CA2260561C - An improved method for network address translation - Google Patents

An improved method for network address translation Download PDF

Info

Publication number
CA2260561C
CA2260561C CA002260561A CA2260561A CA2260561C CA 2260561 C CA2260561 C CA 2260561C CA 002260561 A CA002260561 A CA 002260561A CA 2260561 A CA2260561 A CA 2260561A CA 2260561 C CA2260561 C CA 2260561C
Authority
CA
Canada
Prior art keywords
home network
address
packet
router
internet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CA002260561A
Other languages
French (fr)
Other versions
CA2260561A1 (en
Inventor
Murali Aravamudan
Hong-Yi Tzeng
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nokia of America Corp
Original Assignee
Lucent Technologies Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lucent Technologies Inc filed Critical Lucent Technologies Inc
Publication of CA2260561A1 publication Critical patent/CA2260561A1/en
Application granted granted Critical
Publication of CA2260561C publication Critical patent/CA2260561C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2514Translation of Internet protocol [IP] addresses between local and global IP addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2517Translation of Internet protocol [IP] addresses using port numbers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2546Arrangements for avoiding unnecessary translation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2596Translation of addresses of the same type other than IP, e.g. translation from MAC to MAC addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/622Layer-2 addresses, e.g. medium access control [MAC] addresses

Abstract

A method for translating non Internet unique addresses of a home network device to an Internet unique address for internet communication through a router.
Every device within a given home network is assigned three addresses:(i) a configured address identical to the network address of the router enabling access to an Internet;
(ii) a logical address visible only to the other devices in the same home network; and (iii) a medium access control ("MAC") address. Every packet originating from a home network source device includes its MAC address, the router MAC address, its configured address and the network destination address, and is forwarded to its destination through the router. The router examines the network destination address to determine whether the communication is intranet or internet. For intranet communications the router replaces the configured address of the home network source device with the logical address of the home network source device, the logical address of the home network destination device with the configured address, its MAC
address with the MAC address of the home network destination device, and forwards the packet to the home network destination device. For Internet communications the router forwards the packet along the Internet without replacing any of the source or destination information in the headers of the packet. Based on the source MAC
address, however, the router records the logical address of the home network source device as well as the DA, SP, DP and PT in order to identify a response to the packet from the Internet destination device.

Description

AN IMPROVED METHOD FOR NETWORK ADDRESS TRANSLATION
Technical Field This invention relates generally to translation of a non Internet-unique network address of a network device to an Internet-unique network address.
Background of the Invention Data packets generally comprise the underlying data to be communicated, surrounded by one or more layers of header and footer information to enable forwarding the packet from end user to end user. Initially, a header identifying the application is appended to the data, I.e. the application layer. Thereafter, a header identifying the ports and communication protocol is appended, I.e. the transport layer.
The network layer identifies the source and destination devices by their network addresses, such as an IP address. Lastly, the immediate link protocol information is included in the data link layer.
For Internet applications the network layer comprises the IP address of the source and destination devices. Proper transmission requires that these addresses be unique. However, their number is limited. For example, there are at most 4 billion IP
addresses. With the proliferation of the Internet this number is clearly insufficient. To reduce the demand on IP addresses, devices connected through a gateway, such as a router, to the Internet are not necessarily given Internet unique IP
addresses. For example, the devices within a local area network ("LAN") with access to the Internet through a router will have IP addresses which are unique as between devices in the LAN, but not unique as between all devices on the Internet.
To facilitate the following discussion we will refer to a network device with a non unique network address as a home network device. The home network device may be part of an intranet, or it may be a stand-alone computer with access to an Internet, such as through an Internet service provider. The key is that the home network device does not have a unique network address vis a vis the Internet to which it has access.
As for intranet communication, each home network device has a unique IP
address. Therefore the home network devices have no difficulty identifying each other and communicating. However, since its network address is not unique with respect to other devices on the Internet its packets cannot be forwarded directly to their respective destinations. Rather, a home network device that wants to forward a packet to a destination device on the Internet initially includes its non-unique address SA in the network layer header and forwards the packet to the router. The router removes the address SA and inserts its own Internet unique address RSA, instead. The muter records the source address SA, the destination address DA, the source port SP, the destination port DP and the protocol type PT from the network and transport layers of the packet and then forwards the packet to its destination over the Internet.
Any response from the destination will include RSA as its DA' and DA, SP, DP
and PT as SA', DP', SP' and PT, respectively. The router will recognize this information as a response from the original destination, now acting as a source, to the original source, now acting as a destination. The router will then replace its IP address RSA from the DA' in the network layer for the non-unique address SA of the original source and forward the response to the appropriate network device.
While the above-mentioned scheme addresses the concern of limited IP
addresses, it remains limited in addressing several applications. First, it does not enable a source to send a packet through the Internet to a home network device, unless it is responding to a packet that originated from that home network device. The source simply has no means for identifying the home network device. The source can only identify the router connecting the home network device to the Internet. Yet, the router has no means for determining which home network device is the intended recipient of the packet.
A second application where the above-mentioned scheme is at best inefficient, is voice communication over the Internet using a protocol such as ITU H.323, well known in the art. In accordance with the ITU H.323 protocol, the source network device inserts its IP address among the data bits of the IP packet, referred to as the payload as opposed to the network layer header. Clearly, where the source device is a home network device the source address that would be inserted into the payload would be a non-unique address which may not appear outside of the home network. Thus the home network device could not engage in voice communications in accordance with ITU H.323. While it is possible to instruct the router to examine the payload, remove the non-unique network address and insert its own unique network address, this would involve many operations that would overload the router. In addition, the router would have to apply the same operations in reverse when it receives a response from the Internet device to the home network device. Moreover, the muter would have to be able to handle similar operations for each of a variety of protocols with similar demands, such as the file transfer protocol ("FTP").
A third application where the above-mentioned scheme is limited in enabling access between home network devices and devices on the Internet is the IP
security protocol. IP security is a scheme for authenticating the communicating devices. In general, a device employing IP security performs a checksum operation on its IP header and the result is appended as a header to the IP header. The destination device performs a similar checksum operation on the IP header of the received packet and compares the result with the IP security header.
This will not work, however, when the IP packet was forwarded from a home network device to an Internet device in accordance with the above-mentioned scheme.
In this scheme the original source address of the packet on which the IP
security header depends is replaced with the router source address. Thus when the destination device receives the packet and performs the checksum operation the IP security header will not match. As with voice communications, to employ the router to replace the IP
security header is too complicated. Indeed, currently IP security is not used with home network devices.
Accordingly, a method for network address translation not constrained by the aforementioned limitations is desirable and described below.
Summary of the Invention In accordance with the present invention every device within a given home network is assigned three addresses:(i) a configured address identical to the network address of the roofer enabling access to an Internet; (ii) a logical address visible only to the other devices in the same home network; and (iii) a medium access control ("MAC") address. To forward a packet, the home network source device includes its MAC address and that of the roofer in the datalink layer, and its configured address and the network destination address in the network layer, of the packet. ~ The roofer examines the network destination address to determine whether the communication is intranet or Internet. For intranet communications the network destination address is the logical address of the home network destination device. In the network layer, the roofer replaces the configured address of the home network source device with the logical address of the home network source device and the logical address of the home network destination device with the configured address. In the datalink layer, the muter replaces its MAC address with the MAC address of the home network destination device. The roofer then forwards the packet to the home network destination device.
Where the roofer determines that the network destination address is an Internet unique address, it forwards the packet along the Internet without replacing any of the source or destination information in the headers of the packet. Based on the source MAC address, however, the roofer records the logical address of the home network source device as well as the DA, SP, DP and PT in order to identify a response to the packet from the Internet destination device.
In accordance with one aspect of the present invention there is provided a data communications system comprising an Internet and at least one home network, each of said home networks comprising a plurality of home network devices and having access to said Internet through a roofer with an Internet-unique network address, said system employing a method for network address translation of a packet having at least a network layer and a datalink layer, originating from one of said home network devices, said method comprising the following steps: including in the network layer of said packet a configured logical address to represent the network layer source address of the source home network device, and a logical destination address, said f II ~I ~~Y~15'~ ' A k4 ~' : ~V ~i ' ~I~ ' I

