(19) Europäisches Patentamt European Patent Office Office européen des brevets (11) EP 1 349 349 B1 (12) EUROPEAN PATENT SPECIFICATION (4) Date of publication and mention of the grant of the patent: 02.11.06 Bulletin 06/44 (1) Int Cl.: H04L 29/12 (06.01) (21) Application number: 030.8 (22) Date of filing: 28.03.03 (4) Network system using name server with pseudo host name and pseudo IP address generation function Netz-System unter Verwendung eines Namensservers mit einer Funktion zur Erzeugung von Pseudo- Hostnamen und Pseudo-IP-Adressen Système de réseau utilisant un serveur de nom avec la fonction de génération de pseudo-noms d hôte et de pseudo-adresses IP (84) Designated Contracting States: DE FR GB () Priority: 29.03.02 JP 097912 (43) Date of publication of application: 01..03 Bulletin 03/ (73) Proprietor: KABUSHIKI KAISHA TOSHIBA Tokyo -8001 (JP) (72) Inventors: Jinmei, Tatuya, c/o IP Division, Toshiba Corp. Tokyo (JP) Ishiyama, Masahiro, c/o IP Division, Toshiba Corp. Tokyo (JP) Tamada, Yuzo, c/o IP Division, Toshiba Corp. Tokyo (JP) (74) Representative: Granleese, Rhian Jane Marks & Clerk 90 Long Acre London WC2E 9RA (GB) (6) References cited: MOCKAPETRIS P: "RFC DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION" IETF REQUEST FOR COMMENTS, 13 February 1996 (1996-02-13), XP0029171 Retrieved from the Internet: <URL:HTTP: //WWW.DNS.BE/RFC/RFC.HTM> [retrieved on 1998-12-22] MOCKAPETRIS P: "RFC 34 Domain Names - Concepts and Facilities" IETF REQUEST FOR COMMENTS, November 1987 (1987-11), pages 1-, XP0022781 ELZ R, BUSH R: "RFC 2181 Clarifications to the DNS Specification" IETF REQUEST FOR COMMENT, July 1997 (1997-07), pages 1-1, XP00227816 EP 1 349 349 B1 Note: Within nine months from the publication of the mention of the grant of the European patent, any person may give notice to the European Patent Office of opposition to the European patent granted. Notice of opposition shall be filed in a written reasoned statement. It shall not be deemed to have been filed until the opposition fee has been paid. (Art. 99(1) European Patent Convention). Printed by Jouve, 7001 PARIS (FR)
1 EP 1 349 349 B1 2 Description [0001] The present invention relates to a name server for processing a reverse look-up request, a name server for processing a normal look-up request, a network system, a reverse look-up request processing method, a normal look-up request processing method, and a communication control method. [0002] In recent years, in conjunction with the spread of the constant access to the Internet even at general homes, the privacy issue is attracting attentions. For example, increasingly many people are concerned about the leakage of the privacy of the communication device (communication node) or the user who is using it by using the IP address as a key. [0003] In particular, in the IPv6 environment in general, a specific prefix is assigned to the upper 64 bits from the ISP side, and a unique number is assigned to the lower 64 bits by the interface on the communication node side. In this way, when the communications are eavesdropped for a prescribed period of time by the malicious third person, it is not so difficult to identify that communication node. [0004] In order to deal with demands for such a privacy protection, there is a proposition for randomly changing the lower 64 bits of the IPv6 address defined by RFC 41 or the like. [000] In the case of using such a method for randomly changing the IP address, it is not customary to register RR (Resource Record) for the reverse look-up corresponding to this IP address (the reverse look-up is a procedure to obtain the host name from the IP address). This is because if the RR is registered Into the name server of the DNS such that the host name can be obtained by the reverse look-up from a particular IP address, there is a problem that the IP address can be revealed at some specific timing from the host name even when the IP address is randomly changed, so that the privacy cannot be protected. [0006] However, there are servers which regard the correspondent that attempted an access as a non-trustworthy communication node and do not permit an access from that communication node, when the reverse lookup or the normal look-up of the IP address from which the access is attempted is carried out and failed. [0007] Also, there is a method for dynamically registering the host name that is automatically generated by using the dynamic update function of the DNS. but it is difficult to operate the DNS by accurately authenticating the dynamic update function. [0008] Apart from these problems, there are servers which regard the correspondent that attempted an access as a non-trustworthy communication node and do not permit an access from that communication node, when the reverse look-up or the normal look-up of the IP address from which the access is attempted is carried out and failed. For this reason, the use of a random IP address as a default source address is not recommended 1 4 0 in general. [0009] Note that the details of the source address selection and the destination address selection under the IPv6 environment can be found in the TETF Internet draft "draftietf-ipngwg-default-addr-select-07.txt". [00] As described, in the prior art, it has been impossible to protect the privacy of the communication node or the user sufficiently because of the leakage from the IP address. Also, in the method using a random IP address as a source address, the privacy protection can be realized but there are also problems such as that the connectivity cannot be guaranteed. [0011] Mockapetris P: "RFC Domain Names - Implementation and Specification" IETF Request for Comments, 13 February 1996, (1996-02-13) XP 0029171 and Mockapetris P: "RFC 34 Domain Names - Concepts and Facilities" IETF Request for Comments, November 1987 (1987-11), pages 1-, XP0022781 disclose a basic system, having the features of the precharacterizing portion of Claim 1, for implementing domain names on the Internet, using name servers. [0012] The present invention provides name servers as defined in Claims 1 and 6; a network system as defined in Claim 8; methods for reverse or normal look-up requests as defined in Claims 12 and 13; methods for communication control as defined in Claims 14 and 1; and corresponding computer program products as defined in Claims 16 and 17. [0013] The present invention can be implemented either in hardware or on software in a general purpose computer. Further the present invention can be implemented in a combination of hardware and software. The present invention can also be implemented by a single processing apparatus or a distributed network of processing apparatuses. [0014] Since the present invention can be implemented by software, the present invention encompasses computer code provided to a general purpose computer on any suitable carrier medium. The carrier medium can comprise any storage medium such as a floppy disk, a CD ROM, a magnetic device or a programmable memory device, or any transient medium such as any signal e.g. an electrical, optical or microwave signal. [001] Other features and advantages of the present invention will become apparent from the following description of embodiments taken in conjunction with the accompanying drawings. Fig. 1 is a schematic diagram showing an exemplary configuration of a network system according to one embodiment of the present invention. Fig. 2 is a block diagram showing an exemplary configuration of a name server for reverse look-up according to one embodiment of the present invention. Fig. 3 is a block diagram showing an exemplary configuration of a name server for normal look-up according to one embodiment of the present invention. 2
3 EP 1 349 349 B1 4 Fig. 4 is a flow chart showing one exemplary processing procedure of an FTP server according to one embodiment of the present invention. Fig. is a flow chart showing one exemplary processing procedure of a name server for reverse look-up according to one embodiment of the present invention. Fig. 6 is a flow chart showing one exemplary processing procedure of a name server for normal look-up according to one embodiment of the present invention. Fig. 7 is a flow chart showing another exemplary processing procedure of a name server for reverse look-up according to one embodiment of the present invention. Fig. 8 is a flow chart showing another exemplary processing procedure of a name server for normal look-up according to one embodiment of the present invention. Fig. 9 is a sequence chart showing one exemplary sequence in the network system according to one embodiment of the present invention. Fig. is a sequence chart showing another exemplary sequence in the network system according to one embodiment of the present invention. Fig. 11 is a sequence chart showing another exemplary sequence in the network system according to one embodiment of the present invention. Fig. 12 is a flow chart showing another exemplary processing procedure of an FTP server according to one embodiment of the present invention. Fig. 13 is a sequence chart showing another exemplary sequence in the network system according to one embodiment of the present invention. Fig. 14 is a schematic diagram showing a configuration of a conventional network system. Fig. 1 is a sequence chart showing an exemplary sequence in the conventional network system. [0016] Referring now to Fig. 1 to Fig. 1, one embodiment of the present invention will be described in detail. [0017] Fig. 1 shows an exemplary configuration of a network system according to one embodiment of the present invention. [0018] Usually, the zone at the DNS often contains a plurality of subnets, but here for the sake of simplicity of the description, a "foobar.com" zone shown in Fig. 1 is assumed to be a zone that manages one subnet. [0019] A name server 1 (which will be referred to as a name server N hereafter) is a name server for managing DNS reverse look-up information (information that registers a corresponding host name, using the TPv6 address as a key) for the purpose of the reverse look-up (a procedure to obtain the corresponding host name from the IP address) inside the subnet, and a name server 2 (which will be referred to as a name server M hereafter) is a name server for managing DNS normal look-up information (information that registers a corresponding 1 4 0 IPv6 address, using the host name as a key) for the purpose of the normal look-up (a procedure to obtain the corresponding IP address from the host name) inside the sub-net. [00] The reverse look-up name server N and the normal look-up name server M can be provided as separate devices, or can be provided as a single device. Here, for the sake of explanation, the exemplary case of providing them as separate devices will be described. [0021] This subnet is assumed to have the following IPv6 prefix: 3ffe:ffff:1234:abcd::/64 [0022] Also, the organization of this subnet is assumed to have the authority with respect to the following reverse look-up DNS zone corresponding to this prefix. d.c.b.a.4.3.2.1.f.f.f.f.c.f.f.3.ip6.arpa. [0023] Next, in Fig. 3. a host 3 (communication node) (which will be referred to as a host H hereafter) is a host connected to this subnet. Note that the host H is typically a computer, but it is not necessarily limited to this case, and can be a portable telephone terminal or an information home electronics terminal, etc., which is capable of accessing the Internet through a plurality of Internet service providers. [0024] Here, the IPv6 address assigned to the host H is assumed to be: 3ffe:ffff:1234:abcd:70:f6b8:7d9d:ad7f In this case, the DNS RR for the reverse look-up corresponding to this IPv6 address is: f.7.d.a.d.9.7.8.b.6.f.0...7.d.c.b.a.4.3.2.1.f.f.f.f. e.f. 3.ip6.arpa. [00] Here, however, if the DNS RR for the reverse look-up is registered in the name server N, there is a possibility for leaking the privacy along with that address, so that it is assumed here that the DNS RR is not registered. [0026] Next, in Fig., an FTP server (which will be referred to as an FTP server F hereafter) is one example of a correspondent of the host H. The FTP server F is assumed to be existing outside of the "foobar.com" zone. Note that the correspondent of the host II can be a server other than the FTP server or a communication of a type other than the server. [0027] Fig. 2 shows an exemplary configuration of the name server N for managing the DNS reverse look-up information according to one embodiment of the present invention. [0028] As shows in Fig. 2, the name server N of this embodiment has a reception unit 11 for receiving a reverse look-up request message, a transmission unit 12 for transmitting a response message for the reverse lookup request, a reverse look-up request processing unit 13 for processing the reverse look-up request, a reverse look-up table 14 in which the host name is registered by using the IPv6 address as a key, and a host name generation unit 1 for generating a pseudo (or provisional) host name according to the IPv6 address as will be described in detail below. Note that the necessary informa- 3
