Movatterモバイル変換

[0]ホーム
URL:

WO1998059470A2 - Method and apparatus to enable a first subscriber in a larger network to retrieve the address of a second subscriber in a virtual private network - Google Patents

Method and apparatus to enable a first subscriber in a larger network to retrieve the address of a second subscriber in a virtual private networkDownload PDF

Info

Publication number
WO1998059470A2
WO1998059470A2PCT/SE1998/001217SE9801217WWO9859470A2WO 1998059470 A2WO1998059470 A2WO 1998059470A2SE 9801217 WSE9801217 WSE 9801217WWO 9859470 A2WO9859470 A2WO 9859470A2
Authority
WO
WIPO (PCT)
Prior art keywords
user
network
address
connection
virtual private
Prior art date
Application number
PCT/SE1998/001217
Other languages
French (fr)
Other versions
WO1998059470A3 (en
Inventor
Theo Kanter
Rabbe Fogelholm
Original Assignee
Telefonaktiebolaget Lm Ericsson (Publ)
Telia Ab
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget Lm Ericsson (Publ), Telia AbfiledCriticalTelefonaktiebolaget Lm Ericsson (Publ)
Priority to AU80523/98ApriorityCriticalpatent/AU8052398A/en
Publication of WO1998059470A2publicationCriticalpatent/WO1998059470A2/en
Publication of WO1998059470A3publicationCriticalpatent/WO1998059470A3/en

Links

Classifications

Definitions

Landscapes

Abstract

The present invention relates to an apparatus and a method for use in a virtual private network, VPN, (7, 7'), or a network domain forming part of a larger network, such as the Internet, to enable a first subscriber (1; 1') in the larger network to retrieve the address of a second subscriber (3; 3') in the VPN. The address may be returned to the first subscriber (1; 1') or a connection means (11) may set up the connection between the subscribers (1, 3; 1', 3') automatically.

