバケツトを用いた時の手順 説明図である。  FIG. 23 is an explanatory diagram of a procedure when a signaling bucket having a sequential number is used.
図 2 4は従来のサーバを用いた資源予約方法の説明図である。  FIG. 24 is an explanatory diagram of a resource reservation method using a conventional server.
発明を実施するための最良の形態  BEST MODE FOR CARRYING OUT THE INVENTION
(A) ネットワークの全体構成  (A) Overall network configuration
( a ) 全体構成  (a) Overall configuration
図 1は本発明を適用できるネットワークの全体構成図でぁリ、 1 1, 1 2はパ ソコン等のエンド端末 (ホスト装置) 、 1 3 ι〜1 3 2はネッ トワークを構成する ルータなどの中継装置、 1 4は中継装置 1 3 〜1 3 2から資源予約の問い合わせ があったとき、 所定の処理を行って予約許可/不許可を応答するサーバである。 図では、 端末 1 1、 1 2間で通信するものとし、 その間の経路上の中継装置は 2 台であるとした場合であるが、 本発明はかかるシステムに限るものではない。 端末間で通信する場合、 端末が要求する資源 (例えば帯域) を経路上の各中継 装置 1 3 1 3 2が確保し、 しかる後、 該端末間で通信を行う。 このため、 本発 明では、 資源確保を以下の手順で行う。 1 § Li in overall configuration diagram of a network to which the present invention can be applied, 1 1, 1 2 End terminal (a host device) such as a personal computer, such as 1 3 ι~1 3 2 constitutes a network router The relay device 14 is a server that performs a predetermined process and responds with permission / rejection of reservation when an inquiry about resource reservation is made from the relay devices 13 to 1332. In the figure, it is assumed that communication is performed between the terminals 11 and 12 and there are two relay devices on the route between them. However, the present invention is not limited to such a system. When communicating between terminals, terminal resources (e.g. bandwidth) to ensure that each of the relay devices 1 3 1 3 2 on the path that requires, thereafter, communication is performed between the terminals. Therefore, in the present invention, resources are secured by the following procedure.
(1) 資源予約を要求する端末 (ユーザ) 1 1は、 所望の帯域を要求するシグナ リングバケツト(RESVバケツト)を通信相手の端末 1 2へ送信する。 (1) Terminal (user) requesting resource reservation 11 1 is a signal requesting a desired bandwidth. A ring bucket (RESV bucket) is transmitted to the terminal 12 of the communication partner.
(2) シグナリングパケットを最初に受信した中継装置 1 3 は、 資源予約サー ビスを管理しているサーバ 1 4へ資源予約要求を許可してよいか否かを問い合わ せる許可要求バケツトを送信する。  (2) The relay device 13 that first receives the signaling packet transmits a permission request bucket for inquiring whether to permit the resource reservation request to the server 14 that manages the resource reservation service. .
(3) 許可要求パケットを受信したサーバ 1 4は、 資源予約要求を許可してよい か否かをデータベースに保持しているユーザ情報等を参照して判断する。  (3) The server 14 that has received the permission request packet determines whether to permit the resource reservation request with reference to the user information and the like stored in the database.
(4) 許可する場合には、 中継装置 1 3 iへ許可応答パケットを送信し、 予約要 求許可を通知する。 予約要求許可を指示する許可応答パケットを受信すれば、 中 継装置 1 3 iは端末 1 1ょリ要求された資源 (帯域)を確保するだめの処理を行う  (4) When permitting, a permission response packet is transmitted to the relay device 13i to notify the reservation request permission. Upon receiving the permission response packet instructing the reservation request permission, the relay device 13 i performs a process of securing the requested resource (bandwidth) at the terminal 11.
(5) 中継装置 1 3 ま要求された資源(帯域)を確保できれば、 シグナリングパ ケットに問い合わせ済み情報 (既にサーバへの資源予約許可の問い合わせが行わ れていることを示す情報)を添付し、 次の中継装置 1 3 2へ送信する。 (5) If the required resources (bandwidth) can be secured, the relay device 13 attaches the already-inquired information to the signaling packet (information indicating that the resource reservation permission has already been inquired to the server). The next relay device 1 3 2 is transmitted.
(6) 中継装置 1 3 2は問い合わせ済み情報が添付されたシグナリングバケツト を受信すれば、 サーバ 1 4へ資源予約許可の問い合わせをせずに直ちに端末から 要求されている資源 (帯域) を確保するための処理を行う。 (6) Upon receiving the signaling bucket to which the inquired information is attached, the relay device 1 3 2 immediately secures the resource (bandwidth) requested from the terminal without inquiring the server 14 of the resource reservation permission. To perform the process.
(7) そして、 中継装置 1 3 2は要求された資源 (帯域)を確保できれば、 問い合 わせ済み情報が添付されたシグナリングバケツトを次の中継装置へ送信する。 以後、 同様にして最終的に資源予約を要求した端末 1 1の通信相手端末 1 2が シグナリングバケツトを受信することによって資源予約サービスが完了する。 (7) Then, the relay device 1 3 2 if ensured requested resource (band), and transmits the signaling bucket bets query Align completion information is attached to the next repeater. Thereafter, in the same manner, the resource reservation service is completed when the communication counterpart terminal 12 of the terminal 11 which has finally requested the resource reservation receives the signaling bucket.
( b ) 中継装置  (b) Relay device
図 2は中継装置の構成図である。 1 3 a, 1 3 bはバケツト受信部、 バケツト 送信部であり、 IP ( int e rne t Pro t oco l)に従ったパケット(シグナリングパケット やデータバケツト)を送受信するものである。 IPバケツトは図 3に示すように IP ヘッダ 2 1とデータ部 2 2で構成されている。 1 3 cはシグナリング処理部であ り、 受信したシグナリングパケットの分析、 サーバへの問い合わせ要否判定、 ァ ドミツション処理部に対する資源確保指示、 シグナリングパケットの生成指示等 のシグナリング処理を実行する。 1 3 dはシグナリングバケツト生成部でぁリ、 シグナリング処理部 1 3 cからの指示によリ、 資源予約許可の問い合わせを行う 許可要求バケツトを作成してサーバに送出すると共に、 シグナリングバケツトを 生成して次の中継装置に送出する。 13 eは宛先 IPアドレスよリパケット送出ル ートを決定するためのルーチング情報を保持するルーチングテーブル、 1 3 f は 中継装置の資源およびその使用状況を管理する資源管理テーブル、 13 gは資源 確保の制御を行う資源確保処理部、 13 hは受信したデータバケツトの宛先 IPァ ドレス及びルーチングテーブルを参照してバケツト送出ルートを決定して送出す るデータ通信部である。 FIG. 2 is a configuration diagram of the relay device. Reference numerals 13a and 13b denote a bucket receiving unit and a bucket transmitting unit, which transmit and receive packets (signaling packets and data buckets) in accordance with IP (intrenet Protocol). The IP bucket is composed of an IP header 21 and a data part 22 as shown in FIG. Reference numeral 13c denotes a signaling processing unit which performs analysis of received signaling packets, determination of necessity of inquiry to a server, instruction of resource reservation to the admission processing unit, instruction of generation of signaling packets, and the like. 13d is a packet in the signaling bucket generating unit, and makes an inquiry about resource reservation permission according to an instruction from the signaling processing unit 13c. It creates a permission request bucket and sends it to the server, and generates a signaling bucket and sends it to the next relay device. 13 e is a routing table that holds routing information for determining the repacket sending route based on the destination IP address, 13 f is a resource management table that manages the resources of the relay device and its use, and 13 g is a resource management table. A resource securing processing unit 13h for controlling, 13h is a data communication unit for determining and transmitting a bucket transmission route with reference to a destination IP address and a routing table of the received data bucket.
資源管理テーブル 13 f は図 4 (a) , (b) に示すように、 帯域管理テープ ル 13f-lと割当済み帯域管理テーブル 13f-2を有している。 帯域管理テーブル 13f- 1は、 中継装置の最大使用可能帯域 F、 割リ当て済み帯域 Fa、 残リ帯域 Fe (= F-Fa) を管理するもの、 割当済み帯域管理テーブル 13ί- 2はパケット識別子と 割当帯域の対応を管理するものである。 パケット識別子としては、 発信元 IPアド レスあるいは発信元 IPァドレス/宛先 IPァドレスの組み合わせを使用できる。 あ るパケット識別子に帯域 f を割リ当てれば、 (a) のテーブルにおいて、 割り当 て済み帯域 Faを f増加し、 残り帯域 Feを f減少し、 かつ、 (b) のテーブルに おいて、 該パケット識別子に対応して割リ当て帯域 f を登録する。 又、 割り当て 帯域 f のパケット識別子の通信が終了すれば、 (a) のテーブルにおいて、 割リ 当て済み帯域 Faを ί減少し、 残リ帯域 Feを f 増加し、 かつ、 (b) のテーブル において該バケツト識別子と割り当て帯域 f の対応を削除する。  The resource management table 13f has a bandwidth management table 13f-l and an allocated bandwidth management table 13f-2 as shown in FIGS. 4 (a) and 4 (b). The bandwidth management table 13f-1 manages the maximum usable bandwidth F, the allocated bandwidth Fa, and the remaining bandwidth Fe (= F-Fa) of the relay device.The allocated bandwidth management table 13ί-2 is the packet identifier. And manages the correspondence of the allocated bandwidth. As the packet identifier, the source IP address or a combination of the source IP address / destination IP address can be used. If the bandwidth f is allocated to a certain packet identifier, the allocated bandwidth Fa is increased by f in the table of (a), the remaining bandwidth Fe is reduced by f, and the table of (b) is The allocated bandwidth f is registered corresponding to the packet identifier. When the communication of the packet identifier of the allocated bandwidth f is completed, the allocated bandwidth Fa is decreased by ί in the table of (a), the remaining bandwidth Fe is increased by f in the table of (a), and in the table of (b), The correspondence between the bucket identifier and the allocated bandwidth f is deleted.
(c) サーバ  (c) Server
図 5はサーバ 14の構成図である。 サーバ 14は、 ①資源予約の許可 Z不許可 を判断するために必要な各種情報を記憶するデータベース部 14 a、 ②中継装置 から資源予約の許可/不許可を問い合わせるバケツトを受信する許可要求バケツ ト受信部 14 b、 ③許可要求バケツトを受信した時、 データベース部 14 aの情 報を参照して資源予約の許可/不許可を判定する予約許可判定処理部 14 c、 ④ 資源予約の許可/不許可を示す情報を含むバケツトを生成する許可応答バケツト 生成部 14 d、 ⑤許可応答バケツトを中継装置に送信する許可応答バケツト送信 部 14 eを有している。  FIG. 5 is a configuration diagram of the server 14. The server 14 includes: 1) a database unit 14a storing various information necessary for determining permission of resource reservation Z determination of non-permission; and 2) a permission request bucket for receiving a bucket for inquiring permission / non-permission of resource reservation from the relay device. Receiving section 14b, ③ When receiving a permission request bucket, a reservation permission judgment processing section 14c, which determines permission / non-permission of resource reservation by referring to the information of the database section 14a, 許可 permission / non-permission of resource reservation. An authorization response bucket generating unit 14d for generating a bucket including information indicating permission is provided. (4) An authorization response bucket transmitting unit 14e for transmitting the authorization response bucket to the relay device.
データベース 14 aは、 トポロジ 経路情報及び機器固有情報を保持する網リ ソース情報保持部 14a- 1、 ユーザ情報などを保持するポリシー情報保持部 14a- 2を 備えている。 図 6はユーザ情報例でぁリ、 ユーザ (端末) Aの属性とし、 ①ユーザ 識別子(端末の IPア ドレス)、 ②ユーザがネットワークを利用する時の優先度、 ③ ユーザがネットワークを使用するときの帯域、 ④その他のユーザ固有情報を保持 している。 尚、 トポロジ情報や機器固有情報は説明上必要になった時点で説明す る。 Database 14a is a network resource that holds topology routing information and device-specific information. A source information holding unit 14a-1 and a policy information holding unit 14a-2 for holding user information and the like are provided. Fig. 6 shows an example of user information (1), the attributes of user (terminal) A, (1) user identifier (terminal IP address), (2) priority when the user uses the network, and (3) when the user uses the network.帯 域 and other user-specific information. The topology information and device-specific information will be explained when they are needed for explanation.