EP 1 349 349 B1 6 tion such as the reverse look-up table, etc., is stored in an appropriate memory device. Also, in Fig. 2, a communication interface for making a connection to the subnet to which the communication node is connected, and communication interfaces for making connections to channels connected to respective ISPs are omitted. [0029] Note that this name server N can be realized by using a computer. Also, a part or all of the processing can be realized by a program, and a part or all of the processing can be realized by a dedicated semiconductor integrated circuit. [00] Fig. 3 shows an exemplary configuration of the name server M for managing the DNS normal look-up information according to one embodiment of the present invention. [0031] As shows in Fig. 3, the name server M of this embodiment has a reception unit 21 for receiving a normal look-up request message, a transmission unit 22 for transmitting a response message for the normal look-up request, a normal look-up request processing unit 23 for processing the normal look-up request, a normal lookup table 24 in which the IPv6 address is registered by using host name as a key, and an IP address generation unit for generating a pseudo (or provisional) IPv6 address according to the host name as will be described in detail below. Note that the necessary information such as the normal look-up table, etc., is stored in an appropriate memory device. Also, in Fig. 3, a communication interface for making a connection to the subnet to which the communication node is connected, and communication interfaces for making connections to channels connected to respective ISPs are omitted. [0032] Note that this name server M can be realized by using a computer. Also, a part or all of the processing can be realized by a program, and a part or all of the processing can be realized by a dedicated semiconductor integrated circuit. [0033] Next, Fig. 4 shows an exemplary processing procedure of the FTP server F. Here, the FTP server F is assumed to be carrying out the access control by utilizing both the reverse look-up and the normal look-up. [0034] When a connection request is received (step S1), the FTP server F carries out the reverse look-up for the IPv6 address of the request source (the host H in this example) (that is, a source address of a received packet) first (step S2), and then carries out the normal look-up for the host name obtained by the reverse lookup (step S3). Then, the IPv6 address of the request source and the IPv6 obtained by the normal look-up are compared (step S4), and if they coincide (step S YES), the connection of the request source is permitted (step S6), whereas if they do not coincide (step S NO), the connection of the request source is refused (step S6). Note that When an error is returned by the reverse look-up, the connection is refused without carrying out the normal look-up, and if an error is returned by the normal look-up, the connection is also refused. [00] Next, Fig. shows an exemplary processing 1 4 0 procedure of the name server N for the reverse look-up in this embodiment. [0036] When the reverse look-up request is received (step S1), the name server N searches through the reverse look-up table for the host name corresponding to the requested IPv6 address, by using the requested IPv6 address as a key (step S2). [0037] Then, if the corresponding host name is obtained (step S3 YES), a response indicating the obtained host name is returned to the request source (the FTP server F in this example) (step S4). [0038] On the other hand, if the corresponding host name is not obtained (step S3 NO), the pseudo host name is generated (step S), and a response indicating the generated host name is returned to the request source (step S6). [0039] Note that, at the step S6, if the pseudo host name cannot be generated for some reason, an error will be returned to the request source. [00] Here, in generating the pseudo host name, the name server N generates a host name that is in one-toone correspondence with that IPv6 address, by using a prescribed method, on a basis of the IPv6 address related to the reverse look-up request. Also, the pseudo host name contains information indicating that this host name is the pseudo host name (rather than the ordinary host name) in a part of that pseudo host name. [0041] Also, the generation of the host name from the IPv6 address by this name server N and the generation of the IPv6 address from the host name by the name server M described next are set up in advance to have a relationship of being an inverse conversion of each other. [0042] Next. Fig. 6 shows an exemplary processing procedure of the name server M for the normal look-up in this embodiment. [0043] When the normal look-up request is received (step S11), the name server M searches through the normal look-up table for the IPv6 address corresponding to the requested host name, by using the requested host name as a key (step S12). [0044] Then, if the corresponding IPv6 address is obtained (step S13 YES), a response indicating the obtained IPv6 address is returned to the request source (the FTP server F in this example) (step S14). [004] On the other hand, if the corresponding IPv6 address is not obtained (step S13 NO), the pseudo IPv6 address is generated (step S1), and a response indicating the generated IPv6 address is returned to the request source (step S16). [0046] Note that, at the step S16, if the pseudo IPv6 address cannot be generated for some reason, an error will be returned to the request source. [0047] Also, in the above procedure, when it is judged that the corresponding IPv6 address is not obtained at the step S13, the pseudo IPv6 address is generated at the step S1, but instead of that, it is also possible to judge whether the host name related to the normal look- 4
7 EP 1 349 349 B1 8 up request is the pseudo host name or not such that if it is the pseudo host name, the IP address is generated, whereas if it is not the pseudo host name, the normal look-up table is searched through. [0048] Here, in generating the pseudo IPv6 address, the name server M generates an IPv6 address that is in one-to-one correspondence with that host name, by using a prescribed method, on a basis of the host name elated to the normal look-up request. [0049] Also, as mentioned above, the generation of the IPv6 address from the host name by this name server M and the generation of the host name from the IPv6 address by the name server N described earlier are set up in advance to have a relationship of being an inverse conversion of each other. [000] There are many variations possible for the host name generation by the name server N and the IPv6 address generation by the name server M which are in a relationship of being an inverse conversion of each other. [001] For example, the name server N can generate the host name by attaching a specific character string containing a character string that indicates the pseudo host name (or a character string according to a specific format) with respect to the IPv6 address, and the name server M can generate the IPv6 address by deleting the specific character string containing the character string that indicates the pseudo host name (or the character string according to the specific format) from the host name (containing the character string that indicates the pseudo host name), and extracting the original IPv6 address. [002] It is also possible to provide plural sets of the host name generation procedure for the name server N and the IPv6 address generation procedure for the name server M which are in a relationship of being an inverse conversion of each other and assign an identification information to each set, such that the name server N selects one suitable set from the plural sets of procedures at a time of the host name generation and generates the host name according to the host name generation procedure according to the selected set of procedures, and attaches the identification Information indicating the selected set of procedures containing the host name generation procedure used in generating that host name as a part of the generated host name. Then, the name server M can select the one set of procedures from the plural sets of procedures according to the identification information contained in the pseudo host name related to the request at a time of the IPv6 address generation, and generate the IPv6 address according to the IPv6 address generation procedure according to the selected set of procedures. [003] Now, in the exemplary procedure of the name server N for the reverse look-up shown in Fig., the pseudo host name is generated whenever the host name corresponding to the requested IPv6 address is not obtained as a result of searching through the table, but instead of 1 4 0 that, it is also possible to generate the pseudo host name only when a prescribed condition is satisfied and return an error otherwise. Fig. 7 shows an exemplary processing procedure of the name server N in this case. [004] The prescribed condition can be a condition to generate the pseudo host name in the case where the requested IPv6 address is not any one of addresses registered in advance for returning an error, or a condition for generating the pseudo host name in the case where a prescribed number of upper bits of the requested IPv6 address do not coincide with a value registered in advance, for example. Conversely, it is also possible to use a condition for generating the pseudo host name in the where the requested IPv6 address is one of addresses registered in advance or in the case where a prescribed number of upper bits of the requested TPv6 address coincide with a value registered in advance. [00] Similarly, in the exemplary procedure of the name server M for the normal look-up shown in Fig. 6, the pseudo IPv6 address is generated whenever the IPv6 address corresponding to the requested host name is not obtained as a result of searching through the table, but instead of that, it is also possible to generate the pseudo IPv6 address only when a prescribed condition is satisfied and return an error otherwise. Fig. 8 shows an exemplary processing procedure of the name server M in this case. [006] Note that, in the above procedure, when it is judged that the corresponding IPv6 address is not obtained at the step S33, the processing proceeds to the step S and on, but instead of that, it is also possible to judge whether the host name related to the normal look-up request is the pseudo host name or not such that if it is the pseudo host name, the processing proceeds to the step S and on, whereas if it is not the pseudo host name, the normal look-up table is searched through. [007] The prescribed condition can be a condition to generate the pseudo IPv6 address in the case where the requested host name is not any one of host names registered in advance for returning an error, or a condition for generating the pseudo IPv6 address in the case where a prescribed portion of the requested host name does not coincide with a value registered in advance, for example. Conversely, it is also possible to use a condition for generating the pseudo IPv6 address in the where the requested host name is one of host names registered In advance or in the case where a prescribed portion of the requested host name coincides with a value registered in advance. [008] Also, when the name server N generates the pseudo host name, the name server N can judge whether or not the pseudo host name is to be generated according to the condition as described above, and if it is judged that the pseudo host name is not to be generated, the name server N generates the pseudo host name and attaches information indicating that this host name is the pseudo host name and information indicating that an error should be returned to the normal look-up request at