Description

i
METHOD AND APPARATUS TO ENABLE A FIRST SUBSCRIBER IN A LARGER NETWORK TO RETRIEVE THE ADDRESS OF A SECOND SUBSCRIBER IN A VIRTUAL PRIVATE NETWORK
Technical Field
The present invention relates to the communication between teirninals connected to data or multimedia networks, such as the Internet.
Background
Internet Protocol (IP) type networks are used to an increasing degree for data, video and audio communication. It is a problem for subscribers in such networks to find the physical addresses, or IP addresses, of subscribers in other networks or subnetworks.
Summary of the Invention
It is an object of the present invention to enable a subscriber in any part of an IP based network to locate other subscribers in the same or other parts of the IP based network.
It is another object of the invention to enable subscribers in any part of an IP based network to connect to other subscribers in the same or other parts of the IP based network, for any kind of communication according to any known protocol.
It is yet another object of the invention to enable a subscriber to move between different locations in the network and still be reached.
The objects are achieved in a network by using a name server means according to the invention for each Virtual Private Network (VPN) connected to the network, the name server means being adapted to
- resolve a logical address in the VPN to the real IP address of hosts and user terminals for a specific service, such as e-mail or communication according to the H.323 protocol, - function as a look-up table between the logical E.164 addresses in the NPN and the real IP addresses of the hosts and users
- cooperate with connection means for call set-up.
The solution according to the invention offers the following advantages:
As it is based on known solutions, it may be implemented at a relatively low cost.
It involves the separation of an internal and an external number plan, thus increasing the flexibility in the network.
It enables the connection between an H.323 domain and an Internet domain.
Brief Description of the Drawings
Figure 1 is a schematic drawing of a connection between two user terminals set up according to a first embodiment of the invention. Figure 2 is a flow chart of the actions performed when a connection between two user terminals is set up according to the first embodiment.
Figure 3 is a schematic drawing of a connection between two subscribers set up according to a second embodiment of the invention.
Figure 4 is a flow chart of the actions performed when a connection between two user terminals is set up according to the second embodiment.
Detailed Description of Embodiments
The dotted line in Figure 1 shows a connection between a first 1 and a second 3 user teirninal. The teπninals 1, 3 may be any kind of ten-ninals which may be used for communication, for example personal computers (PCs) or telephones. The first user terminal 1 is connected to a data or telecommunications network 5 via a leased line, a modem a corporate network, or in any other way. The network 5 may be any network allowing communication between two end points on a logical connection, which may be packet switched or circuit switched. A common network today, in which the teachings of the invention may become particularly useful, is the Internet. In the following discussion, therefore, the network 5 will be referred to as the Internet.
The second user teπriinal is found in a Virtual Private Network (VPN) 7, which functions as an Internet domain. A name server 9 in the VPN 7 is connected to the Internet 5 and to a connection unit 11. In TCP/IP networks the name server 9 might be a Domain Name Server (DNS) well known in the art. If the H.323 protocol for data, audio and video communication is used, the connection unit 11 might be a gatekeeper, of a kind well known in the art. The connection unit 11 is connected to the second user terminal 3 with a semi-permanent connection.
The name server 9 is a database comprising, in addition to the information found in prior art name servers, an MX record 13 for each user teπninal in the VPN 7. The MX record comprises information about the IP addresses of all user terminals in the VPN 7 for different types of communication, for example, e-mail, H.323, or telnet connections.
Figure 2 shows the actions taken when the first user 1 in the first embodiment wishes to establish a connection to the second subscriber 3.
Step S 11 : The first user 1 connects to the name server 9 and requests the gate number for H.323 and enters the known address of the second user 3.
Step S12: The name server 9 determines what type of connection is wanted and forwards the request to the connection unit 11, together with the address of the first user 1.
Step S 13: The connection unit 11 retrieves the appropriate IP address of the second user 3 for the type of connection, in this case, the H.323 address. The type of connection may be determined, for example, by the port of the name server at which the connection is made. Step S 14: The connection unit 11 establishes the connection between the users 1,
->.
Figure 3 shows a second embodiment of the invention. In this embodiment a first user terminal 1' is connected to a second user terminal 3 ' as shown by the dotted line. The second user terminal is found in a VPN 7', which also comprises a name server 9', identical to the name server 9 in Figure 1. A user directory 11 ' is connected to the name server 9'. The user directory 9' comprises information about the physical addresses of the user terminals 3 ' in the VPN 7'. In a TCP/IP network, the name server will be a Domain Name Server (DNS) and the user directory will be a Lightweight Directory Access Protocol (LAPD) server of the kinds known in the art.
Figure 4 shows the actions taken when the first user 1 ' in the second embodiment wishes to establish a connection to the second subscriber 3 ' .
Step S21: The first user 1' connects to the name server 9' and transmits the known, logical address of the second user 3 ' to the name server 9'.
Step S22: The name server 9' determines what type of connection is wanted and forwards the logical address of the second user 3 ' to the user directory l l' ofthe VPN 7\
Step S23 : The user directory 11 ' retrieves the physical address corresponding to the logical address entered.
Step S24: The user directory 11' returns the physical address of the second user 3' to the first user 1 ' via the name server 9' . Step S25: The first user 1' initiates the connection to the second user 3' in a - conventional manner.
If the first user 1' knows the address to the user directory 11', he can go directly to the user directory 11 ' instead of connecting via the name server 9'.

