US20080279178A1 - Port reduction for voice over internet protocol router - Google Patents

Abstract

An apparatus and method for increasing available ports on a voice router is provided. A first gateway and a second gateway are assigned a single port number for a data stream, the direction of packet flow is identified to determine a destination gateway. The destination gateway is one of the first and second gateways, depending on the direction of the packet flow. The packets are then forwarded to the destination gateway. The voice router can further consolidate RTCP streams from a plurality of gateways into a single port on the voice router.

Description

RELATED APPLICATIONS
• This application is a continuation of application Ser. No. 10/270,809, filed Oct. 14, 2002, from which priority is claimed under 35 U.S.C. § 120. Application Ser. No. 10/270,809 is in turn related to provisional application Ser. No. 60/338,077, filed Nov. 30, 2001, and provisional application Ser. No. 60/329,015, filed Oct. 12, 2001, from which it claims priority under 35 U.S.C. § 119(e). Application Ser. Nos. 10/270,809, 60/338,077, and 60/329,015 are hereby incorporated by reference.
BACKGROUND
• A. Technical Field
• The present invention relates generally to network address translation, and more particularly, to address translation of voice packets within a Voice over Internet Protocol (VoIP) connection.
• B. Background of the Invention
• The popularity of VoIP as a method for providing telephone service across networks is continually increasing. VoIP systems provide telephone connections by transmitting audio packets between two telephone devices via a packet-switched network (e.g., TCP/IP network). This increase in VoIP popularity is primarily due to two reasons: the relatively inexpensive cost of a VoIP telephone call and recent networking advancements causing an increase in the quality of VoIP communication.
• VoIP lets service providers offer long-distance services to clients at much lower rates than traditional phone companies. VoIP also uses networks more efficiently than the traditional public switched telephone network used by the traditional phone companies. One reason for this increase in efficiency is the ability of VoIP to time-division multiplex voice data (i.e., telephone connections) together on a single line within a network. Thus, the bandwidth utilization increases within a packet switched network allowing more telephone connections to occur simultaneously.
• A few years ago, the quality of a VoIP connection was lacking due primarily to packet delay occurring as voice packets traveled across these networks. This problem was primarily caused by the inefficiency of the Internet over which the VoIP connections occurred. Internet events such as bottlenecks, jitters and discarding packets reduced the quality of a VoIP telephone conversation occurring across the Internet. However, the increase of large private networks, more controlled Internet backbones, and more efficient routing protocols have greatly reduced these problems. Accordingly, the quality of a VoIP telephone conversation today has drastically improved. Some providers have also chosen to avoid the public Internet because of the difficulty in ensuring end-to-end control of service quality. These providers have created managed networks on which VoIP connections may be easily controlled and new VoIP technology may be more easily implemented. As the popularity of VoIP continues to grow, other issues need to be addressed, such as security, network interoperability and compatibility, to ensure the future success of VoIP.
• FIG. 1 illustrates a traditional VoIP connection using thepublic Internet130. Afirst telephone105 is coupled to afirst gateway110 via a firstanalog connection107. Asecond telephone115 is coupled to asecond gateway120 via a secondanalog connection117. A computer or other computing device (not shown) may reside between thetelephones105,115 and thegateways110,120. Accordingly, the analog signal from thetelephone105,115 is converted to a digital format by these computers (not shown). Thefirst gateway110 and thesecond gateway120 are coupled to each other via the Internet130. Additionally, thetelephones105,115 may be digital telephones, such as ISDN phones or VoIP phones, that convert an audible signal to a digital signal prior to transmission to a gateway. Agatekeeper140 may be used to set up the telephone connection.
• The telephone connection is established by thefirst gateway110 receiving a connection request from thefirst telephone105 that includes a destination telephone number. This destination telephone number may be a ten-digit telephone number similar to those used over traditional publicly switched telephone networks. In response, thefirst gateway110 requests a destination network address from thegatekeeper140 corresponding to the destination telephone number. This conversion allows thefirst gateway110 to locate thesecond gateway120 on the Internet130. Typically, this conversion results in a network address, such as an IP address that differentiates thesecond gateway120 from other gateways on the Internet130.
• A set-up procedure is initiated by thefirst gateway110 in which thesecond gateway120 is provided the address of thefirst gateway110. This set-up procedure results in a connection on which data, particularly voice packets and control data, are transmitted between thegateways110,120. This data may travel through multiple networks and multiple routers/switches within these networks in order to reach the correct destination. As described above, oftentimes the quality of this connection is lacking due to the characteristics of the Internet130. Congestion and failures, within these networks, may drastically reduce the rate at which this data travels in an established connection and may increase the number of packets that are lost or discarded prior to reaching a particular destination address.
• The established connection between thefirst gateway110 and thesecond gateway120 presents various security concerns. A large number of these issues are caused by the visibility of thegateways110,120 within the connection. Specifically, the IP addresses of thegateways110,120 are known by each other. This visibility compromises the security of all of the devices attached to a network having a visible gateway. Accordingly, a hacker may access devices on the network, other than the telephone or computer participating in the connection, through thegateways110,120. For example, after gaining access to the network through agateway110,120, a hacker may access an unauthorized networked device through techniques such as IP spoofing or other commonly used hacking methods. Accordingly, network providers prefer to mask their gateway addresses from outside devices in order to further secure the network against hacking and other unauthorized access to their networks.
• FIG. 2 illustrates the use ofprior art proxies235,240 to mask gateway addresses within a VoIP connection. An example of these types of proxies would be a firewall such as the Cisco PIX firewall. Other network devices such as proxy servers and SOCK (TCP/IP Socket) servers may be used to build firewalls or other masking devices. Network security problems (e.g., hacking) are amplified when a publicly accessible or visible gateway is connected as part of a larger private network. The visibility of a gateway may allow individuals to hack into the large private network and cause a large amount of damage by accessing other devices connected to the network. Oftentimes, a device on a network, such as storage and computing devices, is not sufficiently protected from access within the network. Thus, if a hacker gains access to a network through a gateway, then other devices on that network may be extremely vulnerable and easily accessed by the hacker. Accordingly, private network operators prefer that internal gateway addresses be hidden from external network devices, such as external gateways. Proxies are used to accomplish this goal.
• Thefirst telephone105 is connected to a first network gateway212(a) via firstanalog connection107. This first network gateway212(a) resides in a largeprivate network210 that contains multiple gateways212(a)-(d). Thesecond telephone115 is connected to a second network gateway222(a) via secondanalog connection117. This second network gateway222(a) resides in a second largeprivate network220 that also contains multiple gateways222(a)-(d). The first gateway212(a) is coupled to afirst proxy235 and the second gateway222(a) is coupled to asecond proxy240.
• The first andsecond proxies235,240 hide the addresses of the first and second gateways212(a),222(a) from each other. Specifically, thefirst proxy235 is aware of the network addresses of the first gateway212(a) and thesecond proxy240, but not the second gateway222(a). Thesecond proxy240 is aware of the network addresses of the second gateway222(a) and thefirst proxy235, but not the first gateway212(a). Thus, communication between devices on thefirst network210 and thesecond network220 occur through theproxies235,240 while maintaining a level of privacy from each other.