9 EP 1 349 349 B1 the name server M as a part of that pseudo host name. Then, the name server M can return an error to the request source when the pseudo host name related to the request contains information indicating that an error should be returned as a part of it. It is also possible to attach information indicating that the IPv6 address should be generated when it is judged that the pseudo host name is not to be generated, and it is also possible to generate the IPv6 address when information indicating that an error should be returned is not attached. [009] It is also possible to generate the IPv6 address from the pseudo host name related to the normal lookup request once, and make a judgement for the generated IPv6 address according to the condition similar to the above described case of the name server N. [0060] Note that the procedure of Fig. 7 and the procedure of Fig. 8 may be carried out simultaneously, or only either one of them may be carried out, such that the procedure of Fig. and the procedure of Fig. 8 alone will be carried out or the procedure of Fig. 7 and the procedure of Fig. 6 alone will be carried out. [0061] In the following, the overall operation of the system of this embodiment will be described in detail. [0062] Here, before describing the overall operation of the system of this embodiment, the case where the FTP server F fails the authentication and the connection is refused in a conventional network system will be described with references to Fig. 14 and Fig. 1. Fig. 14 shows a configuration of a conventional network system, and Fig. 1 shows a sequence in the case where a host 3 attempts a connection by ftp to an FTP server in the conventional network system. [0063] Here, the exemplary case where the host 3 carries out communications with the FTP server located outside the "foobar.com" zone will be described. [0064] It is assumed that the FTP server utilizes the reverse look-up and the normal look-up as in Fig. 4 as the authentication (or a part of the authentication) of the correspondent and permits the connection from that host when the authentication succeeds. [006] First, the host 3 attempts an ftp connection to the FTP server (step S1). [0066] The FTP server can ascertain the TPv6 address "3ffe:ffff:1234:abcd:70:f6b8:7d9d:ad7f" of the host 1.03 at the initial stage of the connection set up. [0067] Next, the FTP server sends an inquiry to the name server 1 (directly or via a nearby cache server), in an attempt to obtain the RR corresponding to this address "3ffe:ffff:1234:abcd:70:f6b8:7d9d:ad7f" (step S2). [0068] Here, the RR corresponding to this address is not registered in the name server 1, so that the name server 1 returns a negative response to the FTP server (step S3). [0069] As a result, the FTP server refuses the connection request from the host 3 (step S4). [0070] Note that it is also possible to use the FTP server that utilizes only the reverse look-up (in such a 1 4 0 way that the reverse look-up is regarded as success when some host name is returned from the name server in response to the reverse look-up request), and even in this case, when a negative response is returned from the name server 1, the connection request from the host 3 is refused similarly as in the above. [0071] Next, the case where the name servers N and M of this embodiment makes responses will be described. [0072] Here, the exemplary case where the host H carries out communications with the FTP server F located outside the "foobar.com" zone will be described. [0073] It is assumed that the FTP server F utilizes the reverse look-up and the normal look-up as in Fig. 4 as the authentication (or a part of the authentication) of the correspondent and permits the connection from that host when the authentication succeeds. [0074] Fig. 9 shows an exemplary sequence in the case where the host H attempts a connection by ftp to the FTP server F. [007] First, the host H attempts an ftp connection to the FTP server F (transmits a connection request) (step S41). [0076] The FTP server F can ascertain the TPv6 address "3ffe:ffff:1234:abcd:70:f6b8:7d9d:ad7f" (which will be abbreviated as H6 hereafter) of the host H at the initial stage of the connection set up. [0077] Next, the FTP server F sends an inquiry for the address H6 to the name server N (directly or via a nearby cache server), in an attempt to obtain the RR corresponding to this address H6 (step S42). [0078] When the inquiry for the reverse look-up information is received (step S42), the name server N searches through the database (the reverse look-up table of Fig. 2) of the corresponding zone first. At this point, the corresponding RR does not exist (it is assumed that the corresponding RR is not registered here), so that this search fails. [0079] In this case, the name server N automatically generates the pseudo host name that is in one-to-one correspondence with the inquired IPv6 address H6 dynamically (step S43), and returns it as a success response (step S44). [0080] Here, it is assumed that the name server N generates the host name in one-to-one correspondence by the method of attaching "pseudohost" at a head of the inquired IPv6 address, and attaching "foobar.com" at a tail of the inquired IPv6 address. In this example, the IPv6 address is "3ffe:ffff:1234:abcd:70:f6b8:7d9d:ad7f", and it is assumed that "pseudohost3ffc-ffff-1234-abcd- 70-f6b8-7d9dad7f.foobar.com" (which will be abbreviated as Ph hereafter) is generated as the host name in one-to-one correspondence with this address. Here, the method to replace ":" by "-" is used, but this is not essential and any other method can be used. [0081] Upon receiving this response (step S44), the FTP server F searches for AAAA RR corresponding to the host name Ph next, in order to check the consistency 6
11 EP 1 349 349 B1 12 of the obtained host name Ph and the IPv6 address utilized for a connection (step S4). [0082] The inquiry based on this search is handled by the name server M that manages the DNS normal lookup information of the "foobar.com" zone (step S4). [0083] The name server M searches through the database (the normal look-up table of Fig. 3) of this zone first, but this host name is dynamically generated one so that it is not registered in the database, and this search fails. Then, the name server M obtains the IPv6 address H6 next by carrying out the processing which is in the inverse conversion relationship with the name server N which is set up in advance (step S46), and returns a response indicating this address as AAAA RR (step S47). [0084] Here, it is assumed that the name server M generates the IPv6 in one-to-one correspondence by the method of deleting "pseudohost" from a head of the inquired pseudo host name, and deleting "foobar.com" from a tail of the inquired pseudo host name. In this example, the IPv6 address is pseudo host name is "pseudohost3ffe- ffff- 1234- abcd- 70- f6b8-7d9dad7f.foobar.com", and it is assumed that "3ffe:ffff:1234: abcd:70:f6b8:7d9d:ad7f" is generated as the IPv6 address In one-to-one correspondence with this host name. Here, the method to replace "-" by ":" is used, but this is not essential and any other method can be used. [008] This address coincides with the address utilized in the ftp connection, so that the consistency check also succeeds, and this connection request is eventually accepted. [0086] When the authentication succeeds in this way, the FTP server F permits the connection request of the host H (step S48). [0087] Note that, in the case where the host H attempted a connection by ftp to the FTP server F. but the name server N returned an error in response to the reverse look-up request from the FTP server F so that the authentication fails and the FTP server F refuses the connection request of the host H, the sequence becomes similar to that shown in Fig. 1. [0088] Also, in the case where the host H attempted a connection by ftp to the FTP server F and the name server N returned the pseudo host name in response to the reverse look-up request from the FTP server F. but but the name server M returned an error in response to the normal look-up request from the FTP server F so that the authentication fails and the FTP server F refuses the connection request of the host H, the sequence becomes as shown in Fig.. [0089] Now, up to this point, the exemplary case where the FTP server F carries out the access control by utilizing both the reverse look-up and the normal look-up has been described. In the following, another exemplary case where the FTP server F carries out the access control by utilizing only the reverse look-up (in such a way that the reverse look-up is regarded as success when some host name is returned from the name server in response to the reverse look-up request) will be described. 1 4 0 [0090] Fig. 12 shown an exemplary processing procedure of the FTP server F in this case. [0091] When a connection request is received (step S311), the FTP server F carries out the reverse look-up for the IPv6 address of the request source (the host H in this example) (that is, a source address of a received packet) first (step S312), and checks whether the IPv6 address is obtained by the reverse look-up or not (step S313). If the IPv6 address is obtained (step S314 YES), the connection of the request source is permitted (step S31), whereas if the IPv6 address is not obtained (step S314 NO), the connection of the request source is refused (step 316). [0092] Here, the exemplary case where the host H carries out communications with the FTP server F located outside the "foobar.com" zone will be described. [0093] Note here that it is possible to use the name server N and the name server M both of which have the function for generating the pseudo host name or the IPv6 address as described above (in which case the FTP server F as in Fig. 4 and the FTP server F as in Fig. 12 can coexist), or use the name server N which has the function for generating the pseudo host name as described above and the name server M which is similar to the conventional one (in which case it is assumed that only the FTP server F as in Fig. 12 exists). [0094] Fig. 11 shows an exemplary sequence in the case where the host H attempts a connection by ftp to the FTP server F. [009] First, the host H attempts an ftp connection to the FTP server F (step S61). [0096] The FTP server F can ascertain the IPv6 address "3ffe:ffff:1234:abcd:70:f6b8:7d9d:ad7f" (that is, H6) of the host H at the initial stage of the connection set up. [0097] Next, the FTP server F sends an inquiry for the address H6 to the name server N (directly or via a nearby cache server), in an attempt to obtain the RR corresponding to this address H6 (step S62). [0098] When the inquiry for the reverse look-up information is received (step S62), the name server N searches through the database (the reverse look-up table of Fig. 2) of the corresponding zone first. At this point, the corresponding RR does not exist (it is assumed that the corresponding RR is not registered here), so that this search fails. [0099] In this case, the name server N automatically generates the pseudo host name that is in one-to-one correspondence with the inquired IPv6 address H6 dynamically (step S63), and returns it as a success response (step S64), similarly as in the earlier example. [00] Upon receiving this response (step S64), the FTP server F regards the search as success because some host name is returned in response to the inquiry, and this connection request is eventually accepted. [01] When the authentication succeeds in this way, the FTP server F permits the connection request of the host H (step S6). 7