-4a-configured logical address being common to each home network device with a common home network, and its router; including in the datalink layer of said packet the MAC address of said router as the datalink layer destination address of the packet;
forwarding said packet from said source homec network device to said router;
determining whether said packet is intended for a home network device; if said packet is intended for a home network device, replacing said configured logical address at the network layer of said packet with the logical address of said source home network device, replacing said logical address of the destination home network device with said configured logical address, and replacing said router MAC address with the MAC address of the destination home network device; if said packet is intended for an Internet destination device, recording packet identifying information; and forwarding said packet to its intended destination device.
Brief Description of the Drawinss FIG. 1 is a prior art topology drawing of a plurality of home network devices connected to the Internet through a router.
FIG. 2 is a descriptive flowchart of the process of network address translation of a packet originating from a home network, in accordance with the present invention.
FIG. 3 is an illustrative default profile of a router for directing certain packets to specific predetermined home network devices.
FIG. 4 is a descriptive flowchart of the process of network address translation of a packet originating from an Internet source, in accordance with the present invention.
Detailed Description of the Invention In accordance with the method of the present invention every home network device shares an identical configured address G which is identical to the network address of the router R enabling access to the Internet to each of the home network devices. Each home network device also has a logical address visible only to the other devices in the same home network. Lastly, each home network device includes a medium access control ("MAC") address.
Referring to FIG. 2, in a data communications system in accordance with the present invention packets originating from the home network, include the MAC
address of the home network source device and that of the router in the datalink layer, and the configured address and the network destination address in the network layer (step 210). In accordance with the present invention every packet originating from the home network, whether to another device on the home network, or to an Internet destination, passes through router R as shown in step 211. As shown in step 212, router R examines the network destination address to determine whether the communication is intranet or Internet. For intranet communications the network destination address is the logical address of the home network destination device. As shown in step 215, the router replaces in the network layer the configured address of the home network source device with the logical address of the home network source device and the logical address of the home network destination device with the configured address. In the datalink layer, the muter replaces its MAC address with the MAC address of the home network destination device. The muter then forwards the packet to the home network destination device, as shown in step 216.
By initially including the configured address as the network source address the network layer leaves the source ready for forwarding both along the Internet and within the home network. The packet is ready for Internet transmission since the configured address is the router address, the only Internet unique address for the home network devices. Since the configured network source address is Internet unique, it can be included in the payload in accordance with H.323 and IP security can be applied as well.
Where muter R determines that the network destination address is an Internet unique address, it forwards the packet along the Internet without replacing any of the source or destination information in the headers of the packet, as shown in step 214.
Based on the source MAC address, however, the muter records the logical address of the home network source device as well as the DA, SP, DP and PT in order to identify a response to the packet from the Internet destination device, as shown in step 213.
The packet is also ready for intranet communications since the logical address of the home network destination device is included in the network layer and it is relatively simple for router R to replace the configured address with the home network source device's logical address. While the present invention adds some complexity to a router for intranet communications, the benefits realized for Internet communications make it worthwhile, especially in systems with relatively heavy Internet traffic.
When receiving a response from a home network device the router handles the packet much the same way as if the responding device is a home network source device as explained above. However, the task is more complicated when the packet originates from the Internet and is destined to a home network device. Referring to FIG.
4, upon receiving a packet from the Internet, as shown in step 410, router R first determines whether the network layer information matches any of the 'network layer information from a packet that had been forwarded from a home network device, as shown in step 415. In other words the router first determines whether the packet is a response to another packet that had originated from the home network.
The network layer information that the router looks to identify includes for example the network address. In other words, does the network destination address of any packets sent from the home network to the Internet match the network source address of the Internet originating packet. Other network layer information includes datalink port and protocol type as explained above.
If the network layer information enables router R to identify the packet as a response, router R will replace the network destination address in the network layer of _7_ the packet with the configured address and add the MAC address of the intended home network destination device in the datalink layer, as shown in step 420.
Thereafter router R will forward the packet to the appropriate home network destination device.
If, however, muter R cannot identify the home network destination device from the network layer information, the router will then refer to a default profile to match the packet with an appropriate home network device, if applicable, as show in steps 430 and 435. An illustrative default profile is shown in FIG. 3. If no default profile is specified router R then determines whether the protocol type of the packet is User Datagram Protocol ("UDP") or Transmission Control Protocol ("TCP") (step 440).
If either one of these protocols are specified then router R will broadcast the packet to all the home network devices as shown in step 445. This is accomplished by adding the broadcast MAC address at the datalink layer. If router R determines in step 450 that less than all home network devices respond to the broadcast packet, it will forward future packets with the same network layer information only to those responding home network devices, as shown in step 465. Otherwise, future packets with the same network layer information will continue to be broadcast, as shown in step 455.
Note, that if the router R cannot identify the home network destination device, and the protocol type is not either TCP or UDP, the router may not be able to forward the packet as shown in step 460.
One skilled in the art will understand that if the Internet originating packet has a multicast network address then the router will simply add the multicast MAC
address and forward the packet on the home network.
One last note is that the address resolution protocol ("ARP") used to translate logical addresses to MAC addresses must be modified in a home network operating in accordance with the present invention. Typically, a home network device sends an ARP request to learn the MAC address of an intended destination device. The request will include the destination device's logical address and the requesting machine will wait for a response from the destination device with the destination device's MAC
address. These requests will however be lost in a network operating in accordance with the present invention since the devices do not recognize their own logical _g_ addresses. Thus ARP must be modified such that the ARP requests are sent to the router. Since the router recognizes each device's logical and MAC addresses, it can respond to the request with the MAC address of the intended destination home network device. Alternatively, the router can respond to the ARP request by forwarding its own MAC address and then upon receipt of the packet, replace its MAC
address with that of the intended destination home network device and forward the packet accordingly.
Likewise, the router should be designed to intercept all gratuitous ARP
transmissions. Otherwise, the device transmitting its own MAC address will announce itself with the configured logical address and confuse all the devices on the home network which identify themselves by the configured address as well.
Lastly, the router can use known techniques for identifying the MAC addresses of the home network devices. These techniques include a Dynamic Host Configuration Protocol ("DHCP") request from a device, a gratuitous ARP transmission from a device and an ARP request from a device.
The foregoing merely illustrates the principles of the present invention.
Those skilled in the art will be able to devise various modifications, which although not explicitly described or shown herein, embody the principles of the invention and are thus within its spirit and scope.

