Method, device and system for routing data between network segments

FIELD: physics, computer engineering.

SUBSTANCE: group of inventions relates to a method of redirecting an Internet protocol (IP) packet in a network element and a network element for redirecting an IP packet through Ethernet segments. A network element comprises a virtual router, which connects at least two level 2 network segments to allow data transmission in between, wherein each level 2 network segment is connected to a corresponding I-SID value, wherein each network element is configured to receive, from the level 2 network segment, an Ethernet frame in which an IP packet is encapsulated, wherein the IP packet contains the IP address of the recipient, and the Ethernet frame contains the I-SID and MAC address of the recipient associated with the virtual router, and when the MAC address of the recipient in the received Ethernet frame is associated with the virtual router, perform at least one routing data stream processing in the encapsulated IP packet, wherein said routing data stream processing includes identification of the level 2 network segment associated with the IP address of the recipient in the IP packet, and direct the IP packet to the identified level 2 network segment in the Ethernet frame with the I-SID associated with the identified level 2 network segment.

EFFECT: optimising data routing in a network.

12 cl, 3 dwg

 

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application is a related application US 11/899,118, filed September 4, 2007, the full contents of which are introduced here by reference in the present application.

AREA of TECHNOLOGY

The present invention relates generally to network communications and, in particular, to a method of routing data between network segment.

The LEVEL of TECHNOLOGY

The network can be logically divided into multiple virtual private networks (VPN), virtual local area network (VLAN) and other logical subnet, segments of networks or domains. For example, a VLAN can be further logically divided by the user on the number of VLAN or VPN user. Technology connection to the main network operator (RMA) and/or connection with consideration of the channel state (plsb are) can be used for distinguishing enterprise domain from one or more user domains with the optional header of the MAC addresses (media access control) in the Ethernet frame. Technology can provide plsb are the use of a Protocol for identifying routes based on the status of the communication channels to improve information sharing on level 2. However, the VPN layer 2 may end up on the network port of the user interface. Routing between networks VPN user may request the IP�of risovaniya physical connection between the ports. The establishment of such connections port-the port may require the VPN ports connection to external router. Such routing may be difficulties associated with scaling and management of the increasing number of user VPNs.

In another approach to compounds using routing between user VPN networks, the transition between the network layer 2 VPN and a VPN layer 2 plsb are using may be a function of the external routing. This approach may also require additional connections to the external router to the transition between the network layer 2 VPN and a VPN layer 2 plsb are using multiple networks PN level 2 using the plsb are ending on the UNI port VLAN. Therefore, this approach may also require the use of external routing, resulting in increased overhead and complexity of the system.

All the above allows us to understand that there may be significant problems and limitations associated with modern technology routing data between network segment.

BRIEF description of the INVENTION

The invention proposes a method of routing data between network segments. One of the specific embodiments of the invention constitutes a�persons routing data between network segments level 2 backbone bridges, comprising: receiving data at a network element containing internally a complete inter-network interface (NNI) for a plurality of network segments;

identification of a recipient address associated with the data; the definition of the segment associated with the data of the plurality of network segments; and performing one or more operations associated with the data processing flow using internally finished internetwork interface (NNI).

In accordance with other aspects of this particular option to perform one or more operations associated with the data processing of the data stream may contain routing data in a network segment that has been specified.

In accordance with other aspects of this particular option to perform one or more operations associated with the data processing of the data stream may contain at least one of the following operations: defining the rules of network traffic, ensuring network security, measurement of network traffic and detect unauthorized entry into a network.

In accordance with other aspects of this particular embodiment of the network segments can include virtual private networks (VPN).

In accordance with other aspects of this particular embodiment of the network segments can contain a virtual LAN (VLAN).

In accordance with �other aspects of this particular embodiment of a VLAN can be associated with a VLAN identifier of a service (I-SID).

In accordance with other aspects of this particular embodiment of the network element may be associated with multiple IDs VLAN services and the execution of one or more operations for processing a data flow that uses at least one of a plurality of identifiers of services VLAN.

In accordance with other aspects of this particular embodiment of the recipient address can contain the address control access to the backbone network environment (IN-WT).

In accordance with other aspects of this particular embodiment of determining a network segment associated with the data may contain the identifier of the service VLAN (I-SID) associated with the data to determine the network segment.