13 EP 1 349 349 B1 14 [02] Note that, in the case where the host H attempted a connection by ftp to the FTP server F, but the name server N returned an error in response to the reverse look-up request from the FTP server F so that the authentication fails and the FTP server F refuses the connection request of the host H, the sequence becomes similar to that shown in Fig. 1. [03] Now, in the case of supporting the FTP server F that utilizes both the reverse look-up and the normal look-up for the access control as in Fig. 4, it is necessary for the name server N to generate the host name in oneto-one correspondence with the TPv6 address as the pseudo host name to be dynamically generated and return it as a response (and it is necessary for the name server M to carry out the IPv6 address generation processing which is in the inverse conversion relationship with the host name generation processing of the name server N). [04] However, in the case of supporting the FTP server F that utilizes only the reverse look-up for the access control as in Fig. 12 (the case where only the name server N has the function for generating the pseudo host name and the name server M does not have the function for generating the pseudo IPv6 address), the FTP server F Judges the search as success if there is a response of some host name in response to the reverse look-up request, so that it is no absolutely necessary for the name server N to generate the host name in one-to-one correspondence with the IPv6 address as the pseudo host name to be dynamically generated and return it as a response to the FTP server F. For example, the Name server N can generate the host name that has a multiple-toone relationship with a plurality of IPv6 addresses and return it as a response. There is also a method to always return a fictitious host name provided in advance (or a suitably selected one of a plurality of fictitious host names provided in advance), because the answering the host name that is set in correspondence to the IPv6 address to the unspecified server may not be preferable in the case where the leakage of the privacy is disfavored intensely. [0] Now, up to this point, the case where the FTP server F carries out the access control by utilizing at least the reverse look-up has been described, but it is also possible to support the case where the FTP server F carries out the access control by utilizing only the normal look-up (in such a way that the normal look-up is regarded as success when some IPv6 address is returned from the name server in response to the normal look-up request). Note that, in this case, it is assumed that the FTP server F that carries out the access control by utilizing only the normal look-up exists. [06] Fig. 13 shows an exemplary sequence in this case, in which the host H attempts a connection by ftp to the FTP server F. [07] First, the host H attempts an ftp connection to the FTP server F (step S71). [08] Note that, in this case, it is assumed that the 1 4 0 FTP server F can ascertain the bost name of the host H at the initial stage of the connection set up (the host name of the host is notified from the host H to the FTP server F at the initial stage of the connection set up, for example). [09] Next, the FTP server F sends an inquiry for the host name (which is assumed to be h here) to the name server M (directly or via a nearby cache server), in an attempt to obtain AAAA RR corresponding to this host name (step S72). [01] When the inquiry for the normal look-up information is received (step S72), the name server M searches through the database (the normal look-up table of Fig. 3) of the corresponding zone first. At this point, the corresponding AAAA RR does not exist (it is assumed that the corresponding AAAA RR is not registered here), so that this search fails. [0111] In this case, the name server M automatically generates the pseudo IPv6 address (which is assumed to be PH6) dynamically (step S73), and returns it as a success response (step S74). [0112] Upon receiving this response (step S74), the FTP server F regards the search as success because some IPv6 address is returned in response to the inquiry, and this connection request is eventually accepted. [0113] When the authentication succeeds in this way, the FTP server F permits the connection request of the host H (step S7). [0114] On the other hand, in the case where the host H attempted a connection by ftp to the FTP server F, but the name server M returned an error in response to the normal look-up request from the FTP server F, the authentication fails and the FTP server F refuses the connection request of the host H. [011] Note that, in this case, when the name server M generates the pseudo IPv6 address dynamically, it is possible to use one fictitious IPv6 address provided in advance (an address secured as one to be used only in a response as this fictitious IPv6 address, for example) as the pseudo IPv6 address to be generated, for example. It is also possible to use one fictitious TPv6 address which is suitably selected from a plurality of fictitious IPv6 addresses provided in advance (addresses secured as ones to be used only in a response as this fictitious IPv6 address, for example) as the pseudo IPv6 address to be generated, for example, note that the host name and the pseudo IPv6 address can be in one-to-one correspondence, or in the multiple-to-one correspondence. [0116] As described, according to the present invention, the host name to be used in responding to the reverse look-up request from the correspondent is generated at the name server side and returned as a response, so that the communications can be carried out without exposing the privacy of the communication host or the user to danger. [0117] Also, according to the present invention, the IP address to be used in responding to the normal look-up request from the correspondent is generated at the name server side and returned as a response, so that the com- 8
1 EP 1 349 349 B1 16 munications can be carried out without exposing the privacy of the communication host or the user to danger. [0118] Also, according to the present invention, the host name to be used in responding to the reverse lookup request from the correspondent is generated at the name server side and returned as a response, while the IP address to be used in responding to the normal lookup request from the correspondent is generated at the name server side and returned as a response, and the consistency between the reverse look-up and the normal look-up is imposed, so that the communications can be carried out while protecting the privacy even in the case of the correspondent who is carrying out more stringent access control. [0119] Thus, according to the present invention, it becomes possible to protect the privacy of the communication node and the user, and guarantee the connectivity even in the case where the response of the name server is utilized for the access control. [01] It is to be noted that the above described embodiments according to the present invention may be conveniently implemented using a conventional general purpose digital computer programmed according to the teachings of the present specification, as will be apparent to those skilled in the computer art. Appropriate software coding can readily be prepared by skilled programmers based on the teachings of the present disclosure, as will be apparent to those skilled in the software art. [0121] In particular, the name server of the above described embodiments can be conveniently implemented in a form of a software package. [0122] Such a software package can be a computer program product which employs a storage medium including stored computer code which is used to program a computer to perform the disclosed function and process of the present invention. The storage medium may include, but is not limited to, any type of conventional floppy disks, optical disks, CD-ROMs, magneto-optical disks. ROMs, RAMs, EPROMs, EEPROMs, magnetic or optical cards, or any other suitable media for storing electronic instructions. [0123] It is also to be noted that, besides those already mentioned above, many modifications and variations of the above embodiments may be made without departing from the novel and advantageous features of the present invention. Accordingly, all such modifications and variations are intended to be included within the scope of the appended claims. Claims 1. A name server (1) for managing correspondence information that registers a host name corresponding to an IF address by using the IP address as a key, with respect to communication nodes belonging to a network of a prescribed range, the name server (1) comprising: 1 4 0 a reception unit (11) configured to receive a reverse look-up request to which a host name corresponding to a specific IP address should be returned, from a request source node (); and a search unit (13) configured to search through the correspondence information by using the specific IP address contained in the reverse look-up request as a key, when the reverse lookup request is received by the reception unit (11); and characterized by a generation unit (1) configured to generate a pseudo host name, when a host name corresponding to the specific IP address contained in the reverse lookup request is not obtained as a result of search by the search unit (13); and a transmission unit (12) configured to return the host name corresponding to the specific IP address contained in the reverse look-up request to the request source node (), when the host name corresponding to the specific IP address contained in the reverse look-up request is obtained as a result of a search by the search unit (13), and return the pseudo host name generated by the generation unit (1) to the request source node (), when the host name corresponding to the specific IP address contained in the reverse look-up request is not obtained as a result of search by the search unit (13). 2. The name server (1) of Claim 1, wherein the generation unit (1) generates the pseudo host name in one-to-one correspondence with the specific IP address, according to the specific IP address. 3. The name server (1) of Claim 1, wherein the generation unit (1) generates the pseudo host name in multiple-to-one correspondence with a plurality of IP addresses including the specific IP address. 4. The name server (1) of Claim 1, wherein the generation unit (1) uses one fictitious host name provided in advance or one fictitious host name selected from a plurality of fictitious host names provided in advance, as the pseudo host name.. The name server (1) of Claim 1, wherein the generation unit (1) does not generate the pseudo host name, when a prescribed condition holds for the specific IP address, and the transmission unit (12) returns information indicating an error to the request source node (), when the prescribed condition holds for the specific IP address. 6. A name sever (2) for managing correspondence information that registers an IP address corresponding to a host name by using the host name as a key, with 9