• The first andsecond proxies235,240 require that packets traveling through the VoIP connection may be modified multiple times. Specifically, in order for the first andsecond proxies235,240 to extract and analyze information from a packet header (e.g., port number). Once this information is extracted, a new header is usually put on the packet and it is compressed. Thereafter, the packet is transmitted from a proxy. Because voice packets travel throughmultiple proxies235,240, the number of packet manipulation operations increases. Thus, there is a need to reduce the number of proxy devices within a VoIP connection. This need is further highlighted by the high cost of networking devices such as proxy devices.
• Communication between thefirst proxy235 and thesecond proxy240 may occur using an IP suite protocol implementing either TCP or UDP depending on the type of data within packets. UDP is generally used for VoIP telephone connections due to the time sensitivity of the VoIP connection. Accordingly, sockets are established between the first andsecond proxies235,240. A socket is a combination of an IP address and a port that creates a device-to-device path on which packets may be transmitted and received. Thus, a proxy or other networking device may have numerous ports that provide communication paths on which packets may travel.
• Oftentimes, a simple packet translation method will not properly switch a voice packet along a VoIP connection. For example, this switching process may be complicated if the networks on which the first and second gateways212(a),222(a) are not directly compatible. Generally, voice traffic is transmitted according to the H.323 standard, an ITU real-time standard for transmission of voice over networks. However, there are variations in the implementation of the H.323 standard by network providers that may cause incompatibilities between networks. These variations often require packet modification operations to occur within a proxy to provide smooth voice traffic between the incompatible networks.
• In order to perform packet translation and switching operations in connections between to directly incompatible networks, a proxy must be able to identify the type of network from which the packet was sent and to which the packet is destined. Also, the proxy must be able to identify the packet type (e.g., RTP) in order to perform packet translation and switching operations. Once this information is identified, the proxy may modify the packet so that it is able to effectively travel through a network to a destination gateway.
• As previously described above, it is important to try and reduce the number of switches, routers and other networking devices within a VoIP connection for two primary reasons. First, networking devices are expensive and the initial cost as well as the management cost may be significant. Second, each networking device increases the possibility of errors such as packets being discarded or failure as well as causes an additional delay within a VoIP connection. As a result, researchers have been developing technology that reduces the number of networking devices within a network.
• Accordingly it is desirable to provide network address translation within a network device that masks both ends of a VoIP connection from each other. Additionally, it is desirable to provide network address translation within a network device that facilitates VoIP connections between different types of networks and that processes different types of packets within a VoIP connection. Furthermore, it is desirable to provide network address translation within a network device that increases the number of VoIP connections that may be served by the network device.
SUMMARY OF THE INVENTION
• The present invention overcomes the deficiencies and limitations of the prior art by providing an apparatus and method that provides a VoIP connection and reduces the number of ports in the connection by performing a novel network address translation on packets traveling along this connection. In particular, the network address translation includes a process that identifies the network type for each independent gateway within the connection and a process that identifies the direction of a packet arriving on a port serving both gateways within the connection.
• The present invention may operate in a voice router comprising a voice switch and a voice connector. The voice connector establishes a VoIP connection between a first independent network gateway and a second independent network gateway. These gateways interface large public networks to local area networks (both public and private) containing telephonic devices such as VoIP telephones or computers on which users may communicate. The voice connector defines sockets that create this VoIP connection by assigning a port number(s) to devices within the connection. In one such instance, the voice connector assigns at least one port number to the voice switch on which communication between the two gateways will traverse.
• The voice connector comprises a network address translation process that internally accesses a port initialization mechanism and a network type identification module. In particular, the voice connector receives a call set-up request from a source gateway and translates, from that request, a destination network address to a terminating gateway. In this translation process, the types of networks on which both gateways reside are identified so that an accurate translation occurs. Also, port numbers are assigned to create the connection on which packets will travel. According to one embodiment, the actual assigned port number relates to the network type of each of the gateways. Once this connection is established, the voice switch is able to switch or route packets between the two gateways as a conversation takes place. According to one embodiment, this switching of voice packets occurs in accordance with the International Telecommunication Union (ITU) H.323 standard.
• The voice switch effectively masks the two independent gateways from each other by performing a translation process on packets arriving from each gateway. Specifically, the voice switch removes header information from an incoming packet and inserts new information into the outgoing packet header such as a new destination address and port number. Thereafter, the packet is transmitted from the voice switch to the correct gateway.
• The voice switch comprises a network type identification module, a packet direction identification module, and a packet translation module. The voice switch is able to enhance the connection quality and reduce the number of ports by identifying the types of gateways and direction of packets from data within the packet itself. According to one embodiment, the voice switch receives data from both gateways on a single port. Using information within the header of a packet, the voice switch is able to identify the direction that the packet is traveling and the types of gateways within the connection on which the packet is traveling. These processes allow the voice switch to properly translate the packet header and forward the packet onto the correct destination. According to another embodiment, the voice switch identifies the network types of the gateways by analyzing the port on which a packet arrives. As discussed above, during a call set-up, the actual port number assigned to a connection depends on the network types of both gateways. Thus, the voice switch can identify these network types by analyzing the actual port on which a packet arrives.
• The present invention also provides a method for increasing available ports on a voice router. According to one embodiment of the method, a first gateway and a second gateway are assigned a single port number for a data stream, the direction of packet flow is identified to determine a destination gateway. The destination gateway is one of the first and second gateways, depending on the direction of the packet flow. The packets are then forwarded to the destination gateway. Additionally, in another embodiment of the present invention, the voice router can consolidate RTCP streams from a plurality of gateways into a single port on the voice router.
• The features and advantages described in this summary and the following detailed description are not all-inclusive, and particularly, many additional features and advantages will be apparent to one of ordinary skill in the art in view of the drawings, specification, and claims hereof.
BRIEF DESCRIPTION OF THE DRAWINGS
• FIG. 1 is an illustration of a prior art VoIP connection using the Internet.
• FIG. 2 is an illustration of a prior art VoIP connection using multiple proxies.