In accordance with other aspects of this particular embodiment of the above method can be implemented in the form of at least one of the storage media that can be read by the processor, for recording a computer program that contains commands that can be read by at least one processor, and the method is carried out as a result of executing commands specified by at least one processor.

In another specific embodiment, the method may be implemented in the form of a device for routing data between network segments level 2 backbone bridges,comprising: at least one information carrier, which can be read by the processor; and the commands on the specified at least one information carrier; wherein the commands can be read from the specified at least one information storage device by at least one processor, the result of which said at least one processor to: receive data at a network element containing internally a complete inter-network interface (NNI) for a plurality of network segments; identifying a recipient address associated with the data; the definition of the segment associated with the data of the plurality of network segments; and performing one or more operations associated with the data processing the data stream using internally finished internetwork interface (NNI).

In another specific embodiment, the method may be implemented in the form of a system for routing data between network segments, comprising: one or more processors connected to the network element and the network element is designed so as to provide for: receiving data on a network element containing internally a complete inter-network interface (NNI) for a plurality of network segments; identifying a recipient address associated with the data; the definition of the segment associated with data, from a plurality of segment�in the network; executing one or more operations associated with the data processing flow using internally finished internetwork interface (NNI).

In accordance with other aspects of this particular option to perform one or more operations associated with the data processing of the data stream may contain routing data in a network segment that has been specified.

In accordance with other aspects of this particular option to perform one or more operations associated with the data processing of the data stream may contain at least one of the following operations: defining the rules of network traffic, ensuring network security, measurement of network traffic and detect unauthorized entry into a network.

In accordance with other aspects of this particular embodiment of the network segments may include a virtual private network (VPN).

In accordance with other aspects of this particular embodiment of the network segments can contain a virtual LAN (VLAN).

In accordance with other aspects of this particular embodiment of a VLAN can be associated with a VLAN identifier of a service (I-SID).

In accordance with other aspects of this particular embodiment of the network element may be associated with multiple IDs VLAN services and the execution of one or more operations for processing a data flow that uses at least one of a plurality of identifiers of services VLAN.

In accordance with other aspects of this particular embodiment of the recipient address can contain the address control access to the backbone network environment (IN-WT).

In accordance with other aspects of this particular embodiment of determining a network segment associated with the data may include network element using the ID of the service VLAN (I-SID) associated with the data to determine the network segment.

The present invention will be described more in detail with reference to specific variations in its implementation, which are illustrated in the accompanying drawings. While the present invention is described below with reference to specific options, you must understand that the scope of the invention is not limited to these embodiments. Experts in the art, familiar with the principles of the invention set forth in the present application, will be able to offer additional variations and modifications and other applications of the invention that are within the scope of the present invention, considered in the present description, and for which the use of the present invention can be quite useful.

BRIEF description of the DRAWINGS

To facilitate a more complete understanding of the present invention to the description of the accompanying drawings, in which like ale�options specify the same reference numbers. These drawings are intended merely to illustrate the present invention and in no way limit its scope.

Figure 1 - system diagram for routing data between network segment in accordance with one embodiment of the present invention;

figure 2 - diagram of the system for routing data between network segment in accordance with one embodiment of the present invention;

figure 3 - block diagram of the algorithm of a method of routing data between network segment in accordance with one embodiment of the present invention.

DETAILED DESCRIPTION of embodiments of the INVENTION

Figure 1 shows a diagram of a system 100 to route the data between the network segment in accordance with one embodiment of the present invention. Figure 1 shows a simplified diagram of a system 100, which in principle can contain other elements. In the system 100 network elements 108, 110, 112, 114, 116, 118, 120 and 122 can be connected with the ability to communicate within the network 106. The network 106 may be logically divided into segments. For example, the network 106 may be a network Protocol IPv4, which can be divided into several segments or domains, such as the segments 102 and network 104. Each of network elements 108, 110, 112, 114, 116, 118, 120 and 122 may be illuminated,�United to the segment 102 and/or to the segment 104 of the network with the ability to communicate. Each of network elements 108, 110, 112, 114, 116, 118, 120 and 122 may also be connected to additional network segments (not shown) with the ability to communicate. As shown in figure 1, the network elements 110, 112 and 114 can be connected to the segment 102 of the network with the ability to communicate. Network elements 118, 120 and 122 can be connected to the segment 104 of the network with the ability to communicate. Network elements 108 and 116 can be connected to both segments 102 and 104 of the network with the ability to exchange data.