( B ) 第 1実施例  (B) First embodiment
図 7は本発明の第 1実施例の資源予約処理フローでぁリ、 (a ) は中継装置の 処理フロー、 (b ) はサーバの処理フローである。  FIG. 7 is a flowchart of a resource reservation process according to the first embodiment of the present invention. (A) is a process flow of the relay device, and (b) is a process flow of the server.
図 8は第 1実施例で使用する各種パケット構造説明図であリ、 ( a ) はシグナ リングパケット、 ( b ) は許可要求パケット、 ( c ) は許可応答パケットであリ 、 それぞれ I Pパケット(図 2参照) と同一の構成を備え、 IPヘッダ 2 1及びデー タ部 2 2の一部のみ示している。  FIG. 8 is an explanatory diagram of various packet structures used in the first embodiment. (A) is a signaling packet, (b) is a permission request packet, and (c) is a permission response packet. It has the same configuration as that shown in Fig. 2), and shows only a part of the IP header 21 and the data part 22.
( a ) ノヽ。ケッ卜構成  (a) No. Packet configuration
発信元端末や各中継装置から送出するシグナリングパケットは、 図 8 ( a ) に 示すように、 IPヘッダ部 2 1に①宛先ア ドレス (宛先端末アドレス) 、 ②送信元 アドレス (送信元端末アドレス) を有し、 データ部 2 2に①パケットタイプ (資 源予約要求パケット) 、 ②問い合わせ済み情報 (資源予約の許可 不許可をサー バに問い合わせ済みであるか否かを示すフラグ情報) 、 ③シダナリングパケット が対象としているデータバケツトの識別情報、 ④データバケツト品質情報を有し ている。 ただし、 ②の問い合わせ済み情報は、 必ずしも発信元端末からのシグナ リングバケツ卜に含まれている必要はない。  As shown in Fig. 8 (a), the signaling packets sent from the source terminal and each relay device are included in the IP header part 21 as ① destination address (destination terminal address), ② source address (source terminal address) The data section 22 has 2) packet type (resource reservation request packet), 2) inquired information (flag information indicating whether or not the server has been inquired of permission or non-permission of resource reservation), 3) system It has identification information of the data bucket targeted by the dunning packet, and ④ data bucket quality information. However, the inquired information in ② does not necessarily need to be included in the signaling bucket from the source terminal.
データバケツト識別情報として、 宛先ァドレス、 送信元ァドレス、 プロ トコル 種別、 宛先ポート番号、 送信元ポート番号などがあるが、 これらは全て必要でな く適宜組み合わせ、 例えば宛先ァドレスと送信元ァドレスの組み合わせをデータ パケット識別情報とすることができる。 又、 データパケット品質情報としては、 要求中継遅延、 要求帯域、 要求優先度等があるが、 任意の 1以上の品質、 例えば 帯域のみを要求品質とすることができる。  The data bucket identification information includes a destination address, a source address, a protocol type, a destination port number, a source port number, etc., but these are all unnecessary and may be appropriately combined, for example, a combination of a destination address and a source address. Can be the data packet identification information. The data packet quality information includes a required relay delay, a required bandwidth, a required priority, and the like. However, any one or more qualities, for example, only the bandwidth, can be set as the required quality.
中継装置から送信する資源予約の許可 Z不許可を問い合わせるバケツト (許可 要求パケット) は、 図 8 ( b ) に示すように、 IPヘッダ部 2 1に①宛先ア ドレス (サーバアドレス) 、 ②送信元アドレス (中継装置ア ドレス) を有し、 データ部 2 2に①バケツトタイプ (許可要求バケツト) 、 ②データバケツト識別情報、 ③ データバケツト品質情報を有している。 Bucket for permitting resource reservation sent from the relay device Z The request packet) has (1) a destination address (server address) and (2) a source address (relay device address) in the IP header section 21 as shown in FIG. It has bucket type (permission request bucket), ② data bucket identification information, and ③ data bucket quality information.
サーバよリ送信する資源予約の問い合わせに対する応答パケットは、 図 8 ( c ) に示すように、 I Pヘッダ部 2 1に①宛先アドレス (中継装置アドレス) 、 ②送 信元ア ドレス (サーバアドレス) を有し、 データ部 2 2に①パケットタイプ (許 可応答パケット) 、 ②許可判定情報 (許可または不許可を示す情報) を有してい る。  As shown in Fig. 8 (c), the response packet to the resource reservation inquiry transmitted from the server contains (1) the destination address (relay device address) and (2) the source address (server address) in the IP header section 21. The data section 22 has (1) packet type (permission response packet) and (2) permission determination information (information indicating permission or non-permission).
( b ) 資源予約処理  (b) Resource reservation processing
図 7の処理フローにおいて、 初期後、 中継装置 1 3はシグナリングパケットの 受信待ち (ステップ 1 0 1 ) 、 サーバ 1 4は許可要求パケットの受信待ちになつ ている (ステップ 2 0 1 ) 。  In the processing flow of FIG. 7, after the initial stage, the relay device 13 waits for reception of a signaling packet (step 101), and the server 14 waits for reception of a permission request packet (step 201).
かかる状態において、 中継装置 1 3はシグナリングパケットを受信すると、 そ のバケツトタイプを参照して資源予約用バケツトであるかチェックし、 資源予約 用バケツトであれば、 問い合わせ済みフラグがセットされているかチェックする (ステップ 1 0 2 ) 。 問い合わせ済みフラグがセットされていなければ、 中継装 置 1 3は許可要求パケットを作成してサーバ 1 4に資源予約の許可 不許可を問 い合わせ (ステップ 1 0 3 ) 、 しかる後、 許可応答パケットの受信待ちになる ( ステップ 1 0 4 ) 。  In this state, when the relay device 13 receives the signaling packet, it checks whether the packet is a resource reservation bucket by referring to the bucket type, and if the packet is a resource reservation bucket, checks whether the queried flag is set. (Step 102). If the queried flag is not set, the relay device 13 creates a permission request packet and queries the server 14 for permission or non-permission of resource reservation (step 10 3). Waiting for reception (step 104).
サーバ 1 4は、 許可要求バケツトを受信すれば、 データバケツト識別情報より 送信元端末の IPアドレスを識別し、 かつ、 要求資源 (例えば要求帯域) を認識す る。 ついで、 データベース部 1 4 aに記憶してあるユーザ情報を参照し、 発信元 端末 (ユーザ) が要求帯域を使用して通信する権利を有しているかチェックする Upon receiving the permission request bucket, the server 14 identifies the IP address of the source terminal from the data bucket identification information and recognizes the requested resource (for example, the requested bandwidth). Then, referring to the user information stored in the database section 14a, it is checked whether the source terminal (user) has the right to communicate using the requested band.
。 例えば、 ユーザに許容されている帯域 (ユーザ帯域)が要求帯域よリ大きいかチ ックし、 ユーザ帯域が要求帯域より大きければ予約許可、 小さければ予約不許 可と判定する (ステップ 2 0 2 ) 。 サーバ 2 1 4は判定結果を含む応答パケット を作成して中継装置 1 3に送信する (ステップ 2 0 3 ) 。 . For example, it is checked whether the bandwidth allowed by the user (user bandwidth) is larger than the requested bandwidth. If the user bandwidth is larger than the requested bandwidth, it is determined that the reservation is permitted, and if the user bandwidth is smaller than the requested bandwidth, the reservation is not permitted (step 202) . The server 214 creates a response packet including the determination result and sends it to the relay device 13 (step 203).
中継装置 1 3は応答バケツトを受信すれば、 予約許可及び予約不許可のいずれ が指示されているかチェックし (ステップ 105) 、 予約不許可が指示されてい れば資源予約サービスを拒否し (ステップ 106) 、 以後、 処理を終了して次の シグナリングバケツトの受信を待つ。 When the relay device 13 receives the response bucket, it determines whether the reservation is permitted or not. Is checked (step 105). If the reservation is not permitted, the resource reservation service is rejected (step 106). Thereafter, the processing is terminated and the reception of the next signaling bucket is waited.
一方、 ステップ 105において、 予約許可が指示されていれば資源確保制御を 実行し、 要求帯域の確保が可能であるか否かを判断する (ステップ 107, 10 8) 。 たとえば、 資源管理テーブル (図 4 (a) ) を参照して要求帯域の空きが 存在するかチェックする。  On the other hand, in step 105, if reservation permission is instructed, resource reservation control is executed, and it is determined whether or not the required band can be reserved (steps 107 and 108). For example, referring to the resource management table (FIG. 4 (a)), it is checked whether the required bandwidth is available.
帯域確保ができなければ、 資源予約サービスを拒否し (ステップ 106) 、 以 後、 処理を終了して次のシグナリングパケットの受信を待つ。 資源確保が可能で あれば資源管理テーブル (図 4 (a) , (b) ) を更新し、 問い合わせ済みフラ グをセットしてなるシグナリングバケツトを作成し、 宛先端末側に送信する (ス テツプ 109) 。 尚、 このシグナリングパケットはステップ 101で受信したシ グナリングバケツトにおいて問い合わせ済みフラグをセットに変更したものであ る。  If the bandwidth cannot be secured, the resource reservation service is rejected (step 106), and thereafter the processing is terminated and the reception of the next signaling packet is waited. If resources can be secured, the resource management tables (Figs. 4 (a) and 4 (b)) are updated, a signaling bucket with the queried flag set is created, and transmitted to the destination terminal side (step 109). This signaling packet is obtained by changing the queried flag to “set” in the signaling bucket received in step 101.
—方、 ステップ 102において、 シグナリングバケツトの問い合わせ済みフラ グがセッ卜されていれば、 サーバに資源予約の許可/不許可の問い合わせをする ことなく直ちに資源確保制御を実行し、 要求帯域の確保が可能である力否かを判 断する (ステップ 1 1 1, 1 12) 。  On the other hand, in step 102, if the queried flag of the signaling bucket is set, the resource securing control is executed immediately without inquiring of the resource reservation permission / non-permission to the server to secure the required bandwidth. Determine whether the force is possible or not (steps 111, 112).
帯域確保ができなければ、 資源予約サービスを拒否し (ステップ 106) 、 以 後、 処理を終了して次のシグナリングパケットの受信を待つ。 資源確保が可能で あれば資源管理テーブルを更新し、 受信したシグナリングパケット (問い合わせ 済みフラグがセットされているシグナリングバケツト) を宛先端末側に送信する (ステップ 1 13) 。  If the bandwidth cannot be secured, the resource reservation service is rejected (step 106), and thereafter the processing is terminated and the reception of the next signaling packet is waited. If resources can be secured, the resource management table is updated, and the received signaling packet (signaling bucket with the queried flag set) is transmitted to the destination terminal (step 113).
以上のようにすれば、 第 2番目以降の中継装置とサーバ間での資源予約許可の 問い合わせを省略でき、 これによリ、 トラフィックの増加及び処理遅延時間の增 加を防止できる。  By doing so, it is possible to omit the inquiry about resource reservation permission between the second and subsequent relay devices and the server, thereby preventing an increase in traffic and an increase in processing delay time.
以上では、 ュ一ザより資源として所定の帯域のみが要求された場合であるが、 所定優先度 P、 所定帯域 Bが要求された場合は、 サーバはユーザ情報を参照し、 ユーザに要求優先度以上の優先度及び要求帯域以上の帯域が許可されている場合 91 In the above description, only a predetermined bandwidth is requested as a resource from the user. However, when a predetermined priority P and a predetermined bandwidth B are requested, the server refers to the user information and requests the user to obtain the requested priority. When the above priority and the bandwidth more than the required bandwidth are permitted 91
-11- に限リ資源予約を許可し、 それ以外は資源予約を不許可とする。 Resource reservation is permitted only on -11-, and resource reservation is not permitted otherwise.
( C ) 第 2実施例  (C) Second embodiment