• FIG. 3 is an illustration of communication ports between multiple proxies within a VoIP connection.
• FIG. 4A is an illustration of a VoIP connection using a voice router and the corresponding IP ports on the voice router according to the present invention.
• FIG. 4B is an illustration of an exemplary port allocation range used within a voice router during a VoIP connection.
• FIG. 4C is an illustration of a port grouping (tuple) used for port allocation.
• FIG. 5A is an illustration of a VoIP connection using a single voice router with a reduced number of IP ports.
• FIG. 5B is a block diagram of modules operating within a voice switch according to one embodiment of the present invention.
• FIG. 5C is a block diagram of modules operating within a voice connector used to set up a VoIP connection according to one embodiment of the present invention.
• FIG. 5D is an illustration of a VoIP connection using a single voice router between two networks.
• FIG. 6A is an illustration of network type identifiers within a port number field.
• FIG. 6B is an exemplary table of bits corresponding to network types.
• FIG. 7A is an illustration of an exemplary network pair table that may be used to identify network types of gateways in a VoIP connection.
• FIG. 7B is an illustration of an exemplary network type table for associating an IP address with a network type.
• FIG. 8A is a block diagram of a voice connector containing the network pair table.
• FIG. 8B is a block diagram of a voice switch containing the network pair table.
• FIG. 9 is a block diagram of a packet direction identification module according to an embodiment of the present invention.
• FIG. 10 is a flowchart of a network address translation operation according to an embodiment of the present invention.
• The figures depict a preferred embodiment of the present invention for purposes of illustration only. One skilled in the art will recognize from the following discussion that alternative embodiments of the structures and methods illustrated herein may be employed without departing from the principles of the invention described herein.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
• The present invention describes a network router/bridging device that interfaces networks within a VoIP connection and masks the location of each network from the other. This device is able to interface networks implementing different H.323 interpretations (or SIP protocol) and reduces the number of ports required for this connection. Specifically, the device provides a novel network address translation module and network-type identification module that facilitates a VoIP connection between these networks. The novel network address translation module increases the number of VoIP connections the networking device may route or switch by reducing the number of ports required for each individual connection. According to one embodiment of the invention, only one port on the networking device is required for each VoIP connection. This reduction in the number of required ports is provided by an address translation that is able to set-up a VoIP connection on a single port that determines the direction of a packet received at a single bi-directional port and able to identify the type of network to which the packet is destined.
• A. VoIP Connection Using a Single Voice Router
• FIG. 3 illustrates a first embodiment ofproxies335,340 that connect twogateways312,322 within a VoIP connection. Afirst gateway312 is coupled to afirst proxy335. Asecond gateway322 is coupled to asecond proxy340. Thefirst proxy335 is coupled to thesecond proxy340. Theproxies335,340 effectively mask the two IP addresses of thegateways312,322 from each other during both the set-up of the VoIP connection and after the VoIP connection has been established.
• A first port configuration according to the present invention between the twoproxies335,340 is shown. Audio communication between the twoproxies335,340 occurs over 4 ports. A first port,port N310, receives Real-time Transport Protocol (RTP) packets at thefirst proxy335 from thesecond proxy340. A second port,port M315, receives RTP packets at thesecond proxy340 from thefirst proxy335.Ports N310 andM315 may also be assigned the same port number or different port numbers depending on the implementation of the connection. A third port,port R330, receives Real-time Transport Control Protocol (RTCP) packets at thefirst proxy235 from thesecond proxy240. A fourth port,port S325, receives RTCP packets at thesecond proxy240 from thefirst proxy235.Port R330 andport S325 may be assigned the same port number or different port numbers depending on the implementation of the connection. Each of these ports (i.e., N, M, R, and S) along with an IP address of a corresponding proxy (i.e.,235 or240) creates a socket on which packets flow. Thus, theproxies235,240 may identify the source of a packet by listening on the specific port number corresponding to the transmitting source. Theproxies235,240 have a limited number of ports and addresses that they may use. Accordingly, as the number of ports that are used for each connection increases, the number of total connections that a proxy can serve decreases.
• After one of theproxies335,340 receives a packet, it will forward the packet onto acorresponding gateway312,322 via an additional port. For example, a RTP voice packet received by thefirst proxy335 onport N310 is forwarded on to thefirst gateway312 onport A350. Comparatively, an RTP voice packet received by thesecond proxy340 onport M315 is forwarded on to thesecond gateway322 onport B360. A similar method is used for RTCP packets where packets transmitted ontoport R330 for thefirst proxy335 and on port S325 for the second proxy are forwarded onto a corresponding gateway via particular ports (not shown). The usage of ports by proxies and gateways can vary depending on the design of the private networks and network interconnectivity.
• FIG. 4A illustrates a VoIP connection that implements asingle voice router400 to mask the addresses of the first network gateway212(a) and the second network gateway222(a), and facilitate the connection between the two gateways212(a),222(a). The term “voice router” is not limited to a traditional definition of a router; rather, a bridge, router, switch or other network interfacing device may be included in the scope of voice router according to the present invention. As mentioned above, these gateways212(a),222(a) may reside in either a public or private network. Thisparticular voice router400 uses four ports to transmit and receive voice packets between the two gateways212(a),222(a). RTP packets arriving from the first network gateway212(a) are received onport N405 of thevoice router400. Thevoice router400 then forwards these packets onto the corresponding port (port M410) at the second network gateway222(a). RTP packets flowing in the opposite direction are received from the second network gateway222(a) on port M410 of the voice router. Thevoice router400 forwards these packets onto the corresponding port at the first network gateway212(a).
• Thevoice router400 also manages RTCP packet streams between the first and second network gateways212(a),222(a) in a similar manner. Specifically, RTCP packets from the first network gateway212(a) arrive onport R425 at thevoice router400. These packets are forwarded onto the corresponding port (port S420) at the second network gateway222(a). RTCP packets from the second network gateway222(a) are received on port S420 at thevoice router400. These packets are then forwarded onto the corresponding port (port R425) at the first network gateway.
• This embodiment of the present invention does not require the module responsible for the H.323 protocol (or SIP protocol), in particular the H.245 logical channel negotiation, to inform thevoice router400 of the IP addresses and ports used for both the gateways212(a),222(a). As a result, the information exchange between the H.323 protocol handling module andvoice router400 is reduced.
• This four-port configuration allows thevoice router400 to identify the direction of the packet streams between the first network gateway212(a) and the second network gateway222(a) by the port on which a packet arrives. Packet direction is discovered by identifying the source of the packet and using the source identification to determine a destination corresponding to the source. Specifically, thevoice router400 is aware of the connections that it serves and may determine a destination of a packet by identifying the port on which the packet arrived. Additionally, the four-port configuration provides for communication between the two network gateways212(a),222(a) in two different protocols, namely RTP and RTCP. However, as described above, this high port count also limits the number of VoIP connections that thevoice router400 can support.
