Network abstraction and isolation layer rules-based federation and masquerading

US 20050147120A1
Filed: 02/09/2005
Published: 07/07/2005
Est. Priority Date: 09/26/2003
Status: Active Grant

First Claim

Patent Images

1. A computer system of a federation coupled to a network, comprising:

a server having an internal address associated with a first subnet; and

a network abstraction and isolation layer rules-based federation and masquerading (NAIL RBFM) interface that interfaces said server with the network, wherein said NAIL RBFM transforms said internal address between said first subnet and a second subnet for intra-federation communications.

View all claims

31 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer system of a federation coupled to a network including a server having an internal address associated with a first subnet and a network abstraction and isolation layer rules-based federation and masquerading (NAIL RBFM) interface that interfaces the server with the network. The NAIL RBFM interface transforms the internal address between the first subnet and a second subnet for intra-federation communications. The NAIL RBFM interface performs transform and inverse transform operations to convert between internal and external addresses of intra-federation network traffic. The operations may be performed on source and destination addresses, and may be configured in any of several manners, such as modifying at least one bit of an address, replacing at least one octet of an IP address, substituting a prefix of an address, replacing an entire address, etc.

Citations

25 Claims

1. A computer system of a federation coupled to a network, comprising:
- a server having an internal address associated with a first subnet; and
  
  a network abstraction and isolation layer rules-based federation and masquerading (NAIL RBFM) interface that interfaces said server with the network, wherein said NAIL RBFM transforms said internal address between said first subnet and a second subnet for intra-federation communications.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The computer system of claim 1, wherein said NAIL RBFM interface performs a transform operation to convert said internal address to an external address associated with said second subnet for outgoing intra-federation network traffic, and performs an inverse transform operation to convert incoming intra-federation network traffic having said external address to said internal address.
  - 3. The computer system of claim 2, wherein said NAIL RBFM interface performs said transform and inverse transform operations on source and destination addresses for said intra-federation communications.
  - 4. The computer system of claim 2, wherein said transform and inverse transform operations each comprise modifying at least one bit of an address.
  - 5. The computer system of claim 2, wherein said transform and inverse transform operations comprise replacing at least one octet of an internet protocol (IP) address.
  - 6. The computer system of claim 2, wherein said transform and inverse transform operations comprise substituting a prefix of an internet protocol (IP) address.
  - 7. The computer system of claim 2, wherein said transform and inverse transform operations comprises replacing an entire address with a new address.
  - 8. The computer system of claim 2, wherein said transform and inverse transform operations each comprise a lookup transformation.

9. A network, comprising:
- a network link;
  
  a first federation, coupled to said network link, being associated with a first subnet and including a first plurality of servers, each server having a corresponding one of a plurality of local addresses;
  
  a second federation, coupled to said network link, being associated with a second subnet and including a second plurality of servers, each server of said second plurality of servers being a copy of a corresponding one of said first plurality of servers and including a corresponding one of said plurality of local addresses;
  
  a plurality of first network abstraction and isolation layer (NAIL) rules-based federation and masquerading (RBFM) interfaces, each interfacing a corresponding one of said first plurality of servers to said network link, and each performing an address transformation to associate said corresponding server into said first subnet; and
  
  a plurality of second NAIL RBFM interfaces, each interfacing a corresponding one of said second plurality of servers to said network link, and each performing an address transformation to associate said corresponding server into said second subnet.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
- - 10. The network of claim 9, wherein each NAIL RBFM interface is operative to identify outgoing traffic to another server within a common one of said first and second federations, to transform source and destination addresses of said outgoing traffic, and to pass said transformed traffic onto said network link.
  - 11. The network of claim 9, wherein each NAIL RBFM interface is operative to identify incoming traffic on said network link from another server within a common one of said first and second federations, to transform source and destination addresses of said incoming traffic, and to pass transformed traffic to said corresponding server.
  - 12. The network of claim 9, wherein said address transformation comprises modifying at least one bit of an address.
  - 13. The network of claim 9, wherein said address transformation comprises a lookup transformation.
  - 14. The network of claim 9, wherein said address transformation comprises substituting a prefix of an internet protocol (IP) address.
  - 15. The network of claim 9, wherein said address transformation comprises replacing an address.
  - 16. The network of claim 9, wherein said address transformation comprises a lookup transformation.
  - 17. The network of claim 9, wherein each of said first and second NAIL RBFM interfaces selectively blocks communications between said first and second federations.

18. A method of network abstraction and isolation layer rules-based federation and masquerading to enable intra-federation communication among servers of each federation of a plurality of federations coupled to a network, comprising:
- detecting intra-federation communications associated with a first subnet;
  
  transforming the intra-federation communications between the first subnet and a second subnet; and
  
  passing the transformed intra-federation communications to an indicated destination.
- View Dependent Claims (19, 20, 22, 23, 24, 25)
- - 19. The method of claim 18, wherein said transforming comprises converting source and destination addresses.
  - 20. The method of claim 18, wherein said transforming comprises substituting at least one bit of at least one address.
  - 22. The method of claim 18, wherein said transforming comprises replacing at least one octet of at least one internet protocol (IP) address.
  - 23. The method of claim 18, wherein said transforming comprises substituting a prefix of at least one address.
  - 24. The method of claim 18, wherein said transforming comprises replacing each of at least one address with a new address.
  - 25. The method of claim 18, wherein said transforming comprises looking up a replacement address.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Quest Software, Inc.
Original Assignee
Surgient, Inc. (Quest Software, Inc.)
Inventors
Hirschfeld, Robert A., Willman, Charles A., McCrory, Dave D., Johnson, Scott C.

Granted Patent

US 7,643,484 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/466
CPC Class Codes

H04L 61/2514 between local and global IP...

H04L 61/2521 Translation architectures o...

Network abstraction and isolation layer rules-based federation and masquerading

First Claim

31 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Network abstraction and isolation layer rules-based federation and masquerading

First Claim

31 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links