第 1実施例ではシグナリングバケツトを中継装置で作成したが、 サーバにおい て問い合わせ済み情報を含むシグナリングバケツトを作成し、 許可応答バケツト に該シダナリングバケツトを格納して中継装置に送信し、 中継装置が該許可応答 バケツトに含まれるシグナリングバケツトを抽出して相手端末側に送出するよう に構成することもできる。 このようにすれば、 不正の中継装置が勝手に問い合わ せ済みフラグをセットしたシグナリングバケツトを送出して通信することを防止 することができる。  In the first embodiment, the signaling bucket is created by the relay device.However, the signaling bucket including the queried information is created in the server, and the signaling bucket is stored in the permission response bucket and transmitted to the relay device. Alternatively, the relay device may be configured to extract the signaling bucket included in the permission response bucket and send the signaling bucket to the partner terminal side. In this way, it is possible to prevent an unauthorized relay device from transmitting a signaling bucket in which the inquired flag is set without permission and performing communication.
図 9は第 2実施例の資源予約処理フローで、 第 1実施例のフローと同一ステツ プには同一番号を付している。  FIG. 9 shows a resource reservation processing flow of the second embodiment. The same steps as those in the flow of the first embodiment are denoted by the same reference numerals.
図 1 0は第 2実施例において使用する許可応答バケツトの説明図であり、 第 1 実施例の許可応答パケット (図 8 ( c ) 参照) の情報に加えて、 問い合わせ済み 情報を含むシグナリングバケツトが含まれている。  FIG. 10 is an explanatory diagram of an authorization response bucket used in the second embodiment. The signaling bucket includes queried information in addition to the information of the authorization response packet (see FIG. 8 (c)) of the first embodiment. It is included.
図 9において、 初期後、 中継装置 1 3はシグナリングパケットの受信待ち (ス テツプ 1 0 1 ) 、 サーバ 1 4は許可要求パケットの受信待ちになっている (ステ ップ 2 0 1 ) 。  In FIG. 9, after the initial state, the relay device 13 waits for reception of a signaling packet (step 101), and the server 14 waits for reception of a permission request packet (step 201).
かかる状態において、 中継装置 1 3はシグナリングパケットを受信すると、 パ ケットタイプを参照して資源予約用バケツトであるかチェックし、 資源予約用パ ケットであれば、 問い合わせ済みフラグがセットされているかチェックする (ス テツプ 1 0 2 ) 。 問い合わせ済みフラグがセットされていなければ、 中継装置 1 3は許可要求パケットを作成してサーバ 1 4に資源予約の許可 不許可を問い合 わせ (ステップ 1 0 3 ) 、 しかる後、 許可応答パケットの受信待ちになる (ステ ップ 1 0 4 ) 。  In this state, when receiving the signaling packet, the relay device 13 checks whether the packet is a resource reservation bucket by referring to the packet type, and if the packet is a resource reservation packet, checks whether the queried flag is set. (Step 102). If the queried flag is not set, the relay device 13 creates a permission request packet and queries the server 14 for permission or non-permission of resource reservation (step 103). Waiting for reception (step 104).
サーバ 1 4は、 許可要求バケツトを受信すれば、 データバケツト識別情報より 送信元端末の IPアドレスを識別し、 かつ、 要求資源 (例えば要求帯域) を認識す る。 ついで、 データベース部 1 4 aに記憶してあるユーザ情報を参照して、 発信 元端末 (ュ一ザ) が要求帯域で通信する権利を有しているかチェックする。 ユー ザに許容されている帯域 (ユーザ帯域) が要求帯域より大きければ予約許可、 小 さければ予約不許可と判定する (ステップ 2 0 2 ) 。 Upon receiving the permission request bucket, the server 14 identifies the IP address of the source terminal from the data bucket identification information and recognizes the requested resource (for example, the requested bandwidth). Next, by referring to the user information stored in the database unit 14a, it is checked whether the source terminal (user) has the right to communicate in the requested band. If the bandwidth allowed for the user (user bandwidth) is larger than the requested bandwidth, reservation allowed, small If not, it is determined that the reservation is not permitted (step 202).
サーバ 2 1 4は予約不許可であれば、 第 1実施例と同様の応答パケット (図 8 ( c ) ) を作成して中継装置 1 3に送信する (2 5 1, 2 5 3 ) 。 しかし、 予約 許可であれば、 問い合わせ済みフラグをセットしてなるシグナリングバケツトを 作成し (ステップ 2 5 2 ) 、 ついで、 該シグナリングパケットをデータ部に有す る許可応答パケット (図 1 0参照) を作成して中継装置 1 3に送信する (2 5 3 ) 。  If the reservation is not permitted, the server 214 creates a response packet (FIG. 8 (c)) similar to that of the first embodiment and transmits it to the relay device 13 (251, 253). However, if the reservation is permitted, a signaling bucket with the queried flag set is created (step 252), and then a permission response packet having the signaling packet in the data section (see FIG. 10). Is created and transmitted to the relay device 13 (25 3).
中継装置 1 3は許可応答バケツトを受信すれば、 予約許可及び予約不許可のい ずれが指示されているかチェックし (ステップ 1 0 5 ) 、 予約不許可が指示され ていれば資源予約サービスを拒否し (ステップ 1 0 6 ) 、 以後、 処理を終了して 次のシグナリングバケツトの受信を待つ。  Upon receiving the permission response bucket, the relay device 13 checks whether reservation permission or reservation non-permission has been specified (step 105), and rejects the resource reservation service if reservation non-permission has been specified. Then (step 106), thereafter, the processing is terminated and the reception of the next signaling bucket is waited.
—方、 予約許可が指示されていれば、 ステップ 1 0 7以降の処理を実行する。 そして、 要求帯域を確保した後、 受信した許可応答パケット中に含まれるシグナ リングパケットを宛先端末側に送信し (ステップ 1 5 1 ) 、 以後、 次のシグナリ ングバケツトの受信を待つ。  On the other hand, if the reservation permission is instructed, the process from step 107 is executed. Then, after securing the required bandwidth, the signaling packet included in the received response packet is transmitted to the destination terminal side (step 151), and thereafter, the reception of the next signaling bucket is awaited.
尚、 ステップ 1 0 2において問い合わせ済みフラグがセットされていれば第 1 実施例と同様にステップ 1 1 1以降の処理を行う。  If the inquired flag is set in step 102, the processes in and after step 111 are performed as in the first embodiment.
(D) 第 3実施例  (D) Third embodiment
第 1実施例では中継装置 1 3からの問い合わせに対してサーバ 1 4は資源予約 の許可、 不許可を判定し、 判定結果を中継装置に通知するだけであつたが、 優先 度を付けて資源予約を許可することによリューザに応じたよりきめ細かなサービ ス管理が可能になる。  In the first embodiment, in response to an inquiry from the relay device 13, the server 14 determines permission or non-permission of resource reservation and only notifies the relay device of the determination result. By permitting reservations, more fine-grained service management according to Liza can be performed.
図 1 1は優先度を付けて資源予約を許可をする第 3実施例の資源予約処理フロ —であリ、 図 7の第 1実施例と同一部分には同一符号を付している。 図 1 2は優 先度を考慮した中継装置の資源確保処理フロー、 図 1 3は第 3実施例の資源管理 テーブル例、 図 1 4は第 3実施例の各種パケット構成例である。  FIG. 11 is a flowchart of a resource reservation process according to a third embodiment for assigning priorities and permitting resource reservation. The same parts as those in the first embodiment in FIG. 7 are denoted by the same reference numerals. FIG. 12 is a flowchart of the resource securing processing of the relay device in consideration of the priority, FIG. 13 is an example of a resource management table of the third embodiment, and FIG. 14 is an example of various packet configurations of the third embodiment.
資源管理テ一ブルは図 1 3に示すように、 第 1実施例の資源管理テーブル (図 4 ) とほぼ同様の内容を管理しているが、 割当済み帯域管理テーブル 13f-2にお いてパケット識別子、 優先度、 割当帯域の対応を管理する点で異なる。 又、 各パ ケットは図 14に示すように第 1実施例のパケット (図 8) とほぼ同様の構成を 備えているが、 (1) シグナリングパケットのデータ部 22に優先度項目欄が設け られている点、 (2) 許可応答パケットに優先度が付加されている点が異なる。 As shown in FIG. 13, the resource management table manages almost the same contents as the resource management table (FIG. 4) of the first embodiment, but the packet is stored in the allocated bandwidth management table 13f-2. It differs in that it manages the correspondence between identifiers, priorities, and allocated bandwidth. In addition, each The packet has substantially the same configuration as the packet of the first embodiment (FIG. 8) as shown in FIG. 14, but (1) a priority item column is provided in the data section 22 of the signaling packet. (2) The difference is that the priority is added to the permission response packet.
(a) 資源予約処理  (a) Resource reservation processing
初期後、 中継装置 13はシグナリングパケットの受信待ち (ステップ 101) 、 サーバ 14は許可要求パケットの受信待ちになっている (ステップ 201) 。 かかる状態において、 中継装置 13はシグナリングバケツトを受信するとパケ ットタイプを参照して、 資源予約用パケットであるかチェックし、 資源予約用パ ケットであれば、 問い合わせ済みフラグがセットされているかチェックする (ス テツプ 102) 。 問い合わせ済みフラグがセットされていなければ、 中継装置 1 3は許可要求バケツトを作成してサーバ 14に資源予約の許可/不許可を問い合 わせ (ステップ 103) 、 しかる後、 許可応答バケツトの受信待ちになる (ステ ップ 104) 。  After the initial stage, the relay device 13 waits for reception of a signaling packet (step 101), and the server 14 waits for reception of a permission request packet (step 201). In this state, when receiving the signaling bucket, the relay device 13 refers to the packet type and checks whether the packet is a resource reservation packet, and if the packet is a resource reservation packet, checks whether the queried flag is set. (Step 102). If the inquired flag is not set, the relay device 13 creates a permission request bucket and queries the server 14 for permission / non-permission of the resource reservation (step 103), and then waits for the reception of the permission response bucket. (Step 104).
サーバ 14は、 許可要求バケツトを受信すれば、 データバケツト識別情報よリ 送信元端末の IPアドレスを識別し、 つ、 要求資源 (例えば要求帯域) を認識す る。 ついで、 データベース部 14 aに記憶してあるユーザ情報を参照し、 発信元 端末 (ユーザ) 、 要求帯域を使用して通信する権利があるかチ ックする。 ュ 一ザに許容されている帯域 (ユーザ帯域) が要求帯域よリ大きければ予約許可、 小さければ予約不許可と判定し (ステップ 202) 、 ユーザ情報よリ優先度を求 める(ステップ 261) 。 優先度が求まれば、 サーバ 14は該優先度を含む許可 応答パケット (図 14 (c) ) を作成して中継装置 13に送信する (ステップ 2 03) 。  Upon receiving the permission request bucket, the server 14 identifies the IP address of the source terminal based on the data bucket identification information, and recognizes the requested resource (for example, the requested bandwidth). Next, referring to the user information stored in the database unit 14a, it is checked whether the source terminal (user) has a right to communicate using the requested bandwidth. If the bandwidth (user bandwidth) allowed by the user is larger than the requested bandwidth, it is determined that the reservation is permitted, and if the bandwidth is smaller than the requested bandwidth, it is determined that the reservation is not permitted (step 202), and the priority is determined from the user information (step 261). . If the priority is obtained, the server 14 creates a permission response packet (FIG. 14 (c)) including the priority and transmits it to the relay device 13 (step 203).
中継装置 1 3は許可応答バケツトを受信すれば、 予約許可及び予約不許可のい ずれが指示されているかチェックし (ステップ 105) 、 予約不許可が指示され ていれば資源予約サービスを拒否し (ステップ 106) 、 以後、 処理を終了して 次のシグナリングバケツトの受信を待つ。  When receiving the permission response bucket, the relay device 13 checks whether reservation permission or reservation non-permission has been specified (step 105), and rejects the resource reservation service if reservation non-permission has been specified (step 105). Step 106) Thereafter, the processing is terminated and the reception of the next signaling bucket is waited.
一方、 ステップ 105において、 予約許可が指示されていれば優先度を考慮し た後述の資源確保制御を実行し、 要求帯域の確保が可能であるか否かを判断する (ステップ 107' , 108' ) 。 帯域確保ができなければ、 資源予約サービスを拒否し (ステップ 106) 、 以 後、 処理を終了して次のシグナリングバケツトの受信を待つ。 On the other hand, in step 105, if reservation permission is instructed, resource reservation control described later is executed in consideration of priority, and it is determined whether or not the required bandwidth can be reserved (steps 107 'and 108'). ). If the bandwidth cannot be secured, the resource reservation service is rejected (step 106), and thereafter, the processing is terminated and the reception of the next signaling bucket is waited.
