Movatterモバイル変換

[0]ホーム
URL:

USRE38902E1 - System and method for network address translation as an external service in the access server of a service provider - Google Patents

System and method for network address translation as an external service in the access server of a service providerDownload PDF

Info

Publication number
USRE38902E1
USRE38902E1US10/136,108US13610802AUSRE38902EUS RE38902 E1USRE38902 E1US RE38902E1US 13610802 AUS13610802 AUS 13610802AUS RE38902 EUSRE38902 EUS RE38902E
Authority
US
United States
Prior art keywords
address
network
stub
router
computer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
US10/136,108
Inventor
Pyda Srisuresh
Steven M. Willens
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nokia of America Corp
Original Assignee
Lucent Technologies Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lucent Technologies IncfiledCriticalLucent Technologies Inc
Priority to US10/136,108priorityCriticalpatent/USRE38902E1/en
Application grantedgrantedCritical
Publication of USRE38902E1publicationCriticalpatent/USRE38902E1/en
Assigned to CREDIT SUISSE AGreassignmentCREDIT SUISSE AGSECURITY INTEREST (SEE DOCUMENT FOR DETAILS).Assignors: ALCATEL-LUCENT USA INC.
Assigned to ALCATEL-LUCENT USA INC.reassignmentALCATEL-LUCENT USA INC.RELEASE BY SECURED PARTY (SEE DOCUMENT FOR DETAILS).Assignors: CREDIT SUISSE AG
Anticipated expirationlegal-statusCritical
Expired - Lifetimelegal-statusCriticalCurrent

Links

Images

Classifications

Definitions

Landscapes

Abstract

A system and method provides network address translation as an external service for private networks. Give the fact that local office networks (i.e., stub networks) are typically assigned only one globally unique IP address (or a small set of addresses), the invention presents a novel service provider access server (e.g., router) which performs basic network address translation (NAT) and network address port translation (NAPT) for such networks. The system allows NAT and NAPT features to be removed from stub network routers, thereby significantly reducing the cost of Internet infrastructure to individual companies and organizations. NAT features on service provider's access servers provide the ability for multiple hosts in disparate private (unregistered) networks to utilize the services of a service provider, using a single global address for each private network and allow private networks to avoid renumbering with access to each new service provider.

