DNS server, DHCP server, terminal and communication system
The object of the present invention is to provide a DNS server and terminals both of which are capable of sending and receiving communication by means of a small number of IP addresses. In the case where a firewall is not provided, when the DNS server receives an inquiry of a FQDN, it sends a broad cast frame for searching a terminal to which an IP address is assigned via all the network devices. When a terminal monitors the broad cast frame and finds the FQDN to be its own FQDN, it returns the uni-cast frame to the DNS server. When the DNS server receives the uni-cast frame, it makes a look-up table and a reverse look-up table. As a result, the terminal can receive the communication by an ordinary method. In the case where the firewall is provided, by processing an IP address conversion between the external IP address and the internal address by the use of an IP address conversion means NAT in addition to making the look-up table and the reverse look-up table, the terminal can receive communication.
Latest Patents:
1. Field of the Invention
The present invention relates to a DNS (Domain Name System) server, a DHCP (Dynamic Host Configuration Protocol) server, a terminal and a communication system of an Internet capable of supporting a large number of terminals by means of a small number of IP addresses by dynamically assigning a limited number of IP addresses only to now communicating terminals.
2. Description of the Related Art
Among conventional Internets, as shown in
In the conventional system described above, there is presented a problem that each of the terminals 52a, 52b, 52c, - - - , 52n needs to have an address, which leads to the depletion of the IP addresses managed by the DNS server 50.
In order to solve this problem, for example, a system employing the DHCP server 60 shown in
For example, when a terminal 62a is going to conduct the IP communications, the DHCP server 60 assigns an IP address to the terminal 62a. As a result, the terminal 62a can start conducting the IP communications with the other terminals. When the terminal does not conduct the IP communications even after a predetermined time elapses after the completion of this communications, the terminal 62a returns the IP address to the DHCP server 60 and returns to the initial state where it has no IP address.
According to this conventional system, it is essential only that the DHCP server 60 assigns the IP address to the terminal which requires the IP communications every time it requires the IP communications, and hence the DHCP server 60 can manage the terminals 62a to 62n with a small number of IP addresses. Also, this can save the number of ports of the DHCP server 60.
In the conventional system described above, however, an IP address is not previously assigned to each of the terminals 62a to 62n, and hence the terminals 62a to 62n can not receive communication. In other words, the conventional system has a problem that it is designed specifically for sending communication.
SUMMARY OF THE INVENTIONThe object of the present invention is to provide a DNS server, a DHCP server, a terminal and a communication system which can send and receive communication by means of a small number of IP addresses.
In order to achieve the object, the present invention is firstly characterized in that a DNS server comprises means for holding a table in which FQDNs of terminals managed by the DNS server are registered in advance and the list of IP addresses to be broad cast to the outside; address conversion means for converting one of the IP addresses in the list to be broad cast to the outside into one of an address of a data link layer and a network layer in the sense of OSI communications between the terminals managed by the DNS server, when the DNS server receives an inquiry of the FQDN; and registration means for registering the IP addresses in the table in correspondence with the FQDNs, wherein the terminal required to receive communication can receive it. According to the invention, in the case where a fire wall is not provided, the terminal can receive communications through an Internet from the external terminal.
The present invention is secondly characterized in that a communication system comprises an external DNS server provided on a fire wall for managing a correspondence relationship between the FQDN and the IP address of a terminal both of which are to be broad cast to the outside; IP address conversion means NAT provided on the fire wall: and an internal DNS server provided in the firewall and for managing a correspondence relationship between the FQDN and the IP address of a terminal, both of which are used in the fire wall, wherein when there is an inquiry from inside the fire wall, the internal DNS server returns an IP address found from the correspondences relationship between the FQDN and the IP address of a terminal, both of which are used in the fire wall, wherein when there is an inquiry from outside the fire wall, the external DNS server inquires of the internal DNS server an internal IP address corresponding to the FQDN and corresponds one of the IP addresses in the external broad cast list to the internal IP address of the terminal and registers the external IP address in correspondence with the FQDN, and wherein the IP address conversion means NAT converts an IP address (external IP address) destination of a packet passing the fire wall from outside to inside into the internal IP address, and a source IP address (internal IP address) of a packet passing the fire wall from inside to outside into the IP address of the NAT. According to the invention, in the case where the fire wall is provided, the terminal can receive communication from the external terminal.