• FIG. 4B illustrates an example of a port configuration according to the present invention. A range ofIP ports450 is shown that may be assigned for different types of packet transmission. For example, ports may be assigned to a VoIP connection and divided into ports that service RTP packets and others that service RTCP packets. Afirst tuple455 may be assignedport values 10000 to 10003, a second tuple1460 may beport values10004 to10007, and athird tuple465 maybe assignedport values 10008 to 10011. These ports within thetuples455,460,465 may be assigned to serve different types of data streams within the VoIP connection. Referring also toFIG. 4C, for example, atuple470 assigned to a VoIP connection may have a first port (e.g., port N) assigned for anRTP stream475 to or from a first gateway212(a) and a second port (e.g., port R) assigned for an RTCP stream to/from the first gateway212(a). A third port (e.g., port M) may be assigned for anRTP stream485 to/from a second gateway222(a) and a fourth port (e.g., port S) may be assigned for anRTCP stream490 to/from the second gateway222(a). As a result, theport tuple470 may serve both RTP and RTCP within a VoIP connection.
• According to one embodiment, the ports may be assigned according to the types of networks involved in the VoIP connection. For example, if thevoice router400 is positioned between a private network and the public Internet, then the port assignment may occur in the following manner. The first port is pre-assigned for the RTP stream originating from a gateway on the public Internet. The second port is pre-assigned for the RTCP stream originating from the gateway on the public Internet. The third port is pre-assigned for the RTP stream originating from a gateway in the private network. The fourth port is pre-assigned for the RTCP stream originating from the gateway in the private network.
• Referring to the above described port configuration, when thevoice router400 receives a first UDP packet of the RTP stream from the private network, it reads the source IP address and port number within the UDP packet. This address is the transmitting gateway's IP address and the port number is the port on which the packet arrived. In this example, the packet originated at a private network, and therefore, the port number would be the third port number within the tuple, as described above. This private gateway address is stored with thevoice router400 and will be used to transmit packets from the public Internet to the correct destination private network within the particular VoIP connection. A similar method may be used when an RTP packet arrives from the public Internet destined to a particular private network. As a result of this process, thevoice router400 is able to help create and maintain a VoIP connection.
• a) Port Reduction on the Single Voice Router
• FIG. 5A is an illustration of avoice router500 having avoice switch585 and avoice connector570. According to another embodiment (not shown) of the present invention, thevoice switch585 andvoice connector570 may be physically separate. Thevoice switch585 requires only two ports for each VoIP connection after thevoice connector570 establishes the connection. Thisvoice switch585 switches RTP voice packets between the first gateway212(a) and the second gateway222(a) on asingle port N505. However, those skilled in the art will recognize while only a single port is used, two sockets can be created. (The first socket is the IP address and port number of the first gateway212(a) and the second socket is the same port N and the IP address of the second gateway222(a)). In order for thevoice switch585 to accurately forward packets on to the correct destination (i.e., the first network gateway212(a) or the second network gateway222(a)) in the VoIP connection, the direction or source address of each packet must be identified. This identification requirement is complicated by the fact that thevoice switch585 is receiving data from both the first and second network gateways212(a),222(a) on thesame port N505. A solution to this identification requirement is later described in detail.
• Thevoice connector570 is used to set-up a VoIP connection. Thevoice connector570 may be integrated within thevoice switch585, as shown inFIG. 5A, or physically separate from thevoice switch585. Thevoice connector570 is connected to the first network gateway212(a). Thevoice connector570 is also connected to the second gateway network222(a). A VoIP call set-up is initiated by either the first or second network gateways212(a),222(a) requesting a connection to the other network gateway. Typically, this request occurs on a particular port on thevoice connector570. For example, the first network gateway212(a) may request a connection onport F565. The second network gateway222(a) may request a connection onport G575.Port F565 andport G575 may have the same port number or have different numbers depending on the design and type of the first and second networks212(a),222(a). Thevoice connector570 listens onport F565 for call set-up requests from the first network gateway212(a) and listens on port G557 for call set-up requests from the second network gateway222(a).
• A call set-up request contains information regarding the desired VoIP connection including destination information such as an address. An address, such as a ten-digit telephone number, within this request is translated by thevoice connector570 into a destination IP address. This translation may occur by accessing a gatekeeper that is either public or operating within a private network and is masked from the requesting gateway. Once this address translation occurs, thevoice connector570 creates a virtual connection between the two network gateways212(a),222(a) by assigning a port or ports on which this VoIP communication will occur. Once these ports are assigned, this information is transmitted to thevoice switch585 and to the network gateways212(a),222(a). Sockets, an IP address and port number, are established between the different networking devices and thevoice switch585. Voice packets are then transmitted between the first and second gateways212(a),222(a) on these sockets.
• The VoIP connection may also comprise networking devices that may adjust the connection configuration and port number assignments within the connection. For example, firewalls or other network servers having corresponding addresses and port numbers may be included to enhance security or add other functionality within the connection. Accordingly, the number of sockets may increase within the connection to facilitate the inclusion of these devices.
• Thevoice switch585 is able to identify these packets by extracting source information contained within the packet header. Specifically, thevoice switch585 extracts and analyzes the IP source address within the packet header in order to correctly switch the packet to the correct network gateway. This analysis may be done using a number of different methods. For example, the extracted IP source address may be compared to an IP address of either the first network gateway212(a) or the second network gateway222(a). If the extracted IP source address matches the compared network gateway address (address for gateway212(a)), then the packet is forwarded accordingly (e.g., to gateway222(a) with a new header having a source IP address of thevoice router500 and a destination IP address of gateway222(a)). However, if the two addresses do not match, then packet is forwarded to the other network gateway (e.g., to gateway212(a)) by default because only two possible destination gateways exist within the VoIP connection. Specifically, a buffer may be maintained within thevoice switch585 that maintains these two addresses to which a source address in a packet header is compared. Thus, thevoice switch585 is able to reduce the number of ports required to maintain a RTP VoIP connection and still maintain correct packet flow within this connection with the implementation of this novel address translation. This packet direction identification is discussed in greater detail below with reference toFIG. 9.
• Thevoice switch585 also reduces the number of RTCP ports on the VoIP connection. Specifically, all RTCP connections are aggregated onto asingle port M510. The RTCP protocol is a companion protocol to RTP and is used to provide control and quality of service data to various devices within a connection. There are typically less RTCP packets transmitted by a gateway than RTP packets. The functionality provided by RTCP data may be compensated, at least to a particular level, internally within thevoice switch585. Because so few RTCP packets are transmitted from a gateway and the lost functionality of discarded RTCP packets may be minimized by thevoice switch585, discarded RTCP packets typically do not have a significant effect on the quality of a VoIP connection using thevoice switch585.