資源確保が可能であれば資源管理テーブル (図 13 (a) , (b) ) を更新し 、 問い合わせ済みフラグ及び優先度をセットしたシグナリングバケツトを作成し 、 宛先端末側に送信する (ステップ 109' ) 。 このシグナリングパケットはス テツプ 101で受信したシグナリングバケツ卜の問い合わせ済みフラグをセット に変更し、 かつ、 サーバから受信したシグナリング優先度を含めたものである。 一方、 ステップ 102において、 シグナリングパケットの問い合わせ済みフラ グがセットされていれば、 サーバに資源予約の許可ノ不許可の問い合わせをする ことなく直ちに後述する資源確保制御を実行し、 要求帯域の確保が可能であるか 否かを判断する (ステップ 1 1 1' , 1 1 2' ) 。  If resources can be secured, the resource management tables (FIGS. 13A and 13B) are updated, a signaling bucket in which the queried flag and the priority are set is created, and transmitted to the destination terminal side (step 109). '). This signaling packet changes the queried flag of the signaling bucket received in step 101 to a set, and includes the signaling priority received from the server. On the other hand, if the already-inquired flag of the signaling packet is set in step 102, the resource securing control described later is immediately executed without inquiring of the server whether the resource reservation is permitted or not. It is determined whether or not it is possible (steps 1 1 1 ', 1 1 2').
帯域確保ができなければ、 資源予約サービスを拒否し (ステップ 106) 、 以 後、 処理を終了して次のシグナリングバケツ卜の受信を待つ。  If the bandwidth cannot be secured, the resource reservation service is rejected (step 106), and thereafter, the processing is terminated and the reception of the next signaling bucket is waited.
資源確保が可能であれば資源管理テーブルを更新し、 受信したシグナリングパ ケット (問い合わせ済みフラグがセットされているシグナリングパケット) を宛 先端末側に送信する (ステップ 1 13' ) 。  If resources can be secured, the resource management table is updated, and the received signaling packet (signaling packet with the queried flag set) is transmitted to the destination terminal (step 113 ').
以上のようにすれば、 ユーザに応じたょリきめ細かなサービス管理ができ、 例 えば、 優先度の高いユーザに優先的に資源割リ当てを行うことができる。  In this way, fine-grained service management according to the user can be performed. For example, resource allocation can be performed preferentially for users with high priority.
(b) 資源確保制御  (b) Resource securing control
図 12は図 1 1のステップ 107' 、 ステップ 11 1' における資源確保制御 の処理フローである。  FIG. 12 is a processing flow of the resource securing control in step 107 'and step 11 1' of FIG.
まず、 残リ帯域 F eが要求帯域 より大きいか判定し(ステップ 301) 、 Fe≥Frであれば、 資源予約サービスの受け付けを許容し(ステップ 302) 、 資源管理テーブルを更新し (ステップ 303) 、 処理を終了する。  First, it is determined whether the remaining bandwidth F e is larger than the required bandwidth (step 301). If Fe≥Fr, the resource reservation service is accepted (step 302), and the resource management table is updated (step 303). The process ends.
ステップ 301において要求帯域 Frが残帯域 Feより大きければ、 図 13 (b ) の割当済み帯域管理テーブルを参照して、 サーバから指定されている優先度よ リ低い優先度の予約済みパケットがあるか調べ (ステップ 304) なければ、 資 源予約サービスの受け付けを拒否し (ステップ 305) 、 処理を終了する。  If the requested bandwidth Fr is larger than the remaining bandwidth Fe in step 301, refer to the allocated bandwidth management table in FIG. 13 (b) and check if there is a reserved packet with a lower priority than the priority specified by the server. If it is not checked (step 304), rejection of the resource reservation service is rejected (step 305), and the process ends.
一方、 ステップ 304において、 サーバから指定されている優先度よリ低い優 先度の予約済みバケツトがあれば、 該低優先度の予約済み帯域と残帯域を含めた 総帯域と要求帯域 F rを比べ(ステップ 3 0 6 ) 、 要求帯域の方が大きければ資源 予約サービスの受け付けを拒否し (ステップ 3 0 5 ) 、 処理を終了する。 On the other hand, in step 304, the priority lower than the priority specified by the server If there is a previously reserved bucket, the total bandwidth including the reserved bandwidth of the low priority and the remaining bandwidth is compared with the required bandwidth Fr (step 310). If the required bandwidth is larger, the resource reservation service is performed. Is rejected (step 305), and the process ends.
しかし、 低優先度の予約済み帯域と残帯域を含めた総帯域の方が資源要求帯域 ょリ大きければ、 低優先度の予約済みデータパケットの予約を廃棄し (ステップ 3 0 7 ) 、 資源予約サービスの受け付けを許容し(ステップ 3 0 2 ) 、 資源管理 テーブルを更新し (ステップ 3 0 3 ) 、 処理を終了する。  However, if the total bandwidth including the reserved bandwidth of the low priority and the remaining bandwidth is larger than the resource request bandwidth, the reservation of the low priority reserved data packet is discarded (step 307), and the resource reservation is performed. The service is accepted (step 302), the resource management table is updated (step 303), and the process is terminated.
( E ) 第 4実施例  (E) Fourth embodiment
第 3実施例ではシグナリングバケツトを中継装置で作成したが、 サーバにおい て問い合わせ済みを示す情報及び優先度を含むシグナリングバケツトを作成し、 許可応答バケツトに該シグナリングバケツトを格納して中継装置に送信し、 中継 装置が許可応答バケツトに含まれるシグナリングバケツトを抽出して相手端末側 に送出するように構成することもできる。 このようにすれば、 不正の中継装置が 勝手に問い合わせ済みフラグをセットしたシグナリングバケツトを送出して通信 することを防止することができる。  In the third embodiment, the signaling bucket is created by the relay device. However, a signaling bucket containing information indicating that the inquiry has been completed at the server and the priority is created, and the signaling bucket is stored in the permission response bucket to store the signaling bucket. , And the relay device can extract the signaling bucket included in the authorization response bucket and send it to the partner terminal side. With this configuration, it is possible to prevent an unauthorized relay device from transmitting a signaling bucket in which the inquired flag is set without permission and performing communication.
図 1 5は第 4実施例の資源予約処理フローでぁリ第 3実施例の処理フロー (図 1 1 ) と同一ステップには同一番号を付している。  FIG. 15 shows the resource reservation processing flow of the fourth embodiment. The same steps as those in the processing flow of the third embodiment (FIG. 11) are given the same numbers.
図 1 6は第 4実施例において使用する許可応答バケツトの説明図でぁリ、 第 3 実施例の許可応答パケット (図 1 4 ( c ) 参照) からシグナリング優先度情報を 削除し、 替わって、 問い合わせ済み情報とシグナリング優先度を含むシグナリン グバケツトが格納されている。  FIG. 16 is an explanatory diagram of the permission / response bucket used in the fourth embodiment. The signaling priority information is deleted from the permission / response packet of the third embodiment (see FIG. 14 (c)). A signaling bucket containing queried information and signaling priority is stored.
図 1 5において、 初期後、 中継装置 1 3はシグナリングパケットの受信待ち ( ステップ 1 0 1 ) 、 サーバ 1 4は許可要求パケットの受信待ちになっている (ス テツプ 2 0 1 ) 。  In FIG. 15, after the initial state, the relay device 13 is waiting for reception of a signaling packet (step 101), and the server 14 is waiting for reception of a permission request packet (step 201).
かかる状態において、 中継装置 1 3はシグナリングバケツトを受信するとパケ ットタイプを参照して、 資源予約用パケットであるかチェックし、 資源予約用パ ケットであれば、 問い合わせ済みフラグがセットされているかチェックする (ス テツプ 1 0 2 ) 。 問い合わせ済みフラグがセットされていなければ、 中継装置 1 3は許可要求パケットを作成してサーバ 1 4に資源予約の許可ノ不許可を問い合 わせ (ステップ 1 0 3 ) 、 し力、る後、 許可応答パケットの受信待ちになる (ステ ップ 1 0 4 ) 。 In this state, when receiving the signaling bucket, the relay device 13 refers to the packet type and checks whether the packet is a resource reservation packet, and if the packet is a resource reservation packet, checks whether the queried flag is set. (Step 102). If the queried flag is not set, the relay device 13 creates a permission request packet and queries the server 14 for permission / non-permission of resource reservation. (Step 104), and after that, it waits for the reception of the permission response packet (step 104).
サーバ 1 4は、 許可要求バケツトを受信すれば、 データバケツト識別情報より 送信元端末の IPアドレスを識別し、 つ、 発信元端末の要求資源 (例えば要求帯 域) を認識する。 ついで、 データベース部 1 4 aに記憶してあるユーザ情報を参 照し、 発信元端末 (ユーザ) 力 要求帯域を使用して通信する権利があるかチェ ックする。 ユーザに許容されている帯域 (ユーザ帯域) が要求帯域よリ大きけれ ば予約許可、 小さければ予約不許可と判定する (ステップ 2 0 2 ) 。  Upon receiving the permission request bucket, the server 14 identifies the IP address of the source terminal from the data bucket identification information, and recognizes the requested resource (eg, request band) of the source terminal. Then, referring to the user information stored in the database section 14a, it is checked whether or not the source terminal (user) has the right to communicate using the requested bandwidth. If the band allowed by the user (user band) is larger than the requested band, it is determined that the reservation is permitted, and if the band is smaller, the reservation is not permitted (step 202).
サーバ 1 4は、 予約不許可であれば、 第 1実施例と同様の応答パケット (図 8 ( c ) ) を作成して中継装置 1 3に送信する (2 7 1, 2 7 4 ) 。 しかし、 予約 許可であれば、 ユーザ情報よリ優先度を求め(ステップ 2 7 2 ) 、 該優先度を含 み、 かつ、 問い合わせ済みフラグがセットされたシグナリングパケットを作成す る (ステップ 2 7 3 ) 。 ついで、 サーバ 1 4は該シグナリングパケットを格納し た許可応答パケット (図 1 6参照) を作成し、 中継装置 1 3に送信する (2 7 4 ) 。  If the reservation is not permitted, the server 14 creates a response packet (FIG. 8 (c)) similar to that of the first embodiment and sends it to the relay device 13 (271, 274). However, if the reservation is permitted, a priority is obtained from the user information (step 2722), and a signaling packet containing the priority and having the inquired flag set is created (step 2732). ). Next, the server 14 creates an authorization response packet (see FIG. 16) storing the signaling packet, and transmits it to the relay device 13 (274).
中継装置 1 3は許可応答バケツトを受信すれば、 予約許可及び予約不許可のい ずれが指示されているかチェックし (ステップ 1 0 5 ) 、 予約不許可が指示され ていれば資源予約サービスを拒否し (ステップ 1 0 6 ) 、 以後、 処理を終了して 次のシグナリングバケツトの受信を待つ。  Upon receiving the permission response bucket, the relay device 13 checks whether reservation permission or reservation non-permission has been specified (step 105), and rejects the resource reservation service if reservation non-permission has been specified. Then (step 106), thereafter, the processing is terminated and the reception of the next signaling bucket is waited.
一方、 予約許可が指示されていれば、 以後、 ステップ 1 0 7 ' 以降の処理を実 行する。 そして、 要求帯域を確保した後、 受信した許可応答パケット中に含まれ るシグナリングバケツトを宛先端末側に送信し (ステップ 1 6 1 ) 、 以後、 次の シグナリングバケツトの受信を待つ。  On the other hand, if the reservation permission is instructed, the process from step 107 'is executed thereafter. Then, after securing the requested bandwidth, it transmits the signaling bucket included in the received response packet to the destination terminal side (step 161), and thereafter waits for reception of the next signaling bucket.
尚、 ステップ 1 0 2において問い合わせ済みフラグがセットされていれば第 3 実施例と同様にステップ 1 1 1以降の処理を行う。  If the inquired flag is set in step 102, the processing from step 111 is performed in the same manner as in the third embodiment.
( F ) 第 5実施例  (F) Fifth embodiment
