start-ver=1.4 cd-journal=joma no-vol=52 cd-vols= no-issue=3 article-no= start-page=1348 end-page=1356 dt-received= dt-revised= dt-accepted= dt-pub-year=2011 dt-pub=20110315 dt-online= en-article= kn-article= en-subject= kn-subject= en-title=A MAC-address Relaying NAT Router for Host Identification from Outside of Internal Network kn-title=内部ネットワーク上のホストを外部から識別するためのMACアドレス中継型NATルータ en-subtitle= kn-subtitle= en-abstract=As an alleviation method against IPv4 address exhaustion problem, NAT (Network Address Translation) has been commonly used. Since NAT allows many internal hosts to share one single global IP address, it can save the number of required global IP addresses. However, with NAT, each internal host cannot be identified from the external network. Consequently, if access control system on external network would permit network access from one internal host, it automatically would permit all network access from any other internal hosts as well, for example. In this paper, we propose a NAT router with MAC address relaying function that copies the source MAC address of receiving frames sent by internal hosts into frames sent to the external network since source MAC addresses, which are the sender identifiers in data link layer, are basically unused except for MAC address learning function of layer 2 switches. According to the results of experiments, we confirmed that the prototype NAT router with MAC address relaying function allows access to external networks by internal hosts to be controlled individually based on MAC address and obtains high throughput as well. kn-abstract=IPv4アドレスの枯渇問題の軽減策の1つとして,NAT(Network Address Translation)がある.NATは複数の内部ホストが1つのグローバルIPアドレスを共用できるため,必要なグローバルIPアドレスの数を節約できる.しかし,外部ネットワーク側では個々の内部ホストを識別できないため,たとえば外部ネットワーク側でアクセス制御を行うと,1台の内部ホストが外部ネットワークに対するアクセス許可を受けただけで他の内部ホストまで外部ネットワークにアクセス可能な状態になるなどの問題が生じる.そこで,本論文ではデータリンク層での送信元識別子である送信元MACアドレスが基本的にはレイヤ2機器のMACアドレス学習機能にしか使われていない点に着目し,内部ホストから送信されたフレームに含まれる送信元MACアドレスをそのまま外部ネットワーク側に中継する機能を持つNATルータを提案する.本提案に基づいて試作したNATルータを評価した結果,MACアドレスに基づいて内部ホストを個別にアクセス制御でき,また十分なスループットが得られることを確認した. en-copyright= kn-copyright= en-aut-name=YamaiNariyoshi en-aut-sei=Yamai en-aut-mei=Nariyoshi kn-aut-name=山井成良 kn-aut-sei=山井 kn-aut-mei=成良 aut-affil-num=1 ORCID= en-aut-name=MurakamiRyo en-aut-sei=Murakami en-aut-mei=Ryo kn-aut-name=村上亮 kn-aut-sei=村上 kn-aut-mei=亮 aut-affil-num=2 ORCID= en-aut-name=OkayamaKiyohiko en-aut-sei=Okayama en-aut-mei=Kiyohiko kn-aut-name=岡山聖彦 kn-aut-sei=岡山 kn-aut-mei=聖彦 aut-affil-num=3 ORCID= en-aut-name=NakamuraMotonori en-aut-sei=Nakamura en-aut-mei=Motonori kn-aut-name=中村素典 kn-aut-sei=中村 kn-aut-mei=素典 aut-affil-num=4 ORCID= affil-num=1 en-affil= kn-affil=岡山大学情報統括センター affil-num=2 en-affil= kn-affil=岡山大学大学院自然科学研究科 affil-num=3 en-affil= kn-affil=岡山大学情報統括センター affil-num=4 en-affil= kn-affil=国立情報学研究所 END start-ver=1.4 cd-journal=joma no-vol= cd-vols= no-issue= article-no= start-page=7 end-page=12 dt-received= dt-revised= dt-accepted= dt-pub-year=2005 dt-pub=200511 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=Performance Improvement of TCP using Performance Enhancing Proxies ? Effect of Premature ACK Transmission Timing on Throughput ? en-subtitle= kn-subtitle= en-abstract= kn-abstract=
In order to improve TCP performance, a method using a PEP (Perfonnance Enhancing Proxy) is proposed. The PEP operates on a router along a TCP connection. When a data packet arrives at the PEP, it forwards the packet to the destination host, transmits the corresponding ACK (premature ACK) to the source host in behalf of the destination host and stores the copy of the packet into its own buffer (PEP buffer) in case of the retransmission of the packet. In this paper, under the strategy which keeps the number of packets in the PEP buffer for which premature ACKs have been returned being less than or equal to a fixed threshold value (watermark value), we investigate the relation between the watermark value and the maximum throughput. Extensive simulation runs show that the simulation results are roughly classified into two cases. One case is that the maximum throughput becomes larger for larger watermark value and becomes a constant value when the watermark value is over a value. The other case is that though the maximum throughput becomes larger for lager watermark value in the same way, it reversely decreases when the watermark value is over a value. We also show that the latter (former) case is easier to occur as the propagation delay in the input side network ofthe PEP becomes smaller (larger) and the propagation delay in the output side network of the PEP becomes larger (smaller) and the PEP buffer capacity becomes smaller (larger).
