Method and protocol for distributed network address translation
First Claim
1. A computer readable medium having stored therein a set of routines for implementing a port allocation protocol, said protocol allowing a plurality of first network devices on a first network to use globally unique ports in combination with a common external network address to communicate with a plurality of second network devices on a second external network without network address translation, said set of routines implementing said protocol including a plurality of protocol messages and combination network addresses as data bits, the computer readable medium comprising:
- a port allocation protocol request message, for requesting allocation of a plurality of globally unique port numbers for a network device;
a port allocation protocol response message, for receiving the plurality of globally unique port numbers for the network device;
a port allocation protocol invalidate message, for de-allocating the plurality of globally unique port numbers allocated to the network device; and
a plurality of combination network addresses, having a globally unique port allocated by the port allocation protocol request message and a common external network address to identify a first network to a second external network, and allowing a plurality of first network devices on the first network to communicate with the plurality of second network devices on the second external network without network address translation.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and protocol for Distributed Network Address Translation (“DNAT”) is provided. DNAT is used to overcome the limited address 32-bit address space used for versions of the Internet Protocol (“IP”). DNAT is used with small office or home office networks or other legacy local network that have multiple network devices using a common external network address to communicate with an external network. The protocol includes a port allocation protocol to allocate globally unique ports to network devices on a local computer network. The globally unique ports are used in a combination network address with a common external network address such as an IP address, to identify multiple network devices on a local network to an external network such as the Internet, an intranet, or a public switched telephone network. The method includes requesting one or more globally unique ports from network devices on a local network, receiving the ports, and replacing local ports with the globally unique ports. The network devices on the local network use the combination network address with the common external network address and the globally unique port to uniquely identify themselves during communications with an external network. DNAT overcomes the large computation burdens encountered when network address translation is done by a router for multiple network devices on a local network using a common external network address and simplifies routers since a router in a DNAT system does not have to support multiple individual protocols. DNAT helps extend the life of versions of IP using 32-bit addressing, allows a local network to efficiently switch between external network service providers and allows a local network to purchase a smaller block of external network addresses.
368 Citations
42 Claims
-
1. A computer readable medium having stored therein a set of routines for implementing a port allocation protocol, said protocol allowing a plurality of first network devices on a first network to use globally unique ports in combination with a common external network address to communicate with a plurality of second network devices on a second external network without network address translation, said set of routines implementing said protocol including a plurality of protocol messages and combination network addresses as data bits, the computer readable medium comprising:
-
a port allocation protocol request message, for requesting allocation of a plurality of globally unique port numbers for a network device;
a port allocation protocol response message, for receiving the plurality of globally unique port numbers for the network device;
a port allocation protocol invalidate message, for de-allocating the plurality of globally unique port numbers allocated to the network device; and
a plurality of combination network addresses, having a globally unique port allocated by the port allocation protocol request message and a common external network address to identify a first network to a second external network, and allowing a plurality of first network devices on the first network to communicate with the plurality of second network devices on the second external network without network address translation. - View Dependent Claims (2, 3)
-
-
4. A method of distributed network address translation, comprising the following steps:
-
requesting from a first network device on a first network with a first protocol, one or more globally unique ports from a second network device on the first network to identify the first network device during communications with a second external network;
receiving the one or more globally unique ports on the first network device from the second network device with the first protocol;
replacing a local port on the first network device with a globally unique port;
creating a combination network address for the first network device with the globally unique port and a common external network address to identify the first network device for communications with the second external network. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11)
sending a data packet request from the first network device to the second network device on the first network;
routing the data packet request from the second network device to a third network device on the second external network;
receiving a reply to the data packet request from the third network device on the second external network on the second network device on the first network for the first network device on the common external network address for the first network from the combination network address;
routing the reply to the data packet request from the second network device to the first network device on the first network using the globally unique port from the combination network address.