以上の実施例では、 自分で要求した資源を使用して通信する権利をユーザが有 している力否かに基づいて、 サーバよリ中継装置に資源予約の許可、 不許可をす るものであった。 第 5実施例では、 以上の条件に加えて、 通信経路上の全ての中 継装置が要求資源の確保ができる場合に資源予約の許可をする。 In the above embodiment, the server reserves or denies the resource reservation to the relay device based on whether or not the user has the right to communicate using the resource requested by the user. there were. In the fifth embodiment, in addition to the above conditions, If the relay device can secure the required resources, the resource reservation is permitted.
図 1 7は第 5実施例の資源予約制御を行うサーバ 1 4の構成図である。 このサ —バ 1 4は、 ①資源予約の許可 不許可を判断するために必要な各種情報を記憶 するデータベース部 1 4 a、 ②中継装置から資源予約の許可 Z不許可を問い合わ せるバケツトを受信する許可要求バケツト受信部 1 4 b、 ③許可要求バケツトを 受信した時、 資源予約の許可 Z不許可を判定する予約許可判定処理部 1 4 c、 ④ 資源予約の許可 Z不許可を示す情報を含むバケツトを生成する許可応答バケツト 生成部 1 4 d、 ⑤許可応答バケツトを中継装置に送信する許可応答バケツト送信 部 1 4 e、 ⑥発信元端末の IPアドレス、 宛先端末の I Pアドレス及ぴトポロジ情報 を用いて両端末間の経路上の中継装置を特定する中継装置特定部 1 4 f を有して いる。  FIG. 17 is a configuration diagram of a server 14 that performs resource reservation control according to the fifth embodiment. This server 14 is composed of 1) a database section 14a for storing various information necessary for determining permission / non-permission of resource reservation, and 2) a bucket for inquiring permission / non-permission of resource reservation from the relay device. Receiving request bucket receiving unit 14b, ③Reservation permission judging unit 14c, which determines permission of resource reservation when receiving permission request bucket, and determines Z non-permission. 情報 Information indicating permission of resource reservation Z not permitted Acknowledgment bucket generating unit 14 d for generating a bucket including: 許可 an acknowledgment bucket transmitting unit 14 e for transmitting the acknowledgment bucket to the relay device, IP the IP address of the source terminal, the IP address of the destination terminal and the topology It has a relay device specifying unit 14f that specifies the relay device on the route between the two terminals using the information.
データベース部 1 4 aは、 網リソース情報保持部 14a- 1とポリシー情報保持部 1 4a- 2を備え、 網リソース情報保持部 14a - 1はトポロジ 経路情報及び機器固有情 報を保持し、 ポリシー情報保持部 14a- 2はユーザ情報及び運用ポリシ一情報を保 持する。 各種情報のうち、 ユーザ情報はユーザ (端末) の属性を示すものである (図 6 ) 。 機器固有情報は、 図 1 8に示すように中継装置 (ルータ等) の属性を 示すもので、 ①ルータの I Pアドレス、 ②最大使用可能帯域、 ③割当済み帯域、 ④ 残リ帯域、 ⑤その他のルータ固有情報を有している。  The database unit 14a includes a network resource information holding unit 14a-1 and a policy information holding unit 14a-2. The network resource information holding unit 14a-1 holds topology route information and device specific information, and policy information. The holding unit 14a-2 holds user information and operation policy information. Among various types of information, user information indicates the attributes of the user (terminal) (Fig. 6). The device-specific information indicates the attributes of the relay device (router, etc.) as shown in Fig. 18; 1) the IP address of the router, 2) the maximum available bandwidth, 3) the allocated bandwidth, 4) the remaining bandwidth, and 4) other information. Has router-specific information.
トポロジ情報は図 1 9 (a), (b)に示すように中継装置の接続関係を示すもので ある。 図 1 9 (c) に示すようにルータ A〜Eが接続されている場合、 ルータ Aの トポロジ情報は図 1 9 (a) に示すように隣接ルータの IPアドレスをリストとした ものとなリ、 ルータ Bのトポロジ情報は図 1 9 (b) に示すように隣接ルータの I P アドレスをリストとしたものとなる。 すなわち、 図 1 9 (a)は 192. 168. 15. 1とい う IPァドレスを有するルータ Aが 3つのルータ B〜Dに接続されていることを表 現している。 3つのルータのうち、 192. 168. 10. 1というアドレスを持つルータ B に関しては、 図 1 9 (b)に示すように隣接する 2つのルータ A, Eがあることを 示している。 このようにあるルータに接続されているルータを列挙したものを 1 つの表として表現し、 それをノ一ドの個数分用意することでネットワークのトポ ロジを表現して保持する。 第 5実施例において使用するパケッ トの構成は図 8と同じでぁリ、 又、 全体の 資源予約処理も図 7の第 1実施例の処理と同じである。 異なるのは、 サーバ 1 4 の予約許可判定処理である。 The topology information indicates the connection relationship of the relay devices as shown in Figs. 19 (a) and (b). When routers A to E are connected as shown in Fig. 19 (c), the topology information of router A is a list of IP addresses of neighboring routers as shown in Fig. 19 (a). As shown in Fig. 19 (b), the topology information of Router B is a list of IP addresses of neighboring routers. That is, FIG. 19 (a) shows that router A having an IP address of 192.168.15.1 is connected to three routers B to D. Of the three routers, router B with an address of 192.168.10.1 indicates that there are two adjacent routers A and E as shown in Fig. 19 (b). In this way, a list of routers connected to a certain router is represented as a single table, and the number of nodes is prepared to represent and hold the topology of the network. The configuration of the packet used in the fifth embodiment is the same as that of FIG. 8, and the entire resource reservation process is the same as the process of the first embodiment in FIG. The difference is the reservation permission determination process of the server 14.
図 2 0は第 5実施例におけるサーバ 1 4の予約許可判定処理フローである。 サーバ 1 4は許可要求バケツトを中継装置 1 3ょリ受信すると (ステップ 4 0 1 ) 、 データパケット識別情報よリ送信元端末の IPアドレスを識別し、 力つ、 要 求資源 (例えば要求帯域) を認識する。 ついで、 データベース部 1 4 aに記憶し てあるユーザ情報を参照して、 発信元端末 (ユーザ) が要求帯域で通信する権利 があるかチェックする。 例えば、 ユーザに許容されている帯域 (ユーザ帯域)が要 求帯域よリ大きいかチェックし、 ユーザ帯域が要求帯域よリ大きければ予約可能 、 小さければ予約不可能であると判定する (ステップ 4 0 2 ) 。  FIG. 20 is a flowchart of a reservation permission determination process of the server 14 in the fifth embodiment. When the server 14 receives the permission request bucket from the relay device 13 (step 401), the server 14 identifies the IP address of the source terminal from the data packet identification information, and outputs the required resources (for example, the required bandwidth). Recognize. Next, referring to the user information stored in the database section 14a, it is checked whether the source terminal (user) has the right to communicate in the requested band. For example, it is checked whether the bandwidth allowed for the user (user bandwidth) is larger than the required bandwidth, and it is determined that the reservation is possible if the user bandwidth is larger than the required bandwidth, and that the reservation is impossible if the user bandwidth is smaller than the required bandwidth (step 40). 2).
判定結果が予約不可能であれば (ステップ 4 0 3 ) 、 サーバ 1 4は予約不許可 を示す応答パケットを作成して中継装置に送出し (ステップ 4 0 4 ) 、 以後、 次 の許可要求バケツトの受信を待つ。  If the result of the determination is that the reservation is not possible (step 4003), the server 14 creates a response packet indicating that the reservation is not permitted and sends it to the relay device (step 404). Thereafter, the next permission request bucket is transmitted. Wait for reception.
一方、 判定結果が予約可能であれば、 サーバ 1 4はパケット識別情報に含まれ る発信元端末と宛先端末の IPァドレス及びトポロジ情報を用いて、 両端末間の通 信経路を求め、 該通信経路上の全中継装置を特定する (ステップ 4 0 5 ) 。 たと えば、 サーバ 1 4は、 ダイクストラ D i j ks t r aのアルゴリズムを用いて両端末間の 最短パスを計算し、 該パス情報より発信元端末から宛先端末への I Pルーチング情 報を求め、 該 I Pルーチング情報を用いて、 両端末間を中継する全中継装置を特 定する。  On the other hand, if the determination result indicates that the reservation can be made, the server 14 obtains a communication route between the two terminals using the IP address and the topology information of the source terminal and the destination terminal included in the packet identification information, and performs the communication. All the relay devices on the route are specified (Step 405). For example, the server 14 calculates the shortest path between the two terminals using the Dijkstra Dijkstra algorithm, obtains IP routing information from the source terminal to the destination terminal from the path information, and obtains the IP routing information. Using the information, identify all the relay devices that relay between both terminals.
ついで、 通信経路上の全中継装置のルータ情報を参照し、 全中継装置に要求帯 域以上の残リ帯域が存在するかチェックし (ステップ 4 0 6 ) 、 1つでも要求帯 域以上の残り帯域が存在しなければ予約不許可を示す応答バケツトを作成して中 継装置に送出する (ステップ 4 0 4 ) 。  Next, by referring to the router information of all the relay devices on the communication path, it is checked whether or not there is a remaining bandwidth exceeding the required band in all the relay devices (step 406). If the band does not exist, a response bucket indicating that the reservation is not permitted is created and transmitted to the relay device (step 404).
しかし、 全中継装置に要求帯域以上の残リ帯域が存在すれば予約許可を示す応 答パケットを作成して中継装置に送出し (ステップ 4 0 7 ) 、 以後、 次の許可要 求バケツトの受信を待つ。  However, if there is a remaining bandwidth exceeding the required bandwidth in all the relay devices, a response packet indicating reservation permission is created and transmitted to the relay device (step 407), and thereafter, the next permission request bucket is received. Wait for.
以上の第 5実施例によれば、 確実に各中継装置において資源確保ができ、 通信 端末間での通信が可能になる。 又、 いずれかの中継装置において資源確保が不可 能な場合には、 第 2番目以降の中継装置へシグナリングバケツトを送信する必要 がないため、 トラブイックの増加を抑えることができる。 According to the fifth embodiment, the resources can be reliably secured in each relay device, Communication between terminals becomes possible. Also, if resources cannot be secured in any of the relay devices, there is no need to transmit a signaling bucket to the second and subsequent relay devices, so that an increase in traffic can be suppressed.
(G) 第 6実施例  (G) Sixth embodiment
以上では、 シグナリングバケツトに問い合わせ済み情報を暗号化せずそのまま 揷入して送信した場合であるが、 暗号化して揷入することによリ悪意の中継装置 による不正通信を防止することができる。  In the above description, the information already inquired into the signaling bucket is input without encryption and transmitted as it is. By encrypting and inserting, it is possible to prevent unauthorized communication by a malicious relay device. .
図 2 1は問い合わせ済み情報を暗号化する第 6実施例の資源予約処理フローで ぁリ、 図 7の第 1実施例と同一部分には同一符号を付している。 第 1実施例と異 なる点は、  FIG. 21 is a flowchart of a resource reservation process according to the sixth embodiment for encrypting the queried information, and the same reference numerals are given to the same parts as those in the first embodiment in FIG. The difference from the first embodiment is that
(1) シグナリングパケットを受信したとき (ステップ 1 0 1 ) 、 復号処理を実 行し (ステップ 5 0 1 ) 、 復号結果に基づいて問い合わせ済み情報の有無を判定 する点、  (1) When a signaling packet is received (step 101), decoding processing is executed (step 501), and the presence or absence of the queried information is determined based on the decoding result.
(2) 資源確保制御にょリ帯域を確保した後(ステップ 1 0 8 ) 、 問い合わせ済 み情報を暗号化し (ステップ 5 0 2 ) 、 暗号データを含むシグナリングパケット を作成して送信する点 (ステップ 5 0 3 ) である。  (2) After securing the bandwidth for resource securing control (step 108), encrypt the queried information (step 502), and create and transmit a signaling packet containing encrypted data (step 5). 0 3).
以上のように暗号化することによって、 サーバの許可がおリていない予約要求 のシグナリングバケツトに勝手に問い合わせ済み情報を付けて通信する事態の発 生を防止できる。  By performing encryption as described above, it is possible to prevent a situation in which a signaling bucket of a reservation request for which the server has not been granted permission is arbitrarily attached with the already-inquired information and communicates.