Claims (7)

Claims:
1. In a data communications system comprising an internet and at least one home network, each of said home networks comprising a plurality of home network devices and having access to said internet through a router with an internet-unique network address, said system employing a method for network address translation of a packet having at least a network layer and a datalink layer, originating from one of said home network devices, said method comprising the following steps:
including in the network layer of said packet a configured logical address to represent the network layer source address of the source home network device, and a logical destination address, said configured logical address being common to each home network device with a common home network, and its router;
including in the datalink layer of said packet the MAC address of said router as the datalink layer destination address of the packet;
forwarding said packet from said source home network device to said router;
determining whether said packet is intended for a home network device;
if said packet is intended for a home network device, replacing said configured logical address at the network layer of said packet with the logical address of said source home network device, replacing said logical address of the destination home network device with said configured logical address, and replacing said router MAC address with the MAC address of the destination home network device;
if said packet is intended for an internet destination device, recording packet identifying information; and forwarding said packet to its intended destination device.
2. In a system according to claim 1 wherein said packet identifying information includes the logical address of said source home network device, the network layer destination address, the datalink source and destination addresses and the protocol type specified in the packet.
3. In a system according to claim 1 further employing a method for MAC address resolution comprising the following steps:
forwarding all requests for address resolution of a second home network device from a requesting first home network device to said muter; and said router responding to said request for address resolution by forwarding to said first home network device the MAC address of said second home network device.
4. In a system according to claim 3 wherein said muter is designed to intercept all gratuitous requests for address resolution originating from said home network.
5. In a system according to claim 1 further employing a method for MAC address resolution comprising the following steps:
forwarding all requests for address resolution of a second home network device from a requesting first home network device to said router; and said router responding to said request for address resolution by forwarding to said first home network device the MAC address of said router.
6. In a system according to claim 5 wherein said router is designed to intercept all gratuitous requests for address resolution originating from said home network.
7. In a data communications system comprising an internet and at least one home network, each of said home networks comprising a plurality of home network devices and having access to said internet through a router with an internet-unique network address, said system employing a method for network address translation of a packet having at least a network layer and a datalink layer, originating from a source device on said internet, received at said muter and intended for one of said home network devices, said method comprising the following steps:
determining whether the network layer of a first packet from said source device includes information that matches that of any packet previously transmitted from a home network device to said source device on said internet;
if said network layer of said first packet includes information that matches that of any packet having previously been transmitted from a home network device to said source device on said internet, then replacing the network layer destination address of said first packet with a configured logical address, said configured logical address being common to each home network device with a common home network, and its router and adding at said datalink layer the MAC address of said home network device as the datalink destination address;
if network layer information of said first packet matches an entry in a default service profile, then forwarding said first packet in accordance with said default service profile;
if said first packet includes a TCP or UDP protocol type, then broadcasting said first packet to all of said plurality of home network devices;
if any of said home network devices respond to said broadcast first packet, then forward subsequent packets with the same network layer information as said first packet, only to said responding home network devices;
and discarding all packets not forwardable by the foregoing steps.
CA002260561A 1998-02-20 1999-01-26 An improved method for network address translation Expired - Fee Related CA2260561C (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/027,708 1998-02-20
US09/027,708 US6006272A (en) 1998-02-23 1998-02-23 Method for network address translation