17 EP 1 349 349 B1 18 respect to communication nodes belonging to a network of a prescribed range, the name server (2) comprising: a reception unit (21) configured to receive a normal look-up request to which an IP address corresponding to a specific host name should be returned, from a request source node (); and a search unit (23) configured to search through the correspondence information by using the specific host name contained in the normal lookup request as a key, when the normal look-up request is received by the reception unit (21); and characterized by a generation unit () configured to generate a pseudo IP address, when an IP address corresponding to the specific host name contained in the normal look-up request is not obtained as a result of search by the search unit (23); and a transmission unit (22) configured to return the IP address corresponding to the specific host name contained in the normal look-up request to the request source node (), when the IP address corresponding to the specific host name contained in the normal look-up request is obtained as a result of search by the search unit (23), and return the pseudo IP address generated by the generation unit () to the request source node (), when the IP address corresponding to the specific host name contained in the normal look-up request is not obtained as a result of search by the search unit (23). 7. The name server (2) of Claim 6, wherein the generation unit () does not generate the pseudo IP address, when a prescribed condition holds for the specific host name, and the transmission unit (22) returns information indicating an error to the request source node (), when the prescribed condition holds for the specific host name. 8. A network system containing a first name server (1) for managing first correspondence information that registers a host name corresponding to an IP address by using the IP address as a key, with respect to communication nodes belonging to a network of a prescribed range, and a second name server (2) for managing second correspondence information that registers an IP address corresponding to a host name by using the host name as a key, with respect to the communication nodes belonging to the network of the prescribed range, wherein: the first name server (1) has: 1 4 0 a first reception unit (11) configured to receive a reverse look-up request to which a host name corresponding to a specific IP address should be returned, from a request source node (); and a first search unit (13) configured to search through the first correspondence information by using the specific IP address contained in the reverse look-up request as a key, when the reverse look-up request is received by the first reception unit (11); and the second name server (2) has: a second reception unit (22) configured to receive a normal look-up request to which an IP address corresponding to a specific host name should be returned, from a request source node (); and a second search unit (23) configured to search through the second correspondence information by using the specific host name contained in the normal look-up request as a key, when the normal look-up request is received by the second reception unit (22); characterized in that the first name server (1) has: a first generation unit (1) configured to generate a pseudo host name in one-to-one correspondence with the specific IP address according to the specific IP address, when a host name corresponding to the specific IP address contained in the reverse look-up request is not obtained as a result of search by the first search unit (13); and a first transmission unit (12) configured to return the host name corresponding to the specific IP address contained in the reverse look-up request to the request source node (), when the host name corresponding to the specific IP address contained in the reverse look-up request is obtained as a result of search by the first search unit (13), and return the pseudo host name generated by the first generation unit (1) to the request source node (), when the host name corresponding to the specific IP address contained in the reverse look-up request is not obtained as a result of search by the first search unit (13); and the second name server (2) has: a second generation unit () configured to generate a pseudo IP address in one-to-one correspondence with the specific host name according to the specific host name, when an IP address corresponding to the specific host name contained in the normal look-up
19 EP 1 349 349 B1 request is not obtained as a result of search by the second search unit (23); and a second transmission unit (22) configured to return the IP address corresponding to the specific host name contained in the normal look-up request to the request source node (), when the IP address corresponding to the specific host name contained in the normal look-up request is obtained as a result of search by the second search unit (23), and return the pseudo IP address generated by the second generation unit () to the request source node (), when the IP address corresponding to the specific host name contained in the normal look-up request is not obtained as a result of search by the second search unit (23); and in that a first conversion from the IP address into the pseudo host name by generating the pseudo host name according to the IP address by the first generation unit (1) of the first name server (1) and a second conversion from the host name into the pseudo IP address by generating the pseudo IP address according to the host name by the second generation unit () of the second name server (2) are set to be in a relationship of being an inverse conversion of each other. 9. The network system of Claim 8, wherein: the first generation unit (1) of the first name server (1) generates the pseudo host name by attaching a specific character string that contains a character string indicating the pseudo host name to the IP address: and the second generation unit () of the second name server (2) generates the pseudo IP address by deleting the specific character string that contains the character string indicating the pseudo host name, from the pseudo host name.. The network system of Claim 8, wherein the first generation unit (1) of the first name server (1) does not generate the pseudo host name, when a prescribed condition holds for the specific IP address, and the first transmission unit (12) of the first name server (1) returns information indicating an error to the request source node (), when the prescribed condition holds for the specific IP address. 11. The network system of Claim 8, wherein the second generation unit () of the second name server (2) does not generate the pseudo IP address, when a prescribed condition holds for the specific host name, and the second transmission unit (22) of the second 1 4 0 name server (2) returns information indicating an error to the request source node (), when the prescribed condition holds for the specific host name. 12. A method for reverse look-up request processing at a name server (1) for managing correspondence information that registers a host name corresponding to an IP address by using the IP address as a key, with respect to communication nodes belonging to a network of a prescribed range, the method comprising: (S1) receiving a reverse look-up request to which a host name corresponding to a specific IP address should be returned, from a request source node (); and (S2) searching through the correspondence information by using the specific IP address contained in the reverse look-up request as a key, when the reverse look-up request is received; and characterized by (S) generating a pseudo host name, when a host name corresponding to the specific IP address contained in the reverse look-up request is not obtained as a result of search; and (S4) returning the host name corresponding to the specific IP address contained in the reverse look-up request to the request source node (), when the host name corresponding to the specific IP address contained in the reverse lookup request is obtained as a result of search, and (S6) returning the pseudo host name generated by the generating step (S) to the request source node (), when the host name corresponding to the specific IP address contained in the reverse look-up request is not obtained as a result of search. 13. A method for normal look-up request processing at a name server (2) for managing correspondence information that registers an IP address corresponding to a host name by using the host name as a key, with respect to communication node belonging to a network of a prescribed range, the method comprising: (S11) receiving a normal look-up request to which an IP address corresponding to a specific host name should be returned, from a request source node (); and (S12) searching through the correspondence information by using the specific host name contained in the normal look-up request as a key, when the normal look-up request is received; and characterized by (S 1) generating a pseudo IP address, when an IP address corresponding to the specific host name contained in the normal look-up request 11
21 EP 1 349 349 B1 22 is not obtained as a result of search; and (S 14) returning the IP address corresponding to the specific host name contained in the normal look-up request to the request source node (), when the IP address corresponding to the specific host name contained in the normal look-up request is obtained as a result of search, and (S16) returning the pseudo IP address generated by the generating step (S1) to the request source node (), when the IP address corresponding to the specific host name contained in the normal look-up request is not obtained as a result of search. 14. A method for communication control in a network system containing a first name server (1) for managing first correspondence information that registers a host name corresponding to an IP address by using the IP address as a key, with respect to the communication nodes belonging to a network of a prescribed range, a second name server (2) for managing second correspondence information that registers an IP address corresponding to a host name by using the host name as a key, with respect to the communication nodes belonging to the network of the prescribed range, a communication node belonging to the network of the prescribed range, and a correspondent node belonging to external of the network of the prescribed range which becomes a correspondent of the communication node, the method comprising: transmitting a connection request from the communication node (3) to the correspondent node (); (S1) receiving the connection request from the communication node (3) at the correspondent node (), and (S2) transmitting a reverse look-up request to which a host name corresponding to a specific IP address of the communication node (3) should be returned, from the correspondent node () to the first name server (1); (S1) receiving the reverse look-up request to which a host name corresponding to the specific IP address should be returned, from the correspondent node () at the first name server (1); (S2) searching through the first correspondence information by using the specific IP address contained in the reverse look-up request as a key, at the first name server (1); (S) generating a pseudo host name in one-toone correspondence with the specific IP address according to the specific IP address, when a host name corresponding to the specific IP address contained in the reverse look-up request is not obtained as a result of search, at the first name server (1); 1 4 0 (S6) returning the pseudo host name to the correspondent node () from the first name server (1); receiving the pseudo host name from the first name server (1) at the correspondent node (), and (S3) transmitting a normal look-up request to which an IP address corresponding to the pseudo host name should be returned, from the correspondent node () to the second name server (2); (S11) receiving the normal look-up request to which an IP address corresponding to the pseudo host name should be returned, from the correspondent node () at the second name server (2); (S12) searching through the second correspondence information by using the pseudo host name contained in the normal look-up request as a key, at the second name server (2); (S 1) generating a pseudo IP address in oneto-one correspondent with the pseudo host name according to the pseudo host name, when an IP address corresponding to the pseudo host name contained in the normal look-up request is not obtained as a result of search, at the second name server (2); (S16) returning the pseudo IP address to the correspondent node () from the second name server (2); and receiving the pseudo IP address from the second name server, (S4) comparing the pseudo IP address received from the second name server (2) and the specific IP address of the communication node (3), and (S6) permitting the connection request of the communication node (3) when the pseudo IP address received from the second name server (2) and the specific IP address of the communication node (3) coincide, or (S7) refusing the connection request of the communication node (3) when the pseudo IP address received from the second name server (2) and the specific IP address of the communication node (3) do not coincide, at the correspondent node (). 1. A method for communication control in a network system containing a name server (1) for managing correspondence information that registers a host name corresponding to an IP address by using the IP address as a key, with respect to communication nodes belonging to a network of a prescribed range, a communication node belonging to the network of the prescribed range, and a correspondent node belonging to external of the network of the prescribed range which becomes a correspondent of the communication node, the method comprising: (S61) transmitting a connection request from the 12