以上では、 問い合わせ済み情報を単独で暗号化した場合であるが、 問い合わせ 済み情報が一定値であるため、 容易に暗号方式 (暗号キー) を見破られて悪用さ れる可能性がある。 そこで、 暗号化する際、 シーケンシャル番号を発生し、 該シ ーケンシャル番号と問い合わせ済み情報を一体にして暗号化する。 このようにす れば暗号化される情報が一定値でなくなるため容易に喑号キーを見破れなくなリ 、 悪用を防止できる。 図 2 2はシーケンシャル番号を備えたシグナリングバケツ トの構成例、 図 2 3は該シグナリングバケツトを用いたときの手順説明図である 。 以下、 シーケンシャル番号を備えたシグナリングパケットを用いたときの手順 を説明する。 ただし、 暗号化、 復号化で使用する数式には次式の性質があるもの とする。 暗号キー ·復号キー = 1 In the above description, the queried information is encrypted independently. However, since the queried information has a constant value, the encryption method (encryption key) may be easily discovered and misused. Therefore, when encrypting, a sequential number is generated, and the sequential number and the queried information are integrally encrypted. In this way, since the information to be encrypted does not have a constant value, it is possible to easily prevent the 喑 key from being seen, and to prevent abuse. FIG. 22 is a configuration example of a signaling bucket provided with a sequential number, and FIG. 23 is an explanatory diagram of a procedure when the signaling bucket is used. Hereinafter, a procedure when a signaling packet having a sequential number is used will be described. However, the mathematical formulas used for encryption and decryption have the following properties. Encryption keyDecryption key = 1
喑号キー ·データ '復号キー  No. key · Data 'Decryption key
=喑号キー ·復号キー ·データ  = 喑 Sign key · Decryption key · Data
=データ  = Data
(1) 資源の予約を要求する端末 1 1が予約要求のシグナリングバケツト(RESV) を通信相手の端末 1 2宛てに送信する。  (1) The terminal 11 requesting resource reservation transmits a reservation request signaling bucket (RESV) to the terminal 12 of the communication partner.
(2) シグナリングパケット(RESV)を最初に受信した中継装置 1 3 1は、 資源予 約サービスを管理しているサーバ 1 4へ資源予約要求を許可してよいか否かを問 い合わせる許可要求パケットを送信する。  (2) The relay device 13 1 that first receives the signaling packet (RESV) requests the server 14 that manages the resource reservation service to inquire whether the resource reservation request can be permitted. Send a packet.
(3) 許可要求パケットを受信したサーバ 1 4は、 予約要求を許可してよいか否 かを判断する。  (3) The server 14 that has received the permission request packet determines whether the reservation request may be permitted.
(4) 許可する場合には、 中継装置 1 3 iへ許可応答パケットを送信し、 予約許 可を通知する。  (4) If permission is granted, a permission response packet is transmitted to the relay device 13i to notify the reservation permission.
(5) 予約許可を示した許可応答パケットを受信した中継装置 1 3 iは、 資源予 約のための処理を行う。 そしてシーケンシャル番号を作成し、 作成したシーケン シャル番号と問い合わせ済み情報とを一体にし、 暗号キーを使って暗号化する。  (5) Upon receiving the permission response packet indicating reservation permission, the relay device 13i performs a process for resource reservation. Then, a sequential number is created, and the created sequential number and the inquired information are combined and encrypted using an encryption key.
(シーケンシャル番号 +問い合わせ済み情報) ·暗号キー =喑号情報  (Sequential number + Inquired information) · Encryption key = No. information
そして、 シグナリングパケット(RESV)に、 暗号化された問い合せ済み情報を添 付し、 宛先端末に送信する。  Then, the encrypted inquiry information is attached to the signaling packet (RESV) and transmitted to the destination terminal.
(6) 暗号ィ匕された問い合せ済み情報が格納されたシグナリングバケツト(RESV) を受信した中継装置 1 3 2は、 復号キーを用いて、 次式によリシグナリングパケ ット(RESV)中の暗号化情報を復号化する。 (6) Encryption I spoon has been query completion information has been received the stored signaling bucket preparative (RESV) relay device 1 3 2, using the decryption key, by re signaling packetized into equation Tsu preparative (RESV) in Decrypts the encrypted information.
喑号情報 ·復号キー = (シーケンシャル番号 +問い合わせ済み情報)  No. information · Decryption key = (Sequential number + Inquired information)
そして、 問い合わせ済み情報が格納されていることを確認し、 サーバ 1 4へ予約 要求の許可を問い合わせずに資源予約のための処理を行う。 Then, it confirms that the inquired information is stored, and performs the process for resource reservation without inquiring the server 14 of permission of the reservation request.
(7) そして、 受信した暗号化された問い合せ済み情報が格納されたシグナリン グパケット(RESV)を宛先端末に送信する。  (7) Then, a signaling packet (RESV) storing the received encrypted inquiry information is transmitted to the destination terminal.
(8) 最終的に、 宛先端末 1 2がシグナリングパケット(RESV)を受信することに よって資源予約サービスが完了する。 (H) 変形例 (8) Finally, the resource reservation service is completed when the destination terminal 12 receives the signaling packet (RESV). (H) Modification
以上では、 サーバに資源予約の許可を問い合わせて通信する場合について説明 したが、 資源予約サービスのみでなく、 他のサービスの提供あるいはサービスの 開始をサーバに問い合わせ、 サーバからの許可応答に基づいてサービスを提供し 、 あるいはサービスを開始して通信を行うように構成することもできる。  In the above, the case where communication is performed by inquiring of the server for permission to reserve resources has been described. , Or a service can be started to perform communication.
すなわち、 ネットワークを構成する中継装置 (ネットワーク機器)と、 ネットヮ ーク機器からの要求に対して所定の処理を行って応答するサーバ(ネットワーク 機器制御装置)を備え、 2つの端末間の経路上に存在する中継装置の資源を確保 してから該端末間で通信を行う通信システムにおいて以下の通信方式が可能であ る。  In other words, there is a relay device (network device) that configures the network, and a server (network device control device) that performs predetermined processing and responds to requests from the network device, and is provided on a route between two terminals. The following communication methods are possible in a communication system that performs communication between the terminals after securing resources of an existing relay device.
(1) 一方の端末よリ他方の端末へ向けて、 端末間の経路上に存在する中継装置 に所定のサービス開始を要求するシグナリングバケツトを送信する。  (1) One terminal transmits a signaling bucket requesting the start of a predetermined service to a relay device existing on a path between terminals, from one terminal to another terminal.
(2) 該シダナリングバケツトを受信した中継装置よリ中継装置制御装置(サー バ)にサービス開始が可能であるか否かを問い合わせる。  (2) The relay device that has received the shidanering bucket inquires of the relay device control device (server) whether or not the service can be started.
(3) 該問い合わせによリサーバでは、 予め記憶してある参照情報を用いてサ一 ビス開始の可否判定を行い、 判定結果を中継装置に応答する。  (3) In response to the inquiry, the server uses the reference information stored in advance to determine whether service can be started or not, and returns the determination result to the relay device.
(4) 中継装置では、 サーバよリサービス開始の許可応答を受信すれば、 サービ ス実行に必要な資源を確保し、 問い合わせ済み情報を含むシグナリングバケツト を次段に送出する。  (4) Upon receiving the response from the server to permit the start of the service, the relay device secures resources necessary for service execution and sends a signaling bucket containing the queried information to the next stage.
(5) 問い合わせ済み情報を含むシグナリングバケツトを受信した中継装置では 、 サーバにサービス開始の可否を問い合わせすることなくサービス実行に必要な 資源を確保し、 かつ、 問い合わせ済み情報を含むシグナリングパケットを次段に に送出する。  (5) Upon receiving the signaling bucket containing the queried information, the relay device secures the resources required for service execution without inquiring of the server whether the service can be started or not, and relays the signaling packet containing the queried information to the next device. Send to the next step.
尚、 サーバにおいて問い合わせ済み情報を含むシグナリングバケツトを作成し 、 前記判定結果を中継装置に通知する応答バケツトに該シグナリングバケツトを 含ませ、 中継装置は応答バケツトに含まれるシグナリングバケツトを抽出して通 信相手端末側に送出するように構成することもできる。  The server creates a signaling bucket containing the queried information, includes the signaling bucket in the response bucket notifying the relay device of the determination result, and extracts the signaling bucket included in the response bucket. It can also be configured to send the data to the communication partner terminal.
( I ) 効果  (I) Effect
以上本発明によれば、 第 2番目以降の中継装置とサーバ間での予約要求許可の 問い合わせを省略することが可能になり、 トラフィック増加、 及びシグナリング バケツトの中継遅延の増加を抑えることができる。 According to the present invention, the reservation request permission between the second and subsequent relay devices and the server is It is possible to omit the inquiry, and it is possible to suppress an increase in traffic and an increase in relay delay of the signaling bucket.
本発明によれば、 資源予約の権利にグレード (優先度) を付けて中継装置に資 源予約許可をするため、 ユーザに応じたょリきめ細かなサービス管理ができる。 例えば、 優先度の高いユーザに優先的に資源割リ当てを行うことができる。 本発明によれば、 シグナリングバケツトに揷入する問い合わせ済み情報を暗号 化することにより、 正当な中継装置のみが問い合わせ情報を揷入でき、 悪意の中 継装置が勝手に問い合わせ済み情報を付加する事態を回避することができる。 本発明によれば、 シーケンシャル番号を問い合わせ情報に加えて暗号化するこ とによリ、 よリ効果的に悪意の中継装置が勝手に問い合わせ済み情報を付加する 事態を回避することができる。  According to the present invention, since the resource reservation right is assigned a grade (priority) to permit the relay apparatus to reserve the resource, it is possible to perform detailed service management according to the user. For example, resources can be allocated preferentially to users with high priority. According to the present invention, by encrypting the queried information to be input to the signaling bucket, only valid relay devices can input the queried information, and the malicious relay device adds the queried information without permission. Things can be avoided. According to the present invention, by encrypting the sequential number in addition to the inquiry information, it is possible to avoid a situation in which a malicious relay device adds the inquired information without permission.
本発明によれば、 サーバは各中継装置の資源状態を保持し、 資源予約の問い合 わせによリ通信端末間の経路を求め、 該経路上の全中継装置が要求資源の確保が 可能であるか否かを前記資源状態を参照して判定し、 全ての中継装置で資源確保 が可能であれば、 資源予約許可の応答をするようにしたから、 確実に各中継装置 において資源確保ができ、 通信端末間での通信が可能になる。 又、 いずれかの中 継装置において資源確保が不可能な場合には、 第 2番目以降の中継装置へシダナ リングバケツトを送信する必要がないため、 トラフィックの増加を抑えることが できる。  According to the present invention, the server holds the resource status of each relay device, obtains a route between the remote communication terminals by inquiring for resource reservation, and all the relay devices on the route can secure required resources. It is determined whether or not there is any resource by referring to the resource status. If resources can be secured in all the relay devices, a response to resource reservation permission is made, so that the resources can be securely secured in each relay device. Communication between communication terminals becomes possible. Also, if resources cannot be secured in any of the relay devices, there is no need to transmit the sidan ringing bucket to the second and subsequent relay devices, so that an increase in traffic can be suppressed.
本発明によれば、 資源予約サービスの許可をサーバに問い合わせて通信する場 合に限らず、 その他のサービスの提供あるいはサービスの開始をサーバに問い合 わせ、 サーバからの許可応答に基づいて通信を行う場合にも適用できる。  According to the present invention, the present invention is not limited to the case where communication is performed by inquiring of the server for permission of the resource reservation service. It is also applicable when performing.

