TREA

NETWORK DEVICE AND METHOD FOR FORWARDING MULTI-CAST MESSAGES IN A NETWORK

Follow

Information

  • Patent Application
  • 20190116054
  • Publication Number
    20190116054
  • Date Filed
    May 03, 2017
    7 years ago
  • Date Published
    April 18, 2019
    5 years ago
Information
Abstract
The invention regards the forwarding of multicast messages in a network system. A network router according to the present invention comprises a memory in which configuration data is stored. The configuration data define at least one route along which a multicast message is to be forwarded. If the forwarding of a multicast message is allowed in principle by such specified route, it is additionally checked if from the downlink side of the network router, multicast listener information was received. Only if both conditions are fulfilled, the multicast message will be forwarded along the specified route.
Description
FIELD OF THE INVENTION

The invention relates to a network device for forwarding multi-cast messages and a method for forwarding such multi-cast messages in a network system.


BACKGROUND OF THE INVENTION

Modern building technology systems comprise devices that are arranged in a network. The network in many cases is configured as a mesh network in which a plurality of routers are interconnected and forward messages from a message source like a server connected to at least one of the routers to a receiving device. In many cases, messages are sent from a single source to a plurality of receivers, but not to all of possible receivers. In order to avoid that the entire network is flooded, because every of the routers forwards all the messages to any possible recipient, it is desired that such so-called multi-cast messages are forwarded selectively.


In known networks, this is achieved either by multi-cast listener discovery (MLD) or by commissioner configuration of the network routers (firewalling). When the network is established by components of a building technology system, one problem is that the security of the individual component is limited. In for example wireless lighting mesh luminairies or other small devices function as routers. Thus, if one of the routers is hacked, this could result in the network system being flooded by the router forwarding all incoming messages to any of the connected network devices, including the routers. This problem of course can be solved by individually configuring each of the routers in a commissioning process. But this on the other side reduces the flexibility of the network, because such wireless devices may encounter changing quality of the wireless link over time, even within seconds. Furthermore, a wireless recipient may be physically moved to a different location and thus may require the connection to a different router at some point in time. If commissioning is performed by a commissioner who sets up the rules for forwarding multi-cast messages for each router individually, a lot of administrative work needs to be done to keep the network always up to date and ensure its functionality for all participants.


Thus, it is desirable to ensure a sufficient flexibility of the network without the risk of a single hacked device leading to a breakdown of the entire network due to an overload of forwarded messages.


SUMMARY OF THE INVENTION

This problem is solved with the network router according to the invention and the corresponding method for forwarding multi-cast messages in a network.


The network router according to the present invention, which is in particular an IPv6 router, is capable of forwarding a multi-cast message to at least one network device. The network router comprises a storage means for storing configuration data. The configuration data identifies at least one specified route along which a multi-cast message may be forwarded by the router. The network router is further configured to forward a multi-cast message only in case that the configuration allows such forwarding of the received message and furthermore if, from the downlink side along such specified route, a respective multi-cast listener information is received. Thus, each of the routers that are interconnected in the network holds configuration data defining possible routes along which multi-cast messages may be forwarded. But not each one of these routers will forward any such multi-cast message, but only messages for which from an intended recipient multi-cast listener information is received. Thus, by combining configuration of the router by a commissioner and aspects of a multi-cast listener discovery system flooding the network with messages is avoided even in case that the single device is hacked. If such hacking of a router in fact occurs, it is only possible to subscribe to a multi-cast address but no general forwarding of incoming messages by a router can occur.


For deciding which of the multi-cast messages that are received by a router is to be forwarded, the configuration data is read in from a storage means of the router. In this configuration data at least one route along which an incoming multi-cast message is allowed to be forwarded, is defined. Then, by the network router it is checked if from the connections via which the multicast message is allowed to be forwarded, multi-cast listener information is received. If such multi-cast listener information is received in an uplink direction corresponding to an allowed downlink route, the message will be forwarded. Otherwise, the message will be discarded.


