NETWORK ADDRESS TRANSLATION ROUTER AND RELATED METHOD

US 20050201391A1
Filed: 03/11/2004
Published: 09/15/2005
Est. Priority Date: 03/11/2004
Status: Abandoned Application

First Claim

Patent Images

1. A network address translation (NAT)-enabled device comprising:

a NAT facility for connecting at least two hosts inside a first network to a second network, wherein the NAT facility allows the inside hosts to share an address of the second network;

a gateway interface for connecting to a demilitarized zone (DMZ) host inside the first network;

a disposer connected to the gateway interface for assigning an address of the second network to the DMZ host; and

a dispatcher connected to the gateway interface and the NAT facility for communicating messages between the second network and the gateway interface or the NAT facility according to a communication criteria of the message.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network address translation (NAT)-enabled device such as a router or gateway device includes a NAT facility for connecting at least two hosts inside a first network to a second network allowing the inside hosts to share an address of the second network, a gateway interface for connecting to a demilitarized zone (DMZ) host inside the first network, a disposer connected to the gateway interface for assigning an address of the second network to the DMZ host, and a dispatcher connected to the gateway interface and the NAT facility for communicating messages between the second network and the gateway interface or the NAT facility according to a medium access control (MAC) address of the message.

Citations

19 Claims

1. A network address translation (NAT)-enabled device comprising:
- a NAT facility for connecting at least two hosts inside a first network to a second network, wherein the NAT facility allows the inside hosts to share an address of the second network;
  
  a gateway interface for connecting to a demilitarized zone (DMZ) host inside the first network;
  
  a disposer connected to the gateway interface for assigning an address of the second network to the DMZ host; and
  
  a dispatcher connected to the gateway interface and the NAT facility for communicating messages between the second network and the gateway interface or the NAT facility according to a communication criteria of the message.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The NAT-enabled device of claim 1 wherein the communication criteria is derived from a medium access control (MAC) address of the message.
  - 3. The NAT-enabled device of claim 2 wherein the disposer assigns the second network address of the NAT-enabled device to the DMZ host if such address is public.
  - 4. The NAT-enabled device of claim 3 wherein the disposer assigns a temporary second network address and associated validity lifetime to the DMZ host if the second address of the NAT-enabled device is not public.
  - 5. The NAT-enabled device of claim 4 wherein the disposer assigns an address to the DMZ host in response to a request from the DMZ host.
  - 6. The NAT-enabled device of claim 5 wherein the disposer allows the DMZ host to acquire a validity lifetime to transmit messages or obtain addresses of hosts in the second network upon a request by the DMZ host.
  - 7. The NAT-enabled device of claim 2 wherein the dispatcher stores the address of the DMZ host and compares destination address information of a message received from the second network with the address of the DMZ host, forwarding the message to the DMZ host when the MAC address corresponds to the DMZ host and forwarding the message to the NAT facility when the MAC address does not correspond to the DMZ host.
  - 8. The NAT-enabled device of claim 7 wherein the dispatcher identifies a message being sent to the second network from the DMZ host by checking the MAC address of such message.

9. A network address translation (NAT)-enabled device comprising:
- a NAT facility for connecting at least two hosts inside a first network to a second network, wherein the NAT facility allows the inside hosts to share an address of the second network;
  
  a gateway interface for connecting to a demilitarized zone (DMZ) host inside the first network;
  
  a disposer connected to the gateway interface for assigning an address of the second network to the DMZ host in response to a request from the DMZ host, wherein the disposer assigns the second network address of the NAT-enabled device to the DMZ host if such address is public and the disposer assigns a temporary second network address and associated validity lifetime to the DMZ host if the second address of the NAT-enabled device is not public; and
  
  a dispatcher connected to the gateway interface and the NAT facility for communicating messages between the second network and the gateway interface or the NAT facility according to a communication criteria of the message, the dispatcher storing the address of the DMZ host and comparing destination address information of a message received from the second network with the address of the DMZ host, and forwarding the message to the DMZ host when the communication criteria corresponds to the DMZ host and forwarding the message to the NAT facility when the communication criteria does not correspond to the DMZ host, the dispatcher identifying a message being sent to the second network from the DMZ host by checking the communication criteria of such message.
- View Dependent Claims (10, 11)
- - 10. The NAT-enabled device of claim 9 wherein the communication criteria is derived from a medium access control (MAC) address of the message.
  - 11. The NAT-enabled device of claim 10 wherein the disposer allows the DMZ host to acquire a validity lifetime to transmit messages or obtain addresses of hosts in the second network upon a request by the DMZ host.

12. A method for communicating information between a first network and a second network, the method comprising:
- assigning a second network address to a demilitarized zone (DMZ) host of the first network;
  
  receiving from the second network a message having a destination address equal to the second network address;
  
  forwarding the message to the DMZ host of the first network when a communication criteria of the message matches a first criteria; and
  
  forwarding the message to another host of the first network when the communication criteria of the message does not match criteria.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The method of claim 12 wherein the second network address assigned to the DMZ host is the second network address of the first network when such address is public, and the second network address assigned to the DMZ host is a temporary second network address when the second network address of the first network is not public.
  - 14. The method of claim 13 wherein the communication criteria is derived from a medium access control (MAC) address of the message, the first criteria being the MAC address of the DMZ host.
  - 15. The method of claim 14 wherein the temporary second network address has a validity lifetime considerably shorter than that of the second network address of the first network.
  - 16. The method of claim 15 further comprising:
    - reassigning a second network address to a demilitarized zone (DMZ) host of the first network upon expiry of the validity lifetime.
  - 17. The method of claim 16 further comprising:
    - detecting for an active connection between the first and second networks;
      
      activating a connection between the first and second networks when no connection between the first and second networks exists.
  - 18. The method of claim 14 wherein assigning the second network address to the DMZ host is in response to a request from the DMZ host.
  - 19. A network address translation (NAT)-enabled device, gateway device, or network router comprising a NAT facility, a gateway interface, a disposer, and a dispatcher for performing the method of claim 12.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
DrayTek Corporation
Original Assignee
DrayTek Corporation
Inventors
Ma, Hung-Fang, Ting, Pau-Chuan, Yu, Kuo-Chung, Wang, Lun-Jung

Application Number

US10/708,554
Publication Number

US 20050201391A1
Time in Patent Office

Days
Field of Search
US Class Current

370/401
CPC Class Codes

H04L 45/00   Routing or path finding of ...

H04L 61/103   across network layers, e.g....

H04L 61/2514   between local and global IP...

NETWORK ADDRESS TRANSLATION ROUTER AND RELATED METHOD

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

NETWORK ADDRESS TRANSLATION ROUTER AND RELATED METHOD

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links