Description

BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates generally to computer network connections to the Internet and more particularly to a system and method for network address translation within an access server of a service provider.
2. Related Art
Today, it is not uncommon for each employee of a company or organization to have their own workstation for performing daily tasks such as word processing, creating spreadsheets, browsing the World Wide Web (WWW) and sending electronic mail via the Internet. Companies and organizations must employ local computer networks to link these individual workstation for electronic mail communications, Internet access, and sharing data and resources (e.g., peripherals). These networks, for a medium to large size company or organization, can easily contain over hundreds (if not thousands) of workstations.
Consequently, there has been a dramatic (exponential) increase in the number of computers connected to the Internet and the WWW over the past several years. As is well known in the relevant art, the Internet is a three level hierarchy composed of backbone networks (e.g. ARPANET, NSFNET, MILNET), mid-level networks, and stub networks. These networks include commercial (.com or .co), university (.ac or .edu) and other research networks (.org, .net) and military (.mil) networks and span many different physical networks around the world with various protocols including the Internet Protocol (IP).
In order for companies and organizations to access the Internet and the WWW, their local (stub) networks must be connected, via a router, to one of the hundred or so service providers. A router is a dedicated computer platform whose sole function is to forward packets (i.e., units of transmitted data) between networks.
FIG. 1 illustrates acomputing environment100 where a plurality of service providers104a-n offer access to the Internet102 via connections (e.g., T-1 lines) to individual offices110 (i.e., stub networks110a-110n). The stub networks110 each include astub router106 which connects to a plurality of workstations (e.g., personal computers or the like)108a-n.
The Internet Protocol uses an address withincomputing environment100 to distinguish among the millions of computers connected to the Internet102. An IP address is specified by a 32-bit host address usually represented in dotted decimal notation (e.g. 128.121.3-5). The IP address format is currently defined in Internet Standard (STD) 5, Request for Comments (RFC)791 (Internet Architecture Board). Because of the 32-bit addressing scheme, only a total of 232(4,294,967,296) unique IP address are possible for the entire (i.e., global) Internet. Thus,Internet service providers104 will assign each company or organization (and not each workstation108) a single IP address or in some cases a small set of IP addresses.
Therefore, in order for users within an office110 to access WWW servers, to use Telnet (the Internet standard protocol for remote login defined in STD8, RTC854), transfer files from difficult networks (via the File Transfer Protocol (FTP) define din STD 9, RFC 959) and the like, IP addresses must correctly and uniquely identify the source and target of packets. More specifically, IP addresses allow packets transmitted within the IP to be diagrams-a self-contained, independent entity of data carrying sufficient information to be routed from the source to the destination computer without reliance on earlier exchangers or the transporting network.
Eachoffice router106 belonging to a company or organization often performs network address translation (NAT) or network address port translation (NAPT) to uniquely identify and distinguish the source and destination of transmitted datagrams among the plurality of workstations108. Eachstub router106 executing NAT features allow an unregistered IP address to be used within a company and unique IP addresses to be used outside of the company. The necessity of including NAT features in thestub routers106 purchased by individual corporations and organization adds to these routers' cost. This can be a significant deterrent for a corporation or organization to grant Internet access to its employees from their individual workstations108.
Therefore, what is needed is a system and method for network address translation and network address port translation as an external service in the access server of a service provider. Such access servers (e.g., routers) would reduce the cost of stub routers that individual companies and organization must purchase.
SUMMARY OF THE INVENTION
The present invention is a system and method for network address translation as an external service in the access server of a service provider. The system is a novel service provider access server which performs network address translation (NAT) or network address port translation (NAPT) for local office networks (i.e., stub networks). This allows NAT and NAPT functionally and associated hardware to be removed from stub network routers thereby significantly reducing the cost of such routers. The method involves receiving a datagram from the Internet whose destination is a globally unique Internet Protocol (IP) address, mapping the globally unique IP address to a locally significant IP address and routing the datagram to a stub router located within a stub network. The method further includes receiving a second datagram from the stub router whose source is a locally significant IP address, mapping the locally significant IP address to a globally unique IP address, and the routing the second datagram to the Internet.
An advantage of the present invention is that the cost of stub routers is greatly reduced thereby reducing the burden of implementing an Internet infrastructure to individual companies and organizations.
Another advantage of the present invention is that it provides transparent routability for hosts in private networks, while providing for overall reduced cost of equipment and configurations.
Another advantage of the present invention is that it allows for provider specific centralized translation mechanisms (i.e., NAT as an external service such that access clients will not be responsible for obtaining global addresses). Service providers can now determine the addresses specific to the needs of their clients.
Yet still, another advantage of the present invention is that it provides multi-protocol support such that external NAT support by service providers may be extended between routing realms running two different routing protocols such as IP v.6 and IP v.4; IP and IP v.4; or Open Systems Interconnect (OSI) protocol and IP v.4.
Further features and advantages of the invention as well as the structure and operation of various embodiments of the invention are described in detail below with reference to the accompanying drawings.
BRIEF DESCRIPTION OF THE FIGURES
The features and advantages of the present invention will become more apparent from the detailed description set forth below when taken in conjunction with the drawings in which like reference numbers indicate identical or functionally similar elements. Additionally, the left-most digit of a reference number identifies the drawing in which the reference number first appears.
FIG. 1 is a block diagram of a computing environment typically found within the Internet;
FIG. 2 is an illustration of basic network address translation according to the conventional method;
FIG. 3 is an illustration of basic network address translation according to the present invention;
FIG. 4 is an illustration of network address port translation according to the conventional method;
FIG. 5 is an illustration of network address port translation according to the present invention;
FIG. 6 is a block diagram of an exemplary computer system useful for implementing the present invention; and
FIG. 7 is a block diagram of an exemplary environment in which the present invention may operate.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
I. Introduction
The present invention relates to a system and method for network address translation as an external service in the access server of a service provider. In a preferred embodiment of the present invention, an Internet service provider employs a router which can perform network address translation for a plurality of its customers (i.e., corporations and/or organizations that each have their own local private networks.) Network address translation (NAT) includes “basic NAT” for customers (e.g., companies, organizations, and the like) who are assigned a set of globally unique IP addresses and network address port translation (NAPT) for customers who are assigned only one globally unique IP address.
Service providers that employ the system and method of the present invention reduce the functionality needed in each of the local network routers (i.e., by providing NAT as an external service). The reduced functionality translates to reduced cost among all of the service provider's customers thereby eventually impacting (i.e., increasing) the potential number of people connected to the Internet.
The present invention is described in terms of the above example. This is for convenience only and is not intended to limit the application of the present invention. In fact, after reading the following description, it will be apparent to one skilled in the relevant art how to implement the following invention in alternative embodiments. For example, centralized network address translation need not be done on a router, but may be done externally at a central site box. It may also be done on the end host of an Internet service provider. Some service providers (especially those providing Internet or Enterprise access) utilize router software on an access server, while providing WWW content service or Simple Network Management Procotol(SNMP) management application on the same access server box. SNMP is the Internet standard protocol, used to manage and monitor various types of equipment described in STD 15, RFC 1157, and developed to manage nodes on an IP network. SNMP is not limited to transmission control protocol (TCP)/IP.
II. Glossary
This section defines terms used throughout the remainder of this document. In the event that a term defined herein has a more common meaning or usage, the definition provided herein should be taken as the intended meaning.
Network Address Translation (NAT)—Network Addresses are used to identify network nodes for communication between nodes using a specific inter-connecting protocol. In particular, we refer to Internet Protocol (IP), version 4 in this document. These addresses are normally assigned by the Internet Assigned Numbers Authority (IANA) or service providers to ensure that the addresses assigned are globally unique when operating in the Internet domain. The basic requirement is simply the addresses within a routing realm be unique across all the nodes in that networking domain.
Network Address Translation (NAT) refers to translation of network addresses and other higher layer identifiers (such as transmission control protocol (TCP)/user datagram protocol (UDP) ports) and related fields (such as checksum) in a datagram to be comparable to a routing realm, as a datagram traverses from one routing realm to another. NAT described in this document refers to datagrams (a.k.a. packets) traversing from a private address domain to a public address domain, both of which run the same. IP v.4 network protocol. However, it is not uncommon to use NAT between routing realms running different routing protocols, (e.g., between IP v.6 and IP v.4, between IPX and IP v.4; between OSI and IP v.4 etc.) (of course, there would be protocol translation, in addition). It is also not uncommon to use NAT between routing realms running the same routing protocol (e.g, IP v.4) and even have globally unique addresses between the two routing realms combined. Load sharing application is an example of such an application. Network address translators provide transparent communication to hosts belonging to a stub domain of a routing realm.
Basic Network Address Translation—a.k.a., Basic NAT is a specific case of NAT in which a set of network addresses in one routing realm are mapped to a different set of network addresses in the routing realm connected by a basic NAT router. In Basic NAT, datagram modifications are limited to network addresses and related fields (such as a checksum).
Network Address Port Translation (NAPT)—NAPT is a specific case of NAT in which a set of network addresses in one routing realm are mapped to a single assigned address of the routing realm connected to by a NAPT router. NAPT is applicable only to transparent protocols such as TCP/UDP (and to some extent Internet Control Message Protocol (ICMP)) that carry a transport layer specific identifier for sessions. In NAPT, datagram modifications are made to network addresses, transport layer identifiers (e.g., TCP/UDP ports) and related fields (such as checksums that are based on network addresses and transport identifiers).
Stub Domain—A Network boundary in which all traffic that enters or leaves pertains to packets that either originate from the boundary or destined to a node in the boundary.
Border Router—A router that is at the edge of a stub domain network.
Service Provider—One that provides any computer/network related service. Internet Service Providers (ISPs) provide Internet access to their customers. One that provides Enterprise access to employees into the corporate site may be referred to as Enterprise Service Providers (ESPs). There are businesses that provide products and content (e.g., Web content) as a service. There are also businesses that provide a specific service such as Web hosting and network management service to enterprises. Clearly, these are all examples of service providers.
Router—A networking node that forwards packets not addressed to itself. Typically, a routing realm has a globally unique address space in that every networking node has one or more addresses uniquely different from that of every other node in the realm. A router typically has a forwarding table to forward packets based on the unique prefix they carry in the destination address.
Host—A networking node that does not forward packets that are not addressed to itself. A host is also considered the end point of packet communication.