-
-
7. The method of claim 4 wherein the first protocol is a port allocation protocol comprising a port allocation protocol request message, port allocation protocol response message, a port allocation protocol invalidate message, and a combination network address including a globally unique port and a common external network address.
-
8. The method of claim 4 wherein the common external network address is an Internet protocol address.
-
9. The method of claim 4 wherein the second network device is any of a router or a port server.
-
10. The method of claim 4 wherein the first network device is any of a computer, printer, facsimile device, hand-held device, or a telephone.
-
11. The method of claim 4 wherein the first network is a local area network and the second network is any of the Internet, or intranet or a public switched telephone network.
-
12. A method of distributed network address translation, comprising the following steps:
-
requesting with a first protocol from a first network device on a first network, one or more globally unique ports from a second network device on the first network;
receiving the one or more globally unique ports on first network device from the second network device;
creating a request in a higher level protocol layer in a layered protocol stack on the first network device, for a third network device on a second external network, the request including a common network address and a local port on the first network device to identify the first network device on the first network to the second external network;
forwarding the request from the higher level protocol layer to a lower level protocol layer in the first network device;
translating the local port in the request to a globally unique port in the lower level protocol layer on the first network device;
sending the request from the first network device to the second network device; and
forwarding the request from the second network device to the third network device on the second external network. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
receiving a response on the second network device on the first network on the common network address for the first network from the third network device on the second external network, wherein the response includes the common network address and the globally unique port for the first network device;
forwarding the response from the second network device to the first network device;
translating the globally unique port in the response into the local port for the first network device in the lower level protocol layer on the first network device; and
forwarding the response tithe higher level protocol layer on the first network device.
-
-
15. The method of claim 12 wherein the first network device is any of a computer, printer, facsimile, hand-held device or a telephone, the second network device is a router, and the first network is a local area network.
-
16. The method of claim 12 wherein the second network is any of the Internet, an intranet, or a public switched telephone network.
-
17. The method of claim 12 wherein the common external network address is an Internet Protocol address.
-
18. The method of claim 12 wherein the first protocol is a port allocation protocol comprising a port allocation protocol request message, port allocation protocol response message, a port allocation protocol invalidate message, and a combination network address including globally unique port and a common external network address.
-
19. The method of claim 12 wherein the layered protocol stack includes from lowest-to-highest, link, network, transmission and application layers.
-
20. A method of distributed network address translation, comprising the following steps:
-
replacing one or more local ports in a layered protocol stack on a first network device on a first network with one or more globally unique ports, wherein the one or more globally unique ports are obtained with a port allocation protocol from a second network device on the first network;
sending data packet requests for a third network device on a second external network from a first layer in the layered protocol stack on the first network device wherein, the data packet requests include a globally unique port and a common external network address in a combination network address, wherein the common external network address identifies network devices on the first network to the external second network;
receiving responses to the data packet requests in the first layer in the layered protocol stack on the first network device from the third network device on the external second network with the common external network address and the globally unique port. - View Dependent Claims (21, 22, 23)
-
-
24. A method for distributed network address translation, comprising the following steps:
-
creating a request data packet on a first network device on a first network for a third network device on a second external network, wherein the request data packet includes a data packet header with a common external network address to identify network devices on the first network to other network devices on the second external network and a globally unique port obtained from a second network device on the first network, wherein the globally unique port uniquely identifies the first network device on the first network, and wherein the globally unique port is used to replace a local source port on the first network device;
adding an additional request header to the request data packet to create a modified request data packet, wherein the additional request header includes a first local internal network address for the first network device that identifies the first network device on the first network and a second local internal network address for the second network device that identifies the second network device on the first network; and
forwarding the modified request data packet from the first network device to the second network device over the first network. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33)
receiving the modified request data packet on the second network device over the first network;
deleting the additional request header from the modified request data packet to obtain the request data packet; and
forwarding the request data packet from the second network device over the second external network to the third network device.
