Method of communicating packet multimedia to restricted endpoints

US 7,907,525 B2
Filed: 01/26/2009
Issued: 03/15/2011
Est. Priority Date: 11/20/2003
Status: Active Grant

First Claim

Patent Images

1. A method, performed by a network element, for communicating packet multimedia data between a first endpoint and a second endpoint, the method comprising:

receiving an outbound multimedia signaling packet;

determining if the outbound multimedia signaling packet originated from a first endpoint that is logically behind a security device;

determining and storing information identifying a logical pinhole in the security device, wherein the logical pinhole is associated with expected inbound multimedia data packets directed to the first endpoint;

determining that the first endpoint permits adding a software component that generates periodic messages for keeping the logical pinhole open;

installing, with the network element, the software component on the first endpoint;

activating the software component to generate periodic messages toward a signaling controller in order to keep the logical pinhole open;

sending a command to the first endpoint to cause the software component to modify a frequency at which it generates periodic messages; and

forwarding inbound multimedia signaling messages directed toward the first endpoint via the logical pinhole.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, performed in a network element, for communicating packet multimedia data between a first endpoint and a second endpoint, the method comprising the machine-implemented steps of receiving an outbound multimedia data packet; determining if the outbound multimedia data packet originated from a first endpoint that is logically behind a security device; determining and storing information identifying a logical pinhole in the security device, wherein the logical pinhole is associated with expected inbound multimedia data packets directed to the first endpoint; performing an action that keeps the logical pinhole open during all of a communication session between the first endpoint and the second endpoint; and forwarding inbound multimedia data packets directed from the second endpoint to the first endpoint via the logical pinhole.

20 Citations

View as Search Results

17 Claims

1. A method, performed by a network element, for communicating packet multimedia data between a first endpoint and a second endpoint, the method comprising:
- receiving an outbound multimedia signaling packet;
  
  determining if the outbound multimedia signaling packet originated from a first endpoint that is logically behind a security device;
  
  determining and storing information identifying a logical pinhole in the security device, wherein the logical pinhole is associated with expected inbound multimedia data packets directed to the first endpoint;
  
  determining that the first endpoint permits adding a software component that generates periodic messages for keeping the logical pinhole open;
  
  installing, with the network element, the software component on the first endpoint;
  
  activating the software component to generate periodic messages toward a signaling controller in order to keep the logical pinhole open;
  
  sending a command to the first endpoint to cause the software component to modify a frequency at which it generates periodic messages; and
  
  forwarding inbound multimedia signaling messages directed toward the first endpoint via the logical pinhole.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the first endpoint is configured to begin communications by first addressing the signaling controller which receives the outbound multimedia signaling packets.
  - 3. The method of claim 1, further comprising instructing one or more media controllers to forward all subsequent multimedia packets from the first endpoint to the second endpoint.
  - 4. The method of claim 1, wherein sending a command to the first endpoint comprises sending a command to the first endpoint through the pinhole, wherein the command forces the endpoint to respond with a message that keeps the logical pinhole open.

5. A method, performed by a network element, for communicating packet multimedia data between a first endpoint and a second endpoint, the method comprising:
- receiving an outbound multimedia signaling packet;
  
  determining if the outbound multimedia signaling packet originated from a first endpoint that is logically behind a security device;
  
  determining and storing information identifying a logical pinhole in the security device, wherein the logical pinhole is associated with expected inbound multimedia data packets directed to the first endpoint;
  
  determining, from the outbound multimedia signaling packet, address information identifying a local network address of the first endpoint and an address of a security device that the first endpoint is behind;
  
  storing the address information in association with information identifying the first endpoint;
  
  receiving a request to provide the physical location of the first endpoint;
  
  providing, in a response message, the address information for the first endpoint; and
  
  forwarding inbound multimedia signaling messages directed toward the first endpoint via the logical pinhole.
- View Dependent Claims (6)
- - 6. The method of claim 5, wherein providing the address information comprises:
    - embedding the address information associated with the first endpoint in the signaling packet; and
      
      communicating the signaling packet toward a destination entity.

7. A method, performed by a network element, for communicating packet multimedia data between a first endpoint and a second endpoint, the method comprising:
- receiving an outbound multimedia signaling packet;
  
  determining if the outbound multimedia signaling packet originated from a first endpoint that is logically behind a security device;
  
  determining and storing information identifying a logical pinhole in the security device, wherein the logical pinhole is associated with expected inbound multimedia data packets directed to the first endpoint;
  
  forwarding inbound multimedia signaling messages directed toward the first endpoint via the logical pinhole;
  
  receiving a keep-alive message from the first endpoint;
  
  determining that the keep-alive message originated from a registered endpoint; and
  
  acknowledging the keep-alive message without forwarding the keep-alive message to a call-control server that services calls from and to the first endpoint.
- View Dependent Claims (8)
- - 8. The method of claim 7, further comprising maintaining separate keep-alive timeout values for communications from an endpoint to the signaling controller and from the signaling controller to the call control server.

9. A method, performed by a network element, for communicating packet multimedia data between a first endpoint and a second endpoint, the method comprising:
- receiving an outbound multimedia signaling packet;
  
  determining if the outbound multimedia signaling packet originated from a first endpoint that is logically behind a security device;
  
  determining and storing information identifying a logical pinhole in the security device, wherein the logical pinhole is associated with expected inbound multimedia data packets directed to the first endpoint;
  
  forwarding inbound multimedia signaling messages directed toward the first endpoint via the logical pinhole;
  
  receiving a signaling message from the first endpoint;
  
  allocating a port pair on a media controller for the use of streams of media;
  
  modifying the signaling message to point the streams of media to an address and port that have been allocated at the media controller for processing packets of a communication session between the second endpoint and the first endpoint;
  
  forwarding the modified signaling message to a destination entity, wherein the media controller determines the logical pinhole based on receiving the streams of media from the second endpoint at the allocated address and port; and
  
  waiting, at the media controller, for the streams of media to arrive from both endpoints to detect media pinholes and for relaying the streams of media between the two endpoints.