Access Server—The term access server refers generically to a server that provides access to a service. As explained above, there are many types of service providers and thus their routers, end hosts and the like would provide NAT as an external service to the service provider's clients from a centralized location according to the present invention.
III. Overview of Present Invention
FIG. 7 is a diagram illustrating atypical environment700 in which the present invention operates. A router typically forwards a packet directed to a host, by looking up the destination address (or the largest prefix that matches the destination address) in its forwarding table. For this reason, it is required that the address of each host within the routing realm be uniquely different from that of every other host in the same routing realm. However, anAccess Server702 utilizing this novel NAT feature (which may be referred to as a “Proxy NAT”) is able to provide external routing access to nodes from multiple realms (shown as private IP networks704a-c in FIG.7), even as they bear the same address space. For example, the three WAN connections704a-c have the same IP address space of 10.0.0.0/8. Of course, each of the private networks704 would have to be independent stub domains which are not inter-connected.
Access Server702 utilizing this novel proxy NAT feature is also able to provide Web contact, SNMP management and other type of service to multiple routing realms represented by the same address space. Sections IV and VII below, with reference toFIGS. 2-5, respectively, show a preferred embodiment of the present invention where NAT or NAPT is done within an Internet Service Provider's router for customer's office networks. However, such an embodiment of the present invention is merely exemplary and not intended as exhaustive.
IV. Conventional Basic NAT
FIG. 2 illustrates theconventional method200 for doing basic network address translation (NAT). That is, the following dataflow illustrates the NAT functionality that an individual organization'sstub router106 must possess when an organization's stub network110 is assigned a set of globally unique IP addresses.
Each Personal computer (PC)108 within the stub network is assigned an IP address which has only a local significance. If the number of PCS108 is greater than the number of globally unique IP addresses assigned to the office110, which is typically the case, there must be a mapping of the locally significant IP addresses to one of the globally unique IP addresses. If a user onPC108a initiates an outbound session (e.g., a FTP, Telnet or any connection involving the exchange of datagrams), it transmits data with the source IP address of 10.0.0.5 (i.e., its own locally significant IP address) and a destination IP address of 198.76.28.4 (e.g., an IP address of a target host). This is shown by arrow (a) in FIG.2. Thestub router106 maps (i.e., translates) the source IP address to one of the organization's available globally unique IP addresses (e.g., 198.76.29.1) before forwarding the packet to the service provider'srouter104. This is shown by arrow (b).
If a reply should come back (i.e., inbound), it would contain a source IP address of 198.76.28.4 and a destination IP address of 198.76.29.1. This is shown by arrow (c). Theoffice router106 would then translate the destination IP address to 10.0.0.5 and forward the datagram toworkstation108a so that the original session (and thus user) onPC108a can receive their reply. This is shown by arrow (d). As one skilled in the art will appreciate, thestub router106 can correctly route subsequent reply datagrams (i.e., arrows (c)-(d)), through the address binding, lookup and translation phases of the particular NAT algorithm employed.
V. Novel NAT Model
FIG. 3 illustrates abasic NAT model300 according to the present invention. If a user onPC108a initiates an outbound session, it transmits a datagram with the source IP address of 10.0.0.5 (i.e, its own locally significant IP address) and destination IP address of 198.76.28.4 (e.g., an IP address assigned to another organization's stub network110). This is shown by arrow (a) in FIG.3.
The simplified stub router106 (i.e., a stub router without any NAT functionality or hardware) simply forwards the datagram to the service provider'srouter104. This is shown by arrow (b). The provider'srouter104 maps the source11′ address to one of the organization's available globally unique IP address (e.g., 198.76.29.1) before forwarding the packet to theInternet102. This is shown by arrow (c).
If a reply should come back (i.e., inbound) it would contain a source IP address of 198.76.28.4 and a destination IP address of 187.76.29.1. This is shown by arrow (d). The provider'srouter104 would then map the destination IP address to 10.0.0.5 and forward the datagram to thestub router106. This is shown by arrow (c). Thestub router106 would then simply forward the datagram toPC108a so that the original session (and thus user) can receive their reply. This is shown by arrow (f).
The above dataflow (arrows (a)-(f)) illustrates that basic NAT functionality, according to the present invention, is contained in service provider'srouter104. In a preferred embodiment, the service provider'srouter104 is a PM-3 or PM-4 router supplied by Luent Technologies' Remote Access Business Unit (Pleasanton, Calif.). This allows the plurality ofstub routers106 withincomputing environment100 to be without any NAT associated features (e.g., hardware, etc.). The NAT hardware is now only needed in the service provider'srouters104 which is a smaller number thanstub routers106 located at each organization or corporation's stub network110. It will be apparent to one skilled in the relevant art that the proxy NAT feature uses a new packet forwarding scheme in conjunction with the forwarding scheme adapted by traditional routers, based on unique network forwarding table.
Furthermore, it will be apparent to one skilled in the art that the particular NAT algorithm employed (or even Internet Protocol version 6 as described in RFC 1550) will not effect the functionality of the present invention as described herein.
VI. Conventional NAPT
FIG. 4 illustrates the conventional method for doing network address port translation (NAPT). That is, the following dataflow illustrates the NAPT functionality that an individual organization'sstub router106 must process when an organization's stub network110 is assigned only one globally unique IP address. Conventional NAPT algorithms and associated hardware allow many network locally significant addresses and their TCP/UDP ports to be translated to a single globally significant network address and its respective TCP/UDP ports.
For example, if a user onPC108a initiates an outbound session (e.g., a FTP, Telnet or any connection involving the exchange of datagrams), it transmits data with the source IP address of 10.0.0.5 (i.e., it own locally significant IP address) and destination IP address of 138.76.29.7 (e.g., an IP address assigned to another target host). Also transmitted in the IP is the source port (e.g.,3017) and destination port (e.g.,23) of the datagram. This is shown by arrow (a) in FIG.4. Thestub router106 maps (i.e., translates) the source IP address to the organization's single globally unique IP address of 138.76.28.4 before forwarding the packet to the service provider'srouter104. Also, before forwarding the packet, thestub router106 uniquely assigns the datagram to one of the ports (e.g.,1027) of the globally unique IP address. This is shown by arrow (b).
If a reply should come back (i.e., inbound) it would contain a source IP address of 138.76.29.7 and a destination IP address of 138.76.28.4. This is shown by arrow (c). Theoffice router106 would then map the destination IP address to 10.0.0.5, map the uniquely assignedport1027 back to3017, and then forward the datagram toworkstation108a so that the original session (and thus user) onPC108a can receive their reply. This is shown by arrow (d).
It will be apparent to one skilled in the art that the TCP/UDP port specification in the IP header of datagram correspond to a particular PC108 or session (in the case of multiple sessions running on a PC108) within stub network110.
VII. Novel NAPT Model
NAPT currently performed at thestub router106 level, as described above with reference toFIG. 4, is equally suitable to the implementation of the present invention. In other words, the NAPT functionality can also be done at the service provider'srouter104 level as is illustrated in FIG.5.
FIG. 5 illustrates aNAPT model500 according to the present invention which operates in a similar manner to basic NAT method300 (e.g., dataflow (a)-(f)). This achieves the same costs savings and advantages described above with respect to basic NAT. Furthermore, it will be apparent to one skilled in the art that the particular NAPT algorithm employed will not effect the functionality of the present invention as described herein.
VIII. Environment
The present invention may be implemented using hardware, software or a combination thereof and may be implemented in a computer system or other processing system included within a service provider's access server. In fact, in one embodiment, the invention is directed toward a computer system capable of carrying out the functionality described herein. An example of acomputer system600 is shown in FIG.6. Thecomputer system600 includes one or more processors, such asprocessor604. Theprocessor604 is connected to acommunication bus606. Various software embodiments are described in terms of this example computer system. After reading this description, it will become apparent to a person skilled in the relevant art how to implement the invention using other computer systems and/or computer architectures.
Computer system600 also includes amain memory608, preferably random access memory (RAM), and can also include asecondary memory610. Thesecondary memory610 can include, for example, ahard disk drive612 and/or aremovable storage drive614, representing a floppy disk drive, a magnetic tape drive, an optical disk drive, etc. Theremovable storage drive614 reads from and/or writes to aremovable storage unit618 in a well known manner.Removable storage unit618, represents a floppy disk, magnetic tape, optical disk, etc. which is read by and written to byremovable storage drive614. As will be appreciated, theremovable storage unit618 includes a computer usable storage medium having stored therein computer software and/or data.
In alternative embodiments,secondary memory610 may include other similar means for allowing computer programs or other instructions to be loaded intocomputer system600. Such means can include, for example, aremovable storage unit622 and aninterface620. Examples of such can include flash memory, a program cartridge and cartridge interface (such as that found in video game devices), a removable memory chip (such as an EEPROM, or PROM) and associated socket, and otherremovable storage units622 andinterface620 which allow software and data to be transferred from theremovable storage unit622 tocomputer system600.
Computer system600 can also include acommunications interface624. Communications interface624 allows software and data to be transferred betweencomputer system600 and external devices. Examples ofcommunications interface624 can include a modem, a network interface (such as an Ethernet card), a communications port, a PCMCIA slot and card, etc. Software and data transferred viacommunications interface624 are in the form ofsignals628 which can be electronic, electromagnetic, optical or other signals capable of being received bycommunications interface624. Thesesignals628 are provided tocommunications interface624 via a communications path (i.e., channel)626. Thischannel626 carriessignals628 an can be implemented using wire or cable, fiber optics, a phone line, a cellular phone link, an RF link and other communications channels.
In this document, the terms “computer program medium” and “computer usable medium” are used to generally refer to media such asremovable storage drive614, a hard disk installed inhard disk drive612,signals628 and the like (e.g., flash memory). These computer program products are means for providing software tocomputer system600.
Computer programs (also called computer control logic) are stored inmain memory608 and/orsecondary memory610. Computer programs can also be received viacommunications interface624. Such computer programs, when executed, enable thecomputer system600 to perform the features of the present invention as discussed herein. In particular, the computer programs, when executed, enable theprocessor604 to perform the features of the present invention. Accordingly, such computer programs represent controllers of thecomputer system600.
In an embodiment where the invention is implemented using software, the software may be stored in a computer program product and loaded intocomputer system600 usingremovable storage drive614,hard drive612,communications interface624 and the like (e.g., flash memory). The control logic (software), when executed by theprocessor604, causes theprocessor604 to perform the functions of the invention as described herein.
In another embodiment, the invention is implemented primarily in hardware using, for example, hardware components such as application specific integrated circuits (ASICs). Implementation of the hardware state machine so as to perform the functions described herein will be apparent to persons skilled in the relevant art(s).
In yet another embodiment, the invention is implemented using a combination of both hardware and software.
IX. Conclusion
In order for a service provider to perform basic NAT and NAPT for each of its customers (i.e., for each office110), their access servers will have to be enabled to perform the addresses binding, lookup and translation, and unbinding phases of network address (port) translation. These modifications will be apparent to one skilled in the art.
While various embodiments of the present invention have been described above, it should be understood that they have been presented by way of example, and not limitation. It will be apparent to persons skilled in the relevant art that various changes in form and detail can be made therein without departing from the spirit and scope of the invention. Thus the present invention should not be limited by any of the above-described exemplary embodiments, but should be defined only in accordance with the following claims and their equivalents.