• Thevoice switch585 discards RTCP packets after they are received onport M510 in order to further reduce the port count of a VoIP connection. Because all RTCP connections are aggregated on asingle port M510, the number of available ports on thevoice switch585 drastically increases. It is important to note that thevoice switch585 needs to have at least oneRTCP port510 on which RTCP packets arrive. For example, if thevoice switch585 did not have theRTCP port510, then bounce-backs or acknowledgements would be transmitted from thevoice switch585 to a gateway transmitting RTCP packets. This bounce-back or acknowledgement would signal the transmitting gateway that there are no available RTCP ports on thevoice switch585. This acknowledgement presents a security risk to thevoice switch585 and attached network because hackers would be able to listen to particular ports on thevoice switch585. Thus, the single aggregating RTCP stops this acknowledgement and increases security on thevoice switch585.
• FIG. 5B illustrates hardware or software modules operating within thevoice switch585. These modules provide packet-forwarding functionalities to thevoice switch585 that reduce the number of ports required for a VoIP connection. According to this embodiment of the present invention, a packet is received onport N505. The packet is transmitted through thevoice switch585 to apacket translation module580. The packet translation module communicates with a networktype identification module550 and a packetdirection identification module560. The packetdirection identification module560 identifies the direction of a packet traveling on thebi-directional port N505. One method for performing this direction identification is extracting the source address or destination port from a packet and comparing to the known source addresses or destination ports on the VoIP connection. These methods will be discussed in greater detail below.
• The networktype identification module550 identifies a network type corresponding to a packet's destination gateway and source gateway. This identification also allows thevoice switch585 to ensure that the transmitted packet is compatible with the destination gateway (e.g., a packet is transmitted on the correct port number and to the correct destination port). There are multiple methods by which these gateways may be identified. First, this information may be embedded within header fields, such as port numbers, within the packet. Second, ports may be assigned according to the types of gateways in the VoIP connection. Both of these methods are described in greater detail below.
• Thepacket translation module580 receives information regarding the source and destination network types and the packet direction in order to correctly identify an appropriate packet translation operation(s). Thepacket translation module580 ensures that the packet is transmitted on the correct port number so that it is compatible with the destination gateway. Specifically, thepacket translation module580 inserts the correct IP address of the destination gateway and the correct port number on the destination gateway within the packet header. The prior packet header may have been already discarded or be discarded by thepacket translation module580 prior to or after a new header is placed on the packet. These packet translation operations will be described in greater detail below.
• FIG. 5C is a block diagram of avoice connector570 used to establish a VoIP connection. As previously described, thevoice connector570 establishes a connection after receiving a call set-up request from a gateway. Thevoice connector570 receives these requests on particular ports (e.g., ports F and G). In response to this request, thevoice connector570 creates a virtual path between the two gateways corresponding to the IP addresses of the twogateways221,222 and an assigned port(s) given to devices within this connection. Thevoice connector570 assigns this port or ports corresponding to the connection and notifies networking devices within this connection of this port(s). As a result, packets may be forwarded by these devices on correct VoIP connections that are identified by a corresponding port(s).
• A networkaddress translation module598 is implemented within thevoice connector570 to provide translation of a call set-up request in order to properly establish a VoIP connection. This translation may require accessing an external gatekeeper or may be done internally within thevoice connector570. As described above, the networkaddress translation module598 receives a request from agateway212 or222 to make a connection. This request typically identifies the other side of the connection by a ten-digit telephone number or other identifying number. The networkaddress translation module598 uses a database to translate this ten-digit telephone number to an IP address. This translation may be done internally within the networkaddress translation module598 or may be done externally by addressing a public or private gatekeeper to translate the telephone number to an IP address. As a result of this process, thevoice connector570 will have identified the IP addresses of both the requesting gateway (i.e., from the call set-up request) and the destination gateway (i.e., from the above-described translation).
• Aport initialization module595 within thevoice connector570 is used to assign ports to particular VoIP connections. Theport initialization module595 communicates with the networkaddress translation module598. In response to a VoIP connection request, theport initialization module595 assigns a port or ports on which packets will travel between the two gateways. This port information is then transmitted to both gateways, for example, usingport G565 andport F575, and thevoice switch585 vialine588. Accordingly, thevoice switch585 will be able to identify a packet by listening on a particular port(s). For example, the first and second gateways212(a),222(a) are told to transmit voice packets onport N505 to thevoice switch585. This port information is also transmitted to thevoice switch585 alongline588. As a result, thevoice switch585 is able to identify packets within this particular connection by listening onport N505.
• Theport initialization module595 may assign these ports in relation to the types of networks on which thegateways212,222 reside. Theport initialization module595 may access a network pair table590 in order to assign ports from port ranges corresponding to the gateway type connections. For example, if the first gateway212(a) is in a first type of network (e.g., Cisco, Clarent, etc.) then theport initialization module595 may select a port from a range of ports (e.g., 3000-4000) corresponding to that first type of network. Thereafter, when voice packets are actually transmitted on these ports within the connection, thevoice switch585 can identify the type of gateway/network that transmitted the packet.
• In another embodiment, theport initialization module595 may assign these ports in relation to the physical locations of the gateways. For example, the network pair table590 may contain ranges of port values corresponding to physical locations of gateways. Thus, if the first gateway212(a) is physically located in China, then theport initialization module595 may select a port from a range of ports (e.g., 5000-6000) corresponding to that physical location. Thereafter, when voice packets are actually transmitted on the ports within the connection, thevoice switch585 can identify the physical location of the gateway/network that transmitted the packet.
• As described above, VoIP connections between multiple networks typically follow the H.323 standard. However, various interpretation of this standard by network service providers may present compatibility issues between two separate networks. For example, a Clarent H.323-based network may have difficulty directly mapping to a Cisco H.323-based network due to slight protocol variations between the two networks. For example, port assignment protocols between a Cisco H.323-based network and thevoice switch585 may differ from those between a Clarent H.323-based network and thevoice switch585. In such an occurrence, thevoice switch585 may perform an additional step within the packet translation operation (e.g., compensate for differing port assignment protocols) between the two networks in order to ensure proper communication. In order to correctly perform this translation, thevoice switch585 should identify both the network type from which the packet was sent and the network type to which the packet is destined.FIG. 5D illustrates an example of this network incompatibility and corresponding packet translation required for proper communication.