10. An apparatus for communicating packet multimedia data between a first endpoint and a second endpoint, the apparatus comprising:
- a communication interface that receives an outbound multimedia signaling packet;
  
  a processor configured to;
  
  determine if the outbound multimedia signaling packet originated from a first endpoint that is logically behind a security device;
  
  determine and store information identifying a logical pinhole in the security device, wherein the logical pinhole is associated with expected inbound multimedia data packets directed to the first endpoint;
  
  determine that the first endpoint permits adding a software component that generates periodic messages for keeping the logical pinhole open;
  
  install the software component on the first endpoint;
  
  activate the software component to generate periodic messages in order to keep the logical pinhole open,forward inbound multimedia signaling messages directed toward the first endpoint via the logical pinhole; and
  
  a storage module that stores the information identifying the logical pinhole,wherein the communication interface sends a command to the first endpoint to modify a frequency at which the first endpoint generates the periodic messages.
- View Dependent Claims (11, 12, 13)
- - 11. The apparatus of claim 10, wherein the first endpoint is configured to begin communications by first addressing a signaling controller which receives the outbound multimedia signaling packets.
  - 12. The apparatus of claim 10, wherein the communication interface sends a command to one or more media controllers to forward all subsequent multimedia packets from the first endpoint to the second endpoint.
  - 13. The apparatus of claim 10, wherein the communication interface sends the command to the first endpoint through the pinhole to force the endpoint to respond with a message that keeps the logical pinhole open.

14. An apparatus for communicating packet multimedia data between a first endpoint and a second endpoint, the apparatus comprising:
- a communication interface that receives an outbound multimedia signaling packet;
  
  a processor configured to;
  
  determine if the outbound multimedia signaling packet originated from a first endpoint that is logically behind a security device;
  
  determine and store information identifying a logical pinhole in the security device, wherein the logical pinhole is associated with expected inbound multimedia data packets directed to the first endpointforward inbound multimedia signaling messages directed toward the first endpoint via the logical pinhole; and
  
  a storage module that stores the information identifying the logical pinhole,wherein the processor is configured to determine, from the outbound multimedia signaling packet, address information identifying a local network address of the first endpoint and an address of a security device that the first endpoint is behind,wherein the storage module stores the address information in association with information identifying the first endpoint, andwherein the communication interface;
  
  receives a request to provide the physical location of the first endpoint, andsends, in a response to the request, the address information for the first endpoint.

15. An apparatus for communicating packet multimedia data between a first endpoint and a second endpoint, the apparatus comprising:
- a communication interface that receives an outbound multimedia signaling packet;
  
  a processor configured to;
  
  determine if the outbound multimedia signaling packet originated from a first endpoint that is logically behind a security device;
  
  determine and store information identifying a logical pinhole in the security device, wherein the logical pinhole is associated with expected inbound multimedia data packets directed to the first endpointforward inbound multimedia signaling messages directed toward the first endpoint via the logical pinhole; and
  
  a storage module that stores the information identifying the logical pinhole,wherein the communication interface receives a keep-alive message from the first endpoint,wherein the processor is configured to determine that the keep-alive message originated from a registered endpoint, andwherein the communication interface acknowledges the keep-alive message without forwarding the keep-alive message to a call-control server that services calls from and to the first endpoint.
- View Dependent Claims (16)
- - 16. The apparatus of claim 15, wherein the storage module stores separate keep-alive timeout values for communications from an endpoint to a signaling controller and from the signaling controller to the call control server.

17. An apparatus for communicating packet multimedia data between a first endpoint and a second endpoint, the apparatus comprising:
- a communication interface that receives an outbound multimedia signaling packet;
  
  a processor configured to;
  
  determine if the outbound multimedia signaling packet originated from a first endpoint that is logically behind a security device;
  
  determine and store information identifying a logical pinhole in the security device, wherein the logical pinhole is associated with expected inbound multimedia data packets directed to the first endpointforward inbound multimedia signaling messages directed toward the first endpoint via the logical pinhole; and
  
  a storage module that stores the information identifying the logical pinhole,a media controller,wherein the communication interface receives a signaling message from the first endpoint,wherein the media controller allocates a port for the use of streams of media,wherein the processor modifies the signaling message to point the streams of media to an address and port that have been allocated at the media controller for processing packets of a communication session between the second endpoint and the first endpoint,wherein the communication interface forwards the modified signaling message to a destination entity, wherein the media controller determines the logical pinhole based on receiving the streams of media from the second endpoint at the allocated address and port, andwherein the media controller waits for media to arrive from both endpoints so media pinholes can be detected and media can be relayed between the two endpoints.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Juniper Networks Incorporated
Original Assignee
Juniper Networks Incorporated
Inventors
Mohaban, Shai
Primary Examiner(s)
Patel; Jayanti K
Assistant Examiner(s)
Park; Jung

Application Number

US12/359,592
Publication Number

US 20090135837A1
Time in Patent Office

778 Days
Field of Search

370/230, 370/252, 370/352, 370/392, 370/395.21, 370/395.52, 370/401, 726 11- 14, 709/226
US Class Current

370/230
CPC Class Codes

H04L 63/029 Firewall traversal, e.g. tu...

H04L 67/14 Session management for real...

Method of communicating packet multimedia to restricted endpoints

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

20 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Method of communicating packet multimedia to restricted endpoints

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links