Claims (24)

6. A computer program product comprising a computer usable medium having computer readable program code means embodied in said medium for causing an application program to execute on a computer that performs network address translation within an Internet service provider router, said computer readable program code means comprising:
a first computer readable program code means for causing the computer to receive a datagram from the Internet whose destination is specified by a globally unique Internet Protocol (IP) address;
a second computer readable program code means for causing the computer to map said globally unique IP address to a locally significant IP address; and
a third computer readable program code means for causing the computer to route said datagram to a stub router located in a stub network, wherein said stub network includes the destination specified by said locally significant IP address.
18. A computer program product comprising a computer usable medium having computer readable program code means embodied in said medium for causing an application program to execute on a computer that performs network address translation within a service provider router, said computer readable program code means comprising:
a first computer readable program code means for causing the computer to receive a datagram whose destination is specified by a globally unique Internet Protocol(IP)address;
a second computer readable program code means for causing the computer to map said globally unique IP address to a locally significant IP address; and
a third computer readable program code means for causing the computer to route said datagram to a stub router located in a stub network, wherein said stub network includes the destination specified by said locally significant IP address.
US10/136,1081998-04-232002-05-01System and method for network address translation as an external service in the access server of a service providerExpired - LifetimeUSRE38902E1 (en)

Priority Applications (1)

Application NumberPriority DateFiling DateTitle
US10/136,108USRE38902E1 (en)1998-04-232002-05-01System and method for network address translation as an external service in the access server of a service provider

Applications Claiming Priority (2)

Application NumberPriority DateFiling DateTitle
US09/064,739US6058431A (en)1998-04-231998-04-23System and method for network address translation as an external service in the access server of a service provider
US10/136,108USRE38902E1 (en)1998-04-232002-05-01System and method for network address translation as an external service in the access server of a service provider

Related Parent Applications (1)

Application NumberTitlePriority DateFiling Date
US09/064,739ReissueUS6058431A (en)1998-04-231998-04-23System and method for network address translation as an external service in the access server of a service provider

Publications (1)

Publication NumberPublication Date
USRE38902E1true USRE38902E1 (en)2005-11-29

Family

ID=22057977

Family Applications (2)

Application NumberTitlePriority DateFiling Date
US09/064,739CeasedUS6058431A (en)1998-04-231998-04-23System and method for network address translation as an external service in the access server of a service provider
US10/136,108Expired - LifetimeUSRE38902E1 (en)1998-04-232002-05-01System and method for network address translation as an external service in the access server of a service provider

Family Applications Before (1)

Application NumberTitlePriority DateFiling Date
US09/064,739CeasedUS6058431A (en)1998-04-231998-04-23System and method for network address translation as an external service in the access server of a service provider

Country Status (5)

CountryLink
US (2)US6058431A (en)
EP (1)EP1074138B1 (en)
AU (1)AU3755099A (en)
DE (1)DE69924478T2 (en)
WO (1)WO1999055056A1 (en)

Cited By (19)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US20040143758A1 (en)*2003-01-212004-07-22Microsoft CorporationMethod for mapping security associations to clients operating behind a network address translation device
US20050271047A1 (en)*2004-06-022005-12-08Huonder Russell JMethod and system for managing multiple overlapping address domains
US7668083B1 (en)2003-10-282010-02-23Bbn Technologies Corp.Systems and methods for forwarding data in a communications network
US20100124191A1 (en)*2008-11-172010-05-20Sierra Wireless, IncMethod and apparatus for facilitating push communication across a network boundary
US20100205260A1 (en)*2009-02-122010-08-12Sierra Wireless, Inc.Method and system for aggregating communications
US20100287270A1 (en)*2007-11-132010-11-11Fujitsu LimitedControl proxy apparatus and control proxy method
US7881229B2 (en)2003-08-082011-02-01Raytheon Bbn Technologies Corp.Systems and methods for forming an adjacency graph for exchanging network routing data
US7983239B1 (en)2003-01-072011-07-19Raytheon Bbn Technologies Corp.Systems and methods for constructing a virtual model of a multi-hop, multi-access network
USRE43057E1 (en)2000-09-132012-01-03Alcatel LucentMethod and apparatus for facilitating peer-to-peer application communication
US8103792B2 (en)2003-08-272012-01-24Raytheon Bbn Technologies Corp.Systems and methods for forwarding data units in a communications network
US8139504B2 (en)2009-04-072012-03-20Raytheon Bbn Technologies Corp.System, device, and method for unifying differently-routed networks using virtual topology representations
US8194673B2 (en)*2003-05-282012-06-05Citrix Systems, Inc.Policy based network address translation
US8275989B2 (en)2003-11-142012-09-25Microsoft CorporationMethod of negotiating security parameters and authenticating users interconnected to a network
US8335224B1 (en)2001-10-122012-12-18Raytheon Bbn Technologies Corp.Data-buffering apparatus and method
US8539062B1 (en)2002-12-192013-09-17F5 Networks, Inc.Method and system for managing network traffic
US8645556B1 (en)2002-05-152014-02-04F5 Networks, Inc.Method and system for reducing memory used for idle connections
US8812730B2 (en)2008-11-172014-08-19Sierra Wireless, Inc.Method and apparatus for network port and network address translation
US9037724B2 (en)2011-02-082015-05-19Sierra Wireless, Inc.Method and system for forwarding data between network devices
US20210029035A1 (en)*2019-05-312021-01-28Adva Optical Networking SeTransparent Multiplexing of IP Endpoints