en-copyright= kn-copyright= en-aut-name=OsadaShigeyuki en-aut-sei=Osada en-aut-mei=Shigeyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=YokohiraTokumi en-aut-sei=Yokohira en-aut-mei=Tokumi kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= en-aut-name=HuiWang en-aut-sei=Hui en-aut-mei=Wang kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=3 ORCID= en-aut-name=OkayamaKiyohiko en-aut-sei=Okayama en-aut-mei=Kiyohiko kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=4 ORCID= en-aut-name=YamaiNariyoshi en-aut-sei=Yamai en-aut-mei=Nariyoshi kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=5 ORCID= affil-num=1 en-affil= kn-affil=Okayama University affil-num=2 en-affil= kn-affil=Okayama University affil-num=3 en-affil= kn-affil=Henan University of Science and Technology affil-num=4 en-affil= kn-affil=Okayama University affil-num=5 en-affil= kn-affil=Okayama University en-keyword=PEP kn-keyword=PEP en-keyword=Premature ACK kn-keyword=Premature ACK en-keyword=TCP kn-keyword=TCP en-keyword=watermark kn-keyword=watermark END start-ver=1.4 cd-journal=joma no-vol= cd-vols= no-issue= article-no= start-page=1506 end-page=1510 dt-received= dt-revised= dt-accepted= dt-pub-year=2001 dt-pub=20016 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=A dynamic traffic sharing with minimal administration on multihomed networks en-subtitle= kn-subtitle= en-abstract= kn-abstract=Multihomed network is one of the most efficient configuration to improve the response time of network services. However, it is hard to introduce or manage because the existing configuration methods have several problems in that they require much technical skill, involve administrative over-burden for the administrator and so on. In this paper, we propose a dynamic traffic sharing technique and suitable backbone selection metrics to address some of these problems. Using the proposed technique, an appropriate backbone can be selected per connection with minimal technical skill and low administrative cost. In addition, the proposed metrics performs more efficient traffic sharing as compared to others techniques that were investigated
en-copyright= kn-copyright= en-aut-name=YamaiNariyoshi en-aut-sei=Yamai en-aut-mei=Nariyoshi kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=OkayamaKiyohiko en-aut-sei=Okayama en-aut-mei=Kiyohiko kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= en-aut-name=ShimamotoHiroshi en-aut-sei=Shimamoto en-aut-mei=Hiroshi kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=3 ORCID= en-aut-name=OkamotoTakuji en-aut-sei=Okamoto en-aut-mei=Takuji kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=4 ORCID= affil-num=1 en-affil= kn-affil=Okayama University affil-num=2 en-affil= kn-affil=Okayama University affil-num=3 en-affil= kn-affil=Okayama University affil-num=4 en-affil= kn-affil=Okayama University en-keyword=local area networks kn-keyword=local area networks en-keyword=telecommunication network routing kn-keyword=telecommunication network routing en-keyword=telecommunication traffic kn-keyword=telecommunication traffic END start-ver=1.4 cd-journal=joma no-vol= cd-vols= no-issue= article-no= start-page=384 end-page=390 dt-received= dt-revised= dt-accepted= dt-pub-year=2005 dt-pub=2005 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=A protection method against massive error mails caused by sender spoofed spam mails en-subtitle= kn-subtitle= en-abstract= kn-abstract=Wide spread of spam mails is one of the most serious problems on e-mail environment. Particularly, spam mails with a spoofed sender address should not be left alone, since they make the mail server corresponding to the spoofed address be overloaded with massive error mails generated by the spam mails, and since they waste a lot of network and computer resources. In this paper, we propose a protection method