Claims

Claims
1. A name server means (9; 9') for use in a virtual private network (7; 7'), or a network domain, forming part of a compound network, said means (9; 9') being characterized by means ( 13 ; 13 ') for receiving a request for the physical address of a user terminal (3; 3') from another user terminal (1; 1') and forwarding said request to a connection means (11; 11 ') in the virtual private network (7; 7') or network domain.
2. A name server means according to claim 1, characterized in that the logical addresses comprise IP addresses, addresses according to the E.164 protocol and/or other logical identities according to the appropriate numbering plan.
3. A name server means according to claim 1 or 2, characterized by means (11, 11 ') for initiating the connection between two subscribers (1, 3).
4. A connection means (11; 11 ') for use in a virtual private network (7; 7') or a network domain, forming part of a compound network, said connection means being characterized in that it is adapted to return, upon a request comprising a logical address of a user (3 ;3 ') in the virtual private network (7; 7'), a physical address of said user (3; 3').
5. A connection means (11; 11') according to claim 4, characterized in that it is adapted, upon a request originating from a user (1; 1 ') in said compound network, said request comprising a logical address of a user (3; 3') in the virtual private network (7; 7'), to establish a connection between said users (1, 3; 1 ' 3').
6. A telecommunications or data communications network, forming part of a compound network, characterized by at least one connection means, according to . claim 4 or 5.
7. A network according to claim 6, characterized by at least one name server means according to any one of claims 1-3.
8. A method for enabling a user (1; 1') in compound network to retrieve the IP address of a second user (3; 3') in a virtual private network (7; 7') or a network domain, forming part of said compound network, characterized by the following steps:
- transnήtting a request for a physical address, the request comprising a logical address of the second user (3; 3')
- forwarding the logical address of the second user (3; 3') to a connection means
(i i);
- returning the logical address to the first user (1; 1') or automatically establishing a connection between the first (1; 1') and the second (3; 3 ') user.
9. A method according to claim 8, characterized by
- automatically establishing a connection between the first (1) user and the second user (3).
10. A method according to claim 8, characterized by
- returning the address of the second user (3') to the first user (T).
11. A method according to any one of claims 8-10, characterized by determining the type of address to be used in dependence of the port of the name server (9; 9') on which the request was received.
12. A method according to any one of claims 6-11, characterized in that the physical address may be an e-mail-address, and/or an E.164 address.
PCT/SE1998/0012171997-06-231998-06-23Method and apparatus to enable a first subscriber in a larger network to retrieve the address of a second subscriber in a virtual private networkWO1998059470A2 (en)

Priority Applications (1)

Application NumberPriority DateFiling DateTitle
AU80523/98AAU8052398A (en)1997-06-231998-06-23Method and apparatus to enable a first subscriber in a larger network to etrieve the address of a second subscriber in virtual private network

Applications Claiming Priority (2)

Application NumberPriority DateFiling DateTitle
SE9702385-71997-06-23
SE9702385ASE9702385L (en)1997-06-231997-06-23 Procedure and apparatus in a computer network

Publications (2)

Publication NumberPublication Date
WO1998059470A2true WO1998059470A2 (en)1998-12-30
WO1998059470A3 WO1998059470A3 (en)1999-03-18

Family

ID=20407467

Family Applications (1)

Application NumberTitlePriority DateFiling Date
PCT/SE1998/001217WO1998059470A2 (en)1997-06-231998-06-23Method and apparatus to enable a first subscriber in a larger network to retrieve the address of a second subscriber in a virtual private network

Country Status (3)

CountryLink
AU (1)AU8052398A (en)
SE (1)SE9702385L (en)
WO (1)WO1998059470A2 (en)