Families Citing this family (171)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
GB2314729B (en)*1995-12-192001-01-17Motorola IncMethod and apparatus for rate governing communications
JP3038650B2 (en)*1997-04-282000-05-08日本電気株式会社 Internet communication method and apparatus for mobile packet communication system
JPH1165832A (en)*1997-08-211999-03-09Sony CorpSource code converting method and record medium
US6353614B1 (en)*1998-03-052002-03-053Com CorporationMethod and protocol for distributed network address translation
US6519635B1 (en)*1998-04-302003-02-11Cisco Technology, Inc.SNMP master agent that translates messages to a sub-agent proprietary format using a translation table by the sub-agent
US6775276B1 (en)*1998-05-272004-08-103Com CorporationMethod and system for seamless address allocation in a data-over-cable system
US6219694B1 (en)1998-05-292001-04-17Research In Motion LimitedSystem and method for pushing information from a host system to a mobile data communication device having a shared electronic address
US6779019B1 (en)1998-05-292004-08-17Research In Motion LimitedSystem and method for pushing information from a host system to a mobile data communication device
US7209949B2 (en)*1998-05-292007-04-24Research In Motion LimitedSystem and method for synchronizing information between a host system and a mobile data communication device
US7209955B1 (en)1998-05-292007-04-24Research In Motion LimitedNotification system and method for a mobile data communication device
US6463463B1 (en)1998-05-292002-10-08Research In Motion LimitedSystem and method for pushing calendar event messages from a host system to a mobile data communication device
US7266365B2 (en)*1998-05-292007-09-04Research In Motion LimitedSystem and method for delayed transmission of bundled command messages
US20020049818A1 (en)*1998-05-292002-04-25Gilhuly Barry J.System and method for pushing encrypted information between a host system and a mobile data communication device
US8516055B2 (en)1998-05-292013-08-20Research In Motion LimitedSystem and method for pushing information from a host system to a mobile data communication device in a wireless data network
US7606936B2 (en)*1998-05-292009-10-20Research In Motion LimitedSystem and method for redirecting data to a wireless device over a plurality of communication paths
US6438585B2 (en)1998-05-292002-08-20Research In Motion LimitedSystem and method for redirecting message attachments between a host system and a mobile data communication device
JP4080599B2 (en)*1998-06-172008-04-23富士通株式会社 Communication control apparatus and communication control method applied to multicast-compatible LAN
US6418476B1 (en)*1998-06-292002-07-09Nortel Networks, LimitedMethod for synchronizing network address translator (NAT) tables using the open shortest path first opaque link state advertisement option protocol
US6665702B1 (en)*1998-07-152003-12-16Radware Ltd.Load balancing
US6870845B1 (en)*1998-08-042005-03-22At&T Corp.Method for providing privacy by network address translation
US6717949B1 (en)*1998-08-312004-04-06International Business Machines CorporationSystem and method for IP network address translation using selective masquerade
US6457061B1 (en)*1998-11-242002-09-24Pmc-SierraMethod and apparatus for performing internet network address translation
JP2002532013A (en)*1998-12-032002-09-24ブリティッシュ・テレコミュニケーションズ・パブリック・リミテッド・カンパニー Network management system
US8713641B1 (en)1998-12-082014-04-29Nomadix, Inc.Systems and methods for authorizing, authenticating and accounting users having transparent computer access to a network using a gateway device
US7194554B1 (en)1998-12-082007-03-20Nomadix, Inc.Systems and methods for providing dynamic network authorization authentication and accounting
US8266266B2 (en)1998-12-082012-09-11Nomadix, Inc.Systems and methods for providing dynamic network authorization, authentication and accounting
FR2787956B1 (en)*1998-12-242001-02-23France Telecom METHOD OF ADDRESSING IN A DIGITAL TELECOMMUNICATIONS NETWORK AND NAME AND ADDRESS SERVER IMPLEMENTING SUCH A METHOD
US6584096B1 (en)*1998-12-302003-06-24Nortel Networks LimitedMethod and apparatus for connecting a home network to the internet
US6535511B1 (en)*1999-01-072003-03-18Cisco Technology, Inc.Method and system for identifying embedded addressing information in a packet for translation between disparate addressing systems
US20040109440A1 (en)*1999-01-152004-06-10Mattathil George P.Optimized packet and time division multiplex transmission and network integration
US6738382B1 (en)*1999-02-242004-05-18Stsn General Holdings, Inc.Methods and apparatus for providing high speed connectivity to a hotel environment
US7110390B1 (en)*1999-04-202006-09-19Mci, Inc.Communication controller for providing multiple access using a single telephone line
US6393488B1 (en)*1999-05-272002-05-213Com CorporationSystem and method for supporting internet protocol subnets with network address translators
US6957346B1 (en)*1999-06-152005-10-18Ssh Communications Security Ltd.Method and arrangement for providing security through network address translations using tunneling and compensations
US6981155B1 (en)*1999-07-142005-12-27Symantec CorporationSystem and method for computer security
US7117532B1 (en)*1999-07-142006-10-03Symantec CorporationSystem and method for generating fictitious content for a computer
US7152239B1 (en)1999-07-142006-12-19Symantec CorporationSystem and method for preventing detection of a computer connection to an external device
AU6218700A (en)*1999-07-142001-01-30Recourse Technologies, Inc.System and method for tracking the source of a computer attack
US7203962B1 (en)*1999-08-302007-04-10Symantec CorporationSystem and method for using timestamps to detect attacks
US20020055971A1 (en)*1999-11-012002-05-09Interdigital Technology CorporationMethod and system for a low-overhead mobility management protocol in the internet protocol layer
US6581108B1 (en)*1999-11-302003-06-17Lucent Technologies Inc.Managing multiple private data networks using network and payload address translation
GB2357166B (en)1999-12-072001-10-31Marconi Comm LtdMemory access system
US6879593B1 (en)*1999-12-202005-04-12Intel CorporationConnections of nodes on different networks
US7007080B2 (en)*1999-12-232006-02-28Solution Inc LimitedSystem for reconfiguring and registering a new IP address for a computer to access a different network without user intervention
CA2333495A1 (en)*2000-01-312001-07-31Telecommunications Research LaboratoryInternet protocol-based computer network service
US6820133B1 (en)*2000-02-072004-11-16Netli, Inc.System and method for high-performance delivery of web content using high-performance communications protocol between the first and second specialized intermediate nodes to optimize a measure of communications performance between the source and the destination
US6779035B1 (en)*2000-03-062004-08-17Microsoft CorporationApplication programming interface and generalized network address translator for translation of transport-layer sessions
US7020719B1 (en)2000-03-242006-03-28Netli, Inc.System and method for high-performance delivery of Internet messages by selecting first and second specialized intermediate nodes to optimize a measure of communications performance between the source and the destination
US6754709B1 (en)*2000-03-292004-06-22Microsoft CorporationApplication programming interface and generalized network address translator for intelligent transparent application gateway processes
US6934754B2 (en)*2000-04-032005-08-23Ibahn General Holdings, Inc.Methods and apparatus for processing network data transmissions
AU2001250201A1 (en)*2000-04-102001-10-23Research In Motion LimitedSystem and method for bundling information
US7058730B2 (en)*2000-05-052006-06-06Fujitsu LimitedUnique address space and method for a transport network
KR100379576B1 (en)*2001-02-012003-04-10니트젠테크놀러지스 주식회사The Network Configuration Method of automatically Network Backup and Load Balancing for Network & System Problem
GB2363297B (en)*2000-06-092004-04-07Hewlett Packard CoSecure network communications
DE60028018T2 (en)*2000-06-152006-12-07Telefonaktiebolaget Lm Ericsson (Publ) Methods and arrangements in a telecommunication system
US6914905B1 (en)2000-06-162005-07-05Extreme Networks, Inc.Method and system for VLAN aggregation
WO2002003217A1 (en)*2000-06-302002-01-10Net2PhoneSystem, method, and computer program product for resolving addressing in a network including a network address translator
US20020026522A1 (en)*2000-07-202002-02-28Eli DoronSystem and method for directing a media stream
US7388831B2 (en)*2000-07-262008-06-17Pluris, Inc.Method and apparatus for bond management according to hierarchy
US6553005B1 (en)*2000-07-262003-04-22Pluris, Inc.Method and apparatus for load apportionment among physical interfaces in data routers
GB2365256A (en)*2000-07-282002-02-13Ridgeway Systems & Software LtAudio-video telephony with port address translation
KR100689034B1 (en)*2000-08-262007-03-08삼성전자주식회사 Network address translation system and method for accessing a node with private IP address in an external network and a computer-readable recording medium recording the method
US7035281B1 (en)2000-09-132006-04-25Wp Media, Inc.Wireless provisioning device
CN1207937C (en)*2000-10-092005-06-22诺基亚公司Radio resource management
US6944167B1 (en)*2000-10-242005-09-13Sprint Communications Company L.P.Method and apparatus for dynamic allocation of private address space based upon domain name service queries
GB2369746A (en)*2000-11-302002-06-05Ridgeway Systems & Software LtCommunications system with network address translation
US7072981B1 (en)2000-12-212006-07-04Cisco Technology, Inc.Preallocation of client network address translation addresses for client-server networks
FI20002822A7 (en)2000-12-212002-06-22Nokia Corp Address sharing
US7010303B2 (en)*2000-12-222006-03-07Research In Motion LimitedWireless router system and method
US20020085550A1 (en)*2000-12-282002-07-04Steven RhodesScalable switch
US7031275B1 (en)*2000-12-282006-04-18Utstarcom, Inc.Address management for mobile nodes
US7089328B1 (en)*2000-12-292006-08-08Cisco Technology, Inc.Method allocation scheme for maintaining server load balancers services in a high throughput environment
US6912592B2 (en)*2001-01-052005-06-28Extreme Networks, Inc.Method and system of aggregate multiple VLANs in a metropolitan area network
CA2368404C (en)*2001-01-182005-08-09Research In Motion LimitedUnified messaging system and method
US6981038B2 (en)*2001-01-232005-12-27International Business Machines CorporationMethods, systems and computer program products for determining simple network management protocol (SNMP) object identifiers in a management information base (MIB) file
US7103656B2 (en)*2001-02-202006-09-05Research In Motion LimitedSystem and method for administrating a wireless communication network
US6993012B2 (en)*2001-02-202006-01-31Innomedia Pte, LtdMethod for communicating audio data in a packet switched network
JP4491980B2 (en)*2001-03-052010-06-30ソニー株式会社 COMMUNICATION PROCESSING SYSTEM, COMMUNICATION PROCESSING METHOD, COMMUNICATION TERMINAL DEVICE, AND PROGRAM
CA2375844C (en)*2001-03-092008-12-30Research In Motion LimitedAdvanced voice and data operations in a mobile data communication device
US20020132609A1 (en)*2001-03-142002-09-19Lewis Allan D.Scalable and secure messaging system for a wireless network
US7293108B2 (en)*2001-03-152007-11-06Intel CorporationGeneric external proxy