of the mail server against such massive error mails. This method introduces an additional mail server that mainly deals with the error mails in order to reduce the load of the original mail server. This method also provide a function that refuses error mails to these two mail servers to save the network and computer resources. en-copyright= kn-copyright= en-aut-name=YamaiNariyoshi en-aut-sei=Yamai en-aut-mei=Nariyoshi kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=OkayamaKiyohiko en-aut-sei=Okayama en-aut-mei=Kiyohiko kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= en-aut-name=MiyashitaTakuya en-aut-sei=Miyashita en-aut-mei=Takuya kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=3 ORCID= en-aut-name=MaruyamaShin en-aut-sei=Maruyama en-aut-mei=Shin kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=4 ORCID= en-aut-name=NakamuraMotonori en-aut-sei=Nakamura en-aut-mei=Motonori kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=5 ORCID= affil-num=1 en-affil= kn-affil=Okayama University affil-num=2 en-affil= kn-affil=Okayama University affil-num=3 en-affil= kn-affil=Okayama University affil-num=4 en-affil= kn-affil=Kyoto University affil-num=5 en-affil= kn-affil=Kyoto University en-keyword=Internet kn-keyword=Internet en-keyword=security of data kn-keyword=security of data en-keyword=unsolicited e-mail kn-keyword=unsolicited e-mail END start-ver=1.4 cd-journal=joma no-vol= cd-vols= no-issue= article-no= start-page=427 end-page=432 dt-received= dt-revised= dt-accepted= dt-pub-year=2005 dt-pub=200511 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=A Method of Dynamic Interconnection of VLANs for Large Scale VLAN Environment en-subtitle= kn-subtitle= en-abstract= kn-abstract=VLAN (Virtual LAN) is a technology which can configure logical networks independent of the physi cal network structure. With VLAN, users in common spaces (such as meeting rooms) can access to their department networks temporarily because changing of logical network structure is achieved only by con figuration of VLAN switches. However, in the general configuration method, because VLANs are managed statically by admin istrators, various problems such as high adminis trative cost and conflict or insufficiency of VLAN IDs may arise especially in large scale organiza tions where VLANs are managed by each depart ment. To solve these problems, we propose a method which provides an interconnection between a tem porary configured VLAN in a common space and a VLAN of a user’s department. In the proposed method, a user in a common space can access to his/her department network seamlessly by convert ing a temporary VLAN-ID in the common space and a VLAN-ID used in his/her department each other automatically. The effectiveness of the pro posed method is confirmed by the experiment on the actual network using VLAN managers, VLAN ID converters and authentication servers based on the proposed method.
en-copyright= kn-copyright= en-aut-name=OkayamaKiyohiko en-aut-sei=Okayama en-aut-mei=Kiyohiko kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=YamaiNariyoshi en-aut-sei=Yamai en-aut-mei=Nariyoshi kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= en-aut-name=MiyashitaTakuya en-aut-sei=Miyashita en-aut-mei=Takuya kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=3 ORCID= en-aut-name=KawanoKeita en-aut-sei=Kawano en-aut-mei=Keita kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=4 ORCID= en-aut-name=OkamotoTakuji en-aut-sei=Okamoto en-aut-mei=Takuji kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=5 ORCID= affil-num=1 en-affil= kn-affil=Okayama University affil-num=2 en-affil= kn-affil=Okayama University affil-num=3 en-affil= kn-affil=Tsuyama National College of Technology affil-num=4 en-affil= kn-affil=Okayama University affil-num=5 en-affil= kn-affil=Okayama University of Science END