23 EP 1 349 349 B1 24 communication node (3) to the correspondent node (); (S61, S311) receiving the connection request from the communication node (3) at the correspondent node (), and (S62, S312) transmitting a reverse look-up request to which a host name corresponding to a specific IP address of the communication node (3) should be returned, from the corresponding node () to the name server (1); (S1) receiving the reverse look-up request to which a host name corresponding to the specific IP address should be returned, from the correspondent node () at the name server (1); and (S2) searching through the correspondence information by using the specific IP address contained in the reverse look-up request as a key, at the name server (1); and characterized by (S, S63) generating a pseudo host name, when a host name corresponding to the specific IP address contained in the reverse look-up request is not obtained as a result of search, at the name server (1); (S6, S64) returning the pseudo host name to the correspondent node () from the name server (1); and (S6, S31) permitting the connection request of the communication node (3) when the pseudo host name is received from the name server (1), or (S316) refusing the connection request of the communication node (3) when information indicating an error is received from the name server (1), at the correspondent node (). 16. A computer program product for causing a computer to function as a name server (1) for managing correspondence information that registers a host name corresponding to an IP address by using the IP address as a key, with respect to communication nodes belonging to a network of a prescribed range, the computer program product comprising: a first computer program code for causing the computer to (S1) receive a reverse look-up request to which a host name corresponding to a specific IP address should be returned, from a request source node (); and a second computer program code for causing the computer to (S2) search through the correspondence information by using the specific IP address contained in the reverse look-up request as a key, when the reverse look-up request is received by the first computer program code; and 1 4 0 characterized by a third computer program code for causing the computer to (S) generate a pseudo host name, when a host name corresponding to the specific IP address contained in the reverse look-up request is not obtained as a result of search by the second computer program code; and a fourth computer program code for causing the computer to (S4) return the host name corresponding to the specific IP address contained in the reverse lookup request to the request source node (), when the host name corresponding to the specific IP address contained in the reverse look-up request is obtained as a result of search by the second computer program code, and (S6) return the pseudo host name generated by the third computer program code to the request source node (), when the host name corresponding to the specific IP address contained in the reverse look-up request is not obtained as a result of search by the second computer program code. 17. A computer program product for causing a computer to function as a name server (2) for managing correspondence information that registers an IP address corresponding to a host name by using the host name as a key, with respect to communication nodes belonging to a network of a prescribed range, the computer program product comprising: a first computer program code for causing the computer to (S 11) receive a normal look-up request to which an IP address corresponding to a specific host name should be returned, from a request source node (); and a second computer program code for causing the computer to (S12) search through the correspondence information by using the specific host name contained in the normal look-up request as a key, when the normal look-up request is received by the first computer program code; and characterized by a third computer program code for causing the computer to (S1) generate a pseudo IP address, when an IP address corresponding to the specific host name contained in the normal look-up request is not obtained as a result of search by the second computer program code; and a fourth computer program code for causing the computer to (S 14) return the IP address corresponding to the specific host name contained in the normal look-up request to the request source node (), when the IP address corresponding to the specific host name contained in the normal look-up request is obtained as a result of search by the second computer program code, and (S 16) return the pseudo IP address generated by the third computer program code to the request source node (), when the IP address 13
EP 1 349 349 B1 26 corresponding to the specific host name contained in the normal look-up request is not obtained as a result of search by the second computer program code. 18. A carrier medium carrying computer readable instructions for controlling a computer to perform the method of either of claims 12 or 13. Patentansprüche 1. Namensserver (1) zum Verwalten einer Korrespondenzinformation, die einen einer IP-Adresse entsprechenden Host-Namen durch Verwenden der IP- Adresse als einen Schlüssel registriert, bezüglich zu einem Netzwerk eines vorgeschriebenen Bereiches gehörenden Kommunikationsknoten, wobei der Namensserver (1) umfasst: eine Empfangseinheit (11), die konfiguriert ist zum Empfangen einer Nachschlaganforderung in Rückwärtsrichtung, an welche ein einer spezifischen IP-Adresse entsprechender Host-Namen zurückgegeben werden sollte, von einem Anforderungs-Quellknoten (), und eine Sucheinheit (13), die konfiguriert ist zum Suchen in der Korrespondenzinformation durch Verwenden der in der Nachschlaganforderung in Rückwärtsrichtung enthaltenen spezifischen IP-Adresse als einen Schlüssel, wenn die Nachschlaganforderung in Rückwärtsrichtung durch die Empfangseinheit (11) empfangen wird; und gekennzeichnet durch eine Erzeugungseinheit (1), die konfiguriert ist zum Erzeugen eines Pseudo-Hostnamens, der der spezifischen IP-Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, nicht als ein Suchergebnis durch die Sucheinheit (13) erhalten wird; und eine Übertragungseinheit (12), die konfiguriert ist zum Zurückgeben des Hostnamens, der der spezifischen IP-Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, an den Anforderungs-Quellknoten (), wenn der Hostname, der der spezifischen IP-Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, als ein Suchergebnis durch die Sucheinheit (13) erhalten wird, und zum Zurückgeben des durch die Erzeugungseinheit (1) erzeugten Pseudo-Hostnamens an den Anforderungs-Quellknoten (), wenn der Hostname, der der spezifischen IP-Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, nicht als ein Suchergebnis durch die Sucheinheit (13) erhalten wird. 1 4 0 2. Namensserver (1) gemäß Anspruch 1, wobei die Erzeugungseinheit (1) den Pseudo-Hostnamen in einer Einszu-Eins-Entsprechung mit der spezifischen IP-Adresse erzeugt, gemäß der spezifischen IP- Adresse. 3. Namensserver (1) gemäß Anspruch 1, wobei die Erzeugungseinheit (1) den Pseudo-Hostnamen in einer Mehrfach-zu-Eins-Entsprechung mit einer Vielzahl von in der spezifischen IP-Adresse enthaltenen IP-Adressen erzeugt. 4. Namensserver (1) gemäß Anspruch 1, wobei die Erzeugungseinheit (1) einen im Voraus bereitgestellten fiktiven Hostnamen oder einen aus einer Vielzahl von im Voraus bereitgestellten fiktiven Hostnamen ausgewählten fiktiven Hostnahmen als den Pseudo- Hostnamen verwendet.. Namensserver (1) gemäß Anspruch 1, wobei die Erzeugungseinheit (1) nicht den Pseudo-Hostnamen erzeugt, wenn eine vorgeschriebene Bedingung für die spezifische IP-Adresse zutrifft, und die Übertragungseinheit (12) eine einen Fehler angebende Information an den Anforderungs-Quellknoten () zurückgibt, wenn die vorgeschriebene Bedingung für die spezifische IP-Adresse zutrifft. 6. Namensserver (2) zum Verwalten einer Korrespondenzinformation, die eine einem Hostnamen entsprechende IP-Adresse durch Verwenden des Hostnamens als einen Schlüssel registriert, bezüglich zu einem Netzwerk eines vorgeschriebenen Bereiches gehörenden Kommunikationsknoten, wobei der Namensserver (2) umfasst: eine Empfangseinheit (21), die konfiguriert ist zum Empfangen einer normalen Nachschlaganforderung, an welche eine einem spezifischen Hostnamen entsprechende IP-Adresse zurückgegeben werden sollte, von einem Anforderungs-Quellknoten (); und eine Sucheinheit (23), die konfiguriert ist zum Suchen in der Korrespondenzinformation durch Verwenden des in der normalen Nachschlaganforderung enthaltenen spezifischen Hostnamen als einen Schlüssel, wenn die normale Nachschlaganforderung durch die Empfangseinheit (21) empfangen wird; und gekennzeichnet durch eine Erzeugungseinheit (), die konfiguriert ist zum Erzeugen einer Pseudo-IP-Adresse, wenn eine IP- Adresse, die dem spezifischen Hostnamen entspricht, der in der normalen Nachschlaganforderung enthalten ist, nicht als ein Suchergebnis durch die Sucheinheit (23) erhalten wird; und eine Übertragungseinheit (22), die konfiguriert ist 14
27 EP 1 349 349 B1 28 zum Zurückgeben der IP-Adresse, die dem spezifischen Hostnamen entspricht, der in der normalen Nachschlaganforderung enthalten ist, an den Anforderungs-Quellknoten (), wenn die IP-Adresse, die dem spezifischen Hostnamen entspricht, der in der normalen Nachschlaganforderung enthalten ist, als ein Suchergebnis durch die Sucheinheit (23) erhalten wird, und Zurückgeben der durch die Erzeugungseinheit () erzeugten Pseudo-IP-Adresse an den Anforderungs-Quellknoten (), wenn die IP- Adresse, die dem spezifischen Hostnamen entspricht, der in der normalen Nachschlaganforderung enthalten ist, nicht als ein Suchergebnis durch die Sucheinheit (23) erhalten wird. 7. Namensserver (2) gemäß Anspruch 6, wobei die Erzeugungseinheit () nicht Pseudo-IP-Adresse erzeugt, wenn eine vorgeschriebene Bedingung für den spezifischen Hostnamen zutrifft, und die Übertragungseinheit (22) eine einen Fehler angebende Information an den Anforderungs-Quellknoten () zurückgibt, wenn die vorgeschriebene Bedingung für den spezifischen Hostnamen zutrifft. 8. Netzwerksystem mit einem ersten Namensserver (1) zum Verwalten einer ersten Korrespondenzinformation, die einen einer IP-Adresse entsprechenden Hostnamen durch Verwenden der IP-Adresse als einen Schlüssel registriert, bezüglich zu einem Netzwerk eines vorgeschriebenen Bereiches gehörenden Kommunikationsknoten, und einem zweiten Namensserver (2) zum Verwalten einer zweiten Korrespondenzinformation, die eine einem Hostnamen entsprechende IP-Adresse durch Verwenden des Hostnamens als einen Schlüssel registriert, bezüglich der zu dem Netzwerk des vorgeschriebenen Bereiches gehörenden Kommunikationsknoten, wobei: der erste Namensserver (1) enthält: eine erste Empfangseinheit (11), die konfiguriert ist zum Empfangen einer Nachschlaganforderung in Rückwärtsrichtung, an welche ein der spezifischen IP-Adresse entsprechender Hostnamen zurückgegeben werden sollte, von einem Anforderungs-Quellknoten (); und eine erste Sucheinheit (13), die konfiguriert ist zum Suchen in der ersten Korrespondenzinformation durch Verwenden der in der Nachschlaganforderung in Rückwärtsrichtung enthaltenen spezifischen IP-Adresse als einen Schlüssel, wenn die Nachschlaganforderung in Rückwärtsrichtung durch die erste Empfangseinheit (11) empfangen wird; und der zweite Namensserver (2) enthält: 1 4 0 eine zweite Empfangseinheit (22), die konfiguriert ist zum Empfangen einer normalen Nachschlaganforderung, an welche einem spezifischen Hostnamen entsprechende IP-Adresse zurückgegeben werden sollte, von einem Anforderungs-Quellknoten (); und eine zweite Sucheinheit (23), die konfiguriert ist zum Suchen in der zweiten Korrespondenzinformation durch Verwenden des in der normalen Nachschlaganforderung enthaltenen spezifischen Hostnamens als einen Schlüssel, wenn die normale Nachschlaganforderung durch die zweite Empfangseinheit (22) empfangen wird; dadurch gekennzeichnet, dass der erste Namensserver (1) enthält: eine erste Erzeugungseinheit (1), die konfiguriert ist zum Erzeugen eines Pseudo-Hostnamens in einer Eins-zu-Eins-Entsprechung mit der spezifischen IP-Adresse gemäß der spezifischen IP-Adresse, wenn ein Hostname, der der spezifischen IP-Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, nicht als ein Suchergebnis durch die erste Sucheinheit (13) erhalten wird; und eine erste Übertragungseinheit (12), die konfiguriert ist zum Zurückgeben des Hostnamens, der der spezifischen IP-Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, an den Anforderungs- Quellknoten (), wenn der Hostname, der der spezifischen IP-Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, als ein Suchergebnis durch die erste Sucheinheit (13) erhalten wird, und Zurückgeben des durch die erste Erzeugungseinheit (1) erzeugten Pseudo-Hostnamens an den Anforderungs-Quellknoten (), wenn der Hostname, der der spezifischen IP-Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, nicht als ein Suchergebnis durch die erste Sucheinheit (13) erhalten wird; und der zweite Namensserver (2) enthält: eine zweite Erzeugungseinheit (), die konfiguriert ist zum Erzeugen einer Pseudo- IP-Adresse in einer Eins-zu-Eins-Entsprechung mit dem spezifischen Hostnamen gemäß dem spezifischen Hostnamen, wenn eine IP-Adresse, die dem spezifischen Hostnahmen entspricht, der in der normalen Nachschlaganforderung enthalten ist, 1