US20020138552A1 (en)*2001-03-212002-09-26Debruine Timothy S.Method and system for optimizing private network file transfers in a public peer-to-peer network
JP4075318B2 (en)*2001-04-182008-04-16株式会社日立製作所 Protocol conversion method and address conversion server
US7085267B2 (en)*2001-04-272006-08-01International Business Machines CorporationMethods, systems and computer program products for translating internet protocol (IP) addresses located in a payload of a packet
DE60211897T2 (en)*2001-06-082006-10-194Th Pass Inc., Seattle Method, storage medium, network and apparatus for bidirectionally initiated data communication with a wireless device
KR20020093398A (en)*2001-06-082002-12-16(주)바네트Method for sharing an authorized internet protocol address of ultra highspeed internet restrictively
US20030009561A1 (en)*2001-06-142003-01-09Sollee Patrick N.Providing telephony services to terminals behind a firewall and /or network address translator
US7068655B2 (en)*2001-06-142006-06-27Nortel Networks LimitedNetwork address and/or port translation
US6985483B2 (en)*2001-07-312006-01-10North Carolina State UniversityMethods and systems for fast packet forwarding
DE10139745A1 (en)*2001-08-132003-02-27Siemens Ag Method and device for establishing a communication link
US8195950B2 (en)*2001-08-152012-06-05Optimum Path LLCSecure and seamless wireless public domain wide area network and method of using the same
CN100391213C (en)*2001-08-302008-05-28西门子公司 Method for transferring data between internal data network and public data network and device for implementing the method
JP2003078544A (en)*2001-08-312003-03-14Allied Tereshisu KkAddress converting device, monitoring device, and its program
US20030055978A1 (en)*2001-09-182003-03-20Microsoft CorporationMethods and systems for enabling outside-initiated traffic flows through a network address translator
JP2003110596A (en)*2001-09-282003-04-11Hitachi Ltd Data communication service provision method
JP2003124962A (en)*2001-10-182003-04-25Fujitsu Ltd Packet transfer device, packet transfer method, and semiconductor device
CA2410118C (en)*2001-10-262007-12-18Research In Motion LimitedSystem and method for controlling configuration settings for mobile communication devices and services
US8095668B2 (en)*2001-11-092012-01-10Rockstar Bidco LpMiddlebox control
US7006436B1 (en)2001-11-132006-02-28At&T Corp.Method for providing voice-over-IP service
WO2003049384A1 (en)*2001-12-072003-06-12Research In Motion LimitedSystem and method of managing information distribution to mobile stations
US7054944B2 (en)*2001-12-192006-05-30Intel CorporationAccess control management system utilizing network and application layer access control lists
JP2003186632A (en)*2001-12-202003-07-04Oki Electric Ind Co LtdRemote terminal connecting system
US7334049B1 (en)*2001-12-212008-02-19Cisco Technology, Inc.Apparatus and methods for performing network address translation (NAT) in a fully connected mesh with NAT virtual interface (NVI)
JP3548157B2 (en)*2001-12-262004-07-28アライドテレシス株式会社 Relay device, address conversion control method, and program
US20030145082A1 (en)*2002-01-252003-07-31Son Yong HoNAT device with LAN monitor for remote management
US7224687B2 (en)*2002-02-282007-05-29Lucent Technologies Inc.Method and apparatus for voice over IP network address translation
TW588532B (en)*2002-03-292004-05-21Realtek Semiconductor CorpManagement device and method of NAT/NAPT session
US7260649B1 (en)*2002-04-162007-08-21Cisco Technology, Inc.Apparatus and methods for forwarding data between public networks via a private network
US7243141B2 (en)*2002-05-132007-07-10Sony Computer Entertainment America, Inc.Network configuration evaluation
US7676579B2 (en)*2002-05-132010-03-09Sony Computer Entertainment America Inc.Peer to peer network communication
US7937471B2 (en)*2002-06-032011-05-03Inpro Network Facility, LlcCreating a public identity for an entity on a network
US6892234B2 (en)*2002-06-122005-05-10Electronic Data Systems CorporationMulti-tiered enterprise management system and method including a presentation services unit external to the enterprise
US7803052B2 (en)*2002-06-282010-09-28Microsoft CorporationDiscovery and distribution of game session information
US6801528B2 (en)2002-07-032004-10-05Ericsson Inc.System and method for dynamic simultaneous connection to multiple service providers
US8060626B2 (en)2008-09-222011-11-15Sony Computer Entertainment America Llc.Method for host selection based on discovered NAT type
US8224985B2 (en)*2005-10-042012-07-17Sony Computer Entertainment Inc.Peer-to-peer communication traversing symmetric network address translators
US20040044756A1 (en)*2002-08-302004-03-04General Instrument CorporationMethod and apparatus for providing management access to devices behind a network address translator (NAT)
US7139926B1 (en)2002-08-302006-11-21Lucent Technologies Inc.Stateful failover protection among routers that provide load sharing using network address translation (LSNAT)
US8234358B2 (en)*2002-08-302012-07-31Inpro Network Facility, LlcCommunicating with an entity inside a private network using an existing connection to initiate communication
US7752334B2 (en)2002-10-152010-07-06Nomadix, Inc.Intelligent network address translator and methods for network address translation
US20080261633A1 (en)2002-10-222008-10-23Research In Motion LimitedSystem and Method for Pushing Information from a Host System to a Mobile Data Communication Device
TWI222811B (en)*2002-11-192004-10-21Inst Information IndustryNAPT gateway system and method to expand the number of connections
CN1266882C (en)*2002-12-042006-07-26华为技术有限公司A management method of network device
AU2003292476A1 (en)*2003-01-202004-08-13Koninklijke Philips Electronics N.V.Sessions intiated from a first to a second computer network
US20040249974A1 (en)*2003-03-312004-12-09Alkhatib Hasan S.Secure virtual address realm
US7949785B2 (en)2003-03-312011-05-24Inpro Network Facility, LlcSecure virtual community network system
US20040249973A1 (en)*2003-03-312004-12-09Alkhatib Hasan S.Group agent
WO2004107130A2 (en)*2003-05-282004-12-09Caymas Systems, Inc.Multilayer access control security system
US7827602B2 (en)*2003-06-302010-11-02At&T Intellectual Property I, L.P.Network firewall host application identification and authentication
CN100366026C (en)*2003-07-062008-01-30华为技术有限公司 A method for realizing message forwarding control in routing equipment
US7633948B2 (en)*2003-07-072009-12-15Panasonic CorporationRelay device and server, and port forward setting method
KR100560744B1 (en)*2003-09-252006-03-13삼성전자주식회사 IP Management System and Its Method in DCP Environment
KR100594950B1 (en)*2003-11-262006-06-30한국전자통신연구원Access Router based Mobile IPv6 Fast Handover Method
US7765309B2 (en)*2004-01-262010-07-27Optimum Path LLCWireless provisioning device
CN100364265C (en)*2004-03-022008-01-23泰发科技股份有限公司Method for accessing a device connected to a local area network by means of a remote instrument
CN100448233C (en)*2004-05-212008-12-31迈普(四川)通信技术有限公司Virtual domain name resolution proxy method and system
TWI245521B (en)*2004-06-012005-12-11Realtek Semiconductor CorpNetwork address-port translation device and method
US20060002334A1 (en)*2004-06-212006-01-05Washburn E R IiiWiFi network communication security system and method
JP4880883B2 (en)*2004-07-142012-02-22キヤノン株式会社 COMMUNICATION DEVICE CONTROL METHOD, COMMUNICATION DEVICE, AND COMMUNICATION DEVICE CONTROL PROGRAM
US7466712B2 (en)*2004-07-302008-12-16Brocade Communications Systems, Inc.System and method for providing proxy and translation domains in a fibre channel router
US7936769B2 (en)*2004-07-302011-05-03Brocade Communications System, Inc.Multifabric zone device import and export
US8059664B2 (en)*2004-07-302011-11-15Brocade Communications Systems, Inc.Multifabric global header
US8046829B2 (en)*2004-08-172011-10-25Toshiba America Research, Inc.Method for dynamically and securely establishing a tunnel
US7711835B2 (en)*2004-09-302010-05-04Citrix Systems, Inc.Method and apparatus for reducing disclosure of proprietary data in a networked environment
US7748032B2 (en)2004-09-302010-06-29Citrix Systems, Inc.Method and apparatus for associating tickets in a ticket hierarchy
US8613048B2 (en)2004-09-302013-12-17Citrix Systems, Inc.Method and apparatus for providing authorized remote access to application sessions
US8024568B2 (en)*2005-01-282011-09-20Citrix Systems, Inc.Method and system for verification of an endpoint security scan
EP1694034B1 (en)*2005-02-162014-05-21Alcatel LucentMethod to establish a peer-to-peer connection between two user agents located behind symmetric NATs
CA2606193C (en)2005-04-182015-03-17Research In Motion LimitedMethod for providing wireless application privilege management
US20060268890A1 (en)*2005-05-312006-11-30Audiocodes Ltd.Method circuit and system for remotely updating a network appliance
CN100464540C (en)*2005-09-092009-02-25北京中星微电子有限公司 A method of cross-gateway communication
CN100477671C (en)*2005-12-162009-04-08中国科学院计算技术研究所 Network address translation method supporting multi-session application layer protocol in PAT mode
KR100844380B1 (en)2006-11-072008-07-07주식회사 케이티 Subscriber terminal management system and method, and recording medium storing program for implementing same
US8533846B2 (en)2006-11-082013-09-10Citrix Systems, Inc.Method and system for dynamically associating access rights with a resource
US8179872B2 (en)2007-05-092012-05-15Research In Motion LimitedWireless router system and method
US7995478B2 (en)*2007-05-302011-08-09Sony Computer Entertainment Inc.Network communication with path MTU size discovery
JP5002337B2 (en)*2007-05-312012-08-15株式会社東芝 Communication system for authenticating or relaying network access, relay device, authentication device, and communication method
US20090006435A1 (en)*2007-06-282009-01-01Cisco Technology, Inc.Object identifier awareness for network device notifications
JP5207270B2 (en)*2007-07-122013-06-12Necインフロンティア株式会社 Communication system between multiple networks
US7933273B2 (en)*2007-07-272011-04-26Sony Computer Entertainment Inc.Cooperative NAT behavior discovery
CN101132424B (en)*2007-09-292011-08-31杭州华三通信技术有限公司Network address conversion method and device thereof
US7856501B2 (en)2007-12-042010-12-21Sony Computer Entertainment Inc.Network traffic prioritization
US7856506B2 (en)*2008-03-052010-12-21Sony Computer Entertainment Inc.Traversal of symmetric network address translator for multiple simultaneous connections
US8073959B2 (en)*2008-03-282011-12-06Microsoft CorporationAutomatically detecting whether a computer is connected to a public or private network
US7890657B2 (en)*2008-06-122011-02-15Genband Us LlcSystem and method for correct routing and enforcement policy in a network having address or port translation
JP5214402B2 (en)*2008-10-222013-06-19沖電気工業株式会社 Packet transfer apparatus, packet transfer method, packet transfer program, and communication apparatus
JP2011077804A (en)*2009-09-302011-04-14Oki Networks Co LtdCommunication device and communication method of the same
JP4947118B2 (en)*2009-10-072012-06-06パナソニック株式会社 Relay device and relay method
CN102984697B (en)*2012-12-042015-07-08中国联合网络通信集团有限公司IP communication method, equipment and system based on mobile terminals
CN103095864B (en)*2013-01-182015-05-20清华大学Internet protocol version 4 (IPv4) address and port section pool maintenance method facing IPv6 based on hash algorithm
US12218908B2 (en)*2022-02-222025-02-04Cisco Technology, Inc.Secured advertisement of autoconfigured internet protocol prefixes in a cloud environment