Cited By (25)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
WO2001026284A1 (en)*1999-09-242001-04-12Elisa Communications OyjMethod for controlling traffic in a data network
EP1093255A1 (en)*1999-10-142001-04-18AlcatelMethod for connecting a first user-terminal to a second user-terminal, related devices and related software modules
WO2001050688A1 (en)*1999-12-292001-07-12Telefonaktiebolaget Lm Ericsson (Publ.)Method and system for communication
GB2363547A (en)*2000-06-032001-12-19Samsung Electronics Co LtdInternet protocol (ip) based communication system in a mobile telephone network which allows ip communication even if no ip connection exists
WO2001080487A3 (en)*2000-04-122002-04-25Openreach ComMethods and systems for partners in virtual networks
DE10051535A1 (en)*2000-10-182002-04-25Heidelberger Druckmasch Ag Method for transmitting data between a first and a second computing unit
US6502135B1 (en)1998-10-302002-12-31Science Applications International CorporationAgile network protocol for secure communications with assured system availability
WO2003003664A1 (en)*2001-06-272003-01-09Hyglo AbSystem and method for address and key distribution in virtual networks
EP1100232A3 (en)*1999-11-102004-03-17Nortel Networks LimitedSystem, device, and method for allocating virtual circuits in a communication network
GB2398198A (en)*2002-12-212004-08-11Kenneth Neville BurginVideo communication establishment system
US6810417B2 (en)2001-02-202004-10-26Kin Man LeeContent delivery network system and method for network configuring
US6826616B2 (en)1998-10-302004-11-30Science Applications International Corp.Method for establishing secure communication link between computers of virtual private network
US6904041B1 (en)*1999-07-142005-06-07Siemens Communications, Inc.System and method for communication domains and subdomains in zones of real time communication systems
US6996628B2 (en)2000-04-122006-02-07Corente, Inc.Methods and systems for managing virtual addresses for virtual networks
US7010604B1 (en)1998-10-302006-03-07Science Applications International CorporationAgile network protocol for secure communications with assured system availability
US7028333B2 (en)2000-04-122006-04-11Corente, Inc.Methods and systems for partners in virtual networks
US7028334B2 (en)2000-04-122006-04-11Corente, Inc.Methods and systems for using names in virtual networks
US7047424B2 (en)2000-04-122006-05-16Corente, Inc.Methods and systems for hairpins in virtual networks
US7085854B2 (en)2000-04-122006-08-01Corente, Inc.Methods and systems for enabling communication between a processor and a network operations center
US7181766B2 (en)2000-04-122007-02-20Corente, Inc.Methods and system for providing network services using at least one processor interfacing a base network
US7395354B2 (en)2002-02-212008-07-01Corente, Inc.Methods and systems for resolving addressing conflicts based on tunnel information
US7533409B2 (en)2001-03-222009-05-12Corente, Inc.Methods and systems for firewalling virtual private networks
EP2375672A1 (en)*2000-04-262011-10-12VirnetX Inc.Improvements to an agile network protocol for secure communications with assured system availability
US9077695B2 (en)1998-10-302015-07-07Virnetx, Inc.System and method for establishing an encrypted communication link based on IP address lookup requests
US10511573B2 (en)1998-10-302019-12-17Virnetx, Inc.Agile network protocol for secure communications using secure domain names

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US5745683A (en)*1995-07-051998-04-28Sun Microsystems, Inc.System and method for allowing disparate naming service providers to dynamically join a naming federation