According to the first and second feature of the invention, IP address are dynamically assigned only to now communicating terminals. Therefore, this makes it possible to eliminate a problem of depletion of the IP address managed by the DNS server and to make the terminal receive and send communication.
The present invention is thirdly characterized in that a terminal corresponding to the FQDN of a broad cast frame sent by the DNS server initializes a network device receiving the broad cast frame by the IP address and the net mask given by the broad cast frame. According to the invention, the terminal which is required of receiving is dynamically assigned IP address and can receive communication.
BRIEF DESCRIPTION OF THE DRAWINGS
The present invention will be hereinafter described in detail with reference to the accompanying drawings.
As shown in
An operation when the terminal pc1 receives communication in the above system, for example, will be described with reference to
Now, as shown in
On the other hand, if there is a not-yet-used IP address, the DNS server 1 sends a broad cast frame for searching a terminal, to which an IP address is to be assigned, by the standards of Ethernet, through all of the network devices Ndev (for example, Ndev 2 in
When the broad cast frame in
In the above-mentioned uni-cast frame, as shown in
When the DNS server 1 receives this uni-cast frame, it describes the assigned IP address, for example, “133.128.8.15” in the IP address column, to which an IP address has been not yet assigned, of the look-up table 5 (see
Next, the terminal pc1 monitors the state of itself after the communications start (S2) and when the terminal pc1 detects that the terminal pc1 is not used for 15 minutes, for example, the terminal pc1 sends an IP address return command (UDP packet) for returning the assigned IP address to the DNS sever 1. When the DNS server 1 receives the IP address return command, it returns a signal ACK 1 to the terminal pc1. When the terminal pc1 receives the ACK 1, it returns a signal ACK 2 to the DNS server 1 and resets the network device Ndev corresponding thereto (S3). Here, when the terminal pc1 does not receive the above-mentioned ACK 1 within a predetermined period after it sends the IP address return command, it sends the IP address return command to the DNS server 1 once more.
When the DNS server 1 receives the above-mentioned ACK 2, it deletes the IP address assigned to the terminal pc1 from the look-up table 5 and the reverse look-up table (S4) and registers the IP address once more in a set of not-yet-used IP addresses.
In this manner, according to the present embodiment, it is possible to receive communications through the Internet from the external terminal.
In this connection, the difference between the case where the terminal pc1 sends communication, for example, in the above-mentioned system and the conventional DHCP server will be described with reference to
When the terminal pc1 sends a signal DHCPDISCOVER, the DHCP server 4 receiving the signal DHCPDISCOVER asks the DNS server 1 whether the DNS server 1 has a not-yet-used IP address or not in the state where it determines the setting of the terminal (S71). If the DNS server 1 has an unassigned IP address, it returns a signal ACK 71 to this inquiry to the DHCP server 4 and the DHCP server 4 returns a signal DHCPOFFER to the terminal pc1 by the use of the IP address assigned by the DNS server 1. When the terminal pc1 selects the assigned setting information (S72), it puts the FQDN previously set to itself in the Host Name option of a DHCPREQUEST and returns the DHCPREQUEST to the DHCP server 4. The DHCP server 4 receiving the DHCPREQUEST sends an IP address register command to register the relationship between the IP address and the FQDN. When the DNS server 1 receives the IP address register command, it returns a signal ACK 72 to the DHCP server 4. When the DHCP server 4 receives the ACK 72, it returns a signal ACK 73 to the DNS server 1 and returns the corresponding terminal setting DHCPACK to the terminal pc1 (S73). Here, when the DHCP server 4 does not receive the above-mentioned ACK 72 within a predetermined time after it sends the above-mentioned IP address register command, it sends the IP address register command to the DNS server 1 once more.