Citations (7)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US5371852A (en)*1992-10-141994-12-06International Business Machines CorporationMethod and apparatus for making a cluster of computers appear as a single host on a network
US5636216A (en)*1994-04-081997-06-03Metricom, Inc.Method for translating internet protocol addresses to other distributed network addressing schemes
US5793763A (en)*1995-11-031998-08-11Cisco Technology, Inc.Security system for network address translation systems
US5815664A (en)*1995-03-201998-09-29Fujitsu LimitedAddress reporting device and method for detecting authorized and unauthorized addresses in a network environment
US6058106A (en)*1997-10-202000-05-02Motorola, Inc.Network protocol method, access point device and peripheral devices for providing for an efficient centrally coordinated peer-to-peer wireless communications network
US6119171A (en)*1998-01-292000-09-12Ip Dynamics, Inc.Domain name routing
US6128664A (en)*1997-10-202000-10-03Fujitsu LimitedAddress-translating connection device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US5371852A (en)*1992-10-141994-12-06International Business Machines CorporationMethod and apparatus for making a cluster of computers appear as a single host on a network
US5636216A (en)*1994-04-081997-06-03Metricom, Inc.Method for translating internet protocol addresses to other distributed network addressing schemes
US5815664A (en)*1995-03-201998-09-29Fujitsu LimitedAddress reporting device and method for detecting authorized and unauthorized addresses in a network environment
US5793763A (en)*1995-11-031998-08-11Cisco Technology, Inc.Security system for network address translation systems
US6058106A (en)*1997-10-202000-05-02Motorola, Inc.Network protocol method, access point device and peripheral devices for providing for an efficient centrally coordinated peer-to-peer wireless communications network
US6128664A (en)*1997-10-202000-10-03Fujitsu LimitedAddress-translating connection device
US6119171A (en)*1998-01-292000-09-12Ip Dynamics, Inc.Domain name routing