29 EP 1 349 349 B1 nicht als ein Suchergebnis durch die zweite Sucheinheit (23) erhalten wird; und eine zweite Übertragungseinheit (22), die konfiguriert ist zum Zurückgeben der IP- Adresse, die dem spezifischen Hostnamen entspricht, der in der normalen Nachschlaganforderung enthalten ist, an den Anforderungs-Quellknoten (), wenn die IP-Adresse, die dem spezifischen Hostnamen entspricht, der in der normalen Nachschlaganforderung enthalten ist, als ein Suchergebnis durch die zweite Sucheinheit (23) erhalten wird, und Zurückgeben der durch die zweite Erzeugungseinheit () erzeugten Pseudo-IP-Adresse an den Anforderungs- Quellknoten (), wenn die IP-Adresse, die dem spezifischen Hostnamen entspricht, der in der normalen Nachschlaganforderung enthalten ist, nicht als ein Suchergebnis durch die zweite Sucheinheit (23) erhalten wird; und dass eine erste Umwandlung von der IP- Adresse in den Pseudo-Hostnamen durch Erzeugen der Pseudo-Hostnamens gemäß der IP-Adresse durch die erste Erzeugungseinheit (1) des ersten Namensservers (1) und eine zweite Umwandlung von dem Hostnamen in die Pseudo-IP-Adresse durch Erzeugen der Pseudo-IP-Adresse gemäß dem Hostnamen durch die zweite Erzeugungseinheit () des zweiten Namensservers (2) festgelegt sind, in einer Beziehung einer Inversumwandlung zueinander zu sein. 9. Netzwerksystem gemäß Anspruch 8, wobei: die erste Erzeugungseinheit (1) des ersten Namensservers (1) den Pseudo-Hostnahmen erzeugt durch Anhängen einer spezifischen Zeichenkette, die eine den Pseudo-Hostnamen angebende Zeichenkette enthält, an die IP-Adresse; und die zweite Erzeugungseinheit () des zweiten Namensservers (2) die Pseudo-IP-Adresse erzeugt durch Löschen der spezifischen Zeichenkette, die die den Pseudo-Hostnamen angebende Zeichenkette enthält, von dem Pseudo-Hostnamen. 1 4 0. Netzwerksystem gemäß Anspruch 8, wobei die erste Erzeugungseinheit (1) des ersten Namensservers (1) nicht den Pseudo-Hostnamen erzeugt, wenn eine vorgeschriebene Bedingung für die spezifische IP-Adresse zutrifft, und die erste Übertragungseinheit (12) des ersten Namensservers (1) eine einen Fehler angebende Information an den Anforderungsquelleknoten () zurückgibt, wenn die vorgeschriebene Bedingung für die spezifische IP-Adresse zutrifft. 11. Netzwerksystem gemäß Anspruch 8, wobei die zweite Erzeugungseinheit () des zweiten Namensservers (2) nicht die Pseudo-IP-Adresse erzeugt, wenn eine vorgeschriebene Bedingung für den spezifischen Hostnamen zutrifft, und die zweite Übertragungseinheit (22) des zweiten Namensservers (2) eine einen Fehler angebende Information an den Anforderungs-Quellknoten () zurückgibt, wenn die vorgeschriebene Bedingung für den spezifischen Hostnamen zutrifft. 12. Verfahren zum Verarbeiten einer Nachschlaganforderung in Rückwärtsrichtung bei einem Namensserver (1) zum Verwalten einer Korrespondenzinformation, die einen einer IP-Adresse entsprechenden Hostnamen durch Verwenden der IP-Adresse als einen Schlüssel registriert, bezüglich zu einem Netzwerk eines vorgeschriebenen Bereiches gehörenden Kommunikationsknoten, wobei das Verfahren umfasst: (S1) Empfangen einer Nachschlaganforderung in Rückwärtsrichtung, an welche ein einer spezifischen IP-Adresse entsprechender Hostnamen zurückgegeben werden sollte, von einem Anforderungs-Quellknoten (); und (S2) Suchen in der Korrespondenzinformation durch Verwenden der spezifischen IP-Adresse, die in der Nachschlaganforderung enthalten ist, als einen Schlüssel, wenn die Nachschlaganforderung in Rückwärtsrichtung empfangen wird; und gekennzeichnet durch (S) Erzeugen eines Pseudo-Hostnamens, wenn ein Hostname, der der spezifischen IP- Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, nicht als ein Suchergebnis erhalten wird; und (S4) Zurückgeben des Hostnamens, der der spezifischen IP-Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, an den Anforderungs-Quellknoten (), wenn der Hostname, der der spezifischen IP-Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, als ein Suchergebnis erhalten wird, und (S6) Zurückgeben des durch den Erzeugungsschritt (S) erzeugten Pseudo-Hostnamens an den Anforderungs-Quellknoten (), wenn der Hostname, der der spezifischen IP-Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, nicht als ein Suchergebnis erhalten wird. 13. Verfahren zum Verarbeiten einer normalen Nachschlaganforderung bei einem Namensserver (2) 16
31 EP 1 349 349 B1 32 zum Verwalten einer Korrespondenzinformation, die eine einem Hostnamen entsprechende IP-Adresse durch Verwenden des Hostnamens als einen Schlüssel registriert, bezüglich eines zu einem Netzwerk eines vorgeschriebenen Bereiches gehörenden Kommunikationsknotens, wobei das Verfahren umfasst: (S11) Empfangen einer normalen Nachschlaganforderung, an welche einem spezifischen Hostnamen entsprechende IP-Adresse zurückgegeben werden sollte, von einem Anforderungs-Quellknoten (); und (S12) Suchen in der Korrespondenzinformation durch Verwenden des spezifischen Hostnamens, der in der normalen Nachschlaganforderung enthalten ist, als einen Schlüssel, wenn die normale Nachschlaganforderung empfangen wird; und gekennzeichnet durch (S1) Erzeugen einer Pseudo-IP-Adresse, wenn eine IP-Adresse, die dem spezifischen Hostnamen entspricht, der in der normalen Nachschlaganforderung enthalten ist, nicht als ein Suchergebnis erhalten wird; und (S14) Zurückgeben der IP-Adresse, die dem spezifischen Hostnamen entspricht, der in der normalen Nachschlaganforderung enthalten ist, an den Anforderungs-Quellknoten (), wenn die IP-Adresse, die dem spezifischen Hostnamen entspricht, der in der normalen Nachschlaganforderung enthalten ist, als ein Suchergebnis erhalten wird, und (S16) Zurückgeben der durch den Erzeugungsschritt (S) erzeugten Pseudo- IP-Adresse an den Anforderungs-Quellknoten (), wenn die IP-Adresse, die dem spezifischen Hostnamen entspricht, der in der normalen Nachschlaganforderung enthalten ist, nicht als ein Suchergebnis erhalten wird. 14. Verfahren zur Kommunikationssteuerung in einem Netzwerksystem mit einem ersten Namensserver (1) zum Verwalten einer ersten Korrespondenzinformation, die einen einer IP-Adresse entsprechenden Hostnamen durch Verwenden der IP-Adresse als einen Schlüssel registriert, bezüglich zu einem Netzwerk eines vorgeschriebenen Bereiches gehörenden Kommunikationsknoten, einem zweiten Namensserver (2) zum Verwalten einer zweiten Korrespondenzinformation, die eine einem Hostnamen entsprechende IP-Adresse durch Verwenden des Hostnamens als einen Schlüssel registriert, bezüglich der zu dem Netzwerk des vorgeschriebenen Bereiches gehörenden Kommunikationsknoten, einem zu dem Netzwerk des vorgeschriebenen Bereiches gehörenden Kommunikationsknoten, und einem entsprechenden Knoten, der zum Äußeren des Netzwerks des vorgeschriebenen Bereiches gehört, 1 4 0 der zu einem entsprechenden des Kommunikationsknotens wird, wobei das Verfahren umfasst: Übermitteln einer Verbindungsanforderung von dem Kommunikationsknoten 3 an den entsprechenden Knoten (); (S1) Empfangen der Verbindungsanforderung von dem Kommunikationsknoten 3 bei dem entsprechenden Knoten (), und (S2) Übermitteln einer Nachschlaganforderung in Rückwärtsrichtung, an welche ein einer spezifischen IP-Adresse des Kommunikationsknotens (3) entsprechender Hostname zurückgegeben werden sollte, von dem entsprechenden Knoten () an den ersten Namensserver (1); (S1) Empfangen der Nachschlaganforderung in Rückwärtsrichtung, an welche ein der spezifischen IP-Adresse entsprechender Hostname zurückgegeben werden sollte, von dem entsprechenden Knoten () bei dem ersten Namensserver (1); (S2) Suchen in der ersten Korrespondenzinformation durch Verwenden des in der Nachschlaganforderung in Rückwärtsrichtung enthaltenen spezifischen IP-Adresse als einen Schlüssel, bei dem ersten Namensserver (1); (S) Erzeugen eines Pseudo-Hostnamens in einer Eins-zu-Eins-Entsprechung mit der spezifischen IP-Adresse gemäß der spezifischen IP- Adresse, wenn ein Hostname, der der spezifischen IP-Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, nicht als ein Suchergebnis erhalten wird, bei dem ersten Namensserver (1); (S6) Zurückgeben des Pseudo-Hostnamens an den entsprechenden Knoten () von dem ersten Namensserver (1); Empfangen des Pseudo-Hostnamens von dem ersten Namensserver (1) bei dem entsprechenden Knoten (), und (S3) Übermitteln einer normalen Nachschlaganforderung, an welche eine dem Pseudo-Hostnamen entsprechende IP-Adresse zurückgegeben werden sollte, von dem entsprechenden Knoten () an den zweiten Namensserver (2); (S11) Empfangen der normalen Nachschlaganforderung, an welche eine dem Pseudo-Hostnamen entsprechende IP-Adresse zurückgegeben werden sollte, von dem entsprechenden Knoten () bei dem zweiten Namensserver (2); (S12) Suchen in der zweiten Korrespondenzinformation durch Verwenden des in der normalen Nachschlaganforderung enthaltenen Pseudo- Hostnamens als einen Schlüssel, bei dem zweiten Namensserver (2); (S1) Erzeugen einer Pseudo-IP-Adresse in einer Eins-zu-Eins-Entsprechung mit dem Pseudo-Hostnamen gemäß dem Hostnamen, wenn 17