The message and network router thus have the advantage that the configuration effort that has to be performed by a commissioner is reduced, but nevertheless not any change in the system needs to be stored as soon as it occurs. The commissioner may store in the configuration data a plurality of possible downlink routes, but even then during regular operation of the network router, multi-cast messages are only forwarded along one particular downlink route being known to the network router if a multicast listener information along that route in uplink direction is received. Thus, the overall load of the network is significantly reduced compared to known systems, while at the same time the security of the system is enhanced. This is in particular important since in constrained mesh networks, luminaires or other small devices are routers. But these luminaires or other small devices usually are no trusted devices and they may thus be hacked easily.


Further aspects of the invention are defined in the sub-claims.


It is in particular advantageous to store received multi-cast listener information in the storage means of the network router. Thus, it is not necessary to receive multi-cast listener information any time at which a multi-cast message is received. Only in case that the location or the point of connection of the listening device changes an update is necessary. This could be achieved if the intended recipient will send multi-cast listener information any time it accesses another point or device in the network. On the other side, if the host device is disconnected and thus a particular connection is interrupted, the entry in the storage means may be removed.


Furthermore, the multi-cast listener information from the at least one network device can be a multi-cast subscription message and identify a destination address to which the multi-cast messages have to be forwarded.


The network router advantageously comprises an interface that is a user interface. This user interface is configured to receive user input only and in particular via the interface an authorization can be achieved and configuration data can be transmitted. Thus, by providing such dedicated user interface, it is possible to avoid that from any other of the interfaces with which the network router is connected to other network devices, the configuration of the network router can be changed.


This is in particular advantageous if an authorization is required to store the configuration data into the storage means of the network router. Thus, the router stores that configuration data only in case that authorization data satisfy authorization requirements. The authorization requirements may be stored in a non-volatile and non-rewritable memory section of the network router. Thus, it is ensured that only if authorized personnel tries to change to the configuration data such changes are in fact stored in the network router and applied afterwards. By providing the dedicated user interface, it is furthermore possible to avoid that any device except for dedicated commissioning tools can communicate with the network router at all.


The network router may be a border router and/or an IoT (Internet of Things) router and/or the network device may be another router, an IoT router and/or an IoT network device.


It is advantageous if the network router executes a firewall application. The network router therefore comprises a processor connected to the storage means and the configuration data at least partially configures the firewall application. By providing such firewall application, it is possible to use commonly known technique of configuring network devices by means of a firewall application.


The network router furthermore is configured to dynamically update the multi-cast listener information stored in its storage means, in particular when new multi-cast listener information is received by at least one network device. Thus, the storage means will always be updated as soon as a new connection of a network device is established in case that it is intended for this particular network device to receive a multi-cast message. In that case, the network device subscribes to a multi-cast message and by automatically updating the stored multi-cast listener information, the network will adapt dynamically to its currently layout. This can even be done if this network router is currently not allowed to forward multicast messages. But after adapting the configuration data it can automatically start forwarding the multicast messages.


On the other side, it could be advantageous if the network router discards multi-cast messages, routes and/or multi-cast listener information for devices that are not identified in the configuration data. Thus, if by configuring the network router via the user interface, the configuration data is newly written into the storage means. Only corresponding routes that are stored are maintained and multi-cast listener information that is stored in the storage means is updated correspondingly. Thus, if multi-cast listener information does not correspond to a stored route, it will be deleted from the storage means.


The invention also relates to a lighting system comprising at least one luminaire and at least one network router according to the invention.


The network router may be an integrated part of the luminaire.





BRIEF DESCRIPTION OF THE DRAWINGS

Other aspects and advantages will become apparent from the following description. The following description is based on embodiments that are illustrated in the annexed drawings. In the drawings:



FIG. 1 shows a general layout of a network being the basis for the invention;



FIG. 2 shows a block diagram of an inventive network router; and



FIG. 3 shows a simplified flowchart for illustrating the method according to the invention.