Cited By (44)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US7010604B1 (en)1998-10-302006-03-07Science Applications International CorporationAgile network protocol for secure communications with assured system availability
US9077694B2 (en)1998-10-302015-07-07Virnetx, Inc.Agile network protocol for secure communications using secure domain names
US10511573B2 (en)1998-10-302019-12-17Virnetx, Inc.Agile network protocol for secure communications using secure domain names
US10187387B2 (en)1998-10-302019-01-22Virnetx, Inc.Method for establishing connection between devices
US9967240B2 (en)1998-10-302018-05-08Virnetx, Inc.Agile network protocol for secure communications using secure domain names
US9860283B2 (en)1998-10-302018-01-02Virnetx, Inc.Agile network protocol for secure video communications with assured system availability
US9819649B2 (en)1998-10-302017-11-14Virnetx, Inc.System and method employing an agile network protocol for secure communications using secure domain names
US9094399B2 (en)1998-10-302015-07-28Virnetx, Inc.Method for establishing secure communication link between computers of virtual private network
US6502135B1 (en)1998-10-302002-12-31Science Applications International CorporationAgile network protocol for secure communications with assured system availability
US6907473B2 (en)1998-10-302005-06-14Science Applications International Corp.Agile network protocol for secure communications with assured system availability
US9077695B2 (en)1998-10-302015-07-07Virnetx, Inc.System and method for establishing an encrypted communication link based on IP address lookup requests
US6618761B2 (en)1998-10-302003-09-09Science Applications International Corp.Agile network protocol for secure communications with assured system availability
US7490151B2 (en)1998-10-302009-02-10Virnetx Inc.Establishment of a secure communication link based on a domain name service (DNS) request
US7188180B2 (en)1998-10-302007-03-06Vimetx, Inc.Method for establishing secure communication link between computers of virtual private network
US7133930B2 (en)1998-10-302006-11-07Science Applications International CorporationAgile network protocol for secure communications with assured system availability
US6826616B2 (en)1998-10-302004-11-30Science Applications International Corp.Method for establishing secure communication link between computers of virtual private network
US6834310B2 (en)1998-10-302004-12-21Science Applications International Corp.Preventing packet flooding of a computer on a computer network
US6839759B2 (en)1998-10-302005-01-04Science Applications International Corp.Method for establishing secure communication link between computers of virtual private network without user entering any cryptographic information
US6904041B1 (en)*1999-07-142005-06-07Siemens Communications, Inc.System and method for communication domains and subdomains in zones of real time communication systems
WO2001026284A1 (en)*1999-09-242001-04-12Elisa Communications OyjMethod for controlling traffic in a data network
EP1093255A1 (en)*1999-10-142001-04-18AlcatelMethod for connecting a first user-terminal to a second user-terminal, related devices and related software modules
US6944664B1 (en)1999-10-142005-09-13AlcatelMethod for connecting a first user-terminal to a second using-terminal, related devices and related software modules
EP1100232A3 (en)*1999-11-102004-03-17Nortel Networks LimitedSystem, device, and method for allocating virtual circuits in a communication network
WO2001050688A1 (en)*1999-12-292001-07-12Telefonaktiebolaget Lm Ericsson (Publ.)Method and system for communication
WO2001061922A3 (en)*2000-02-152003-03-06Science Applic Int CorpAgile network protocol for secure communications with assured system availability
US7085854B2 (en)2000-04-122006-08-01Corente, Inc.Methods and systems for enabling communication between a processor and a network operations center
US7028333B2 (en)2000-04-122006-04-11Corente, Inc.Methods and systems for partners in virtual networks
US6996628B2 (en)2000-04-122006-02-07Corente, Inc.Methods and systems for managing virtual addresses for virtual networks
US7181766B2 (en)2000-04-122007-02-20Corente, Inc.Methods and system for providing network services using at least one processor interfacing a base network
US7181542B2 (en)2000-04-122007-02-20Corente, Inc.Method and system for managing and configuring virtual private networks
WO2001080487A3 (en)*2000-04-122002-04-25Openreach ComMethods and systems for partners in virtual networks
WO2001080489A3 (en)*2000-04-122002-04-25Openreach ComMethods and systems for enabling communication between a processor and a network operations center
US7028334B2 (en)2000-04-122006-04-11Corente, Inc.Methods and systems for using names in virtual networks
US7047424B2 (en)2000-04-122006-05-16Corente, Inc.Methods and systems for hairpins in virtual networks
EP2375672A1 (en)*2000-04-262011-10-12VirnetX Inc.Improvements to an agile network protocol for secure communications with assured system availability
EP2512093A1 (en)*2000-04-262012-10-17VirnetX Inc.Improvements to an agile network protocol for secure communications with assured system availability
GB2363547B (en)*2000-06-032002-07-31Samsung Electronics Co LtdIP-based communication system between terminals and method thereof
GB2363547A (en)*2000-06-032001-12-19Samsung Electronics Co LtdInternet protocol (ip) based communication system in a mobile telephone network which allows ip communication even if no ip connection exists
DE10051535A1 (en)*2000-10-182002-04-25Heidelberger Druckmasch Ag Method for transmitting data between a first and a second computing unit
US6810417B2 (en)2001-02-202004-10-26Kin Man LeeContent delivery network system and method for network configuring
US7533409B2 (en)2001-03-222009-05-12Corente, Inc.Methods and systems for firewalling virtual private networks
WO2003003664A1 (en)*2001-06-272003-01-09Hyglo AbSystem and method for address and key distribution in virtual networks
US7395354B2 (en)2002-02-212008-07-01Corente, Inc.Methods and systems for resolving addressing conflicts based on tunnel information
GB2398198A (en)*2002-12-212004-08-11Kenneth Neville BurginVideo communication establishment system