The network 106 may be a virtual local area network (VLAN) trunk VLAN (BVLAN) or other logical network structure that enables the exchange of data between network elements 108, 110,112, 114, 116, 118, 120 and 122, as well as other devices connected to the network 106 with the ability to communicate. In accordance with one or more embodiments, the network 106 may be a network provider VLAN network service that is implemented using a data transmission technology using the technology of connection based on the status of communication channels (plsb are) or technology defined by the IEEE 802.laq. The network 106 may be logically implemented on the upper level IEEE 802.lah or backbone bridges operator (RMA). In the main bridges of the operator can be used for additional address control the medium access (MAC) or can be�ü implemented addressing MAC-in-MAC encapsulation of the MAC address in the MAC) in the Ethernet frame for routing in the backbone structure of the operator (for example, the MAC address of the backbone network (IN-WT), or the email address may be used to encapsulate the Ethernet frame with the MAC address of the user). Can be used an additional header of the Ethernet frame that contains the sender's and recipient's backbone network, the ID of the virtual LAN network (BVLAN) and 24-bit identifier of VLAN services (I-SID). The network 106 can be implemented by the routing Protocol based on the status of communication channels, such as, for example, routing Protocol "transit system transit system (is-is) for the receipt and distribution of network information, such as addresses IN the WT and the value of the I-SID.

The segments 102 and network 104 may be logical partitions of the network 106, such as a VLAN or VPN. The network segments can be connected with 24-bit IDs VLAN services (I-SID). In one or more embodiments, the segments 102 and 104 can be a VLAN users. Although figure 1 shows two network segment, it should be understood that the user may implement a larger number of network segments, such as additional VLANs.

Network elements 108, 110, 112, 114, 116, 118, 120 and 122 may be routers, switches or other devices connected to the network 106 with the ability to communicate. Network elements 108, 110, 112, 114, 116, 118, 120 and 122 may be connected to network resources such as servers, b�threat data and/or network storage. Network elements 108, 110, 112, 114, 116, 118, 120 and 122 can be a network end devices such as the terminal equipment of the operator to which you can connect multiple end users.

As already indicated, in one or more embodiments, multiple network elements 108, 110, 112, 114, 116, 118, 120 and 122 may be associated with multiple network segments, such as segments 102 and 104. For example, network element 116 and/or the network element 108 may be associated with the segments 102 and network 104. These network segments can be associated with a specific 24-bit VLAN identifier of a service (I-SID). For example, a segment of the network 102 may be associated with the I-SID 102 and the segment network 104 may be associated with the I-SID 104. For example, receiving a request from a user connected to the network element 120, the server associated with the network element 110 may transmit the response message. A network element, such as a network element 108 may receive data transmitted by network element 110.

In accordance with one or more embodiments, the routing may be performed using a routing function that is implemented on the NNI interface (gateway) using the technology of plsb are. NNI can be an interface between the segment 102 of the network and segment 104 of the network and can be implemented on a network element 108. The routing function can determine 24-bitowa� identifier of a service VLAN (I-SID) in the Ethernet frame and can identify the segment of the network 104, as the segment associated with this I-SID. Thus, network element 108 may send a piece of data that it receives from the network element 110, the network element 120 through the segment 104 of the network.

Network element 108 may perform alternative and/or additional functions, such as processing a data stream, for example, one or more data processing operations carried out at levels 4-7 of the standard model the OSI (open systems interaction). For example, network element 108 may determine the rules of network traffic, network protection, measurement of network traffic and detect unauthorized entry into a network (penetration). Routing capabilities can support the upper layers protocols, including, for example: ARP Protocol (address specification), RIP (routing Protocol data), OSPF (choice primarily shortest path first) and BGP (edge routing Protocol).

Figure 2 is a schematic diagram of a system 200 routing data between network segment in accordance with one embodiment of the present invention. Figure 2 is a simplified block diagram of a system 200, which in principle can contain other elements. The elements of the system 100 included in the system 200, have the same reference numbers as in figure 1.