DETAILED DESCRIPTION


FIG. 1 shows an example for a network which in particular can be a wireless lighting mash as an example for a lighting system. The devices and components are illustrated as in common computer networks to make it easier to understand their functionality. The system 1 comprises a server 2 which is the source of messages in particular of the multicast messages that are to be distributed to a plurality of hosts. In the illustrated embodiments they are five hosts in total, namely 3, 4, 5, 6 and 7. But only to hosts 5, 6 and 7 the exemplary multicast message has to be distributed. The other hosts 3 and 4 are connected to the same network 8 and may communicate also with the server 2 or any other device of the network, but do not subscribe to the same multi-cast messages on a particular address contrary to the hosts 5, 6 and 7, for example


Network 8 is a mesh network comprising a plurality of routers. At first, a border router 9 is connected to server 2. Furthermore, routers 10.1 to 10.5 and 11.1 to 11.4 are connected to at least one further router including the border router 9. In the illustrated embodiment, host 5 is connected to router 10.5 and hosts 6 and 7 are connected to router 10.4.


Thus, if a multi-cast message is to be forwarded from the server 2 to host 5, 6 and 7, it is necessary that the multi-cast message is forwarded via the routers 10.4 and 10.5. One possible route for forwarding such multi-cast message is indicated by the black arrows in the figure. Thus, after receiving the multi-cast message by border router 9, border router 9 needs to forward the multi-cast message to router 10.1, since this is the only connection of the border router 9 in the network 8. A route is defined so that the multi-cast message is forwarded from router 10.1 via router 10.2 and router 10.3 to routers 10.4 and 10.5. The message is then received by host 5 from router 10.5 and by hosts 6 and 7 from router 10.4. The described route is the downlink direction of a multi-cast message.


The routers 10.1 to 10.5 and 11.1 to 11.4 may form a part of a lighting system comprising at least one luminaire. The network routers 10.1 to 10.5 and 11.1 to 11.4 may be integrated parts of luminaires which may form a part of a lighting system.


In such a system 1, it is necessary that the routers 9, 10.i along that downlink direction for forwarding multi-cast messages know to which connected network device including hosts 3 to 7 and all other routers of the network 8, a message is allowed be forwarded. This is achieved by configuring these routers respectively. Thus, in a storage means of each router 9, 10.i, there is stored configuration data. This configuration data is written into the memory of the routers 9, 10.i by a commissioner who defines the downlink routes for the multicast messages to be forwarded. Thus, in the present case in the configuration data of router 10.3 it is stored that a multicast message received from router 10.2 may be forwarded along the arrows connecting router 10.3 with router 10.4 and connecting 10.3 with router 10.5. For the other routers along the allowed route corresponding configuration data is stored.


If a host like host 5, 6 or 7 subscribes to a multi-cast message, it will send multi-cast listener information to the router to which the respective host is directly connected on its uplink side. Thus, staying with host 5 as an example, host 5 will send multi-cast listener information to router 10.5. Since router 10.5 in its configuration data also has stored the knowledge about a possible downlink route, it will forward the information on the destination of this multi-cast message to router 10.3. Router 10.3 on the other side forwards the information to router 10.2 and so on. Thus, in the end all the routers along the downlink route for the multi-cast message of the present example will have knowledge that a possible route is starting from border router 9 along the arrows to router 10.5, or at least to which next downlink side device the message shall be forwarded.


According to the invention, it is checked in each of the routers any time a multi-cast message is received if for this multi-cast message a dedicated downlink route is stored in the configuration data. If yes, it is furthermore checked if the current multi-cast message is requested to be received by one of the hosts meaning if the hosts sent multicast listener information. To come back to the aforementioned example, if host 5 has subscribed to this multi-cast message and thus sent multi-cast listener information in the uplink direction, all the routers along the dedicated downlink route have received the multi-cast listener information. Thus, two conditions are fulfilled. First, in the configuration data a downlink route is stored so that in general the respective router is allowed to forward such multicast message along that route. Furthermore, the router also has knowledge that along this route in fact the multi-cast message has to be transferred due to the received multi-cast listener information. All the routers 10.1, 10.2, 10.3 and 10.5 will thus conclude that forwarding the multicast message along these specified routes is allowed. If any of the routers 10.i did not receive multicast listener information from host 5, the respective router will discard the received multi-cast message and thus, it is avoided that data traffic is present in network 8 which is unnecessary.