• The first network gateway212(a) resides on thefirst network210 with corresponding first network type. This first type of network requires that H.323 compatible packets be transmitted from the first gateway212(a) to thevoice switch585 onport N505 and for H.323 compatible packets to be transmitted from thevoice switch585 to the first gateway212(a) on port N+2520. In comparison, the second network gateway222(a) resides on thesecond network220 with corresponding second network type. This second type of network requires that H.323 compatible packets be transmitted from the second gateway222(a) to thevoice switch585 onport N505 and for H.323 compatible packets to be transmitted from thevoice switch585 to the second gateway222(a) on port N+1535. Thus, although both the first and second networks follow the H.323 standard, differing interpretations of this standard have led to different port assignment procedures between the two networks. In order to compensate for this difference, thevoice switch585 of the present invention is able to identify these slight variations between networks when both assigning port numbers during the call set-up procedure and packet switching as the telephone call is occurring.
• Thevoice switch585 is able to compensate for these variations between networks and properly translate packets between the two networks within the connection (e.g., transmit a packet on the appropriate port number to a network). First, thevoice switch585 identifies the direction of a packet within a connection (i.e., identifies a destination address for the packet). Second, thevoice switch585 identifies the type of network to which a packet is destined. This information allows thevoice switch585 to ensure that a packet transmitted from thevoice switch585 is compatible with the network to which the packet is destined. Moreover, the present invention also reduces the number of ports used from 4 to 3 as compared with the prior art.
• b) Network Type Identification
• As described above, thevoice router500 needs to be aware of the types of networks in this VoIP connection in order to ensure that proper packet translation occurs. Once the types of the two networks are identified, an appropriate packet translation may be retrieved and performed accordingly.
• (i) Network Type Internal Table
• A first method that may be used to identify network types is embedding a network type identifier within a port number found in the packet header.FIG. 6A shows one method for embedding a network type identifier. A sixteen-bitport number field600 contained within a header is shown. Thisfield600 is segmented into three sub-fields: afirst bit mask610, andsecond bit mask620, and aport value field630. The first and second bit masks610,620 are two-bit values. Theport value field630 is a twelve-bit field having a range of about 4000 values.
• During the set-up of the VoIP connection, addressing information is gathered and the IP addresses and types of the first and second networks are determined. Thereafter, the two IP addresses are compared to identify the smaller IP address and the larger IP address. The comparison provides an order in which the network type identifiers corresponding to the two networks will be inserted within theport number600. A first bit mask is inserted in the first two-bit field610. The second bit mask is inserted in the second two-field620. Thus, when thevoice switch585 extracts these two bit masks; it will be able to associate each identifier to a particular network through the position (e.g.,field610 or620) from which the identifier was taken. For example, thefirst bit mask610 contains network type information for the smaller IP addressed network and thesecond bit mask620 contains network type information for the larger IP addressed network. Thereafter, a port value is assigned and inserted within theport value field630. Theport number600 for the packet is the combination of these three fields. Theport number600 is inserted within the packet header and the packet is transmitted to thevoice switch585. This process results in reducing the number of available ports pervoice switch585 on which packets may be transmitted, however, the resulting reduction in the number of ports per connection on thevoice switch585 more than compensates for this reduction.
• Thevoice switch585 extracts thisport number600 from the packet header after receiving the packet on a corresponding port. From thisport number600, the network type information within the first and secondnetwork type identifiers610,620 is removed and analyzed. From this information, thevoice switch585 is able to identify the network types of both networks within the VoIP connection. According to the example discussed above, thevoice switch585 extracts the network type information from the firstnetwork type identifier610 and assigns this network type to the network with the smaller IP address. The information within the secondnetwork type identifier620 is extracted and assigned to the network with the larger IP address. Thereafter, a corresponding packet translation operation is performed on the packet prior to transmission to the destination network gateway. For example, a destination IP address may be inserted into the header, the port number may be incremented by 2, and the packet is transmitted from thevoice switch585 to a destination gateway. As a result of this process, variations within H.323 networks are compensated for by thesingle voice switch585 between the two networks.
• Thevoice switch585 requires some method of interpreting the information within thenetwork type identifiers610,620 in order to properly translate addresses on the packets. According to one embodiment of the invention, a network type identifier table may be used. An example of a network type identifier table of network type identifiers is also shown inFIG. 6B. This example describes a two-bit network type identifier that is limited to four network types that may be identified. This range may be increased by increasing the number of bits within one or both of thenetwork type identifiers610,620. However, as the number of bits within thenetwork type identifiers610,620 increases, the range of available port numbers is reduced. The unavailable port numbers reserved for non-identified network types within this sixteen-bit port number cause this reduction.
• (ii) Pre-defined Port Range Representing a Network Type
• A second method for identifying the network types within a VoIP connection provides that port numbers are assigned according to the two types of networks within the connection. This method begins at the call set-up stage during which the port numbers, on which packets will travel in a VoIP connection, are assigned. As with the first method, after both IP addresses of the two gateways are identified, they are compared and smaller and larger IP addresses are determined. A network pair table700A is maintained within thevoice connector570 that relates port ranges to VoIP connections between network types. An example of such a network pair table700A is illustrated inFIG. 7A. This table700A provides a range of available port numbers according to a network type of the gateway having the smaller IP address and a network type of the gateway having the larger IP address. In one embodiment, the table includes four columns. Afirst column710 identifies the network type of the smaller IP addressed gateway. Asecond column720 identifies the network type of the larger IP addressed gateway. Athird column730 identifies a starting value of a port range corresponding to the gateway types identified in thefirst column710 and thesecond column720. Afourth column740 identifies either an ending value for this port range or a length for the port range. For example, a VoIP connection involving two gateways having the same network type could be assigned a port number within the range of 1000 to 2000. Comparatively, a VoIP connection involving a first gateway having a first network type and a second gateway having a second network type could be assigned a port number within a range of 3000 to 4000.
• During the set-up of the VoIP connection, the types of the networks are identified and a port number is assigned by thevoice connector570 according to these ranges defined within the network pair table700A. This assigned port number is transmitted to thevoice switch585 and both gateways so that traffic between the two gateways may be forwarded correctly.
• The network pair table700A is also transmitted to thevoice switch585 if thevoice switch585 does not have the table700A or thevoice switch585 has an old version of the table700A. It is important for thevoice switch585 to have a current version of the table so that the both gateway types may be properly identified from the port on which a packet arrives. As a result of this network pair table700A, thevoice switch585 is able to identify the network types of both the larger and smaller IP addressed gateways by identifying the port range corresponding to the port used for packet transmission. For example, a VoIP connection is set-up between the first network gateway212(a) and the second network gateway222(a). Both gateways212(a),222(a) transmit packets on the same port, port N, to thevoice switch585. Thevoice switch585 is able to identify the type of both gateways212(a),222(a) by comparing the port on which a packet arrives to the network pair table700A shown inFIG. 7A. Thevoice switch585 identifies a port range within the table700A corresponding to the port number and identifies the gateway type of both gateways. Specifically, the network type of the gateway with the smaller IP address is extracted fromcolumn710 and the network type for the gateway with the larger IP address is extracted fromcolumn720.