The computers 202, 204, 206 and/or 208 can be�Tholen PC, laptops, servers, databases, host computers, or other computers connected to network elements associated with the network 106, with the possibility of data transmission. As shown in figure 2, the computers 202 and 206 may be associated with a segment of the network 102, which may have an identifier (I-SID 102. Computers 204 and 208 may be associated with a segment of the network 104, which may have an identifier (I-SID 104. Data received by the network element, can be checked to determine whether routing information, such as, for example, an incoming Ethernet frame.

In accordance with some embodiments, the routing can be performed by means internally of the finished firewall interface (NNI) plsb are between two network segments. For example, network element 116 may include a virtual router (VR) 210, which uses the NNI interface between two network segments. The NNI interface between the segment 102 of the network and segment network 104 may be associated with a network element 116 and can support a router that can perform one or more operations for processing a data stream. For example, the data received by the network element 116 from the computer 202 may be checked to determine the MAC address of the recipient. If the MAC address of the recipient is associated with the computer 206, the network element 116 may determine that the computer 206 is associated tems same network segment (i.e. segment 102, having the identifier (I-SID 102). Then the network element 116 may transmit data through the bridge in the network element 114. The network element 116 may be capable of routing data or to transmit them across the bridge regardless of whether they received from the network segment 106 or from the device connected to the network port of the user interface (UNI) (for example, the network element can handle data that contain one header, the MAC addresses in the frame, or data by encapsulating the MAC address in the MAC).

If the MAC address of the recipient is associated with the interface NNI network element 116, the network element 116 may determine that the traffic must be routed into the segment 104 of the network that has the identifier (I-SID 104. Then the network element 116 may use a virtual router 210 on the NNI interface between two network segments to implement one or more operations for processing a data flow, such as machining operations at levels 4-7 of the standard model the OSI (open systems interaction). For example, network element 116 may route the data to pass to the segment 104 of the network. The network element 116 may also perform other actions, such as, for example, the definition of the rules of network traffic, ensuring network security, measurement of network traffic and detect unauthorized access to �et (penetration). Routing capabilities can support the upper layers protocols, including, for example: ARP Protocol (address specification), RIP (routing Protocol data), OSPF (choice primarily shortest path) and a THIEF (edge routing Protocol).

Figure 3 shows the block diagram of the algorithm of the method 300, the routing of data between segments of networks in accordance with one embodiment of the present invention. The method may begin at stage 302.

At stage 304, the method 300 may include identification of individual segments of the network, which can be accessed from a network node. For example, can be identified VPN or VLAN. In accordance with one or more embodiments, network elements such as routers in the network that implement the method 300 may use a transmission technology using the technology of connection based on the status of communication channels (plsb are) or technology defined by the IEEE 802.laq. In method 300 may be implemented routing Protocol based on the status of communication channels, such as, for example, routing Protocol "transit system transit system (IS-IS) for the receipt and distribution of network information, such as addresses IN the WT and the value of the I-SID. Network elements such as routers and electronic�Torah, may use the information obtained by the routing Protocol is-is, to identify network segments, such as VLAN identifiers associated with the I-SID.

Stage 306 of the method may include receiving network traffic at a network element. For example, network element 116 may receive data from the computer 206 associated with the network segment, such as VLAN or more specifically, the VLAN of the user.

Stage 308 may include an identification of separate network segment associated with the user MAC address of the received network traffic. Custom MAC address may be associated with a network segment, such as a VLAN.

At stage 310 may determine whether the network segment of the recipient's current network segment. For example, if the SMAS-address is the MAC address of the current node (for example, network element 116), internal logical routing interface using the NNI gateway, such as, for example, virtual router 210 may be determined by the SMAS-address of network traffic, whether it should be sent to the router interface NNI. In this case, at the stage 314 may be implemented by routing network traffic. If the SMAS address of the network traffic is not the MAC address associated with the NNI interface, network traffic can be passed over the bridge at the stage 312. Other�their processing of the data stream can be performed instead of routing or in addition to routing. For example, routing of traffic may be prohibited by a firewall. Routing capabilities can support the upper layers protocols, including, for example: ARP Protocol (address specification), RIP (routing Protocol data), OSPF (choice primarily shortest path first) and BGP (edge routing Protocol). In accordance with one or more routing options and/or other processing operations in a data flow can execute on the NNI interface technology plsb are between two network segments, such as VLANs.