The aforementioned explanation is also true for hosts 6 and 7, but then of course relate to router 10.4 instead of router 10.5.


It is to be noted that in the routers 9, 10.i, namely in the configuration data stored in the routers 9, 10.i, it is also possible to define a plurality of possible alternative downlink routes. By defining a plurality of possible downlink routes, it is ensured that even one of the routers 10.i does not work properly or is removed from the network system 1, still distribution of multicast messages to the intended recipient is possible. Nevertheless, the downlink routes will forward the message only in case that the multi-cast listener information is received.


In order to furthermore to understand the invention a block diagram of router 10.3 as an example is given in FIG. 2. In FIG. 2 there it is shown that the router 10.3 is connected to router 10.2 on the one (uplink) side and to routers 11.1, 11.2 as well as routers 10.4 and 10.5 on the other side (downlink side). Of course, the interfaces by which the router 10.3 is connected to all the other routers in fact are not different from each other and are illustrated only for an easier explanation of the invention so to distinguish between an uplink side which is in the present example the side of routers 10.4 and 10.5. Routers 11.1 and 11.2 are also illustrated on the downlink side, but will not receive a multicast message intended for host 5, 6 or 7 because here neither of the two conditions necessary for forwarding a multi-cast message in that direction is fulfilled.


Router 10.3 furthermore comprises a storage means 12 which may consist of a non-volatile memory and may further comprise a rewritable and a non-rewritable section. In the rewritable section of the non-volatile memory 12 the configuration data is stored. The configuration data is received via an user interface 13 as indicated in the drawing.


Here, the configuration data is written into memory 12 by a commissioner who has the authorization to write into memory 12. In the memory 12 there may also be stored an authorization condition so that only if the authorization can be achieved by a device that is connected to interface 13 writing into memory 12 is allowed. Thus, the routes that are defined in the configuration data may only be changed or altered in the memory 12 if an authorized user connects to interface 13.


The authorization check is performed in a processor 14 connected to memory 12. Furthermore, the processor 14 also performs the check if the two conditions for forwarding a multi-cast message received via the interface connected to router 10.2 is fulfilled. As explained above, these two conditions are firstly the existence of a route for forwarding a multi-cast message from router 10.2 to any of the routers 11.1, 11.2, 10.4 or 10.5 that are connected to router 10.3. If such route is set up in the configuration data, then it is checked if from any of connected routers 11.1, 11.2, 10.4 or 10.5 multi-cast listener information was received. In the example of FIG. 1, such multi-cast listener information was received from routers 10.4 and 10.5. Thus, as for routers 10.4 and 10.5, the multicast listener information is also stored in memory 12, the processor determines that forwarding this particular multi-cast message is allowed from router 10.2 to routers 10.4 and 10.5. As a consequence, the multi-cast message to which hosts 5, 6 and 7 have subscribed is forwarded to routers 10.4 and 10.5.


Thus, in the end, the message will be forwarded only along the route as indicated by the arrows in FIG. 1. The other routers that do not lie on the defined routes will not forward a message even if one of them should receive such message. But as indicated router 20.3 will not forward the multicast message to routers 11.1 or 11.2, because at least one of the conditions is not fulfilled.


In FIG. 3 there is shown a simplified flowchart for executing the inventive method. At first, configuration data is stored in memory 12 of any one of routers 9, 10.i in step S1. Then, during operation of the router, if a multicast message is received in step S2, the configuration data stored in memory 12 is read in by processor 14 in step S3. On the basis of the read-in configuration data in processor 14, it is checked whether forwarding of multicast messages is generally allowed along any of the possible routes that can be realized by the respective router by forwarding a message to any of the other connections to further routers or host devices. Thus, in step S4 it is determined if in general such forwarding along a dedicated route is allowed for the router. If yes, it is furthermore checked in step S5 if such forwarding is in fact requested. Thus, in processor 14, it is also checked if multicast listener information was received from any of the devices connected to the router on its downlink side. If yes, both conditions as illustrated in steps S4 and S5 are fulfilled and consequently the received multicast message is forwarded in step S6. Thereafter, the flow goes back to the beginning and is repeated any time such multicast message is received in step S2.