Non-Patent Citations (13)

* Cited by examiner, † Cited by third party
Title
"Requirements for Internet Hosts-Application and Support", ed. R. Braden, Oct. 1989, Downloaded from ftp://ftp.isi.edu/in-notes/frc1123.txt.
"Requirements for Internet Hosts-Communication Layers", ed. R. Braden, Oct. 1989, Downloaded from ftp://ftp.isi.edu/in-notes/rfc1122.txt.
"Requirements for IP Version 4 Routers", ed. F. Baker, Jun. 1995, Downloaded from ftp://ftp.isi.edu/in-notes/rfc1812.txt.
"Transmission Control Protocol DARPA Internet Program Protocol Specification", prepared by the Information Sciences Institute of University of Southern California, Sep. 1981, Downloaded from ftp://ftp.isi.edu/in-notes/rfc793.txt.
Postel, J. and J. Reynolds, "File Transfer Protocol (FTP)", Oct. 1985, Downloaded from ftp://ftp.isi.edu/in-notes/rfc959.txt.
Postel, J., "Internet Control Message Protocol: DARPA Internet Program Protocol Specification", Sep. 1981, Downloaded from ftp://ftp.isi.edu/in-notes/rfc792.txt.
Postel, J., "User Datagram Protocol", Aug. 28, 1980, Downloaded from ftp://ftp.isi.edu/in-notes/rfc768.txt.
Rekhter, Y., et al., "Address Allocation for Private Internets", Feb. 1996, Downloaded from ftp://ftp.isi.edu/in-notes/rfc1918.txt.
Srisuresh, P. and Der-hwa Ghen, "Load Sharing using IP Network Address Translation (LSNAT)" Feb. 1998, Downloaded from http://ds.internic.net/internet-drafts/draft-srisuuresh-lsnat-01.txt.
Srisuresh, P. and K. Egevang, "The IP Network Address Translator", Sep. 1997, Downloaded from http://ds.internic.net/internet-drafts/draft-rfced-info-srisuresh-03.txt.
Tsirtsis, G. and P. Srisuresh, "Network Address Translation-Protocol Translation (NAT-PT)", Mar. 1998, Downloaded from http://ds.internic.net/internet-drafts/draft-ietf-ngtrans-natpt-01.txt.
Tsuchiya, P.F. and End, T., "Extending the IP Internet Through Address Reuse", Computer Communications Review, Jan. 1, 1993, p. 16-33.*
Yeom et al., "IP Multiplexing by Transparent Port-Address Translator", Proc. of the Systems Administration Conference, LISA, Sep. 29, 1996, p. 113-121.*

Cited By (25)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
USRE43057E1 (en)2000-09-132012-01-03Alcatel LucentMethod and apparatus for facilitating peer-to-peer application communication
US8335224B1 (en)2001-10-122012-12-18Raytheon Bbn Technologies Corp.Data-buffering apparatus and method
US8874783B1 (en)*2002-05-152014-10-28F5 Networks, Inc.Method and system for forwarding messages received at a traffic manager
US8645556B1 (en)2002-05-152014-02-04F5 Networks, Inc.Method and system for reducing memory used for idle connections
US8676955B1 (en)2002-12-192014-03-18F5 Networks, Inc.Method and system for managing network traffic
US8539062B1 (en)2002-12-192013-09-17F5 Networks, Inc.Method and system for managing network traffic
US7983239B1 (en)2003-01-072011-07-19Raytheon Bbn Technologies Corp.Systems and methods for constructing a virtual model of a multi-hop, multi-access network
US7386881B2 (en)*2003-01-212008-06-10Swander Brian DMethod for mapping security associations to clients operating behind a network address translation device
US20040143758A1 (en)*2003-01-212004-07-22Microsoft CorporationMethod for mapping security associations to clients operating behind a network address translation device
US8194673B2 (en)*2003-05-282012-06-05Citrix Systems, Inc.Policy based network address translation
US7881229B2 (en)2003-08-082011-02-01Raytheon Bbn Technologies Corp.Systems and methods for forming an adjacency graph for exchanging network routing data
US8103792B2 (en)2003-08-272012-01-24Raytheon Bbn Technologies Corp.Systems and methods for forwarding data units in a communications network
US7668083B1 (en)2003-10-282010-02-23Bbn Technologies Corp.Systems and methods for forwarding data in a communications network
US8275989B2 (en)2003-11-142012-09-25Microsoft CorporationMethod of negotiating security parameters and authenticating users interconnected to a network
US20050271047A1 (en)*2004-06-022005-12-08Huonder Russell JMethod and system for managing multiple overlapping address domains
US20100287270A1 (en)*2007-11-132010-11-11Fujitsu LimitedControl proxy apparatus and control proxy method
US8812730B2 (en)2008-11-172014-08-19Sierra Wireless, Inc.Method and apparatus for network port and network address translation
US20100124191A1 (en)*2008-11-172010-05-20Sierra Wireless, IncMethod and apparatus for facilitating push communication across a network boundary
US8228848B2 (en)2008-11-172012-07-24Sierra Wireless, Inc.Method and apparatus for facilitating push communication across a network boundary
US20100205260A1 (en)*2009-02-122010-08-12Sierra Wireless, Inc.Method and system for aggregating communications
US8924486B2 (en)2009-02-122014-12-30Sierra Wireless, Inc.Method and system for aggregating communications
US8139504B2 (en)2009-04-072012-03-20Raytheon Bbn Technologies Corp.System, device, and method for unifying differently-routed networks using virtual topology representations
US9037724B2 (en)2011-02-082015-05-19Sierra Wireless, Inc.Method and system for forwarding data between network devices
US20210029035A1 (en)*2019-05-312021-01-28Adva Optical Networking SeTransparent Multiplexing of IP Endpoints
US11621917B2 (en)*2019-05-312023-04-04Adva Optical Networking SeTransparent multiplexing of IP endpoints

Also Published As

Publication numberPublication date
AU3755099A (en)1999-11-08
WO1999055056A1 (en)1999-10-28
EP1074138B1 (en)2005-03-30
DE69924478T2 (en)2006-03-02
EP1074138A1 (en)2001-02-07
DE69924478D1 (en)2005-05-04
US6058431A (en)2000-05-02

Similar Documents

PublicationPublication DateTitle
USRE38902E1 (en)System and method for network address translation as an external service in the access server of a service provider
US7154891B1 (en)Translating between globally unique network addresses
US7715380B2 (en)Apparatus and methods for handling shared services through virtual route forwarding (VRF)-aware-NAT
US7450584B2 (en)Network repeater apparatus, network repeater method and network repeater program
US7924832B2 (en)Facilitating transition of network operations from IP version 4 to IP version 6
US7454489B2 (en)System and method for accessing clusters of servers from the internet network
US7814541B1 (en)Virtual routing for virtual local area networks having overlapping IP addresses
US9042384B2 (en)Distributed routing domains in multi-tenant datacenter virtual networks
US7526562B1 (en)Stateful IPv4-IPv6 DNS application level gateway for handling topologies with coexisting IPv4-only, Ipv6-only and dual-stack devices
US8108554B1 (en)Method and system for automatically mapping secure network address translations
US8798060B1 (en)Converting between tunneling protocols
US20050267978A1 (en)Method and apparatus for handling IPv4 DNS PTR queries across IPv4 and IPv6 networks
US7450585B2 (en)Method and system in an IP network for using a network address translation (NAT) with any type of application
US20120297089A1 (en)Systems and Methods of Mapped Network Address Translation
US7136385B2 (en)Method and system for performing asymmetric address translation
CN115834291B (en)Distributed intranet service data acquisition method, device, equipment and storage medium
CN101175096B (en)Implementation of expandable IP network based on source routing
Hamarsheh et al.Transition to IPv6 protocol, Where we are?
Cooper et al.IPv6: business applications and implementation concerns
JP2002204252A (en)System for converting overlapping private address
Abdalaziz et al.Analyzing the IPv6 deployment process in Palestine
JPH1013471A (en) Network connection method and domain name management method
US20060215649A1 (en)Network address converting apparatus using SSW tree
KR100562390B1 (en) Network Data Flow Identification Method and System Using Host Routing and IP Aliasing Technique
US7376750B1 (en)Method and apparatus for generic application layer gateway

Legal Events

DateCodeTitleDescription
FEPPFee payment procedure

Free format text:PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

FEPPFee payment procedure

Free format text:PAYER NUMBER DE-ASSIGNED (ORIGINAL EVENT CODE: RMPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Free format text:PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

FPAYFee payment

Year of fee payment:8

FPAYFee payment

Year of fee payment:12

ASAssignment

Owner name:CREDIT SUISSE AG, NEW YORK

Free format text:SECURITY INTEREST;ASSIGNOR:ALCATEL-LUCENT USA INC.;REEL/FRAME:030510/0627

Effective date:20130130

ASAssignment

Owner name:ALCATEL-LUCENT USA INC., NEW JERSEY

Free format text:RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG;REEL/FRAME:033950/0261

Effective date:20140819
[8]ページ先頭
©2009-2025 Movatter.jp