The method may end at stage 312.

It should be noted that routing between logical subnets in accordance with the present invention, as described, includes some processing of the input data and the generation of output data. These processing operations of the input data and the formation of the output data can be implemented in software or hardware. For example, in the router or in other appropriate devices that implement the functions associated with managing the flow of data between network segments in accordance with the present invention, as described, can be used specialized electronic components. In other embodiments can use one or several processors working in with�testii with teams which implement the functions associated with managing the flow of data between network segments in accordance with the present invention, as described. In this case, within the scope of the present invention provides that such teams can be recorded on one or more computer-readable media (for example, magnetic disk, or other media) or may enter one or more processors in the composition of messages transmitted over radio channels.

Scope of the present invention is not limited to specific embodiments of implementation discussed in this description. Other embodiments of the present invention or their modifications, in addition to considered in the present description, will be obvious to experts in the art from the above description and the accompanying drawings. Therefore, such other variations and modifications are covered by the scope of the present invention. In addition, although the present invention has been described on the example of a particular implementation in a particular environment for a particular purpose, specialists in the art it will be understood that its application is not limited to such implementation, and that the present invention may be embodied in many other environments for a variety of purposes. Accordingly, pilage�th following claims should be interpreted, taking into account the full scope and essence of the present invention, as described.

1. Method of packet forwarding Internet Protocol (IP packet) to the network element that contains the virtual router connecting at least two segments of a network layer 2 data between them, and each network segment level 2 is associated with a corresponding value of the identifier (I-SID), and includes:
receiving from the network segment level 2 of the sender of the Ethernet frame, which is encapsulated IP packet and Ethernet frame contains an identifier (I-SID and at least address the management of the medium access (MAC address) of the recipient; and
the use of data flow routing, when the MAC address of the recipient in the received Ethernet frame is associated with a virtual router, wherein the stream processing routing includes:
the identification of the network segment of level 2 that is associated with the IP destination address in the IP packet; and
transmitting the IP packet to the identified network segment level 2 in the Ethernet frame containing the value of the identifier (I-SID associated with the identified network segment level 2.

2. A method according to claim 1, in which the use of data flow routing also includes the implementation of the data flow on at least one of the levels 4-7 Semyonovna� model the open systems interconnection (OSI).

3. A method according to claim 2, in which the implementation of the data flow on at least one of the levels 4-7 includes processing for network security, and/or measurement of network traffic, and/or detect unauthorized entry into a network.

4. A method according to claim 1, wherein during the processing of a data stream routing Protocol is used to determine the addresses (ARP), and/or Protocol routing information (RIP), and/or the selection of the first shortest path first (OSPF), and/or edge routing Protocol (BGP).

5. A method according to claim 1, comprising linking an IP packet with the MAC address of the recipient on the network segment level 2 of the sender, when the MAC address of the recipient in the Ethernet frame is associated with a node of a network segment level 2 of the sender.

6. The network element to forward the IP packet through the Ethernet network segments according to the standard IEEE 802.1 aq on recipient addresses containing:
virtual router connecting at least two segments of a network layer 2 data between them, and each network segment level 2 is associated with a corresponding value of the identifier (I-SID, and the network element is configured to receive from the network segment level 2 Ethernet frame, in which the encapsulated IP packet, and the IP packet contains the IP address of the recipient, and the Ethernet frame contains an identifier (I-SID and at least one MAC address of the recipient, tie�nny virtual router; and
when the MAC address of the recipient in the received Ethernet frame is associated with a virtual router, then:
the implementation of at least one data flow routing encapsulated in the IP packet, and this processing flow routing data includes identifying a network segment level 2 associated with the IP destination address in the IP packet and forwarding the IP packet to the identified network segment level 2 in the Ethernet frame with the identifier (I-SID associated with the identified network segment level 2.

7. The network element according to claim 6, configured to apply the data flow on at least one of the levels 4-7 to the encapsulated IP packet, and the processing of a data stream on at least one of the levels 4-7 includes processing for network security, and/or measurement of network traffic, and/or detect unauthorized entry into a network.