Publications (2)

Publication Number Publication Date
CA2260561A1 CA2260561A1 (en) 1999-08-20
CA2260561C true CA2260561C (en) 2002-11-26

Family

ID=21839326

Family Applications (1)

Application Number Title Priority Date Filing Date
CA002260561A Expired - Fee Related CA2260561C (en) 1998-02-20 1999-01-26 An improved method for network address translation

Country Status (2)

Country Link
US (1) US6006272A (en)
CA (1) CA2260561C (en)

Families Citing this family (178)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6130892A (en) * 1997-03-12 2000-10-10 Nomadix, Inc. Nomadic translator or router
KR100528156B1 (en) * 1997-03-12 2005-11-15 노마딕스, 인코포레이티드 Nomadic Translator or Router
US6304912B1 (en) * 1997-07-24 2001-10-16 Fujitsu Limited Process and apparatus for speeding-up layer-2 and layer-3 routing, and for determining layer-2 reachability, through a plurality of subnetworks
US6189041B1 (en) * 1997-11-12 2001-02-13 International Business Machines Corporation Next hop resolution protocol cut-through to LANs
US6353614B1 (en) 1998-03-05 2002-03-05 3Com Corporation Method and protocol for distributed network address translation
EP0945807A1 (en) * 1998-03-27 1999-09-29 Hewlett-Packard Company Adress remapping for a bus
US6154839A (en) * 1998-04-23 2000-11-28 Vpnet Technologies, Inc. Translating packet addresses based upon a user identifier
US6377990B1 (en) * 1998-06-15 2002-04-23 Lodgenet Entertainment Corporation System for providing internet access from locations different from those for which the user's software was configured
US6584509B2 (en) * 1998-06-23 2003-06-24 Intel Corporation Recognizing audio and video streams over PPP links in the absence of an announcement protocol
US6745243B2 (en) * 1998-06-30 2004-06-01 Nortel Networks Limited Method and apparatus for network caching and load balancing
US6360265B1 (en) * 1998-07-08 2002-03-19 Lucent Technologies Inc. Arrangement of delivering internet protocol datagrams for multimedia services to the same server
US6553421B1 (en) * 1998-09-15 2003-04-22 International Business Machines Corporation Method and system for broadcast management in a data communication network that permits namesharing
US6199112B1 (en) * 1998-09-23 2001-03-06 Crossroads Systems, Inc. System and method for resolving fibre channel device addresses on a network using the device's fully qualified domain name
US10511573B2 (en) 1998-10-30 2019-12-17 Virnetx, Inc. Agile network protocol for secure communications using secure domain names
EP1125419B1 (en) 1998-10-30 2009-08-26 VirnetX Inc. An agile network protocol for secure communications with assured system availability
US7418504B2 (en) 1998-10-30 2008-08-26 Virnetx, Inc. Agile network protocol for secure communications using secure domain names
US6839759B2 (en) 1998-10-30 2005-01-04 Science Applications International Corp. Method for establishing secure communication link between computers of virtual private network without user entering any cryptographic information
US6446127B1 (en) * 1998-10-30 2002-09-03 3Com Corporation System and method for providing user mobility services on a telephony network
US6502135B1 (en) * 1998-10-30 2002-12-31 Science Applications International Corporation Agile network protocol for secure communications with assured system availability
US6457061B1 (en) * 1998-11-24 2002-09-24 Pmc-Sierra Method and apparatus for performing internet network address translation
US8266266B2 (en) 1998-12-08 2012-09-11 Nomadix, Inc. Systems and methods for providing dynamic network authorization, authentication and accounting
US7194554B1 (en) 1998-12-08 2007-03-20 Nomadix, Inc. Systems and methods for providing dynamic network authorization authentication and accounting
US8713641B1 (en) 1998-12-08 2014-04-29 Nomadix, Inc. Systems and methods for authorizing, authenticating and accounting users having transparent computer access to a network using a gateway device
EP1142227A2 (en) * 1998-12-23 2001-10-10 Nokia Wireless Routers, Inc. A unified routing scheme for ad-hoc internetworking
US6490290B1 (en) * 1998-12-30 2002-12-03 Cisco Technology, Inc. Default internet traffic and transparent passthrough
US6425008B1 (en) * 1999-02-16 2002-07-23 Electronic Data Systems Corporation System and method for remote management of private networks having duplicate network addresses
US20010000301A1 (en) * 1999-04-12 2001-04-19 Zong Garrison G. Device and system for providing access to the internet
US7778259B1 (en) 1999-05-14 2010-08-17 Dunti Llc Network packet transmission mechanism
US6754214B1 (en) * 1999-07-19 2004-06-22 Dunti, Llc Communication network having packetized security codes and a system for detecting security breach locations within the network
JP3136140B2 (en) * 1999-06-03 2001-02-19 松下電送システム株式会社 Internet-connected SOHO gateway device
US6587456B1 (en) * 1999-06-17 2003-07-01 Nortel Networks Limited Method and apparatus for reducing load distribution delay in an internet protocol switch
WO2001013579A1 (en) * 1999-08-18 2001-02-22 Fujitsu Limited Distributed network load system and method, and recording medium for program thereof
US6681252B1 (en) 1999-09-27 2004-01-20 3Com Corporation System and method for interconnecting portable information devices through a network based telecommunication system
US6937699B1 (en) 1999-09-27 2005-08-30 3Com Corporation System and method for advertising using data network telephone connections
US6795429B1 (en) 1999-09-27 2004-09-21 3Com Corporation System and method for associating notes with a portable information device on a network telephony call
US6744759B1 (en) 1999-09-27 2004-06-01 3Com Corporation System and method for providing user-configured telephone service in a data network telephony system
US7016675B1 (en) 1999-09-27 2006-03-21 3Com Corporation System and method for controlling telephone service using a wireless personal information device
US6857072B1 (en) 1999-09-27 2005-02-15 3Com Corporation System and method for enabling encryption/authentication of a telephony network
US6683865B1 (en) 1999-10-15 2004-01-27 Nokia Wireless Routers, Inc. System for routing and switching in computer networks
US6836463B2 (en) 1999-10-15 2004-12-28 Nokia Corporation System for communicating labeled routing trees to establish preferred paths and source routes with local identifiers in wireless computer networks
US6732188B1 (en) * 1999-12-15 2004-05-04 Avaya Technology Corp. Method for providing customer treatment based on specified rules in conjunction with network source address of a request originator
CN1192578C (en) * 1999-12-22 2005-03-09 西门子公司 Method for transmitting data packets containing private internet addresses
US7079495B1 (en) 2000-01-04 2006-07-18 Cisco Technology, Inc. System and method for enabling multicast telecommunications
US6804254B1 (en) 2000-01-04 2004-10-12 Cisco Technology, Inc. System and method for maintaining a communication link
US7006494B1 (en) * 2000-01-04 2006-02-28 Cisco Technology, Inc. System and method for a virtual telephony intermediary
US7069432B1 (en) * 2000-01-04 2006-06-27 Cisco Technology, Inc. System and method for providing security in a telecommunication network
US7752333B1 (en) * 2000-01-18 2010-07-06 Avaya Inc. Methods and apparatus for local network address acquisition, analysis and substitution
US6650901B1 (en) 2000-02-29 2003-11-18 3Com Corporation System and method for providing user-configured telephone service in a data network telephony system
US6804224B1 (en) 2000-02-29 2004-10-12 3Com Corporation System and method for providing telephone service having private branch exchange features in a voice-over-data network telephony system
US6731630B1 (en) 2000-02-29 2004-05-04 3Com Corporation Flexible dial plan for a data network telephony system
EP1266507B1 (en) * 2000-03-17 2004-06-02 America Online, Inc. Home-networking
US20020019875A1 (en) * 2000-03-20 2002-02-14 Garrett John W. Service selection in a shared access network
