RESILIENT TCP SPLICING FOR PROXY SERVICES
First Claim
Patent Images
1. A method comprising:
- receiving, by an ingress of a transparent proxy device and from a first end device, a first request that includes a first initial sequence number and options, to establish a layer four connection with a second end device;
learning, by the ingress of the transparent proxy device, the first initial sequence number of the first request;
receiving, by an egress of the transparent proxy device and from the ingress, the first request;
learning, by the egress of the transparent proxy device, the first initial sequence number of the first request;
receiving, by the egress of the transparent proxy device and from the second end device, a first acknowledgement for the first request and options, wherein the first acknowledgement includes a second initial sequence number;
learning, by the egress of the transparent proxy device, the second initial sequence number;
transmitting, by the ingress to an application proxy of the transparent proxy device, a second request, which includes the first initial sequence number and options negotiated between the first end device and the second end device, to establish a layer four connection between the ingress and the application proxy;
establishing a layer four connection between the ingress and the first end device based on a second acknowledgement from the first end device;
establishing the layer four connection, between the ingress and the application proxy, in response to receiving the second acknowledgement;
establishing a layer four connection between the application proxy and the egress; and
establishing the layer four connection between the egress and the second end device based on the second acknowledgement.
1 Assignment
0 Petitions
Accused Products
Abstract
A transparent proxy device includes an ingress, an egress, and an application proxy. The ingress and the egress operate up to a layer four communication layer. The transparent proxy device is configured to establish spliced connections in relation to end devices. The spliced connections include layer four connections between the ingress and the application proxy and the application proxy and the egress. The transparent proxy device is configured to maintain an end-to-end connection in relation to the end devices even when the application proxy fails.
102 Citations
20 Claims
-
1. A method comprising:
-
receiving, by an ingress of a transparent proxy device and from a first end device, a first request that includes a first initial sequence number and options, to establish a layer four connection with a second end device; learning, by the ingress of the transparent proxy device, the first initial sequence number of the first request; receiving, by an egress of the transparent proxy device and from the ingress, the first request; learning, by the egress of the transparent proxy device, the first initial sequence number of the first request; receiving, by the egress of the transparent proxy device and from the second end device, a first acknowledgement for the first request and options, wherein the first acknowledgement includes a second initial sequence number; learning, by the egress of the transparent proxy device, the second initial sequence number; transmitting, by the ingress to an application proxy of the transparent proxy device, a second request, which includes the first initial sequence number and options negotiated between the first end device and the second end device, to establish a layer four connection between the ingress and the application proxy; establishing a layer four connection between the ingress and the first end device based on a second acknowledgement from the first end device; establishing the layer four connection, between the ingress and the application proxy, in response to receiving the second acknowledgement; establishing a layer four connection between the application proxy and the egress; and establishing the layer four connection between the egress and the second end device based on the second acknowledgement. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A proxy device comprising:
-
an ingress including a first transmitter and a first receiver, wherein the ingress operates up to a layer four communication layer; an egress including a second transmitter and a second receiver, wherein the egress operates up to a layer four communication layer; an application proxy, wherein the application proxy operates at an application communication layer; a memory, wherein the memory stores instructions; and a processor, wherein the processor executes the instructions to; establish a first, layer four connection between a first end device and the ingress; establish a second, layer four connection between the ingress and the application proxy; establish a third, layer four connection between the application proxy and the egress; and establish a fourth, layer four connection between the egress and a second end device. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A method comprising:
-
establishing, by an ingress of a transparent proxy device, a first, layer four connection between a first end device and the ingress; establishing, by the ingress, a second, layer four connection between the ingress and an application proxy of the transparent proxy device; establishing, by the application proxy, a third, layer four connection between the application proxy and an egress of the transparent proxy device; establishing, by the egress, a fourth, layer four connection between the egress and a second end device, wherein an end-to-end connection between the first end device and the second end device includes a spliced connection via the transparent proxy device, and wherein each of the layer four connections is established based on a three-way handshake exchange of messages. - View Dependent Claims (18, 19, 20)
-
Specification