8. The network element according to claim 6, in which the identification of the network segment of level 2 that is associated with the IP address of the recipient, includes obtaining information at least partially using at least one routing Protocol.

9. The network element according to claim 8, wherein at least one routing Protocol includes a Protocol definition addresses (ARP), and/or Protocol routing information (RIP), and/or the choice in the first place crutches�th path (OSPF), and/or edge routing Protocol (BGP).

10. The network element according to claim 6, containing also:
the unit of processing received information, configured to determine the network segment level 2 recipient by:
check the header of the Ethernet frame, which is encapsulated IP packet; and
check for matching values of the identifier (I-SID in the header field with the value of the identifier (I-SID associated with the network segment level 2 of the recipient.

11. The network element according to claim 6, containing also:
port of the network user interface (UNI) for the reception of IP packets originating from computing devices, each IP packet contains one header, the MAC addresses; and
the unit of processing received information, configured to determine the network segment of the recipient in a received IP packet fields that contain one header, the MAC addresses.

12. The network element according to claim 6, wherein the network element is a router.



 

Same patents:

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to controlling transmission of data to medical devices. A system for controlling transmission of data to and/or from medical devices, wherein medical devices are divided into separate groups of at least one medical device in each case, wherein each group of medical devices at a first level of transmitting data via a first network is directly connected in each case to a communication device located at a second data transmission level for transmitting, storing and controlling data, and means are provided to facilitate communication between said communication devices with a common central server device located at a third data transmission level, for storing, controlling and transmitting data, wherein said means represent a second network which is independent and separated from the first network and which directly connects the communication device with the common central server device located at the third data transmission level.

EFFECT: providing continuous fail-proof data transmission between medical devices without data loss during transmission.

11 cl, 3 dwg

FIELD: radio engineering, communication.

SUBSTANCE: domain-wide unique node identifiers and unique service identifiers are distributed within a MPLS domain using a routing system LSA. Nodes on the MPLS network compute shortest path trees for each destination and install unicast forwarding state based on the calculated trees. Nodes also install multicast connectivity between nodes advertising common interest in a common service instance identifier. Instead of distributing labels to be used in connection with unicast and multicast connectivity, the nodes deterministically calculate the labels. Any number of label contexts may be calculated. The labels may either be domain-wide unique per unicast path or may be locally unique and deterministically calculated to provide forwarding context for the associated path. Multicast and unicast paths may be congruent, although this is not a requirement.

EFFECT: improved communication.

16 cl, 7 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to connection processing systems and methods using a temporary port. The technical result is achieved using a proxy server which imitates a status from the server through changes in the states of the temporary port. The connection processing system using a temporary port comprises an application, an interception means, a connection establishing means and a remote server. The application initiates connection establishment with the remote server by sending network requests. The interception means intercepts network requests from the application to the remote server and initiates creation of a temporary port. The connection establishing means establishes a connection with the remote server after interception, creates a temporary port and imitates the status from the server by changing the state of the created temporary port. The remote server establishes a connection in response to the network requests.

EFFECT: enabling establishment or termination of a connection between an application and a remote server.

8 cl, 5 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to methods and apparatus for selecting a gateway in a wireless communication system. A method of selecting a gateway (GW) in a mobility management entity (MME) in a wireless communication system comprising steps of receiving a connection request message from a home evolved Node B (HeNB); determining if the connection request message includes a local gateway (L-GW) address; and if the connection request message includes a L-GW address, selecting a GW using the L-GW address.

EFFECT: efficient gateway search using core network equipment.

24 cl, 12 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to automatic integration of a device into a network system so that a user does not have to tune or configure a new device. The method includes the following stages: a new device is detected for integration into a network system; a reference device of the network system is determined, and functional capabilities of the reference device are copied to the new device; at the same time the stage of detection of the new device for integration into the network system includes determination of new device capabilities, and the stage of determination of the reference device of the network system includes determination of the reference device of the network system with capabilities that are close to capabilities of the new device.

EFFECT: possibility to integrate a new device into a network system, without necessity for a user to interact with this system, due to procedure of automatic copying of functional capabilities of a device to a new device integrated into a network system.

9 cl, 5 dwg

FIELD: radio engineering, communication.