When the DNS server 1 receives the above-mentioned ACK 73, it describes the assigned IP address, for example, “133.128.8.15”, in the IP address column, which is not yet used, of the look-up table 5 (
Next, after the communications start, when the DHCP server 4 receives a request of returning the IP address by DHCPRELEASE from the terminal pc1 (S75), the DHCP server 4 sends an IP address return command (UDP packet) for returning the IP address assigned to the pc1 to the DNS server 1. When the DNS server 1 receives the IP address return command, it returns a signal ACK 74 to the DHCP server 4. When the DHCP server 4 receives the ACK 74, it returns a signal ACK 75 to the DNS server 1 (S76). Here, when the DHCP server 4 does not receive the ACK 74 within a predetermined time after it sends the IP address return command, it sends the IP address return command to the DNS server 1 once more.
When the DNS server 1 receives the ACK 75, it deletes the IP address assigned to the terminal pc1 from the look-up table 5 and the reverse look-up table (S77) and registers the IP address in a set of unassigned IP addresses.
In this connection, by entering 0 for the existing time (TTL) of the data when the DNS server 1 registers an external IP address corresponding to the FQDN in the table, it is possible to prevent a DNS server on an external Internet from caching the registered information of the FQDN and the IP address.
Next, the preferred embodiment in accordance with the present invention in the case where a fire wall 13 is provided between the terminals and the Internet such as a corporate LAN will be described in detail in the following.
As shown in
The operation when the terminal pc1 receives communication in the above-mentioned system, for example, will be described with reference to
Now, as shown in
On the other hand, if there is an not-yet-used IP address, the external DNS sever 11 asks the internal DNS server 15 about the internal IP address corresponding to the FQDN (see a step S91 in
If the external DNS server 11 receives the corresponding internal IP address from the internal DNS server 15, it sends an IP address conversion command to a network address translator (NAT) 14 to direct the address conversion between the external IP address, which is to be newly selected and assigned from among not-yet-used IP addresses, for example, “133.128.8.15”, and the internal IP address (S92). When the NAT 14 receives the IP address conversion command, it starts address conversion between the directed external and internal IP addresses (S93) and returns a signal ACK 91 to the external DNS server 11. When the external DNS server 11 receives the ACK 91, it describes the external IP address in the IP address column, which is not yet determined, of the look-up table 5 (
Next, after the communications start, the NAT 14 monitors the state of the communications between the terminals subjected to the address conversion (S95), and when it finds that the NAT 14 is disconnected from the terminal, it sends an IP address return command for returning the external IP address to the external DNS server 11. When the external DNS server 11 receives the IP address return command, it returns a signal ACK 92 to the NAT 14. When the NAT 14 receives the ACK 92, it returns a signal ACK 93 to the external DNS server 11 to stop the address conversion to the corresponding external IP address (S96). Here, when the NAT 14 does not receive the ACK 92 within a predetermined time after it sends the IP address return command, it sends the IP address return command to the external DNS server 11 once more.
When the external DNS server 11 receives the ACK 93, it deletes the IP address assigned to the terminal pc1 from the look-up table 5 and the reverse look-up table (see step S97 in
Next, the operation when the terminal pc1 sends communication in the above-mentioned system, for example, will be described with reference to
For example, when the terminal pc1 sends communication, the terminal pc1 outputs an IP packet for an external terminal X. The NAT 14, unlike the conventional NAT 14, outputs an external IP address request command including the internal IP address of the terminal pc1 to the external DNS server 11 every time it receives the IP packet for the external terminal X. When the external DNS server 11 receives the external IP address request command, it searches an not-yet-used IP address and if it does not find the not-yet-used IP address, it returns non-permission of the address conversion (NACK) to the NAT 14. When the NAT 14 receives the NACK, it does not permit the terminal pc1 to be connected to an external terminal.
