System and method for discovering internet protocol (IP) network address and port translation bindings

US 10,135,930 B2
Filed: 11/14/2016
Issued: 11/20/2018
Est. Priority Date: 11/13/2015
Status: Active Grant

First Claim

Patent Images

1. A system for creating IP data records, comprising:

a carrier grade network address and port translation node in communication with a private network on an internal side and a public network on an external side, packet streams transmitted between the private network and the public network traverse the carrier grade network address and port translation node;

a private Ethernet span port disposed on the internal side of the carrier grade network address and port translation node receives packet streams traversing the carrier grade network address and port translation node;

a public Ethernet span port disposed on the external side of the carrier grade network address and port translation node receiving packet streams traversing the carrier grade network address and port translation node; and

a deep packet inspection host in communication with the private Ethernet span port and the public Ethernet span port;

wherein the private Ethernet span port and the public Ethernet span port copy packet streams traversing the carrier grade network address and port translation node and deliver the copied packet streams to the deep packet inspection host.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for discovering Internet Protocol (IP) network address and port translation bindings is disclosed. According to one embodiment, a system for creating IP data records, includes a carrier grade network address and port translation (CGNAPT) node in communication with a private network on an internal side and a public network on an external side. The system further includes a private Ethernet span port disposed on the internal side of the CGNAPT node that receives packet streams traversing the CGNAPT node. A public Ethernet span port is disposed on the external side of the CGNAPT node that receives packet streams traversing the CGNAPT node. The private Ethernet span port and the public Ethernet span port copy packet streams traversing the CGNAPT node and deliver the copied packet streams to a deep packet inspection host.

185 Citations

16 Claims

1. A system for creating IP data records, comprising:
- a carrier grade network address and port translation node in communication with a private network on an internal side and a public network on an external side, packet streams transmitted between the private network and the public network traverse the carrier grade network address and port translation node;
  
  a private Ethernet span port disposed on the internal side of the carrier grade network address and port translation node receives packet streams traversing the carrier grade network address and port translation node;
  
  a public Ethernet span port disposed on the external side of the carrier grade network address and port translation node receiving packet streams traversing the carrier grade network address and port translation node; and
  
  a deep packet inspection host in communication with the private Ethernet span port and the public Ethernet span port;
  
  wherein the private Ethernet span port and the public Ethernet span port copy packet streams traversing the carrier grade network address and port translation node and deliver the copied packet streams to the deep packet inspection host.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system of claim 1, wherein the deep packet inspection host correlates and identifies packet streams entering the carrier grade network address and port translation node with packet streams exiting the carrier grade network address and port translation node.
  - 3. The system of claim 1, further comprising a firewall associated with the carrier grade network address and port translation node that modifies elements of the packet stream.
  - 4. The system of claim 1, further comprising host devices connected to the private network sending packets to the host server in the public network through the CGNAPT node triggering it to assign public address and port to that packet stream creating the binding.
  - 5. The system of claim 4, further comprising a communications service provider that assigns private IP addresses to the host devices.
  - 6. The system of claim 5, wherein the carrier grade network address and port translation node assigns a public IP address and creates a binding between the private IP address and the public IP address.
  - 7. The system of claim 6, wherein the carrier grade network address and port translation node sets a timer to remove the binding between the private IP address and the public IP address.
  - 8. The system of claim 1, further comprising a data store in communication with the deep packet inspection host for storing binding records of the copied streaming packets.
  - 9. The system of claim 8, further comprising a data retrieval host in communication with the data store for analyzing the binding records of the copied streaming packets.
  - 10. The system of claim 1, wherein the deep packet inspection host is a hierarchical configuration of multiple deep packet inspection hosts.

11. A method for correlating private outbound packets and public outbound packets to determine the carrier grade network address and port translation bindings, the method comprising:
- receiving inbound stream packets and outbound stream packets at a deep packet inspection host from a private Ethernet span port and a public Ethernet span port, the private Ethernet span port disposed on an internal side of a carrier grade network address and port translation node that receives packet streams traversing the carrier grade network address and port translation node between a private network and a public network, and the public Ethernet span port disposed on the external side of the carrier grade network address and port translation node receiving packet streams traversing the carrier grade network address and port translation node;
  
  discarding inbound stream packets collected at the deep packet inspection host;
  
  distinguishing between private outbound stream packets and public outbound stream packets;
  
  ordering by time private outbound stream packets in a lookback buffer;
  
  processing the public outbound stream packets to create bindings;
  
  reading the private outbound stream packets in the lookback buffer and processing the private outbound stream packets to create bindings;
  
  storing the log bindings of the public outbound stream packets and the private outbound stream packets.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The method of claim 11, further comprising determining the content size, sequence number and window size of the public outbound stream packets.
  - 13. The method of claim 11, further comprising comparing a portion of one private outbound stream packet with a portion of one public outbound stream packet to determine a match.
  - 14. The method of claim 11, wherein filtering out the inbound packets using VLAN tags.
  - 15. The method of claim 11, wherein filtering out the inbound packets by identifying a destination IP address.
  - 16. The method of claim 11, further comprising buffering the public outbound steam packet according to normal 5-tuple.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Yaana Technologies, LLC
Original Assignee
Yaana Technologies, LLC
Inventors
Hammer, Michael P., Grootwassink, David, Schwaderer, Curt, Porter, Leigh Alexander, Puri, Rajesh, Liu, Kai Bang
Primary Examiner(s)
Thompson, Jr., Otis L

Application Number

US15/351,039
Publication Number

US 20170142208A1
Time in Patent Office

736 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 43/028   by filtering

H04L 43/08   Monitoring or testing based...

H04L 61/2514   between local and global IP...

H04L 61/2517   using port numbers

H04L 61/5007   Internet protocol [IP] addr...

H04L 65/1033   Signalling gateways

H04L 67/51   Discovery or management the...

H04M 15/41   Billing record details, i.e...

System and method for discovering internet protocol (IP) network address and port translation bindings

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

185 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for discovering internet protocol (IP) network address and port translation bindings

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

185 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links