SUBSTANCE: private base station comprises: a processing unit configured to scan data of overlaying macro cells of a public radio network in order to report the location of the private base station; a communication device configured to request a connectivity service from the public radio network by using identification data of the private base station and the location of the private base station; and a communication device configured to receive grant to use the requested connectivity service once the identification data have been verified by the public radio network.

EFFECT: facilitating automatic configuration of private base stations in a public bearer network.

34 cl, 5 dwg

FIELD: information technology.

SUBSTANCE: apparatus comprises: devices which are connected to the same network and are allocated for the same limited space. A transmitting device is configured to transmit access information for devices in said limited space over a limited-range transmission channel different from the transmission channel(s) of the network control system. In this manner, which substantially limits reception of access information within said limited space, wherein said access information contains an access identifier for obtaining access for controlling one or more devices in said limited space. The transmitting device frequently changes the access identifier contained in the transmitted access information such that only receiving devices receiving an access identifier in the limited space may obtain access to devices in the limited space.

EFFECT: faster transmission of information within a network.

12 cl, 3 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to management of documents, particularly to applications for creating and managing persistent document collections. The technical result is achieved owing to a data storage which is used to store one or more persistent document collections, a content management application which is used for managing documents for users, for creating one or more persistent document collections of a sub-set of the documents upon user request, and for storing the one or more persistent document collections in the data storage, wherein users can create one or more persistent document collections from a sub-set of the documents and also modify the one or more persistent document collections; a requested portion of one or more persistent document collections can be output upon request from an external application so that the external application can download one or more of the documents that are represented by the persistent document collection for further modification by the user.

EFFECT: providing automated access to a plurality of persistent document collections by assigning a persistent document collection an attribute which indicates one or more external applications with which the persistent document collection shares its documents.

15 cl, 13 dwg

FIELD: physics, control.

SUBSTANCE: invention relates to method of controlling transmissions of a batteryless device (1) operating in a wireless network. The method comprises steps of: the batteryless device (1) transmitting a frame including elements for controlling operation of a remote device (2a) or controlled device, the batteryless device being configured with a predetermined number of planned retransmissions of the control frame; the batteryless device sensing a change in the physical phenomenon induced by operation of the controlled device (2a); the batteryless device determining, based on the sensing step, the success or failure of the frame transmission; if the transmission has succeeded, the batteryless device omitting further retransmissions of the control frame.

EFFECT: high efficiency of saving power.

14 cl, 1 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to means of executing a function of a DNS resolution agent. The method comprises receiving a DNS request from a DNS requester and determining whether the DNS request is a repeated request; when the DNS request is not a repeated request, sending a DNS request message to DNS servers in a DNS server list in turn according to a fixed time interval and waiting to receive a request response returned by the DNS server in a waiting time not greater than the fixed time interval; delivering a valid request response to the request received in the waiting time to the DNS requester; when no request response is received from a DNS server in the waiting time, reducing the priority of the DNS server in the DNS server list to the lowest level.

EFFECT: reducing response time for a DNS request from a device.

8 cl, 4 dwg

FIELD: wireless interface technology.

SUBSTANCE: one protocol of network messaging is a control protocol for NDIS device. Also, multiple software products for operation in circuit-based, i.e. bus-connected, network, can also be used for any wireless Bluetooth network.

EFFECT: broader functional capabilities.

3 cl, 3 dwg, 1 tbl

FIELD: wireless communications.

SUBSTANCE: estimate of time needed for transfer and confirmation of receipt is synchronized by both sides of radio communication line protocol without necessity for three-side synchronization of communication establishing process usually necessary for said synchronization. Method includes procedures used by both sides of communication line to dynamically renew and correct their starting estimates of time needed for transfer and confirmation of receipt.

EFFECT: higher efficiency, broader functional capabilities.

7 cl, 8 dwg

FIELD: computer science.

SUBSTANCE: device has programmable controller with software integrated in random-access and hard memory for functions of gathering and processing of information about peripheral devices of segment, buffer memory, output register, input register, clock generator, power block, buffer output cascade of force outputs ad buffer input cascade for inputs.

EFFECT: higher efficiency, broader functional capabilities.

4 cl, 6 dwg

FIELD: mobile communication systems.