US7301952B2 (en) * 2000-04-06 2007-11-27 The Distribution Systems Research Institute Terminal-to-terminal communication connection control method using IP transfer network
US6697806B1 (en) * 2000-04-24 2004-02-24 Sprint Communications Company, L.P. Access network authorization
US7324635B2 (en) 2000-05-04 2008-01-29 Telemaze Llc Branch calling and caller ID based call routing telephone features
US6831917B1 (en) 2000-05-10 2004-12-14 Cisco Technology, Inc. Network address translation for multicast virtual sourcing
US6741586B1 (en) 2000-05-31 2004-05-25 3Com Corporation System and method for sharing computer screens over a telephony network
US6914905B1 (en) 2000-06-16 2005-07-05 Extreme Networks, Inc. Method and system for VLAN aggregation
SG101985A1 (en) * 2000-07-12 2004-02-27 Distribution Systems Res Inst Integrated information communication system
US7349967B2 (en) * 2000-07-21 2008-03-25 Samsung Electronics Co., Ltd. Architecture for home network on world wide web with private-public IP address/URL mapping
US7133404B1 (en) 2000-08-11 2006-11-07 Ip Dynamics, Inc. Communication using two addresses for an entity
US7216179B2 (en) 2000-08-16 2007-05-08 Semandex Networks Inc. High-performance addressing and routing of data packets with semantically descriptive labels in a computer network
KR100342514B1 (en) * 2000-09-08 2002-06-28 윤종용 Method to use unique internet protocol address for a period of time when needed under local-unique internet protocol address domain
US6661799B1 (en) 2000-09-13 2003-12-09 Alcatel Usa Sourcing, L.P. Method and apparatus for facilitating peer-to-peer application communication
US7047561B1 (en) * 2000-09-28 2006-05-16 Nortel Networks Limited Firewall for real-time internet applications
US6870830B1 (en) 2000-11-30 2005-03-22 3Com Corporation System and method for performing messaging services using a data communications channel in a data network telephone system
EP1598714B1 (en) * 2000-12-13 2016-09-28 LG Electronics Inc. Apparatus and method for remotely controlling household appliances
US7072981B1 (en) 2000-12-21 2006-07-04 Cisco Technology, Inc. Preallocation of client network address translation addresses for client-server networks
US20020083344A1 (en) * 2000-12-21 2002-06-27 Vairavan Kannan P. Integrated intelligent inter/intra networking device
US7127524B1 (en) * 2000-12-29 2006-10-24 Vernier Networks, Inc. System and method for providing access to a network with selective network address translation
US7089328B1 (en) 2000-12-29 2006-08-08 Cisco Technology, Inc. Method allocation scheme for maintaining server load balancers services in a high throughput environment
US6877042B2 (en) * 2001-01-02 2005-04-05 Dell Products L.P. System and method for generating world wide names
US6912592B2 (en) * 2001-01-05 2005-06-28 Extreme Networks, Inc. Method and system of aggregate multiple VLANs in a metropolitan area network
US7509435B2 (en) * 2001-03-12 2009-03-24 International Business Machines Corporation Network Address Translation and Port Mapping
US6990101B1 (en) * 2001-03-23 2006-01-24 Advanced Micro Devices, Inc. System and method for performing layer 3 switching in a network device
KR100399431B1 (en) * 2001-04-27 2003-09-29 플러스기술주식회사 Apparatus and method for interconnecting networks
US7085267B2 (en) * 2001-04-27 2006-08-01 International Business Machines Corporation Methods, systems and computer program products for translating internet protocol (IP) addresses located in a payload of a packet
JP4352630B2 (en) * 2001-04-27 2009-10-28 沖電気工業株式会社 Connection proxy device
US7124173B2 (en) * 2001-04-30 2006-10-17 Moriarty Kathleen M Method and apparatus for intercepting performance metric packets for improved security and intrusion detection
KR100434270B1 (en) * 2001-05-30 2004-06-04 엘지전자 주식회사 Control System for Home Appliance Network
CA2388938C (en) 2001-06-08 2010-05-04 The Distributions Systems Research Institute Terminal-to-terminal communication connection control system for ip full service
US7051116B1 (en) * 2001-06-21 2006-05-23 America Online, Inc. Client device identification when communicating through a network address translator device
KR100424297B1 (en) * 2001-07-20 2004-03-24 엘지전자 주식회사 Home Appliance Controlling System and Operating Method for the Same
US7845004B2 (en) * 2001-07-27 2010-11-30 International Business Machines Corporation Correlating network information and intrusion information to find the entry point of an attack upon a protected computer
US7103648B1 (en) 2001-07-31 2006-09-05 Gateway Inc. Method and system for assigning an IP address to a host based on features of the host
US7065047B2 (en) * 2001-10-22 2006-06-20 Pctel, Inc. System and method of providing computer networking
US7006436B1 (en) * 2001-11-13 2006-02-28 At&T Corp. Method for providing voice-over-IP service
US7447215B2 (en) * 2001-12-03 2008-11-04 Hatteras Networks Methods, systems, and computer program products for classifying a packet based on a destination address
US20030145082A1 (en) * 2002-01-25 2003-07-31 Son Yong Ho NAT device with LAN monitor for remote management
US7209481B2 (en) * 2002-02-05 2007-04-24 Gateway Inc. System and method for automated network address cloning for routers
KR100420526B1 (en) 2002-03-15 2004-03-02 엘지전자 주식회사 Home Appliance Network System and Controlling Method for the Same
US7937471B2 (en) * 2002-06-03 2011-05-03 Inpro Network Facility, Llc Creating a public identity for an entity on a network
US8072979B2 (en) * 2002-06-07 2011-12-06 The Distribution Systems Research Institute Terminal-to-terminal communication control system for IP full service
US7383339B1 (en) 2002-07-31 2008-06-03 Aol Llc, A Delaware Limited Liability Company Local proxy server for establishing device controls
US20040030709A1 (en) * 2002-08-12 2004-02-12 Gateway, Inc. Personalized setup poster generation
US8234358B2 (en) 2002-08-30 2012-07-31 Inpro Network Facility, Llc Communicating with an entity inside a private network using an existing connection to initiate communication
US7139828B2 (en) * 2002-08-30 2006-11-21 Ip Dynamics, Inc. Accessing an entity inside a private network
US20040043756A1 (en) * 2002-09-03 2004-03-04 Tao Haukka Method and system for authentication in IP multimedia core network system (IMS)
US7290050B1 (en) * 2002-09-20 2007-10-30 Blue Coat Systems, Inc. Transparent load balancer for network connections
US8051176B2 (en) 2002-11-07 2011-11-01 Hewlett-Packard Development Company, L.P. Method and system for predicting connections in a computer network
US8209371B2 (en) * 2002-11-07 2012-06-26 Hewlett-Packard Development Company, L.P. Method and system for managing communication in a computer network using aliases of computer network addresses
US7467227B1 (en) * 2002-12-31 2008-12-16 At&T Corp. System using policy filter decision to map data traffic to virtual networks for forwarding the traffic in a regional access network
NZ543148A (en) * 2003-03-24 2006-12-22 Re Src Ltd Multiconfigurable device masking shunt and method of use
US7949785B2 (en) 2003-03-31 2011-05-24 Inpro Network Facility, Llc Secure virtual community network system
DE10321227A1 (en) * 2003-05-12 2004-12-09 Siemens Ag Process for data exchange between network elements
JP4161791B2 (en) * 2003-05-12 2008-10-08 ソニー株式会社 Inter-device authentication system, inter-device authentication method, communication device, and computer program
US7590144B1 (en) * 2003-05-13 2009-09-15 Advanced Digital Broadcast Holdings S.A. Network router apparatus and method
AU2003246151A1 (en) * 2003-05-30 2005-01-21 Lg Electronics, Inc. Home network system
KR100638017B1 (en) 2003-05-30 2006-10-23 엘지전자 주식회사 Network device
KR100605218B1 (en) * 2003-05-30 2006-07-31 엘지전자 주식회사 Network adaptor
US20080097631A1 (en) * 2003-05-30 2008-04-24 Lg Electronics Inc. Home Network System
KR100596755B1 (en) * 2003-05-30 2006-07-04 엘지전자 주식회사 Home network system
US7337219B1 (en) 2003-05-30 2008-02-26 Aol Llc, A Delaware Limited Liability Company Classifying devices using a local proxy server
