Traceroute using address request messages

US 7,738,383 B2
Filed: 12/21/2006
Issued: 06/15/2010
Est. Priority Date: 12/21/2006
Status: Active Grant

First Claim

Patent Images

1. An apparatus, comprising:

a processor; and

a memory coupled to the processor comprising instructions executable by the processor, the processor operable when executing the instructions to;

generate a plurality of messages each having a header and a payload, wherein each header includes a different lifetime value;

generate a Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) (STUN) request;

manipulate the STUN request to generate a plurality of different instances of the STUN request and insert each STUN request instance into a different one of the messages;

send the plurality of messages to a remote endpoint, each of the messages addressed to a valid port on a destination address of the messages;

receive back a plurality of error responses identifying the presence of routers located between an originating endpoint of the messages and the remote endpoint;

receive back a STUN response from a STUN server operating on the destination indicating completion of a traceroute to the remote endpoint; and

correlate each of the error responses as well as the STUN response with a respective one of the messages.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, an endpoint sends messages containing Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) (STUN) requests to traceroute a path to the remote endpoint. The traceroute may be completed through security devices such as NATs and firewalls. Receipt of a STUN response from the remote endpoint signals that one of the traceroute packets reached the remote endpoint whereas the other traceroute packets have elicited error responses from intermediary, on-path routers, allowing these routers to be identified.

155 Citations

18 Claims

1. An apparatus, comprising:
- a processor; and
  
  a memory coupled to the processor comprising instructions executable by the processor, the processor operable when executing the instructions to;
  
  generate a plurality of messages each having a header and a payload, wherein each header includes a different lifetime value;
  
  generate a Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) (STUN) request;
  
  manipulate the STUN request to generate a plurality of different instances of the STUN request and insert each STUN request instance into a different one of the messages;
  
  send the plurality of messages to a remote endpoint, each of the messages addressed to a valid port on a destination address of the messages;
  
  receive back a plurality of error responses identifying the presence of routers located between an originating endpoint of the messages and the remote endpoint;
  
  receive back a STUN response from a STUN server operating on the destination indicating completion of a traceroute to the remote endpoint; and
  
  correlate each of the error responses as well as the STUN response with a respective one of the messages.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The apparatus of claim 1, wherein the STUN response includes an address of an intermediary network address translation device that is located remotely with respect to both endpoints.
  - 3. The apparatus of claim 1, wherein the processor is further operable to:
    - send audio or video data to a Real Time Protocol (RTP) port on the remote endpoint;
      
      wherein the plurality of messages are addressed to the same RTP port on the remote endpoint.
  - 4. The apparatus of claim 1, wherein each of the STUN request instances has a particular amount of bits that is different than the amount of bits of each of the other STUN request instances.
  - 5. The apparatus of claim 1, wherein each of the error responses includes a portion of the payload of a respective one of the messages, and wherein the processor is further operable to:
    - examine the message payload portion of one of the error responses to identify a packet length field included therein; and
      
      compare a packet length specified by the packet length field to packet lengths of the messages to match the examined error response to a particular one of the messages.
  - 6. The apparatus of claim 1, wherein the processor is further operable to:
    - establish a session with the remote endpoint, the session associated with a first network path for transferring media to the remote endpoint and a second network path that is separate from the first network path, the second network path for transferring out of band control information associated with the media to the remote endpoint;
      
      send the plurality of messages over one of the network paths, wherein each of the plurality of messages is marked with a first Differential Services Code Point (DSCP) value;
      
      generate an additional plurality of messages each marked with a second different DSCP value; and
      
      send the additional plurality of messages over the other network path.
  - 7. The apparatus of claim 6, wherein the plurality of messages are addressed to a different valid port on the remote endpoint than the additional plurality of messages.