SUBSTANCE: proposed method used for Internet protocol (IP) mobile centers in heterogeneous networks with real-time applications includes following procedures: module 134 designed for managing interfaces of mobile center 10 checks mobile center for available network interfaces 14 - 17, generates recoding table with available and configurable interfaces 14 - 17, and communicates with applications 11 of interfaces 14 - 17. Applications 11 of IP mobile center 10 are given access to heterogeneous networks through virtual network IP interface 133 organized in mobile center 10; this IP interface 133 communicates with current network 21 - 24 through interface management module 134. Changing interface 14 - 17 of mobile center 10 updates communications of IP permanent virtual network interface with network 21 - 24 basing on recoding table by means of interface management module 134.

EFFECT: ability of change-over from one network connection to other in heterogeneous networks without interrupting internet protocol applications.

16 cl, 9 dwg

FIELD: engineering of telecommunication equipment.

SUBSTANCE: wireless initialization device is a system for administrating computer data traffic, capable of routing TCP/IP traffic with utilization of 2,4 GHz equipment. Aforementioned wireless initialization device, strategically, is subject to positioning in areas of logical segments of wireless network for facilitation of traffic administration. This device operates to provide for possible connection between wireless access points and main line. Device also may be positioned in client local network, providing possibility of access to global network. Wireless device has authentication means, maintaining operative connection with operation system. Wireless device is capable of filtering IP-addresses, controlling a firewall and/or router and/or bridge.

EFFECT: increased effective TCP/IP traffic capacity for global network or local network, at the same time, realization of safe administration and improved integrity.

2 cl, 3 dwg

FIELD: mobile electronic commerce.

SUBSTANCE: method includes receipt by operations execution system of request for operation from operation requester, and identification of operation requester. After identification of requester of operation, code of operation is transferred from operations executing system to wireless communication device of requester. After receiving operation code, operation code is optically scanned from video terminal of wireless communication device of requester by the system for executing operations.

EFFECT: improved comfort of commercial operations performed over wireless electronic commerce network while providing for safety of these.

5 cl, 10 dwg

FIELD: systems and methods for advancing traffic streams with guaranteed quality of service in network.

SUBSTANCE: proposed method involves use of dispatch network resource managers to execute service function ensuring desired quality of service (QoS) similar to and separated from route choice function for IP bursts in Internet Protocol dispatch networks at transfer channel control level. Upon completion of route choice dispatch network resource managers control routers so as to enable traffic streams to run on the way assigned by resource manager in dispatch network with aid of multilayer label stack technology. Proposed system implements this method.

EFFECT: enhanced reliability of system.

14 cl, 12 dwg

FIELD: computer science, possible use for constructing multiple protected virtual networks.

SUBSTANCE: source IP packet of protected virtual network is encoded, network consisting of separately standing computers or portion of computers from local area network or computers of several local networks, output packet is formed including encoded packet (encapsulation), while at each computer, which can be utilized in several protected virtual networks, for each created protected virtual network separate long-term memory block is assigned, wherein separate operation system is recorded, adjusted for current virtual network, and access to long-term memory block and loading of operation system of each protected virtual network is performed after checking user rights, while access to memory blocks of each protected virtual network from other virtual networks is blocked by means of limiting access.

EFFECT: expanded functional capabilities.

2 cl, 11 dwg

FIELD: technology for providing centralized remote control over digital television systems.

SUBSTANCE: interface of global WAN network is emulated for IP datagram over original remote interface of adapter and simple IP datagram transfer function is added between global WAN network interface and original Ethernet network interface in accordance to protocols stack. Therefore, system for controlling local network of digital television system performs IP connection to systems for controlling local area networks LANs of other digital television systems, then datagram is transformed to transport packets and transferred jointly with other transport packets via one and the same channel.

EFFECT: possible exchange of control data via network without mounting an additional commutation network.

9 cl, 8 dwg

FIELD: mobile electronic commerce.

SUBSTANCE: method for realization of wireless operation includes placing an order for operation from wireless communication device to operation device and transfer of spoken operation authentication code from wireless communication device to operation device. After authentication of spoken authentication code wireless communication device receives code of operation. After receiving operation code, operation code is displayed on video terminal of wireless communication device and optically scanned from it for providing a legal commercial operation.

EFFECT: increase comfort of commercial operation in wireless electronic commerce network while providing for safety of said operations.

3 cl, 11 dwg

Up!