AU2003246146A1 (en) * 2003-05-30 2005-01-21 Lg Electronics, Inc. Home network system and its configuration system
WO2004107662A1 (en) * 2003-05-30 2004-12-09 Lg Electronics, Inc. Home network system
KR20050026752A (en) * 2003-09-06 2005-03-16 삼성전자주식회사 System for multicasting multimedia contents
US7437457B1 (en) 2003-09-08 2008-10-14 Aol Llc, A Delaware Limited Liability Company Regulating concurrent logins associated with a single account
US20050128995A1 (en) * 2003-09-29 2005-06-16 Ott Maximilian A. Method and apparatus for using wireless hotspots and semantic routing to provide broadband mobile serveices
US20050271047A1 (en) * 2004-06-02 2005-12-08 Huonder Russell J Method and system for managing multiple overlapping address domains
US8458453B1 (en) 2004-06-11 2013-06-04 Dunti Llc Method and apparatus for securing communication over public network
WO2005125070A2 (en) * 2004-06-14 2005-12-29 Semandex Networks, Inc. System and method for providing content-based instant messaging
KR20050121610A (en) * 2004-06-22 2005-12-27 전자부품연구원 Method for human readable and writable addressing in home network protocol
US7925729B2 (en) 2004-12-07 2011-04-12 Cisco Technology, Inc. Network management
US7904712B2 (en) * 2004-08-10 2011-03-08 Cisco Technology, Inc. Service licensing and maintenance for networks
US8316438B1 (en) 2004-08-10 2012-11-20 Pure Networks Llc Network management providing network health information and lockdown security
US7760720B2 (en) * 2004-11-09 2010-07-20 Cisco Technology, Inc. Translating native medium access control (MAC) addresses to hierarchical MAC addresses and their use
US7827252B2 (en) 2004-12-07 2010-11-02 Cisco Technology, Inc. Network device management
US8478849B2 (en) 2004-12-07 2013-07-02 Pure Networks LLC. Network administration tool
WO2006125454A1 (en) * 2005-05-23 2006-11-30 Telefonaktiebolaget L.M. Ericsson (Publ.) Traffic diversion in an ethernet-based access network
WO2007035725A2 (en) * 2005-09-19 2007-03-29 Schweitzer Engineering Laboratories, Inc. Method and apparatus for routing data streams among intelligent electronic devices
US10277519B2 (en) 2006-01-31 2019-04-30 Silicon Laboratories Inc. Response time for a gateway connecting a lower bandwidth network with a higher speed network
US20150187209A1 (en) 2006-01-31 2015-07-02 Sigma Designs, Inc. Method and system for synchronization and remote control of controlling units
US20150131485A1 (en) * 2006-01-31 2015-05-14 Sigma Designs, Inc. Mapping connected devices in a home area network to ip addresses in a local area network
US10326537B2 (en) 2006-01-31 2019-06-18 Silicon Laboratories Inc. Environmental change condition detection through antenna-based sensing of environmental change
CN101094171B (en) * 2006-06-22 2011-02-16 华为技术有限公司 Method and system for implementing interaction of media streams, controller of media gateway, and media gateway
US7755872B2 (en) * 2006-09-14 2010-07-13 Schweitzer Engineering Laboratories, Inc. System, method and device to preserve protection communication active during a bypass operation
CA2681734A1 (en) 2007-03-23 2008-10-02 Allegiance Corporation Fluid collection and disposal system having interchangeable collection and other features and methods relating thereto
US9889239B2 (en) 2007-03-23 2018-02-13 Allegiance Corporation Fluid collection and disposal system and related methods
US8041743B2 (en) * 2007-04-17 2011-10-18 Semandex Networks, Inc. Systems and methods for providing semantically enhanced identity management
US7958155B2 (en) * 2007-04-17 2011-06-07 Semandex Networks, Inc. Systems and methods for the management of information to enable the rapid dissemination of actionable information
US20090164387A1 (en) * 2007-04-17 2009-06-25 Semandex Networks Inc. Systems and methods for providing semantically enhanced financial information
US8014356B2 (en) 2007-07-13 2011-09-06 Cisco Technology, Inc. Optimal-channel selection in a wireless network
US9491077B2 (en) 2007-07-13 2016-11-08 Cisco Technology, Inc. Network metric reporting system
US7853829B2 (en) 2007-07-13 2010-12-14 Cisco Technology, Inc. Network advisor
US9026639B2 (en) 2007-07-13 2015-05-05 Pure Networks Llc Home network optimizing system
US8700743B2 (en) 2007-07-13 2014-04-15 Pure Networks Llc Network configuration device
US8683572B1 (en) 2008-01-24 2014-03-25 Dunti Llc Method and apparatus for providing continuous user verification in a packet-based network
DE102008032875A1 (en) * 2008-07-14 2010-01-21 Deutsche Telekom Ag Endpoint addressing method, and dedicated network and access node
SG159399A1 (en) * 2008-08-13 2010-03-30 Smart Comm Inc Message routing platform
WO2010052157A1 (en) * 2008-11-10 2010-05-14 Telefonaktiebolaget Lm Ericsson (Publ) Topology determination in a communications network
WO2011008961A1 (en) 2009-07-15 2011-01-20 Allegiance Corporation Fluid collection and disposal system and related methods
JP2011077804A (en) * 2009-09-30 2011-04-14 Oki Networks Co Ltd Communication device and communication method of the same
US8649297B2 (en) 2010-03-26 2014-02-11 Cisco Technology, Inc. System and method for simplifying secure network setup
US8724515B2 (en) 2010-03-26 2014-05-13 Cisco Technology, Inc. Configuring a secure network
TWI442259B (en) * 2010-11-05 2014-06-21 Acer Inc Authority control systems and methods, and computer program products thereof
CN102232288A (en) * 2011-04-15 2011-11-02 华为技术有限公司 Method and apparatus for network address translation
CN102970388B (en) * 2012-11-19 2017-02-08 北京奇虎科技有限公司 Method and system for managing outer net access
JP5949491B2 (en) * 2012-11-20 2016-07-06 富士ゼロックス株式会社 Information processing apparatus and program
US9294503B2 (en) 2013-08-26 2016-03-22 A10 Networks, Inc. Health monitor based distributed denial of service attack mitigation
US10637681B2 (en) 2014-03-13 2020-04-28 Silicon Laboratories Inc. Method and system for synchronization and remote control of controlling units
US9756071B1 (en) 2014-09-16 2017-09-05 A10 Networks, Inc. DNS denial of service attack protection
US9537886B1 (en) 2014-10-23 2017-01-03 A10 Networks, Inc. Flagging security threats in web service requests
US9584318B1 (en) 2014-12-30 2017-02-28 A10 Networks, Inc. Perfect forward secrecy distributed denial of service attack defense
US9900343B1 (en) 2015-01-05 2018-02-20 A10 Networks, Inc. Distributed denial of service cellular signaling
US9848013B1 (en) 2015-02-05 2017-12-19 A10 Networks, Inc. Perfect forward secrecy distributed denial of service attack detection
US10063591B1 (en) 2015-02-14 2018-08-28 A10 Networks, Inc. Implementing and optimizing secure socket layer intercept
US10749808B1 (en) 2015-06-10 2020-08-18 Amazon Technologies, Inc. Network flow management for isolated virtual networks
US10469594B2 (en) 2015-12-08 2019-11-05 A10 Networks, Inc. Implementation of secure socket layer intercept
US10505984B2 (en) 2015-12-08 2019-12-10 A10 Networks, Inc. Exchange of control information between secure socket layer gateways
US10116634B2 (en) 2016-06-28 2018-10-30 A10 Networks, Inc. Intercepting secure session upon receipt of untrusted certificate
US10158666B2 (en) 2016-07-26 2018-12-18 A10 Networks, Inc. Mitigating TCP SYN DDoS attacks using TCP reset
US10637673B2 (en) 2016-12-12 2020-04-28 Silicon Laboratories Inc. Energy harvesting nodes in a mesh network
US10897417B2 (en) * 2018-09-19 2021-01-19 Amazon Technologies, Inc. Automated route propagation among networks attached to scalable virtual traffic hubs
US10834044B2 (en) * 2018-09-19 2020-11-10 Amazon Technologies, Inc. Domain name system operations implemented using scalable virtual traffic hub
US10848331B2 (en) * 2018-12-19 2020-11-24 Nxp B.V. Multi-node network with enhanced routing capability
US11824773B2 (en) 2021-03-30 2023-11-21 Amazon Technologies, Inc. Dynamic routing for peered virtual routers
US11310155B1 (en) * 2021-03-30 2022-04-19 Amazon Technologies, Inc. Virtual router workload offloading
US11601365B2 (en) 2021-03-30 2023-03-07 Amazon Technologies, Inc. Wide area networking service using provider network backbone network