Claims

請求の範囲 The scope of the claims
1 . ネットワークを構成するネットワーク機器と、 ネットワーク機器からの要 求に対して所定の処理を行って応答するネットワーク機器制御装置を備え、 2つ の端末間の経路上に存在するネッ トワーク機器の資源を確保してから該端末間で 通信を行う通信システムの資源予約方法において、  1. A network device that comprises a network, and a network device controller that responds to requests from the network device by performing predetermined processing. The resources of the network device that exist on the route between two terminals Resource reservation method of a communication system for performing communication between the terminals after securing
一方の端末よリ他方の端末へ向けて、 端末間の経路上に存在するネットワーク 機器の資源を予約するためのシグナリングバケツトを送信し、  A signaling bucket is transmitted from one terminal to the other terminal for reserving resources of a network device existing on a path between the terminals,
該シダナリングバケツトを受信したネットワーク機器よリネットワーク機器制 御装置に資源予約の可否を問い合わせ、  The network device that has received the sidana ringing bucket inquires of the re-network device control device whether resource reservation is possible,
該問い合わせによりネットワーク機器制御装置では、 予め記憶してある参照情 報を用いて資源予約を許可するか否かの判定を行い、 判定結果をネットワーク機 器に応答し、  In response to the inquiry, the network device control device determines whether or not to permit the resource reservation using the reference information stored in advance, and responds to the network device with the determination result.
ネットワーク機器では、 ネットヮ一ク機器制御装置よリ資源予約を許可する応 答を受信すれば資源予約のための処理を行い、 かつ、 問い合わせ済み情報を含む シグナリングバケツトを前記他方の端末側に送出し、  When receiving a response from the network device controller that permits resource reservation, the network device performs processing for resource reservation, and sends a signaling bucket containing the queried information to the other terminal. And
問い合わせ済み情報を含むシグナリングバケツトを受信したネットワーク機器 では、 ネットワーク機器制御装置に資源予約の可否の問い合わせをすることなく 資源予約の処理を行い、 かつ、 問い合わせ済み情報を含むシグナリングパケット を前記他方の端末側に送出する、  The network device that has received the signaling bucket containing the queried information performs resource reservation processing without inquiring of the network device controller whether resource reservation is possible, and transmits the signaling packet containing queried information to the other device. Send to terminal side,
ことを特徴とする資源予約方法。  A resource reservation method characterized in that:
2 . ネットワーク機器制御装置において前記問い合わせ済み情報を含むシグナ リングバケツトを作成し、 前記判定結果をネットワーク機器に通知する応答パケ ットに該シグナリングバケツトを含ませ、 ネットワーク機器は応答バケツトに含 まれるシグナリングバケツトを抽出して前記他方の端末側に送出する、  2. A signaling bucket including the inquired information is created in the network device control device, the signaling packet is included in a response packet notifying the determination result to the network device, and the network device is included in the response bucket. Extracting the signaling bucket and sending it to the other terminal,
ことを特徴とする請求項 1記載の資源予約方法。  The resource reservation method according to claim 1, wherein:
3 . 前記シグナリングバケツトに挿入する問い合わせ済み情報を暗号化するこ とを特徴とする請求項 1または請求項 2記載の資源予約方法。  3. The resource reservation method according to claim 1, wherein the queried information to be inserted into the signaling bucket is encrypted.
4 . 前記シグナリングバケツトに挿入する問い合わせ済み情報にシーケンシャ ル番号を付加し、 問い合わせ済み情報とシーケンシャル番号とを一体に暗号化す る、 4. A sequential number is added to the queried information inserted in the signaling bucket, and the queried information and the sequential number are integrally encrypted. ,
ことを特徴とする特徴とする請求項 1または請求項 2記載の資源予約方法。  3. The resource reservation method according to claim 1, wherein the resource is reserved.
5 . ネットワーク機器制御装置において、 ネッ トワーク機器の資源状態を前記 参照情報として保持し、 資源予約の問い合わせによリ前記端末間の経路上のネッ トワーク機器を求め、 該経路上の全てのネットワーク機器に資源予約が可能であ るか否かをネットワーク機器の資源状態を参照して判定し、 これら全てのネット ワーク機器に資源予約が可能であれば、 予約許可の判定結果をネットワーク機器 に応答する、  5. In the network device control device, the resource status of the network device is held as the reference information, and the network device on the route between the terminals is obtained by inquiry of resource reservation, and all the network devices on the route are obtained. The resource status of the network device is determined by referring to the resource status of the network device, and if the resource reservation is possible for all these network devices, the reservation permission determination result is returned to the network device. ,
ことを特徴とする請求項 1又請求項 2記載の資源予約方法。 '  3. The resource reservation method according to claim 1 or 2, wherein: '
6 . ネットワークを構成するネットワーク機器と、 ネットワーク機器からの要 求に対して所定の処理を行って応答するネットワーク機器制御装置を備え、 2つ の端末間の経路上に存在するネットワーク機器の資源を確保してから該端末間で 通信を行う通信システムの資源予約方法において、  6. Network devices that make up the network, and a network device controller that responds to requests from the network devices by performing predetermined processing, and uses the resources of the network devices that exist on the path between the two terminals. In a resource reservation method for a communication system for performing communication between the terminals after securing the resources,
一方の端末よリ他方の端末へ向けて、 端末間の経路上に存在するネットワーク 機器の資源を予約するためのシグナリングバケツトを送信し、  A signaling bucket is transmitted from one terminal to the other terminal for reserving resources of a network device existing on a path between the terminals,
該シグナリングバケツトを受信したネットワーク機器よリネットワーク機器制 御装置に資源予約の可否を問い合わせ、  The network device that has received the signaling bucket inquires of the re-network device control device whether resource reservation is possible,
該問い合わせによリネットワーク機器制御装置では、 予め記憶してある参照情 報を用いて資源予約を許可するか否かの判定を行い、 許可する場合には、 資源予 約の優先度情報を含めて判定結果をネットワーク機器に応答し、  In response to the inquiry, the renetwork device control device determines whether or not to permit the resource reservation using the reference information stored in advance, and if so, includes the priority information of the resource reservation. Response to the network device
ネットワーク機器では、 ネットワーク機器制御装置よリ資源予約を許可する応 答を受信すれば、 前記優先度情報に基づいて資源予約のための処理を行い、 かつ 、 問い合わせ済み情報を含むシグナリングパケットを前記他方の端末側に送出し 問い合わせ済み情報を含むシグナリングバケツトを受信したネットワーク機器 では、 ネットワーク機器制御装置に資源予約の可否の問い合わせをすることなく 前記優先度情報に基づいて資源予約の処理を行い、 かつ、 問い合わせ済み情報及 び優先度情報を含むシグナリングバケツトを前記他方の端末側に送出する、 ことを特徴とする資源予約方法。 Upon receiving a response from the network device controller that permits resource reservation, the network device performs a process for resource reservation based on the priority information, and transmits a signaling packet including queried information to the other device. The network device that has received the signaling bucket including the queried information sent to the terminal side performs resource reservation processing based on the priority information without inquiring the network device control device whether resource reservation is possible, And transmitting a signaling bucket including the queried information and the priority information to the other terminal.
7 . ネットワーク機器制御装置において前記問い合わせ済み情報及び優先度情 報を含むシグナリングパケ、/トを作成し、 前記判定結果をネットワーク機器に通 知する応答バケツトに該シグナリングバケツトを含ませ、 ネットワーク機器は応 答バケツトに含まれるシグナリングバケツトを抽出して前記他方の端末側に送出 する、 7. In the network device control device, create a signaling packet including the inquired information and the priority information, and include the signaling bucket in a response bucket that notifies the network device of the determination result. Extracts the signaling bucket included in the response bucket and sends it to the other terminal side.
ことを特徴とする請求項 6記載の資源予約方法。  7. The resource reservation method according to claim 6, wherein:
8 . ネットワーク機器は、 ネットワーク機器制御装置によリ許可された資源予 約にかかわる要求帯域分の空きがなければ、 既に予約済みの優先度が低い予約を 廃棄して該要求帯域を確保することを特徴とする請求項 6または請求項 7記載の 資源予約方法。  8. If there is no space for the requested bandwidth related to the resource reservation permitted by the network device controller, the network device shall discard the reserved low-priority reservation and secure the requested bandwidth. 8. The resource reservation method according to claim 6, wherein the resource is reserved.
9 . ネットワークを構成するネットワーク機器と、 ネットワーク機器からの要 求に対して所定の処理を行って応答するネットワーク機器制御装置を備え、 2つ の端末間の経路上に存在するネットワーク機器の資源を確保してから端末間で通 信を行う通信システムにおけるネッ トワーク機器におレ、て、  9. Network devices that make up the network, and a network device control device that responds to requests from the network devices by performing predetermined processing, and uses the resources of the network devices that exist on the path between the two terminals. To secure network devices in a communication system that communicates between terminals after securing them,
資源予約を要求するシグナリングバケツトを送受するシグナリングバケツト送 受信部、  A signaling bucket sending / receiving unit for sending / receiving a signaling bucket requesting resource reservation,
資源予約要求に基づいて所定のシグナリング処理を行うシグナリング処理部、 資源確保のための処理を行う資源確保処理部を備え、  A signaling processing unit that performs a predetermined signaling process based on the resource reservation request; and a resource securing processing unit that performs a process for securing resources.
シグナリング処理部は、 シグナリングパケットを受信したとき、 該シダナリン グバケツトに資源予約の問い合わせ済み情報が含まれているカ判別し、 含まれて いなければ、 ネットワーク機器制御装置に資源予約の許可、 不許可を問い合わせ 資源確保処理部は、 ネットワーク機器制御装置よリ資源予約を許可する応答パ ケットを受信すれば、 あるいは、 シグナリングパケットに資源予約の問い合わせ 済み情報が含まれていれば、 資源予約のための処理を行い、  When the signaling packet is received, the signaling processing unit determines whether or not the information for which resource reservation has been queried is included in the signaling bucket, and if not, permits or denies the resource reservation to the network device control device. The resource securing processor receives the response packet permitting the resource reservation from the network device control device, or, if the signaling packet includes the information about the resource reservation inquiry, Do the processing,
シグナリング処理部は、 問い合わせ済み情報を含むシグナリングバケツトを次 段に送出する、  The signaling processing unit sends a signaling bucket containing the queried information to the next stage.
ことを特徴とするネットワーク機器。  Network equipment characterized by that.
1 0 . 資源予約を許可するネットワーク機器制御装置からの応答バケツトに、 前記問い合わせ済み情報を含むシグナリングバケツトが格納されていれば、 ネッ トワーク機器は該シダナリングバケツトを抽出して次段に送出する、 10. In the response bucket from the network device controller that permits resource reservation, If a signaling bucket containing the queried information is stored, the network device extracts the sidanering bucket and sends it to the next stage.
ことを特徴とする請求項 9記載のネットワーク機器。  10. The network device according to claim 9, wherein:
1 1 . ネットワークを構成するネットワーク機器と、 ネットワーク機器からの 要求に対して所定の処理を行って応答するネットワーク機器制御装置を備え、 2 つの端末間の経路上に存在するネットワーク機器の資源を確保してから端末間で 通信を行う通信システムにおけるネッ トワーク機器制御装置において、  1 1. Equipped with network devices that make up the network and a network device control device that responds by performing predetermined processing in response to requests from the network devices, and secures the resources of the network devices that exist on the path between the two terminals. Network device controller in a communication system that performs communication between terminals after
資源予約の可否を判断するために必要な参照情報を保持する情報保持部、 ネットワーク機器よリ資源予約の可否の問い合わせを受信した時、 前記参照情 報を用いて資源予約の可否を判定する判定処理部、  An information holding unit that holds reference information necessary for determining whether resource reservation is possible. When an inquiry about resource reservation availability is received from a network device, a determination to determine whether resource reservation is possible using the reference information. Processing unit,
資源予約の可否を問い合わせ済みであることを示す問い合わせ済み情報を含む シグナリングパケットを作成する手段、  Means for creating a signaling packet including queried information indicating that resource reservation has been queried;
資源予約の許可を通知する応答バケツトに前記シグナリングバケツトを格納し てネットワーク機器に送出する手段、  Means for storing the signaling bucket in a response bucket for notifying permission of resource reservation and transmitting the signaling bucket to the network device;
を有することを特徴とするネットワーク機器制御装置。  A network device control device, comprising:
1 2 . ネットワークを構成するネットワーク機器と、 ネットワーク機器からの 要求に対して所定の処理を行って応答するネットワーク機器制御装置を備え、 2 つの端末間の経路上に存在するネットワーク機器の資源を確保してから該端末間 で通信を行う通信システムの通信方法において、  1 2. Equipped with network devices that make up the network and a network device control device that responds to requests from the network devices by performing predetermined processing and securing resources for network devices that exist on the path between the two terminals. Then, in a communication method of a communication system for performing communication between the terminals,
一方の端末より他方の端末へ向けて、 端末間の経路上に存在するネットワーク 機器に所定のサービス開始を要求するシグナリングバケツトを送信し、  From one terminal to the other terminal, a signaling bucket requesting a predetermined service start is transmitted to a network device existing on a path between the terminals,
該シグナリングバケツトを受信したネットワーク機器よリネットワーク機器制 御装置にサービス開始が可能であるか否かを問い合わせ、  The network device that has received the signaling bucket inquires of the renetwork device controller whether the service can be started,
該問い合わせによリネットワーク機器制御装置では、 予め記憶してある参照情 報を用いてサービス開始の可否判定を行い、 判定結果をネットワーク機器に応答 し、  In response to the inquiry, the re-network device control device determines whether service can be started using reference information stored in advance, and responds to the network device with the determination result.
ネットワーク機器では、 ネットワーク機器制御装置よリサービス開始の許可応 答を受信すれば、 サービス実行に必要な資源を確保し、 問い合わせ済み情報を含 むシグナリングバケツトを前記他方の端末側に送出し、 問い合わせ済み情報を含むシグナリングバケツトを受信したネットワーク機器 では、 ネットワーク機器制御装置に資源予約サービス開始の可否を問い合わせす ることなく資源予約サービス実行に必要な資源を確保し、 かつ、 問い合わせ済み 情報を含むシグナリングバケツトを前記他方の端末側に送出する、 When the network device receives the re-service start permission response from the network device control device, it secures resources necessary for service execution, and sends a signaling bucket containing the queried information to the other terminal. The network device that has received the signaling bucket containing the queried information secures the resources necessary for the execution of the resource reservation service without inquiring of the network device controller whether or not to start the resource reservation service, and transmits the queried information. Sending a signaling bucket containing the packet to the other terminal side,
ことを特徴とする資源予約方法。  A resource reservation method characterized in that:
1 3 . ネットワーク機器制御装置において前記問い合わせ済み情報を含むシグ ナリングバケツトを作成し、 前記判定結果をネットワーク機器に通知する応答パ ケットに該シグナリングバケツトを含ませ、 ネットワーク機器は応答バケツトに 含まれるシグナリングバケツトを抽出して前記他方の端末側に送出する、 ことを特徴とする請求項 1 2記載の資源予約方法。  13. A signaling bucket including the inquired information is created in the network device control device, and the signaling packet is included in a response packet notifying the determination result to the network device, and the network device is included in the response bucket. 13. The resource reservation method according to claim 12, wherein a signaling bucket to be extracted is extracted and transmitted to the other terminal.
PCT/JP1999/002396 1999-05-10 1999-05-10 Network device, apparatus for controlling network device, and method of resource reservation WO2000069129A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP1999/002396 WO2000069129A1 (en) 1999-05-10 1999-05-10 Network device, apparatus for controlling network device, and method of resource reservation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP1999/002396 WO2000069129A1 (en) 1999-05-10 1999-05-10 Network device, apparatus for controlling network device, and method of resource reservation

