Network address translator and secure transfer device for interfacing networks
First Claim
1. An interface for a network for interfacing flows of packets between Internet Protocol ‘
- IP’
addressable devices in the network and IP addressable devices external to the network, each packet in each flow of packets containing respective fields for a source IP address, a destination IP address, a source port and a destination port, the interface having;
an address translator coupled to the IP addressable devices for translating addresses of the packets flowing to and from the IP addressable devices,a secure transfer device coupled to the address translator for maintaining secure paths for each of the flows of packets to and from the IP addressable external devices, each of said secure paths having a path identifier, the secure transfer device being arranged for each secure path to insert the path identifier for said secure path into the source port field of each packet flowing on said secure path into the secure transfer device, andthe address translator being arranged to store the path identifiers inserted into said source port fields of said packets flowing into the secure transfer device in order to maintain a record of which of the secure paths corresponds to which of the packet flows.
15 Assignments
0 Petitions
Accused Products
Abstract
An interface for a private IP network interfaces flows of packets between gateway controllers and external media gateways. It has a network address translator and an IPsec device for maintaining secure paths to the external devices. A path identifier records which of the packet flows corresponds to which path. It is incorporated in the packet header, and means that the same interface can be used to couple many different external gateways, and interface them with many of the gateway controllers. Widespread deployment of such interfaces in anonymisers to achieve hiding of device addresses and network topology, as well as the reduction in use of expensive registered addresses is facilitated. By sending the path identifier in the packet, the IPsec device and the address translator can be loosely coupled devices, so standard readily available devices can be used.
-
Citations
13 Claims
-
1. An interface for a network for interfacing flows of packets between Internet Protocol ‘
- IP’
addressable devices in the network and IP addressable devices external to the network, each packet in each flow of packets containing respective fields for a source IP address, a destination IP address, a source port and a destination port, the interface having;an address translator coupled to the IP addressable devices for translating addresses of the packets flowing to and from the IP addressable devices, a secure transfer device coupled to the address translator for maintaining secure paths for each of the flows of packets to and from the IP addressable external devices, each of said secure paths having a path identifier, the secure transfer device being arranged for each secure path to insert the path identifier for said secure path into the source port field of each packet flowing on said secure path into the secure transfer device, and the address translator being arranged to store the path identifiers inserted into said source port fields of said packets flowing into the secure transfer device in order to maintain a record of which of the secure paths corresponds to which of the packet flows. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- IP’
Specification