Method and system for performing asymmetric address translation
First Claim
1. A method for performing network address translations for a session in a network, the network including at least one local network domain, the local network domain including at least one computer system, each of the at least one computer system having a local address and being associated with a global address, the session exchanging a plurality of packets that travel to and from a second at least one computer system within the network, each of the second at least one computer system being connected to the network outside of the local network domain, each of the plurality of packets including source information and destination information, the method comprising the steps of:
- searching a global address table for a match of a key for each of the plurality of packets to determine a direction of travel for each of the plurality of packets, the key being provided using a portion of the destination information, the global address table including at least one entry, each of the at least one entry corresponding to the global address for a first corresponding computer system; and
asymmetrically translating the source information and destination information for each of the plurality of packets using an address translation table or session table based on a direction the packet is traveling, the address translation table including at least one entry, each of the at least one entry corresponding to the local address for a first at least one computer system within the at least one local network domain of the network, the session table including at least one session table entry, each of the at least one session table entry corresponding to a specific connection between two computer systems, the asymmetric translating including providing a symmetric key for indexing a session table, the symmetric key being symmetric for bi-directional traffic.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for performing network address translations for a session in a network is disclosed. The network includes at least one local network domain, and the at least one local network domain includes at least one computer system. Each computer system has a local address and is associated with a global address. The session exchanges packets that travel between the computer system within the local network domain and another computer system which may be outside of the local network domain. Each packet includes source and destination information. The method and system include determining a direction of travel for each packet, inbound or outbound, by searching a global address table for a match of a key for each packet. The key is provided using a portion of the destination information. The global address table includes at least one entry. Each entry corresponds to the global address for a first corresponding computer system. The method and system also include asymmetrically translating the source and destination information for each packet using an address translation table or session table based on whether or not the full match is found. The destination information is translated using information in the session table if the packet is inbound. The source information is translated based on the address translation table if the packet is outbound. The address translation table includes at least one entry. Each entry corresponds to the local address for a first corresponding computer system or a global host name for a shared host.
-
Citations
26 Claims
-
1. A method for performing network address translations for a session in a network, the network including at least one local network domain, the local network domain including at least one computer system, each of the at least one computer system having a local address and being associated with a global address, the session exchanging a plurality of packets that travel to and from a second at least one computer system within the network, each of the second at least one computer system being connected to the network outside of the local network domain, each of the plurality of packets including source information and destination information, the method comprising the steps of:
-
searching a global address table for a match of a key for each of the plurality of packets to determine a direction of travel for each of the plurality of packets, the key being provided using a portion of the destination information, the global address table including at least one entry, each of the at least one entry corresponding to the global address for a first corresponding computer system; and asymmetrically translating the source information and destination information for each of the plurality of packets using an address translation table or session table based on a direction the packet is traveling, the address translation table including at least one entry, each of the at least one entry corresponding to the local address for a first at least one computer system within the at least one local network domain of the network, the session table including at least one session table entry, each of the at least one session table entry corresponding to a specific connection between two computer systems, the asymmetric translating including providing a symmetric key for indexing a session table, the symmetric key being symmetric for bi-directional traffic. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for performing network address translations for a session in a network, the network including at least one local network domain, the local network domain including at least one computer system, each of the at least one computer system having a local address and being associated with a global address, the session exchanging a plurality of packets that travel to and from a second at least one computer system within the network, each of the second at least one computer system being connected to the network outside of the local network domain, each of the plurality of packets including source information and destination information, the system comprising:
-
a memory for storing an address translation table, a global address table and a session table, the address translation table including at least one entry, the address translation table including at least one entry, each of the at least one entry corresponding to the local address for a first corresponding computer system within the at least one local network domain of the network, the session table including at least one session table entry, each of the at least one session table entry corresponding to a specific connection between two computer systems, the global address table including at least one entry, each of the at least one entry corresponding to the global address for a first at least one corresponding computer system; and a processor for searching the global address table for a full match of a key for each of the plurality of packets, the key being provided using a portion of the source destination information, the processor also for asymmetrically translating the source information and destination information for each of the plurality of packets using the address translation table or a session table based on a direction the packet is traveling, the asymmetric translating including the processor providing a symmetric key for indexing a session table, the symmetric key being symmetric for bi-directional traffic. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A computer-readable medium containing a program for performing network address translations for a session in a network, the network including at least one local network domain, the local network domain including at least one computer system, each of the at least one computer system having a local address and being associated with a global address, the session exchanging a plurality of packets that travel to and from a second at least one computer system within the network, each of the second at least one computer system being connected to the network outside of the local network domain, each of the plurality of packets including source information and destination information, the program including instructions for:
-
searching a global address table for a match of a key for each of the plurality of packets to determine a direction of travel for each of the plurality of packets, the key being provided using a portion of the destination information, the global address table including at least one entry, each of the at least one entry corresponding to the global address for a first corresponding computer system; and asymmetrically translating the source information and destination information for each of the plurality of packets using an address translation table or session table based on a direction the packet is traveling, the address translation table including at least one entry, each of the at least one entry corresponding to the local address for a first corresponding computer system within the at least one local network domain of the network, the session table including at least one entry, each of the at least one entry corresponding to a specific connection between two computer systems, the asymmetric translating including providing a symmetric key for indexing a session table, the symmetric key being symmetric for bi-directional traffic. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26)
-
Specification