33 EP 1 349 349 B1 34 eine IP-Adresse, die dem Pseudo-Hostnamen entspricht, der in der normalen Nachschlaganforderung enthalten ist, nicht als ein Suchergebnis erhalten wird, bei dem zweiten Namensserver (2); (S16) Zurückgeben der Pseudo-IP-Adresse an den entsprechenden Knoten () von dem zweiten Namensserver (2); und Empfangen der Pseudo-IP-Adresse von dem zweiten Namensserver, (S4) Vergleichen der von dem zweiten Namensserver (2) empfangenen Pseudo-IP-Adresse und der spezifischen IP-Adresse des Kommunikationsknotens (3), und (S6) Zulassen der Verbindungsanforderung des Kommunikationsknotens (3), wenn die von dem zweiten Namensserver (2) empfangene Pseudo-IP-Adresse und die spezifische IP- Adresse des Kommunikationsknotens (3) übereinstimmen, oder (S7) Ablehnen der Verbindungsanforderung des Kommunikationsknotens (3), wenn die von dem zweiten Namensserver (2) empfangene Pseudo-IP-Adresse und die spezifische IP-Adresse des Kommunikationsknotens (3) nicht übereinstimmen, bei dem entsprechenden Knoten (). 1. Verfahren zur Kommunikationssteuerung in einem Netzwerksystem mit einem Namensserver (1) zum Verwalten einer Korrespondenzinformation, die einen einer IP-Adresse entsprechenden Hostnamen durch Verwenden der IP-Adresse als einen Schlüssel registriert, bezüglich zu einem Netzwerk eines vorgeschriebenen Bereiches gehörenden Kommunikationsknoten, einem zu dem Netzwerk des vorgeschriebenen Bereiches gehörenden Kommunikationsknoten, und einem zu dem Äußeren des Netzwerks des vorgeschriebenen Bereiches gehörenden entsprechenden Knoten, der ein entsprechender des Kommunikationsknotens wird, wobei das Verfahren umfasst: (S61) Übermitteln einer Bedienungsanforderung von dem Kommunikationsknoten (3) an den entsprechenden Knoten (); (S61, S311) Empfangen der Verbindungsanforderung von dem Kommunikationsknoten 3 bei dem entsprechenden Knoten () und (S62, S312) Übermitteln einer Nachschlaganforderung in Rückwärtsrichtung, an welche ein einer spezifischen IP-Adresse des Kommunikationsknotens (3) entsprechender Hostname zurückgegeben werden sollte, von dem entsprechenden Knoten () an den Namensserver (1); (S1) Empfangen der Nachschlaganforderung in Rückwärtsrichtung, an welche ein der spezifischen IP-Adresse entsprechender Hostname zurückgegeben werden sollte, von dem entsprechenden Knoten () bei dem Namensserver (1) ; 1 4 0 und (S2) Suchen in der Korrespondenzinformation durch Verwenden der in der Nachschlaganforderung in Rückwärtsrichtung enthaltenen spezifischen IP-Adresse als einen Schlüssel, bei dem Namensserver (1); und gekennzeichnet durch (S, S63) Erzeugen eines Pseudo-Hostnamens, wenn ein Hostname, der der spezifischen IP-Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, nicht als ein Suchergebnis erhalten wird, bei dem Namensserver (1); (S6, S64) Zurückgeben des Pseudeo-Hostnamens an den entsprechenden Knoten () von dem Namensserver (1); und (S6, S31) Zulassen der Verbindungsanforderung des Kommunikationsknotens (3), wenn der Pseudo-Hostname von dem Namensserver (1) empfangen wird, oder (S316) Ablehnen der Verbindungsanforderung des Kommunikationsknotens (3), wenn eine einen Fehler angebende Information von dem Namensserver (1) empfangen wird, bei dem entsprechenden Knoten (6). 16. Computerprogrammprodukt zum Bewirken, dass ein Computer als ein Namensserver (1) wirkt zum Verwalten einer Korrespondenzinformation, die einen einer IP-Adresse entsprechenden Hostnamen durch Verwenden der IP-Adresse als einen Schlüssel registriert, bezüglich zu einem Netzwerk eines vorgeschriebenen Bereiches gehörenden Kommunikationsknoten, wobei das Computerprogrammprodukt umfasst: einen ersten Computerprogrammcode zum Bewirken, dass der Computer eine Nachschlaganforderung in Rückwärtsrichtung empfängt (S1), an welche ein einer spezifischen IP-Adresse entsprechender Hostname zurückgegeben werden sollte, von einem Anforderungs-Quellknoten (); und einen zweiten Computerprogrammcode zum Bewirken, dass der Computer in der Korrespondenzinformation sucht (S2) durch Verwenden der in der Nachschlaganforderung in Rückwärtsrichtung enthaltenen spezifischen IP- Adresse als einen Schlüssel, wenn die Nachschlaganforderung in Rückwärtsrichtung durch den ersten Computerprogrammcode empfangen wird; und gekennzeichnet durch einen dritten Computerprogrammcode zum Bewirken, dass der Computer einen Pseudo-Hostnamen erzeugt (S), wenn ein Hostname, der der spezifischen IP-Adrese entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, nicht als ein Suchergebnis durch den zweiten 18
EP 1 349 349 B1 36 Computerprogrammcode erhalten wird; und einen vierten Computerprogrammcode zum Bewirken, dass der Computer den Hostnamen zurückgibt (S4), der der spezifischen IP-Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, an den Anforderungs-Quellknoten (), wenn der Hostname, der der spezifischen IP-Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, als ein Suchergebnis durch den zweiten Computerprogrammcode erhalten wird, und dass der Computer den durch den dritten Computerprogrammcode erzeugten Pseudo-Hostnamen an den Anforderungs-Quellknoten () zurückgibt (S6), wenn der Hostname, der der spezifischen IP-Adresse entspricht, die in der Nachschlaganforderung in Rückwärtsrichtung enthalten ist, nicht als ein Suchergebnis durch den zweiten Computerprogrammcode erhalten wird. 1 einen ersten Computerprogrammcode zum Bewirken, dass der Computer eine normale Nachschlaganforderung empfängt (S11), an welche eine einem spezifischen Hostnamen entsprechende IP-Adresse zurückgegeben werden sollte, von einem Anforderungs-Quellknoten (); und einen zweiten Computerprogrammcode zum Bewirken, dass der Computer in der Korrespondenzinformation sucht (S12) durch Verwenden des in der normalen Nachschlaganforderung enthaltenen spezifischen Hostnamens als einen Schlüssel, wenn die normale Nachschlaganforderung durch den ersten Computerprogrammcode empfangen wird; und gekennzeichnet durch einen dritten Computerprogrammcode zum Bewirken, dass der Computer eine Pseude-IP- Adresse erzeugt (S1), wenn eine IP-Adresse, die dem spezifischen Hostnamen entspricht, der in der normalen Nachschlaganforderung enthalten ist, nicht als ein Suchergebnis durch den zweiten Computerprogrammcode erhalten wird; und einen vierten Computerprogrammcode zum Bewirken, dass der Computer die IP-Adresse zurückgibt (S14), die dem spezifischen Hostnamen entspricht, der in der normalen Nachschlaganforderung enthalten ist, an den Anforderungs-Quellknoten (), wenn die IP-Adresse, die dem spezifischen Hostnamen entspricht, der in der normalen Nachschlaganforderung enthalten ist, als ein Suchergebnis durch den zweiten Computerprogrammcode erhalten wird, und dass der Computer die durch den dritten Computerprogrammcode erzeugte Pseudo-IP- Adresse an den Anforderungs-Quellknoten () zurückgibt (S16), wenn die IP-Adresse, die dem spezifischen Hostnamen entspricht, der in der normalen Nachschlaganforderung enthalten ist, nicht als ein Suchergebnis durch den zweiten Computerprogrammcode erhalten wird. 18. Trägermedium, dass Computer-lesbare Anweisungen zum Steuern eines Computers zum Durchführen des Verfahrens eines der Ansprüche 12 oder 13 trägt. 17. Computerprogrammprodukt zum Bewirken, dass ein Computer als ein Namensserver (2) wirkt zum Verwalten einer Korrespondenzinformation, die eine einem Hostnamen entsprechende IP-Adresse durch Verwenden des Hostnamens als einen Schlüssel registriert, bezüglich zu einem Netzwerk eines vorgeschriebenen Bereiches gehörenden Kommunikationsknoten, wobei das Computerprogrammprodukt umfasst: Revendications 1. Serveur de nom (1) pour gérer des informations de correspondance qui enregistre un nom d hôte correspondant à une adresse IP en utilisant l adresse IP en tant que clé, par rapport à des noeuds de communication appartenant à un réseau d une étendue prescrite, le serveur de nom (1) comprenant : 4 0 une unité de réception (11) configurée pour recevoir une demande de correspondance inverse pour laquelle un nom d hôte correspondant à une adresse IP spécifique devrait être renvoyé, d un noeud de source de demande () ; et une unité de recherche (13) configurée pour effectuer une recherche dans les informations de correspondance en utilisant l adresse IP spécifique contenue dans la demande de correspondance inverse en tant que clé, lorsque la demande de correspondance inverse est reçue par l unité de réception (11) ; et caractérisé par une unité de génération (1) configurée pour générer un pseudo-nom d hôte, lorsqu un nom d hôte correspondant à l adresse IP spécifique contenue dans la demande de correspondance inverse n est pas obtenu en conséquence d une recherche effectuée par l unité de recherche (13) ; et une unité de transmission (12) configurée pour renvoyer le nom d hôte correspondant à l adresse IP spécifique contenue dans la demande de correspondance inverse au noeud de source de demande (), lorsque le nom d hôte correspondant à l adresse IP spécifique contenue dans la demande de correspondance inverse est obtenu en conséquence d une re- 19
37 EP 1 349 349 B1 38 cherche effectuée par l unité de recherche (13), et pour renvoyer le pseudo-nom d hôte généré par l unité de génération (1) au noeud de source de demande (), lorsque le nom d hôte correspondant à l adresse IP spécifique contenue dans la demande de correspondance inverse n est pas obtenu en conséquence d une recherche effectuée par l unité de recherche (13). 2. Serveur de nom (1) selon la revendication 1, dans lequel l unité de génération (1) génère le pseudonom d hôte dans une correspondance biunivoque avec l adresse IP spécifique, conformément à l adresse IP spécifique. 3. Serveur de nom (1) selon la revendication 1, dans lequel l unité de génération (1) génère le pseudonom d hôte dans une correspondance plusieurs vers un avec une pluralité d adresses IP comprenant l adresse IP spécifique. 4. Serveur de nom (1) selon la revendication 1, dans lequel l unité de génération (1) utilise un nom d hôte fictif fourni à l avance ou un nom d hôte fictif sélectionné parmi une pluralité de noms d hôtes fictifs fournis à l avance, en tant que pseudo-nom d hôte.. Serveur de nom (1) selon la revendication 1, dans lequel l unité de génération (1) ne génère pas le pseudo-nom d hôte, lorsqu une condition prescrite est vraie pour l adresse IP spécifique, et l unité de transmission (12) renvoie des informations indiquant une erreur au noeud de source de demande (), lorsque la condition prescrite est vraie pour l adresse IP spécifique. 6. Serveur de nom (2) pour gérer des informations de correspondance qui enregistre une adresse IP correspondant à un nom d hôte en utilisant le nom d hôte en tant que clé, par rapport à des noeuds de communication appartenant à un réseau d une étendue prescrite, le serveur de nom (2) comprenant : une unité de réception (21) configurée pour recevoir une demande de correspondance normale pour laquelle une adresse IP correspondant à un nom d hôte spécifique devrait être renvoyée, d un noeud de source de demande () ; et une unité de recherche (23) configurée pour effectuer une recherche dans les informations de correspondance en utilisant le nom d hôte spécifique contenu dans la demande de correspondance normale en tant que clé, lorsque la demande de correspondance normale est reçue par l unité de réception (21) ; et caractérisé par 1 4 0 une unité de génération () configurée pour générer une pseudo-adresse IP, lorsqu une adresse IP correspondant au nom d hôte spécifique contenu dans la demande de correspondance normale n est pas obtenue en conséquence d une recherche effectuée par l unité de recherche (23) ; et une unité de transmission (22) configurée pour renvoyer l adresse IP correspondant au nom d hôte spécifique contenu dans la demande de correspondance normale au noeud de source de demande (), lorsque l adresse IP correspondant au nom d hôte spécifique contenu dans la demande de correspondance normale est obtenue en conséquence d une recherche effectuée par l unité de recherche (23), et pour renvoyer la pseudo-adresse IP générée par l unité de génération () au noeud de source de demande (), lorsque l adresse IP correspondant au nom d hôte spécifique contenu dans la demande de correspondance normale n est pas obtenue en conséquence d une recherche effectuée par l unité de recherche (23). 7. Serveur de nom (2) selon la revendication 6, dans lequel l unité de génération () ne génère pas la pseudo-adresse IP, lorsqu une condition prescrite est vraie pour le nom d hôte spécifique, et l unité de transmission (22) renvoie des informations indiquant une erreur au noeud de source de demande (), lorsque la condition prescrite est vraie pour le nom d hôte spécifique. 8. Système de réseau contenant un premier serveur de nom (1) pour gérer des premières informations de correspondance qui enregistre un nom d hôte correspondant à une adresse IP en utilisant l adresse IP en tant que clé, par rapport à des noeuds de communication appartenant à un réseau d une étendue prescrite, et un deuxième serveur de nom (2) pour gérer des deuxièmes informations de correspondance qui enregistre une adresse IP correspondant à un nom d hôte en utilisant le nom d hôte en tant que clé, par rapport aux noeuds de communication appartenant au réseau de l étendue prescrite, dans lequel : le premier serveur de nom (1) comporte : une première unité de réception (11) configurée pour recevoir une demande de correspondance inverse pour laquelle un nom d hôte correspondant à une adresse IP spécifique devrait être renvoyé, d un noeud de source de demande () ; et une première unité de recherche (13) configurée pour effectuer une recherche dans les premières informations de correspondance en utilisant l adresse IP spécifique contenue dans la demande de correspon-