Stateful network address translation protocol implemented over a data network
First Claim
1. A method for implementing redundancy of stateful network address translation information in at least one network device of a data network, the method comprising:
- receiving, at a first network device, a first packet, said first packet including a header portion comprising address information relating to a source device and a destination device associated with the first packet;
generating a first network address translation (NAT) entry relating to the source device of the first packet, wherein the source device is associated with a globally unique network address;
storing the first NAT entry in a first NAT data structure residing at the first network device;
generating a first network address translation (NAT) transaction message which includes information relating to updates or modifications performed on the first NAT data structure;
transmitting the first NAT transaction message to at least one other network device to thereby cause the at least one other network device to update a respective NAT data structure associated with the at least one other network device using information from said first NAT transaction message;
wherein the first NAT entry includes a NAT ID field relating to an identity of a specific network device which is responsible for controlling modification of that particular NAT entry.
1 Assignment
0 Petitions
Accused Products
Abstract
A technique is disclosed for synchronizing NAT information stored on different network devices that have been configured to implement a network address translation protocol. Each of the network devices includes a respective NAT data structure configured to store NAT information. The NAT information includes at least one NAT entry relating to a network node engaged in a communication session with at least one other network node. At least one NAT entry in a first NAT data structure is modified. The first NAT data structure is associated with a first NAT network device. A first NAT transaction message is generated which includes information relating to the modifications performed on the first NAT data structure. The first NAT transaction message is transmitted to at least one other NAT network device to thereby cause that device to modify its respective NAT data structure using information from the first NAT transaction message. In this way, synchronization of NAT information stored on each of the network devices may be achieved.
114 Citations
38 Claims
-
1. A method for implementing redundancy of stateful network address translation information in at least one network device of a data network, the method comprising:
-
receiving, at a first network device, a first packet, said first packet including a header portion comprising address information relating to a source device and a destination device associated with the first packet; generating a first network address translation (NAT) entry relating to the source device of the first packet, wherein the source device is associated with a globally unique network address; storing the first NAT entry in a first NAT data structure residing at the first network device; generating a first network address translation (NAT) transaction message which includes information relating to updates or modifications performed on the first NAT data structure; transmitting the first NAT transaction message to at least one other network device to thereby cause the at least one other network device to update a respective NAT data structure associated with the at least one other network device using information from said first NAT transaction message; wherein the first NAT entry includes a NAT ID field relating to an identity of a specific network device which is responsible for controlling modification of that particular NAT entry. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for synchronizing network address translation (NAT) information stored on different network devices that have been configured to implement a network address translation protocol, each of said network devices including a respective NAT data structure configured to store said NAT information, the method comprising:
-
creating, in a first NAT data structure of a first network device, a first network address translation (NAT) entry relating to a network node engaged in a communication session, said first NAT entry including information relating to a local network address of the network node and a dynamically assigned global network address of the network node; generating a first network address translation (NAT) transaction message which includes information relating to updates or modifications performed on the first NAT structure; and transmitting the first NAT transaction message to at least one other network device to thereby cause the at least one other network device to update a respective NAT data structure associated with the at least one other network device using information from said first NAT transaction message; wherein the first network device and the at least one other network device are each configure as traffic handling devices that are members of a first redundancy group. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 21)
-
-
20. The method of clam 9 wherein the first network device is configured as an active traffic handling device of an active-standby redundancy group, and wherein the at least one other network device is configured as a standby traffic handling device of the active-standby redundancy group.
-
22. A network device configured to implement redundancy of stateful network address translation information in a data network, the network device comprising:
-
at least one processor; at least one interface configured or designed to provide a communication link to at least one other network device in the data network; and memory; said at least one processor being configured to store in said memory a plurality of data structures, including; a first network address translation (NAT) data structure configured to store information relating to address translations corresponding to selected network nodes in the network; and a NAT transaction data structure configured to store transactional information relating to updates or modifications performed on the first NAT data structure; said network device being configured to transit at least a portion of said NAT transactional information to said at least one other network device to thereby cause the at least one other NAT network device to modify a respective NAT data structure associated with the at least one other NAT network device using the NAT transaction information; wherein the network device is further configured or designed to receive NAT transactional information from said at least one other device, said received NAT transactional information including information relating to updates or modifications performed on said respective NAT data structure associated with the at least one other network device; and wherein the network device is further configured or designed to update or modify said first NAT data structure using data from said received NAT transactional information to thereby achieve redundancy of NAT information stored on the first network device and the at least one other network device; and wherein the first network device and the at least one other network device are each configured as traffic handling devices that are members of a first redundancy group. - View Dependent Claims (23, 24, 25, 26)
-
-
27. A system for synchronizing network address translation information stored on different network devices in a data network, the system comprising:
-
