Stateful network address translation protocol implemented over a data network
First Claim
1. A method for implementing redundancy of stateful network address translation (NAT) information in at least one network device of a data network, the method comprising:
- receiving, at a first network device, a first NAT transaction message which includes updated network address translation information generated by a second network device, the updated NAT information including information relating to updates or modifications to be performed on NAT information stored at a first NAT data structure, the first NAT data structure being managed by the first network device, the first NAT transaction message including first NAT entry information relating to at least one modification of a first NAT entry associated with the first NAT data structure, the first NAT transaction message further including a first NAT ID field relating to an identity of a specific network device authorized to manage updates or modifications regarding the first NAT entry; and
determining, using information in the first NAT ID field, whether modification of the first NAT entry may be performed at the first NAT data structure;
modifying the first NAT entry at the first NAT data structure in response to a determination that the second network device is authorized to manage modifications relating to the first NAT entry;
wherein modification of the first NAT entry at the first NAT data structure results in synchronization of NAT information relating to the first NAT entry at the first and second network devices.
0 Assignments
0 Petitions
Accused Products
Abstract
A technique is disclosed for synchronizing NAT information stored on different network devices that have been configured to implement a network address translation protocol. Each of the network devices includes a respective NAT data structure configured to store NAT information. The NAT information includes at least one NAT entry relating to a network node engaged in a communication session with at least one other network node. At least one NAT entry in a first NAT data structure is modified. The first NAT data structure is associated with a first NAT network device. A first NAT transaction message is generated which includes information relating to the modifications performed on the first NAT data structure. The first NAT transaction message is transmitted to at least one other NAT network device to thereby cause that device to modify its respective NAT data structure using information from the first NAT transaction message. In this way, synchronization of NAT information stored on each of the network devices may be achieved.
59 Citations
31 Claims
-
1. A method for implementing redundancy of stateful network address translation (NAT) information in at least one network device of a data network, the method comprising:
-
receiving, at a first network device, a first NAT transaction message which includes updated network address translation information generated by a second network device, the updated NAT information including information relating to updates or modifications to be performed on NAT information stored at a first NAT data structure, the first NAT data structure being managed by the first network device, the first NAT transaction message including first NAT entry information relating to at least one modification of a first NAT entry associated with the first NAT data structure, the first NAT transaction message further including a first NAT ID field relating to an identity of a specific network device authorized to manage updates or modifications regarding the first NAT entry; and
determining, using information in the first NAT ID field, whether modification of the first NAT entry may be performed at the first NAT data structure;
modifying the first NAT entry at the first NAT data structure in response to a determination that the second network device is authorized to manage modifications relating to the first NAT entry;
wherein modification of the first NAT entry at the first NAT data structure results in synchronization of NAT information relating to the first NAT entry at the first and second network devices. - View Dependent Claims (2, 3, 4)
-
-
5. A method for implementing redundancy of stateful network address translation (NAT) information in at least one network device of a data network, the method comprising:
-
receiving, at a first network device, a first NAT transaction message which includes updated network address translation information generated by a second network device, the updated NAT information including information relating to updates or modifications to be performed on NAT information stored at a first NAT data structure, the first NAT data structure being managed by the first network device; and
modifying NAT information stored at the first NAT data structure using information from said first NAT transaction message to thereby achieve synchronization of NAT information stored on the first and second network devices;
wherein the first network device and the second network device are each configured as traffic handling devices that are members of a first redundancy group. - View Dependent Claims (6, 7, 8, 9, 10, 11)
-
-
12. A network device configured to implement redundancy of stateful network address translation information in a data network, the network device comprising:
-
at least one processor;
at least one interface configured or designed to provide a communication link to a second network device in the data network; and
memory;
said at least one processor being configured to store in said memory a plurality of data structures, including;
a first network address translation (NAT) data structure configured to store information relating to address translations corresponding to selected network nodes in the network, the first NAT data structure being managed by the first network device; and
a NAT transaction data structure configured to store transactional information relating to updates or modifications performed on the first NAT data structure;
the network device being configured or designed to;
receive a first NAT transaction message which includes updated network address translation information generated by a second network device, the second network device having associated therewith a second NAT data structure, the updated NAT information including information relating to updates or modifications to be performed on NAT information stored at the first NAT data structure, the first NAT transaction message including first NAT entry information relating to at least one modification of a first NAT entry associated with the first NAT data structure, the first NAT transaction message further including a first NAT ID field relating to an identity of a specific network device authorized to manage updates or modifications regarding the first NAT entry; and
determine, using information in the first NAT ID field, whether modification of the first NAT entry may be performed at the first NAT data structure;
modify the first NAT entry at the first NAT data structure in response to a determination that the second network device is authorized to manage modifications relating to the first NAT entry;
wherein modification of the first NAT entry at the first NAT data structure results in synchronization of NAT information relating to the first NAT entry at the first and second NAT data structures. - View Dependent Claims (13, 14, 15)
-
-
16. A network device for implementing redundancy of stateful network address translation (NAT) information in at least one network device of a data network, the network device comprising:
-
at least one processor;
at least one interface configured or designed to provide a communication link to a second network device in the data network; and
memory;
said at least one processor being configured to store in said memory a plurality of data structures, including;
a first network address translation (NAT) data structure configured to store information relating to address translations corresponding to selected network nodes in the network, the first NAT data structure being managed by the first network device; and
a NAT transaction data structure configured to store transactional information relating to updates or modifications performed on the first NAT data structure;
the network device being configured or designed to;
receive a first NAT transaction message which includes updated network address translation information generated by a second network device, the updated NAT information including information relating to updates or modifications to be performed on NAT information stored at the first NAT data structure; and
modify NAT information at the first NAT data structure using information from said first NAT transaction message;
wherein the first network device and the second network device are each configured as traffic handling devices that are members of a first redundancy group. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
-
24. A system for implementing redundancy of stateful network address translation (NAT) information in at least one network device of a data network, the system comprising:
-
means for receiving, at a first network device, a first NAT transaction message which includes updated network address translation information generated by a second network device, the updated NAT information including information relating to updates or modifications to be performed on NAT information stored at a first NAT data structure, the first NAT data structure being managed by the first network device, the first NAT transaction message including first NAT entry information relating to at least one modification of a first NAT entry associated with the first NAT data structure, the first NAT transaction message further including a first NAT ID field relating to an identity of a specific network device authorized to manage updates or modifications regarding the first NAT entry; and
means for determining, using information in the first NAT ID field, whether modification of the first NAT entry may be performed at the first NAT data structure;
means for modifying the first NAT entry at the first NAT data structure in response to a determination that the second network device is authorized to manage modifications relating to the first NAT entry;
wherein modification of the first NAT entry at the first NAT data structure results in synchronization of NAT information relating to the first NAT entry at the first and second network devices. - View Dependent Claims (25, 26, 27)
-
-
28. A system for implementing redundancy of stateful network address translation (NAT) information in at least one network device of a data network, the system comprising:
-
means for receiving, at a first network device, a first NAT transaction message which includes updated network address translation information generated by a second network device, the updated NAT information including information relating to updates or modifications to be performed on NAT information stored at a first NAT data structure, the first NAT data structure being managed by the first network device; and
means for modifying NAT information stored at the first NAT data structure using information from said first NAT transaction message to thereby achieve synchronization of NAT information stored on the first and second network devices;
wherein the first network device and the second network device are each configured as traffic handling devices that are members of a first redundancy group. - View Dependent Claims (29, 30, 31)
-
Specification