On the other hand, if the external DNS server 11 finds the not-yet-used IP address, it asks the internal DNS server 15 about the FQDN corresponding to the internal IP address and gets the FQDN. When the internal DNS server 15 does not succeed in getting the FQDN, it returns the non-permission of the address conversion (NACK). On the other hand, when the internal DNS server 15 succeeds in getting the FQDN, it sends the gotten FQDN of the terminal pc1 to the external DNS server 11. The external DNS server 11 returns to the NAT 14 an IP address conversion command for directing the address conversion between the external IP address to be newly selected and assigned from among the not-yet-used IP addresses, for example, “133.128.8.15”, and the internal IP address. When the NAT 14 receives the IP address conversion command, it starts the mutual IP address conversion between the directed IP addresses (S101) and returns a signal ACK 101 to the external DNS server 11. When the external DNS server 11 receives the ACK 101, it describes the external IP address in the IP address column, which is not yet determined, of the look-up table 5 (see
Next, after the communications start, the NAT 14 monitors the state of the communications between the terminals subjected to the address conversion (S103), and when it finds that the NAT 14 is disconnected from the terminal, it sends an IP address return command for returning the external IP address to the external DNS server 11. When the external DNS server 11 receives the IP address return command, it returns a signal ACK 102 to the NAT 14. When the NAT 14 receives the ACK 102, it returns ACK 103 to the external DNS server 11 to stop the address conversion to the corresponding external IP address (S104). Here, when the NAT 14 does not receive the ACK 102 within a predetermined time after it sends the IP address return command, it sends the IP address return command to the external DNS server 11 once more.
When the external DNS server 11 receives the ACK 103, it deletes the IP address assigned to the terminal pc1 from the look-up table and the reverse look-up table (S105) and registers the IP address again in the set of not-yet-used IP addresses.
In this connection, by entering 0 for the existing time (TTL) of the data when the DNS server 11 registers an external IP address corresponding to the FQDN in the table, it is possible to prevent a DNS server on an external Internet from caching the registered information of the FQDN and the external IP address.
As described above, according to the present embodiment, it is possible not only to send communication from one terminal to the other terminal to establish communications between them but also to receive communication sent from the other terminal.
In this connection, while the present invention has been described by the use of the system in which the DNS server is connected to the terminals by means of the LAN in the above-mentioned embodiment, it is not intended to limit the present invention to this embodiment, but it can be also applied to a system in which a DNS server is connected to terminals by means of a public telephone line, a dedicated line, or the like.
As is evident from the above description, when the DNS server in accordance with the present invention receives an inquiry of a FQDN from an external Internet terminal, in the case where a fire wall is not provided, it sends a broad cast frame for searching a terminal to which an IP address is assigned via all network devices connected to the DNS server, and when it receives an answer to the broad cast frame, it registers an external IP address in correspondence with the FQDN in a look-up table and a reverse look-up table. On the other hand, in the case where the fire wall is provided, the DNS server in accordance with the present invention gets the internal IP address (private address) corresponding to the FQDN from an internal DNS server and directs the address conversion between the external IP address and the internal IP address to a NAT and then registers the external IP address in the look-up table and the reverse look-up table in correspondence with the FQDN. Therefore, this makes it possible to eliminate a problem of depletion of the IP addresses managed by the DNS server and to make the terminal receive communication.
Further, when an internal terminal sends communication to an external Internet, in the case where a fire wall is not provided, a DHCP server requires a DNS server to permit an address assignment, while in the case where the fire wall is provided, a NAT requires the DNS server to permit the address assignment. Therefore, this makes it possible to realize the present invention without largely changing the existing DHCP or NAT.
Still further, in the case where the fire wall is not provided, a terminal corresponding to the FQDN of the broad cast frame sent by the DNS server is temporarily assigned an IP address by the DNS server and hence, when it receives communication, it can receive the communication by an ordinary procedure.
Claims
1-6. (canceled)
7. A DHCP server used when a terminal connected to a DNS server by means of a data link layer sends communication, characterized in that when the terminal requires the DHCP server to assign thereto an IP address with respect to the FQDN of the terminal, which can be broad cast to the outside, the DHCP server asks the DNS server about the IP address and registers one of the IP addresses to be broad cast in correspondence with the FQDN and returns the IP address to the terminal.
8. A DHCP server as set forth in claim 7, wherein when the DHCP server receives an IP address release command from the terminal, it sends an IP address return command to the DNS server to make the DNS server delete the IP address corresponding to the FQDN of the DNS server.
9. A DHCP server as set forth in claim 7, wherein when the terminal requires the DHCP server to assign an IP address thereto, it designates the FQDN of the terminal.
Type: Application
Filed: Oct 27, 2004
Publication Date: Apr 21, 2005
Applicant:
Inventor: Tohru Asami (Saitama)
Application Number: 10/973,436