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FI90710C (en) * 1992-05-29 1994-03-10 Icl Personal Systems Oy Procedure for Adapting a TCP / IP Software to a Local Area Network to a Remote Connection
US5426637A (en) * 1992-12-14 1995-06-20 International Business Machines Corporation Methods and apparatus for interconnecting local area networks with wide area backbone networks
US5636216A (en) * 1994-04-08 1997-06-03 Metricom, Inc. Method for translating internet protocol addresses to other distributed network addressing schemes
JP3224963B2 (en) * 1994-08-31 2001-11-05 株式会社東芝 Network connection device and packet transfer method
US5623601A (en) * 1994-11-18 1997-04-22 Milkway Networks Corporation Apparatus and method for providing a secure gateway for communication and data exchanges between networks
JP2770782B2 (en) * 1995-05-31 1998-07-02 日本電気株式会社 LAN connection device
US5751971A (en) * 1995-07-12 1998-05-12 Cabletron Systems, Inc. Internet protocol (IP) work group routing
US5862344A (en) * 1995-08-28 1999-01-19 Ncr Corporation Apparatus and methods for routing data packets through a processing system network
US5757924A (en) * 1995-09-18 1998-05-26 Digital Secured Networks Techolognies, Inc. Network security device which performs MAC address translation without affecting the IP address
US5802053A (en) * 1995-10-13 1998-09-01 International Business Machines Corporation Transport gateway between a native network and a mixed network
US5793763A (en) * 1995-11-03 1998-08-11 Cisco Technology, Inc. Security system for network address translation systems
US5781550A (en) * 1996-02-02 1998-07-14 Digital Equipment Corporation Transparent and secure network gateway
US5856974A (en) * 1996-02-13 1999-01-05 Novell, Inc. Internetwork address mapping gateway