• It is important to note that the network pair table700A may be continually updated by thevoice connector570 simply through re-transmission to thevoice switch585. Also, the size of the network pair table700A may be adjusted according to the number of different types of networks that use thevoice switch585 for VoIP connections. Also, the port ranges may be adjusted relative to the frequency of VoIP connections occurring between certain types of networks. For example, if VoIP connections between two types of networks occur very frequently, the port range corresponding to this connection may be increased to more efficiently accommodate these connections.
• FIG. 7B is an illustration of an exemplary network type table for associating an IP address with a network type. The network type table700B maintains state information about the network types with which the voice router is communicating. In the illustrated embodiment, a data record includessource IP address760 andnetwork type762. Thesource IP address760 identifies the gateway on a particular network and thenetwork type762 identifies the type of network on which the gateway operates. For example,record764 indicates that gateway (3) is network type (4). The network types can be predefined or dynamically assigned during operation. For example, thevoice router500 may usenetwork type4 to correspond to a Cisco-type network. One skilled in the art will recognize that the network pair table700A or the network type table700B may be used to identify a network type so that thevoice router500 can perform packet translation or provide other services. Therefore,reference numeral700 as used herein refers to the network pair table700A or the network type table700B.
• FIG. 8A shows a block diagram of an embodiment of thevoice connector570 in which the network pair table700 is used. Gateways, such as the first and second gateway212(a),222(a), may transmit call set-up requests onports F565 orG575. According to this embodiment, the networktype identification module590 includes the network pair table700. The networktype identification module590 accesses this table700 in order to identify the types of the gateways within a desired connection. This information is then transmitted to theport initialization module595 whereupon ports for the connection are assigned and transmitted to the gateways and/orvoice switch585.
• FIG. 8B shows a block diagram of an embodiment of thevoice switch585 in which the network pair table700 is used. After the call set-up procedure is finished and a port is defined for a connection, voice packets between the first and second gateways212(a),222(a) may be transmitted. However, as described above, in order for proper translation to occur within thevoice switch585, the destination gateway type should be identified. This identification allows thevoice switch585 to properly transmit the packet onto a correct port to a destination gateway. According to an embodiment of the present invention, the networktype identification module550 may implement the network pair table700 to perform this gateway type identification. Specifically, the networktype identification module550 identifies the port on which a packet arrives. From this port number, a port range is identified within the table700 and gateway types for both gateways are identified as previously described. However, in order to complete the translation and transmit the packet on to the correct destination, the direction of the packet needs to be identified because both gateways are transmitting on the same port.
• c) Packet Direction Identification
• In addition to identifying the network types of both the first and second gateway212(a),222(a), thevoice switch585 identifies the direction a packet is traveling. This direction information allows thevoice switch585 to properly switch a packet to a correct destination address because both the first and second gateways212(a),222(a) are transmitting packets to thevoice switch585 on the same port (e.g., port N).
• FIG. 9 illustrates an embodiment of a packetdirection identification module560 according to the present invention. A source IP address is removed from an incoming packet and transferred to anaddress comparator910 vialine905. Theaddress comparator910 may be implemented in hardware, software, or firmware. Theaddress comparator910 is coupled to a buffer that stores the IP address of both gateways (e.g.,212(a),222(a)) within a connection. One method for storing these IP addresses is to extract the source address from the first packet from each gateway. These two IP addresses are then stored within thebuffer920.
• Thebuffer920 comprises afirst storage element925 and asecond storage element927. Thebuffer920 can implement a toggle for storing and for comparing the IP addresses. After receiving the source IP address from a packet that arrived on a particular port, theaddress comparator910 compares this source address to the address within thefirst storage element925. If this source IP address matches the IP address within thefirst storage element925, thebuffer920 transmits the address in thesecond storage element927 to theaddress comparator910 vialine935. This address from thesecond storage element927 is the destination address for the gateway in the connection to which the packet should be forwarded. This address is inserted into the header of the packet so that it may be forwarded to the correct gateway in the connection.
• Comparatively, if the source IP address from a packet does not match the address in thefirst storage element925, then the address in thisfirst storage element925 is transmitted back to theaddress comparator910 vialine930. This address from thefirst storage element925 is the destination address for the gateway in the connection to which the packet should be forwarded. The source IP address from the packet is stored within thefirst element925 and the IP address that had previously been stored in the first storage element is transferred and stored in thesecond storage element927. As a result, both IP addresses in the connection are continually stored within thebuffer920. Thebuffer920, therefore, toggles the addresses when the source IP address does not match the address stored in thefirst storage element925. If thebuffer920 is implemented as a stack, then the source IP address can be pushed onto the stack when there is no match in with the first storage element925 (i.e., the head of the stack).
• After a destination address is identified and a network type for both gateways has been determined, information is inserted into the packet header. For example, a new destination IP address and port number are inserted into the packet header. Thereafter, the packet is transmitted fromvoice switch585 to a gateway (e.g.,212(a) or222(a)) on a particular port.
• d) Method for Translating a Network Address within a Connection
• FIG. 10 illustrates a general method for network address translation according to an embodiment of the present invention. Avoice switch585, operating within an established network connection, receives1005 a packet on a corresponding port. Thevoice switch585 identifies1010 a network type for both gateways within the connection. This identification may be done by numerous methods. For example, as described above, network type information may be integrated within the port number found in the packet header. Also, network type information may be identified by determining a port range in which the port falls, and from the port range, identify network type information corresponding to this particular port range.
• Thevoice switch585 identifies1015 a direction of the packet or destination address to which the packet should be forwarded. This identification may be accomplished using numerous methods. For example, as described above, a buffer and comparator may be implemented whereby a destination address is determined using the source address within the packet header. Once both network type information and a packet direction have been determined, thevoice switch585 performs1020 an appropriate address translation on the packet. Thereafter, the packet is transmitted1025 to a correct gateway in the connection.
• While the present invention has been described with reference to certain preferred embodiments, those skilled in the art will recognize that various modifications may be provided. Variations upon and modifications to the preferred embodiments are provided for by the present invention, which is limited only by the following claims.