8. A method, comprising:
- generating a plurality of messages each having a header and a payload, wherein each header includes a different lifetime value;
  
  generating a Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) (STUN) request;
  
  manipulating the STUN request to generate a plurality of different instances of the STUN request and inserting each STUN request instance into a different one of the payloads;
  
  sending the plurality of messages to a remote endpoint, each of the messages addressed to a valid port on a destination address of the messages;
  
  receiving back a plurality of error responses identifying the presence of routers located between an originating endpoint of the messages and the remote endpoint;
  
  receiving back a STUN response from a STUN server operating on the destination indicating completion of a traceroute to the remote endpoint; and
  
  correlating each of the error responses as well as the STUN response with a respective one of the messages.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The method of claim 8, further comprising:
    - establishing a session with the remote endpoint, the session associated with a first network path for transferring media to the remote endpoint and a second network path that is separate from the first network path, the second network path for transferring out of band control information associated with the media to the remote endpoint;
      
      sending the plurality of messages over one of the network paths, wherein each of the plurality of messages is marked with a first priority value;
      
      generating an additional plurality of messages each marked with a second different priority value; and
      
      sending the additional plurality of messages over the other network path.
  - 10. The method of claim 9, wherein the plurality of messages are addressed to a different valid port on the remote endpoint than the additional plurality of messages.
  - 11. The method of claim 8, wherein each of the STUN request instances has a particular amount of bits that is different than the amount of bits of each of the other STUN request instances.
  - 12. The method of claim 11, wherein each of the error responses includes a portion of the payload of a respective one of the messages, and wherein the method further comprises:
    - examining the message payload portion of one of the error responses to identify a packet length field included therein; and
      
      comparing a packet length specified by the packet length field to packet lengths of the messages to match the examined error response to a particular one of the messages.

13. An apparatus, comprising:
- means for generating a plurality of messages each having a header and a payload, wherein each header includes a different lifetime value;
  
  means for generating a Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) (STUN) request;
  
  means for manipulating the STUN request to generate a plurality of different instances of the STUN request and inserting each STUN request instance into a different one of the payloads;
  
  a network interface configured to transmit the plurality of messages and receive back a STUN response from a STUN server operating on the destination as well as a plurality of error responses from routers located between an originating endpoint of the messages and a remote endpoint; and
  
  means for correlating each of the error responses as well as the STUN response with a respective one of the messages.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The apparatus of claim 13, further comprising:
    - means for establishing a session with the remote endpoint, the session associated with a first network path for transferring media to the remote endpoint and a second network path that is separate from the first network path, the second network path for transferring out of band control information associated with the media to the remote endpoint;
      
      means for generating an additional plurality of messages each addressed to a different valid port on the remote endpoint than the plurality of messages; and
      
      the network interface configured to send all the messages, wherein the plurality of messages travels over one of the network paths and the additional plurality of messages travels over the other network path.
  - 15. The apparatus of claim 14, further comprising means for marking each of the plurality of messages with a first Differential Services Code Point (DSCP) value and each of the additional plurality of messages with a second different DSCP value.
  - 16. The apparatus of claim 14, wherein one of the valid ports matches a port number used for transferring the media and the other valid port does not match the port number used for transferring the media.
  - 17. The apparatus of claim 13, wherein each of the STUN request instances has a particular amount of bits that is different than the amount of bits of each of the other STUN request instances.
  - 18. The apparatus of claim 17, wherein each of the error responses includes a portion of the payload of a respective one of the messages, and wherein the apparatus further comprises:
    - means for examining the message payload portion of one of the error responses to identify a packet length field included therein; and
      
      means for comparing a packet length specified by the packet length field to packet lengths of the messages to match the examined error response to a particular one of the messages.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Wing, Daniel G., Oran, David R., Andreasen, Flemming Stig
Primary Examiner(s)
Rao; Seema S
Assistant Examiner(s)
Wu; Jianye

Application Number

US11/614,843
Publication Number

US 20080151764A1
Time in Patent Office

1,272 Days
Field of Search

370/248
US Class Current

370/236
CPC Class Codes

H04L 41/12   Discovery or management of ...

H04L 41/344   Out-of-band transfers

H04L 45/20   Hop count for routing purpo...

H04L 61/2575   using address mapping retri...

H04L 61/2578   without involvement of the ...

Traceroute using address request messages

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

155 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Traceroute using address request messages

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

155 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links