ACCESSING DATA PROCESSING SYSTEMS BEHIND A NAT ENABLED NETWORK
First Claim
Patent Images
1. A system for accessing a data processing system behind a network address translation (NAT) enabled network, comprising:
- a client system communicatively connected to a public network;
a NAT device accessible to said public network and accessible to at least one NAT data processing system located in a NAT enabled network behind said NAT device;
said client system, responsive to detecting a user request to establish a connection with a domain name, wherein said domain name identifies a NAT data processing system located behind said NAT enabled network, for sending said request for said domain name to a local domain name service (DNS) server;
said client system, responsive to said local DNS server returning a fail response indicating no authoritative address for said domain name, for identifying an IP address for a NAT device associated with said requested domain name from a configuration file for a host client domain for said client system;
said client system for sending a DNS query of said domain name to said NAT device at said IP address for said NAT device;
said NAT device for automatically routing said query through said NAT device to a second DNS server that stores a plurality of private addresses for a plurality of systems located behind said NAT enabled network and a source routing address for said NAT device;
said second DNS server, responsive to receiving said query for said address of said NAT data processing system, for returning to said client system said plurality of private addresses comprising a private address for said NAT data processing system and additional separate private addresses of a plurality of parallel data processing systems providing a same service as said NAT data processing system located behind said NAT enabled network and said source routing address for said NAT device;
said client system for sending packets to said NAT data processing system at a particular address associated with said NAT data processing system from among said plurality of private addresses with loose source routing enabled through said NAT device at said source routing address, such that said NAT data processing system behind said NAT enabled network is directly accessed by said client system from outside said NAT enabled network; and
said client system, responsive to receiving a fail signal from an attempt to send packets to said NAT data processing system, for sending packets to a next data processing system from among said plurality of parallel data processing systems at one of said plurality of private addresses with loose source routing enabled through said NAT device at said source routing address.
0 Assignments
0 Petitions
Accused Products
Abstract
A method, system, and program for accessing data processing systems behind a NAT enabled network are provided. According to one aspect of the present invention, a NAT data processing system is located behind a NAT enabled network with a NAT device as a gateway to the NAT enabled network. A client system located outside the NAT enabled network queries the NAT device for the address of the NAT data processing system located behind the NAT enabled network. The query is automatically routed through the NAT device to a DNS server. The DNS server then returns an address for the NAT data processing system and source routing for the NAT device. The NAT device forwards the address and source routing to the client system. Then, the client system sends packets to the NAT data processing system at the address with source routing through the NAT device, such that the NAT data processing system behind the NAT enabled network is directly accessed by the client system from outside the NAT enabled network.
39 Citations
6 Claims
-
1. A system for accessing a data processing system behind a network address translation (NAT) enabled network, comprising:
-
a client system communicatively connected to a public network; a NAT device accessible to said public network and accessible to at least one NAT data processing system located in a NAT enabled network behind said NAT device; said client system, responsive to detecting a user request to establish a connection with a domain name, wherein said domain name identifies a NAT data processing system located behind said NAT enabled network, for sending said request for said domain name to a local domain name service (DNS) server; said client system, responsive to said local DNS server returning a fail response indicating no authoritative address for said domain name, for identifying an IP address for a NAT device associated with said requested domain name from a configuration file for a host client domain for said client system; said client system for sending a DNS query of said domain name to said NAT device at said IP address for said NAT device; said NAT device for automatically routing said query through said NAT device to a second DNS server that stores a plurality of private addresses for a plurality of systems located behind said NAT enabled network and a source routing address for said NAT device; said second DNS server, responsive to receiving said query for said address of said NAT data processing system, for returning to said client system said plurality of private addresses comprising a private address for said NAT data processing system and additional separate private addresses of a plurality of parallel data processing systems providing a same service as said NAT data processing system located behind said NAT enabled network and said source routing address for said NAT device; said client system for sending packets to said NAT data processing system at a particular address associated with said NAT data processing system from among said plurality of private addresses with loose source routing enabled through said NAT device at said source routing address, such that said NAT data processing system behind said NAT enabled network is directly accessed by said client system from outside said NAT enabled network; and said client system, responsive to receiving a fail signal from an attempt to send packets to said NAT data processing system, for sending packets to a next data processing system from among said plurality of parallel data processing systems at one of said plurality of private addresses with loose source routing enabled through said NAT device at said source routing address. - View Dependent Claims (2, 3)
-
-
4. A computer program product for accessing a data processing system behind a network address translation (NAT) enabled network, comprising:
-
a volatile or non-volatile recording medium; means, recorded on said recording medium, responsive to detecting a user request from a client system to establish a connection with a domain name, wherein said domain name identifies a NAT data processing system located behind said NAT enabled network, for sending said request for said domain name to a local domain name service (DNS) server; means, recorded on said recording medium, responsive to said local DNS server returning a fail response indicating no authoritative address for said domain name, for identifying an IP address for a NAT device associated with said requested domain name from a configuration file for a host client domain for said client system; means, recorded on said recording medium for sending a DNS query of said domain name to said NAT device at said IP address for said NAT device; means, recorded on said recording medium for automatically routing said query through said NAT device to a second DNS server that stores a plurality of private addresses for a plurality of systems located behind said NAT enabled network and a source routing address for said NAT device; means, recorded on said recording medium, responsive to receiving said query for said address of said NAT data processing system at said DNS server, for returning from said DNS server to said client system said plurality of private addresses comprising a private address for said NAT data processing system and additional separate private addresses of a plurality of parallel data processing systems providing a same service as said NAT data processing system located behind said NAT enabled network and said source routing address for said NAT device; means, recorded on said recording medium for sending packets, from said client system to said NAT data processing system at a particular address associated with said NAT data processing system from among said plurality of private addresses with loose source routing enabled through said NAT device at said source routing address, such that said NAT data processing system behind said NAT enabled network is directly accessed by said client system from outside said NAT enabled network; and means, recorded on said recording medium, responsive to said client system receiving a fail signal from an attempt to send packets to said NAT data processing system, for sending packets from said client system to a next data processing system from among said plurality of parallel data processing systems at one of said plurality of private addresses with loose source routing enabled through said NAT device at said source routing address. - View Dependent Claims (5, 6)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsVALLABHANENI, VASU, JAIN, VINIT, BANERJEE, DWIP N.
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current370/408
-
CPC Class CodesH04L 61/00 Network arrangements, proto...H04L 61/25 of the same typeH04L 61/2567 for reachability, e.g. inqu...H04L 61/4511 using domain name system [DNS]