On the other side, if in steps S4 or step S5, it is determined that the respective condition is not fulfilled, no forwarding is performed and it is directly awaited if a new multicast message is received in step S2 for which the following method steps are to be executed again. The method steps as illustrated are executed in any of the routers in which at least configuration data for one route is stored.


In the future it can be expected that an IoT network will contain a lot of devices which are connected to the IoT network and the devices may have multiple roles (e.g. a luminaire acting as a router). The invention offers the advantage that it can provide a multicast configuration interface on selected IoT devices e.g. luminaires which a commissioner can use and can in parallel provide MLD like features on such IoT devices e.g. luminaires.

Claims
  • 1. A network router, in particular an IPv6 network router, for forwarding multicast messages to at least one network device, wherein the network router comprises a storage means for storing configuration data, wherein the configuration data identifies at least one specified route along which a multicast message may be forwarded by the router, and wherein the network router is configured to forward a multicast message only if from downlink side along a specified route a respective multicast listener information is received.
  • 2. The network router according to claim 1, wherein the network router is configured store received multicast listener information.
  • 3. The network router according to claim 1, wherein the multicast listener information from the at least one network device is a multicast subscription message and in particular identifies a destination address the multicast messages are to be forwarded to.
  • 4. The network router according to claim 1, wherein the network router comprises an interface configured to receive authorization data and in particular the configuration data.
  • 5. The network router according to claim 4, wherein the network router comprises an interface that is a user interface configured to receive user input, in particular the authorization data and the configuration data.
  • 6. The network router according to claim 1, the network router stores the configuration data only in case the authorization data satisfies authorization requirements.
  • 7. The network router according to claim 1, wherein the network router comprises at least one of a border router, an IoT-router, and wherein the network device comprises at least one of a router, an IoT-router and an IoT-network device.
  • 8. The network router according to claim 1, wherein the network router executes a firewall application and wherein the configuration data at least partially configures the firewall application.
  • 9. The network router according to claim 1, wherein the network router is configured to dynamically update the multicast listener information stored, in particular when new multicast listener information is received by at least one network device.
  • 10. The network router according to claim 1, wherein the network router discards multicast messages, routes and/or multicast listener information for devices not identified in the configuration data.
  • 11. A lighting system comprising at least one luminaire and at least one network router according to claim 1.
  • 12. The lighting system according to claim 11, wherein the network router is an integrated part of the luminaire.
  • 13. A method for forwarding multicast messages in a network router, in particular an IPv6 network router, to at least one network device, comprising the steps of: a. reading configuration data from storage means, wherein the configuration data identifies at least one route,b. only forwarding multicast messages along such route to a network device from which a multicast listener information is received.
  • 14. The method of claim 13, further comprising the step of storing multicast listener information only for the at least one network device identified in the configuration data.
  • 15. The method of claim 13, further comprising the steps of receiving authorization data, and storing the configuration data only if the authorization data satisfies authorization requirements.
  • 16. The method of claim 14, further comprising the steps of receiving authorization data, and storing the configuration data only if the authorization data satisfies authorization requirements.
Priority Claims (1)
Number Date Country Kind
1608920.3 May 2016 GB national
CROSS REFERENCE TO RELATED APPLICATIONS

The present application is the U.S. national stage application of International Application PCT/EP2017/060446 filed May 3, 2017, which international application was published on Nov. 16, 2017 as International Publication WO 2017/194356 A1. The International Application claims priority to Great Britain Patent Application 1608920.3 filed May 12, 2016.

PCT Information
Filing Document Filing Date Country Kind
PCT/EP2017/060446 5/3/2017 WO 00