a first network device configured to implement a network address translation protocol, the first network device comprising; at least one first processor; and first memory; wherein said at least one first processor is configured to store in said first memory a first plurality of data structures, including; a first network address translation (NAT) data structure configured to store information relating to address translations corresponding to selected network nodes in the network; and a first NAT transaction data structure configured to store transactional information relating to updates or modifications performed on the first NAT data structure; said first network device being configured to transit at least a portion of said NAT transactional information to at least one other network device; and a second network device configured to implement a network address translation protocol, the second network device comprising; at least one second processor; and second memory; wherein said at least one first processor is configured to store in said second memory a second plurality of data structures, including; a second network address translation (NAT) data structure configured to store information relating to address translations corresponding to selected network nodes in the network; and a second NAT transaction data structure configured to store transactional information relating to updates or modifications performed on the second NAT data structure; said second network device being configured or designed to receive NAT transactional information from said first device, and update or modify said second NAT data structure using data from the NAT transactional information received from the first device; wherein the first network device and the at least one other network device are each configured as traffic handling devices that are members of a first redundancy group. - View Dependent Claims (28, 29, 30)
-
-
31. A method for implementing redundancy of stateful network address translation information in at least one network device of a data network, the method comprising:
-
receiving, at a first network device, a first packet, said first packet including a header portion comprising address information relating to a source device and a destination device associated with the first packet; generating a first network address translation (NAT) entry relating to the source device of the first packet, wherein the source device is associated with a globally unique network address; storing the first NAT entry in a first NAT data structure residing at the first network device; generating a first network address translation (NAT) transaction message which includes information relating to updates or modifications performed on the first NAT data structure; and transmitting the first NAT transaction message to at least one other network device to thereby cause the at least one other network device to update a respective NAT data structure associated with the at least one other network device using information from said first NAT transaction message; wherein the first network device is configured as an active traffic handling device of an active-standby redundancy group, and wherein the at least one other network device is configured as a standby traffic handling device of the active-standby redundancy group.
-
-
32. A method for implementing redundancy of stateful network address translation information in at least one network device of a data network, the method comprising:
-
receiving, at a first network device, a first packet, said first packet including a header portion comprising address information relating to a source device and a destination device associated with the first packet; generating a first network address translation (NAT) entry relating to the source device of the first packet, wherein the source device is associated with a globally unique network address; storing the first NAT entry in a first NAT data structure residing at the first network device; generating a first network address translation (NAT) transaction message which includes information relating to updates or modifications performed on the first NAT data structure; and transmitting the first NAT transaction message to at least one other network device to thereby cause the at least one other network device to update a respective NAT data structure associated with the at least one other network device using information from said first NAT transaction message; wherein the first network device is configured as an first peer traffic handling device of a peer—
peer redundancy group, and wherein the at least one other network device is configured as a second peer traffic handling device of the peer—
peer redundancy group.
-
-
33. A method for implementing redundancy of stateful network address translation information in at least one network device of a data network, the method comprising:
-
receiving, at a first network device, a first packet, said first packet including a header portion comprising address information relating to a source device and a destination device associated with the first packet; generating a first network address translation (NAT) entry relating to the source device of the first packet, wherein the source device is associated with a globally unique network address; storing the first NAT entry in a first NAT data structure residing at the first network device; generating a first network address translation (NAT) transaction message which includes information relating to updates or modifications performed on the first NAT data structure; and transmitting the first NAT transaction message to at least one other network device to thereby cause the at least one other network device to update a respective NAT data structure associated with the at least one other network device using information from said first NAT transaction message; wherein the first network device and the at least one other network device are each configured as traffic handling devices that are members of a first redundancy group. - View Dependent Claims (34, 35, 36)
-
-
37. A system for implementing redundancy of stateful network address translation information in at least one network device of a data network the system comprising:
-
means for receiving, at a first network device, a first packet, said first packet including a header portion comprises address information relating to a source device and a destination device associated with the first packet; means for generating a first network address translation (NAT) entry relating to the source device of the first packet, wherein the source device is associated with a globally unique network address; means for storing the first NAT entry in a first NAT data structure residing at the first network device; means for generating a first network address translation (NAT) transaction message which includes information relating to updates or modifications performed on the first NAT data structure; and means for transmitting the first NAT transaction message to at least one other network device to thereby cause the at least one other network device to update a respective NAT data structure associated with the at least one other network device using information from said first NAT transaction message; wherein the first network device and the at least one other network device are each configured as traffic handing devices that are members of a first redundancy group selected from at least one of the following;
active-standby redundancy groups, primary-backup redundancy groups, and peer—
peer redundancy groups.
-
-
38. A system for implementing redundancy of stateful network address translation information in at least one network device of a data network, the system comprising:
-
means for receiving, at a first network device, a first packet, said first packet including a header portion comprising address information relating to a source device and a destination device associated with the first packet; means for generating a first network address translation (NAT) entry relating to the source device of the first packet, wherein the source device is associated with a globally unique network address; means for storing the first NAT entry in a first NAT data structure residing at the first network device; means for generating a first network address translation (NAT) transaction message which includes information relating to updates or modifications performed on the first NAT data structure; and means for transmitting the first NAT transaction message to at least one other network device to thereby cause the at least one other network device to update a respective NAT data structure associated with the at least one other network device using information from said first NAT transaction message; wherein the first NAT entry includes a NAT ID field relating to an identity of a specific network device which is responsible for controlling modification of that particular NAT entry.
-
Specification