Forwarding packets in a gateway performing network address translation (NAT)
First Claim
1. A method, comprising:
- receiving a packet;
determining forwarding information and network address translation (NAT) information for the packet;
substituting a new address for an original address in the packet based on the NAT information;
forwarding the packet with the new address on a communication path provided in the forwarding information, wherein the forwarding information and the NAT information are provided together in memory such that a single access to the memory can retrieve both the forwarding information and the NAT information; and
accessing a service selection table to determine which NAT table of a plurality of NAT tables to use for additional packets received, wherein the service selection table includes information indicating specific access parameters associated with specific service domains.
1 Assignment
0 Petitions
Accused Products
Abstract
A gateway device providing a search utility to determine both NAT information and forwarding information (“both pieces of information”) in a single search operation. The single search operation may be implemented using a single table storing both pieces of information necessary for processing a packet. As a result, both pieces of information can be potentially retrieved in a single memory access. Due to the single (or few) memory access, the throughput performance of a gateway may be enhanced. In an embodiment, the gateway is implemented as a service selection gateway which provides connectivity between multiple remote systems and service domains. The NAT/forwarding information is partitioned according to service domains such that the information needed to process packets from/to the same service domain is contained in the same table.
28 Citations
17 Claims
-
1. A method, comprising:
-
receiving a packet; determining forwarding information and network address translation (NAT) information for the packet; substituting a new address for an original address in the packet based on the NAT information; forwarding the packet with the new address on a communication path provided in the forwarding information, wherein the forwarding information and the NAT information are provided together in memory such that a single access to the memory can retrieve both the forwarding information and the NAT information; and accessing a service selection table to determine which NAT table of a plurality of NAT tables to use for additional packets received, wherein the service selection table includes information indicating specific access parameters associated with specific service domains. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A gateway, comprising:
-
an inbound interface configured to receive a packet; a network address translation (NAT) and forwarding table, wherein forwarding information and NAT information are determined for the packet, and wherein a new address is substituted for an original address in the packet based on the NAT information; an outbound interface configured to forward the packet with the new address on a communication path provided in the forwarding information, wherein the forwarding information and the NAT information are provided together in the table such that a single access to the table can retrieve both the forwarding information and the NAT information; and a service selector configured to examine the packet to identify a source Internet Protocol (IP) address to be used in determining which services an end user can access, wherein the packet is forwarded to a service domain based on access permission granted via the IP address. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. Logic encoded in one or more tangible media that includes code for execution and when executed by a processor operable to perform operations comprising:
-
receiving a packet; determining forwarding information and network address translation (NAT) information for the packet; substituting a new address for an original address in the packet based on the NAT information; forwarding the packet with the new address on a communication path provided in the forwarding information, wherein the forwarding information and the NAT information are provided together in memory such that a single access to the memory can retrieve both the forwarding information and the NAT information; examining the packet to identify a source Internet Protocol (IP) address to be used in determining which services an end user can access; and forwarding the packet to a service domain based on access permission granted via the IP address. - View Dependent Claims (15, 16, 17)
-
Specification