Mechanisms for using NAT at a session border controller
First Claim
1. A method for managing session data sent between nodes, comprising:
- (a) in an intermediary node, receiving a first register packet for setting up a call between endnodes sent from a first node to the intermediary node, wherein the first register packet includes a header having a first inside address that identifies the first node and a payload having a first private address that also identifies the first node and differs from the first inside address, wherein the first inside address was supplied by another intermediary node that translated the first register packet before such packet is received by a first intermediary node and the first private address is an Internet Protocol (IP) address of a private network of the first node;
(b) in the intermediary node, translating each of the first inside address of the header and a first private address of the payload into a same first outside address;
(c) in the intermediary node, translating a first proxy address of the header into a second proxy address, wherein the first proxy address is associated with the intermediary node and the second proxy address is associated with a registrar node for managing sessions between endnodes, wherein a binding between the first and second proxy addresses is configured at the intermediary node; and
(d) without terminating and generating a session for such first register packet at the intermediary node, forwarding the first register packet from the intermediary node towards the registrar node after translating the header and translating the payload.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are apparatus and methods for managing session data in a session border controller (SBC), where the session data is sent from a first node, such as a first phone, to a second node, such as a registrar or second phone. In general, embodiments of the present invention support SBC functionality by managing sessions through the SBC without implementing a terminate and regenerate of the sessions, but rather by intercepting packets destined to the second node and efficiently handling such functionality in the forwarding-path. Also in deployments where the endnodes require NAT (network address translation), mechanisms are provided in the SBC to perform NAT on the addresses embedded in the payload of the session data. In other aspects, mechanisms for keeping the sessions or NAT entries alive are facilitated at the SBC, even when an endnode has a expiration time that differs an expiration time of another device, such as a registar device. Other embodiments allow the actual media packets to flow through the SBC (e.g., for security, accounting, etc) while allowing two endnodes to utilize a same private address or domain.
-
Citations
19 Claims
-
1. A method for managing session data sent between nodes, comprising:
-
(a) in an intermediary node, receiving a first register packet for setting up a call between endnodes sent from a first node to the intermediary node, wherein the first register packet includes a header having a first inside address that identifies the first node and a payload having a first private address that also identifies the first node and differs from the first inside address, wherein the first inside address was supplied by another intermediary node that translated the first register packet before such packet is received by a first intermediary node and the first private address is an Internet Protocol (IP) address of a private network of the first node; (b) in the intermediary node, translating each of the first inside address of the header and a first private address of the payload into a same first outside address; (c) in the intermediary node, translating a first proxy address of the header into a second proxy address, wherein the first proxy address is associated with the intermediary node and the second proxy address is associated with a registrar node for managing sessions between endnodes, wherein a binding between the first and second proxy addresses is configured at the intermediary node; and (d) without terminating and generating a session for such first register packet at the intermediary node, forwarding the first register packet from the intermediary node towards the registrar node after translating the header and translating the payload. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer system operable to manage session data sent between nodes, the computer system comprising:
-
one or more processors; one or more memory, wherein at least one of the processors and memory are operable to perform the following operations; (a) in an intermediary node, receiving a first register packet for setting up a call between endnodes sent from a first node to the intermediary node, wherein the first register packet includes a header having a first inside address that identifies the first node and a payload having a first private address that also identifies the first node and differs from the first inside address, wherein the first inside address was supplied by another intermediary node that translated the first register packet before such packet is received by a first intermediary node and the first private address is an Internet Protocol (IP) address of a private network of the first node; (b) in the intermediary node, translating each of the first inside address of the header and the first private address of the payload into a same first outside address; (c) in the intermediary node, translating a first proxy address of the header into a second proxy address, wherein the first proxy address is associated with the intermediary node and the second proxy address is associated with a registrar node for managing sessions between the endnodes, wherein a binding between the first and second proxy addresses is configured at the intermediary node; and (d) without terminating and generating a session for such first register packet at the intermediary node, forwarding the first register packet from the intermediary node towards the registrar node after translating the header and translating the payload. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer program product for managing session data sent between nodes, the computer program product comprising:
-
at least one non-transitory computer readable storage medium in the form of magnetic media, optical media, or magneto-optical media; computer program instructions stored within the at least one computer readable product configured for; in an intermediary node, receiving a first register packet sent for setting up a call between endnodes from a first node to the intermediary node, wherein the first register packet includes a header having a first inside address that identifies the first node and a payload having a first private address that also identifies the first node and differs from the first inside address, wherein the first inside address was supplied by another intermediary node that translated the first register packet before such packet is received by the first intermediary node and the first private address is an Internet Protocol (IP) address of a private network of the first node; in the intermediary node, translating each of the first inside address of the header and the first private address of the payload into a same first outside address; in the intermediary node, translating a first proxy address of the header into a second proxy address, wherein the first proxy address is associated with the intermediary node and the second proxy address is associated with a registrar node for managing sessions between endnodes, wherein a binding between the first and second proxy addresses is configured at the intermediary node; and without terminating and generating a session for such first register packet at the intermediary node, forwarding the first register packet from the intermediary node towards the registrar node after translating the header and translating the payload.
-
Specification