Also Published As

Publication number Publication date
US6006272A (en) 1999-12-21
CA2260561A1 (en) 1999-08-20

Similar Documents

Publication Publication Date Title
CA2260561C (en) An improved method for network address translation
US7088689B2 (en) VLAN data switching method using ARP packet
US7577144B2 (en) Dynamic network address translation system and method of transparent private network device
US8144709B2 (en) Method, system and computer processing an IP packet, routing a structured data carrier, preventing broadcast storms, load-balancing and converting a full broadcast IP packet
US8089967B2 (en) Modification of a switching table of an internet protocol switch
AU707905B2 (en) Internet protocol filter
US6580717B1 (en) Packet communication method and apparatus and a recording medium storing a packet communication program
EP1234246B1 (en) System and method for network access without reconfiguration
US7701952B2 (en) Packet communication method and apparatus and a recording medium storing a packet communication program
US8135013B2 (en) Internet protocol switch and use of the switch for switching a frame
US20020052972A1 (en) Communication method among a plurality of virtual LANs in an IP subnet
JP2004528748A (en) Method and apparatus for enabling transmission of data through a firewall
US6618398B1 (en) Address resolution for internet protocol sub-networks in asymmetric wireless networks
US20060268863A1 (en) Transparent address translation methods
RU2310994C2 (en) Traffic division filter
US20030031173A1 (en) Multilayer internet protocol (MLIP) for peer-to-peer service of private internet and method for transmitting/receiving MLIP packet
US5917825A (en) LAN message routing system
KR100562390B1 (en) Network Data Flow Identification Method and System Using Host Routing and IP Aliasing Technique
KR20010073827A (en) Method for expanding address for internet protocol version 4 in internet edge router
KR100359223B1 (en) Method for Realization Multiple IP Address in Router
Wasserman et al. A V6 Under the Hood: IPv6 for Embedded Systems
KR20030021598A (en) Method of IP address managing in router which is acting NAT of frame relay

Legal Events

Date Code Title Description
EEER Examination request
MKLA Lapsed