Also Published As

Publication numberPublication date
WO1998059470A3 (en)1999-03-18
AU8052398A (en)1999-01-04
SE9702385D0 (en)1997-06-23
SE9702385L (en)1998-12-24

Similar Documents

PublicationPublication DateTitle
WO1998059470A2 (en)Method and apparatus to enable a first subscriber in a larger network to retrieve the address of a second subscriber in a virtual private network
US6026441A (en)Method for establishing communication on the internet with a client having a dynamically assigned IP address
US6519242B1 (en)Apparatus and method of PSTN based network roaming and SCP based subscriber management for internet telephony systems
JP3402190B2 (en) Method of establishing audio connection and distributed database
US6504839B2 (en)Apparatus, methods and systems for routing information from a packet-switched network to a mobile device communicating with a wireless telecommunications network
EP0935380B1 (en)Method and system for voice call completion using information retrieved from an open application on a computing machine
US6161008A (en)Personal mobility and communication termination for users operating in a plurality of heterogeneous networks
KR100391965B1 (en) Telephone communication method that allows telephone terminal and voice channel IP address to be associated with call connection
US6636596B1 (en)Method of and system for providing intelligent network control services in IP telephony
US6421674B1 (en)Methods and systems for implementing a real-time, distributed, hierarchical database using a proxiable protocol
US6192044B1 (en)Employing a look-up service and a callee connection service to establish a network phone call between a caller and a callee
EP2098016A1 (en)Methods, systems, and computer program products for providing quality of service using e.164 number mapping (enum) data in a communications network
CN1332940A (en)System and method for providing mobile terminating calls to roaming mobile station within H323 system
WO1998059467A2 (en)Method and device for establishing connections between two subscribers in two different subnetworks
EP1081920B1 (en)Method of establishing communication exchange between a terminal of a packet-based network and a terminal connected to a remote access server
EP2074809A2 (en)Methods, systems, and computer program products for enabling short code dialing in an enum environment
US6801526B1 (en)Server for supporting the establishment of telephone calls through an IP network
EP1046271A1 (en)Internet access by telephone
US7408922B2 (en)Communication between switched-circuit communication network and VoIP network domains
CN1379604A (en)Method of group exchange mode calling due to routing
WO2007005125A1 (en)Method and system for call processing
KR100402787B1 (en)Call Setup Method for Video Telephony Service in mobile radio communication network
JP2006244099A (en) SIP server acceleration architecture
CN114449107B (en) Virtual number communication method and system
JP2001237892A (en)Internet access system and method using access server

Legal Events

DateCodeTitleDescription
AKDesignated states

Kind code of ref document:A2

Designated state(s):AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM GW HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW

ALDesignated countries for regional patents

Kind code of ref document:A2

Designated state(s):GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG

DFPERequest for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AKDesignated states

Kind code of ref document:A3

Designated state(s):AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM GW HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT GH

ALDesignated countries for regional patents

Kind code of ref document:A3

Designated state(s):GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG

121Ep: the epo has been informed by wipo that ep was designated in this application
NENPNon-entry into the national phase

Ref country code:JP

Ref document number:1999504322

Format of ref document f/p:F

REGReference to national code

Ref country code:DE

Ref legal event code:8642

122Ep: pct application non-entry in european phase
NENPNon-entry into the national phase

Ref country code:CA
[8]ページ先頭
©2009-2025 Movatter.jp