Publications (1)

Publication Number Publication Date
WO2000069129A1 true WO2000069129A1 (en) 2000-11-16

Family

ID=14235643

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP1999/002396 WO2000069129A1 (en) 1999-05-10 1999-05-10 Network device, apparatus for controlling network device, and method of resource reservation

Country Status (1)

Country Link
WO (1) WO2000069129A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007004565A (en) * 2005-06-24 2007-01-11 Nippon Telegr & Teleph Corp <Ntt> Method and device for controlling personal environment
JP2009518972A (en) * 2005-12-06 2009-05-07 リッパーシイ・セレッシャル・エルエルシイ Routing digital objects based on service requests
US7720947B2 (en) 2001-05-18 2010-05-18 Fujitsu Limited Method and device for reserving transmission band on internet

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH04168835A (en) * 1990-11-01 1992-06-17 Oki Electric Ind Co Ltd Routing system for atm exchange and routing system for atm exchange network
JPH09247190A (en) * 1996-02-16 1997-09-19 Lucent Technol Inc Operating method for communication network
JPH10308776A (en) * 1997-05-08 1998-11-17 Hitachi Ltd Network resource reserving system
JPH1198147A (en) * 1997-09-18 1999-04-09 Nippon Telegr & Teleph Corp <Ntt> Atm exchange

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH04168835A (en) * 1990-11-01 1992-06-17 Oki Electric Ind Co Ltd Routing system for atm exchange and routing system for atm exchange network
JPH09247190A (en) * 1996-02-16 1997-09-19 Lucent Technol Inc Operating method for communication network
JPH10308776A (en) * 1997-05-08 1998-11-17 Hitachi Ltd Network resource reserving system
JPH1198147A (en) * 1997-09-18 1999-04-09 Nippon Telegr & Teleph Corp <Ntt> Atm exchange

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
HIDEHIRO FUKUSHIMA, TAKESHI ISHIZAKI, OSAMU TAKADA, "Daikibo Internet ni okeru kougi Qos hoshou houshiki no teian", Denshi Jouhou Tsuushin Gakkai Gijutsu Kenkyuu Houkoku, Vol. 98, No. 90, CQ98-2, 29 May, 1998 (29.05.98), pages 9-14. *
HIROSHI NOMURA, et al., "Porishi no motozuku doutekina Qos seigyo houshiki no ichikentou", Denshi Jouhou Tsuushin Gakkai Gijutsu Kenkyuu Houkoku, Vol. 98, No. 542, IN98-150, 22 January, 1999 (22.01.99), pages 69-76. *
JUN'ICHI MURAYAMA et al., "Kouiki networking service platform ni okeru hinshitsu hoshou architecture no sekkei", Denshi Jouhou Tsuushin Gakkai Gijutsu Kenkyuu Houkoku, Vol. 97, No. 564, IN97-160, 20 February, 1998 (21.02.98), pages 1-8. *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7720947B2 (en) 2001-05-18 2010-05-18 Fujitsu Limited Method and device for reserving transmission band on internet
JP2007004565A (en) * 2005-06-24 2007-01-11 Nippon Telegr & Teleph Corp <Ntt> Method and device for controlling personal environment
JP2009518972A (en) * 2005-12-06 2009-05-07 リッパーシイ・セレッシャル・エルエルシイ Routing digital objects based on service requests

Similar Documents

Publication Publication Date Title
JP4727126B2 (en) Providing secure network access for short-range wireless computing devices
US6092113A (en) Method for constructing a VPN having an assured bandwidth
US7649890B2 (en) Packet forwarding apparatus and communication bandwidth control method
JP4541848B2 (en) User terminal connection control method and apparatus
JP2004048234A (en) User authentication system and user authentication method
EP2648371A1 (en) Quality-of-service management system and method
JPH1070540A (en) Radio terminal authentication method for radio network, and radio network
KR100953595B1 (en) Management system for quality of service in home network
US7320034B2 (en) System and method for reserving a virtual connection in an IP network
US20200203027A1 (en) Internet of things connectivity device and method
EP1830520B1 (en) Method and system for redirecting of the client
US7694015B2 (en) Connection control system, connection control equipment and connection management equipment
US7656794B2 (en) Method and apparatus for authenticated quality of service reservation
US20220232000A1 (en) Secure communication system
US8102762B2 (en) Communication control system and communication control method
EP1244265A2 (en) Integrated policy implementation service for communication network
JP2002084306A (en) Packet communication apparatus and network system
WO2000069129A1 (en) Network device, apparatus for controlling network device, and method of resource reservation
US20220368688A1 (en) Secure communication system
Cisco Intranet and Extranet VPN Business Scenarios
JP3771523B2 (en) Gateway device
WO2013060224A1 (en) Secure connection method, system and network element
JP3628557B2 (en) Communication quality control device and recording medium
US20230171228A1 (en) Secure communication system
KR20050054308A (en) Method of managing access terminal identifier applying to packet data communication

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): JP US

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
ENP Entry into the national phase

Ref country code: JP

Ref document number: 2000 617610

Kind code of ref document: A

Format of ref document f/p: F