Claims (14)

1. A method for embedding network type information within a packet header, the method comprising:

identifying a first network type for a first gateway;

embedding a first identifier corresponding to the first network type within a packet header;

identifying a second network type for a second gateway;

embedding a second identifier corresponding to the second network type within the packet header; and

transmitting the packet on a connection between the first gateway and the second gateway.

2. The method ofclaim 1 wherein the first identifier and the second identifier are embedded within a port number corresponding to the connection.

3. The method ofclaim 1 wherein the first field is a two bit field and the second field is a two bit field.

4. A voice router for interfacing a first network and a second network, the voice router comprising:

a packet translation module configured to communicate with the first network on a first port number, and configured to communicate with the second network on the first port number, and configured to receive a packet on the first port number and to forward the packet from the first port number; and

a packet direction module coupled to the packet translation module configured to determine a direction in which to forward the packet.

5. The voice router ofclaim 4 wherein the packet direction module further comprises:

an address comparator configured to parse a packet for a source address and to compare the source address with an address in a buffer.

6. The voice router ofclaim 4 wherein a plurality of gateways are configured to communicate with the packet translation module on a second port number.

7. The voice router ofclaim 6 wherein the packet translation module is further configured to drop packets received on the second port number.

8. The voice router ofclaim 6 wherein the second port number receives a RTCP stream.

9. A method for increasing a quantity of available port numbers on a voice router, the method comprising:

assigning a first data stream from a first gateway and a second gateway to a first port number;

identifying a direction for packets of the first data stream to determine a destination gateway, wherein the destination gateway is one of the first and second gateways; and

forwarding the packets to the destination gateway.

10. The method ofclaim 9 wherein the identifying further comprises:

parsing a packet of the first data stream for a source address;

accessing a buffer including a destination address; and

determining whether the source address matches the destination address.

11. The method ofclaim 9 further comprising:

assigning a second data stream from a plurality of gateways to a second port number.

12. The method ofclaim 11 wherein the second data stream comprises a RTCP stream.

13. The method ofclaim 11 further comprising:

generating a packet for the second data stream for at least one of the plurality of gateways.

14. The method ofclaim 13 further comprising:

dropping at least one packet corresponding to the second data stream.

Images