-
-
27. The method of claim 26 further comprising:
-
receiving a response data packet on the second network device on the first network from the third network device on the second external network for the first network device on the first network on the common external network address for the network devices on the first network, wherein the response data packet includes the common external network address for the network devices on the first network and the globally unique port to uniquely identify the first network device on the first network;
determining on the second network device with the globally unique port from the response data packet, the first local internal network address that identifies the first network device on the first network;
adding an additional response header to the response data packet to create a modified response data packet, wherein the additional response header includes the determined first local internal network address for the first network device that identifies the first network device on the first network and the second local internal network address for the second network device that identifies the second network device on the first network;
forwarding the modified response data packet from the second network device to the first network device over the first network.
-
-
28. The method of claim 27 further comprising:
-
receiving the modified response data packet on the first network device on the first network; and
deleting the additional response header from the modified response data packet to obtain the response data packet.
-
-
29. The method of claim 28 further comprising:
replacing the globally unique port from the response data packet with a local source port for use on the first network device.
-
30. The method of claim 24 wherein the first local internal network address and the second local internal network address are local internal network addresses that cannot be used on the second external network.
-
31. The method of claim 24 wherein the first local internal network address and the second local internal network address are local internal Internet Protocol addresses.
-
32. The method of claim 24 wherein the common external network address is a common external Internet Protocol address.
-
33. The method of claim 24 wherein the local source port is a Transmission Control Protocol port or a User Datagram Protocol port.
-
34. A method for distributed network address translation, comprising the following steps:
-
creating a request data packet on a first network device on a local network for a third network device on the Internet, wherein the request data packet includes a data packet header with a common external Internet Protocol address to identify network devices on the local network to other network devices on the Internet and a globally unique port obtained from a router on the local network, wherein the globally unique port uniquely identifies the first network device on the local network, and wherein the globally unique port is used to replace a local source port on the first network device;
adding an additional request header to the request data packet to create a modified request data packet, wherein the additional request header includes a first local internal Internet Protocol address for the first network device that identifies the first network device on the local network and a second local internal Internet Protocol address for the router that identifies the router on the local network; and
forwarding the modified request data packet from the first network device to the router over the local network. - View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42)
receiving the modified request data packet on the router over the local network;
deleting the additional request header from the modified request data packet to obtain the request data packet; and
forwarding the request data packet from the router over the Internet to the third network device.
-
-
37. The method of claim 36 further comprising:
-
receiving a response data packet on the router on the local network from the third network device on the Internet for the first network device on the local network on the common external Internet Protocol address for the network devices on the local network, wherein the response data packet includes the common external Internet Protocol address for the network devices on the local network and a globally unique port to uniquely identify the first network device on the local network;
determining on the router with the globally unique port from the response data packet, the first local internal Internet Protocol address that identifies the first network device on the first network;
adding an additional response header to the response data packet to create a modified response data packet, wherein the additional response header includes the determined first local internal Internet Protocol address for the first network device that identifies the first network device on the local network and the second local internal Internet Protocol address for the router that identifies the router on the local network;
forwarding the modified response data packet from the router to the first network device over the local network.
-
-
38. The method of claim 37 further comprising:
-
receiving the modified response data packet on the first network device on the local network; and
deleting the additional response header from the modified response data packet to obtain the response data packet.
-
-
39. The method of claim 38 further comprising:
replacing the globally unique port from the response data packet with a local source port for use on the first network device.
-
40. The method of claim 34 wherein the first local internal Internet Protocol address and the second local internal Internet Protocol address are local internal Internet Protocol addresses that cannot be used on the Internet.
-
41. The method of claim 34 wherein the first local internal Internet Protocol address and the second local internal Internet Protocol address are local internal Internet Protocol addresses with a format 10.x.y.z, wherein x, y and z each comprise positive whole numbers between zero and 255.
-
42. The method of claim 34 wherein the local source port is a Transmission Control Protocol port or a User Datagram Protocol port.
Specification