Methods and systems for network address translation management

US 8,233,488 B2
Filed: 11/14/2007
Issued: 07/31/2012
Est. Priority Date: 09/14/2007
Status: Expired due to Fees

First Claim

Patent Images

1. A method for network address translation, the method comprising:

providing a first network address translation table and a second network address translation table, the first and second network address translation tables both including entries for network traffic between a public network and a private network and associated with a public Internet Protocol address, the first network address translation table including entries for a low priority subset of the network traffic between a public network and a private network and the second network address translation table including entries for a high priority subset of the network traffic between the public network and the private network;

enforcing a first limit on the number of processor cycles used for maintenance of the first network address translation table and a second limit on the number of processor cycles used for maintenance of the second network address translation table;

receiving a first network packet of a first network traffic type;

determining the first network packet corresponds to the low priority network traffic based upon the first network packet being of the first network traffic type;

adding a first entry to the first network address translation table;

removing the first entry from the first network address translation table after a first timeout interval and removing the second entry from the second network address translation table after a second timeout interval; and

providing an interface for altering the first timeout interval or the second timeout interval.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for network address translation (NAT) includes providing a first and a second NAT table. The method further includes receiving a network packet and classifying the network packet based on a type of network traffic. Additionally, an entry is added to the first NAT table based on the classification of the network packet.

35 Citations

View as Search Results

23 Claims

1. A method for network address translation, the method comprising:
- providing a first network address translation table and a second network address translation table, the first and second network address translation tables both including entries for network traffic between a public network and a private network and associated with a public Internet Protocol address, the first network address translation table including entries for a low priority subset of the network traffic between a public network and a private network and the second network address translation table including entries for a high priority subset of the network traffic between the public network and the private network;
  
  enforcing a first limit on the number of processor cycles used for maintenance of the first network address translation table and a second limit on the number of processor cycles used for maintenance of the second network address translation table;
  
  receiving a first network packet of a first network traffic type;
  
  determining the first network packet corresponds to the low priority network traffic based upon the first network packet being of the first network traffic type;
  
  adding a first entry to the first network address translation table;
  
  removing the first entry from the first network address translation table after a first timeout interval and removing the second entry from the second network address translation table after a second timeout interval; and
  
  providing an interface for altering the first timeout interval or the second timeout interval.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising limiting the first network address translation table to a predefined size.
  - 3. The method of claim 2, further comprising providing an interface for changing the predefined size.
  - 4. The method of claim 1, further comprising limiting the low priority network traffic to a predefined packet rate.
  - 5. The method of claim 1, further comprising limiting the low priority network traffic to a first portion of a bandwidth to guarantee a predefined second portion of the bandwidth is available to high priority network traffic.
  - 6. The method of claim 1, further comprising receiving a second network packet;
    - determining the second network packet corresponds to the high priority network traffic; and
      
      adding a second entry to the second network address translation table.
  - 7. The method of claim 1, further comprising receiving a third network packet;
    - determining the third network packet corresponds to the low priority network traffic; and
      
      retrieving a third entry from the first network address translation table.
  - 8. The method of claim 1, wherein the first entry includes an address and a port of a first device on the private network, an address and a port of a second device on the public network, and an address and a port of a gateway.

9. A gateway comprising:
- a memory configured to include a first network address translation table and a second network address translation table, the first and second network address translation tables both including entries for network traffic between a public network and a private network and associated with a public Internet Protocol address, the first network address translation table including entries for a low priority subset of the network traffic between a public network and a private network and the second network address translation table including entries for a high priority subset of the network traffic between the public network and the private network;
  
  a processor configured to;
  
  enforce a first limit on the number of processor cycles used for maintenance of the first network address translation table and a second limit on the number of processor cycles used for maintenance of the second network address translation table in response to a processor utilization exceeding a threshold;
  
  receive a first network packet of a first network traffic type;
  
  determine the first network packet corresponds to the low priority network traffic based upon the first network packet being of the first network traffic type; and
  
  add a first entry to the first network address translation table.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The gateway of claim 9, wherein the processor is further configured to limit the low priority network traffic to a predefined packet rate.
  - 11. The gateway of claim 9, wherein the processor is further configured to limit the low priority network traffic to a first portion of a bandwidth to guarantee a predefined second portion of the bandwidth is available to the high priority network traffic.
  - 12. The gateway of claim 9, wherein the processor is further configured to receive a second network packet;
    - determine the second network packet corresponds to the high priority network traffic; and
      
      add a second entry to the second network address translation table.
  - 13. The gateway of claim 12, wherein the first network address translation table has a first timeout value and the second network address translation table has a second timeout value.
  - 14. The gateway of claim 9, further comprising an expansion slot for increasing the size of the memory.

15. A method for network address translation, the method comprising:
- providing a network address translation table, the network address translation table including plurality of entries for network traffic between a public network and a private network, a first portion of the plurality of entries including a type designation corresponding to low priority network traffic and a second portion of the plurality of entries including a type designation corresponding to high priority network traffic;
  
  enforcing a first limit on the number of processor cycles used for maintenance of the first portion and a second limit on the number of processor cycles used for maintenance of the second portion, wherein enforcing the first limit and the second limit is in response to a processor utilization exceeding a threshold;
  
  receiving a first network packet of a first network traffic type;
  
  determining the first network packet corresponds to the low priority network traffic when the first network packet is of the first network traffic type;
  
  adding a first entry to the network address translation table, the entry including a type designation corresponding to the low priority network traffic and a first timeout interval having a first initial duration;
  
  receiving a second network packet of a second network traffic type;
  
  determining the second network packet corresponds to the high priority network traffic when the second network packet is of the second network traffic type; and
  
  adding a second entry to the network address translation table, the entry including a type designation corresponding to the high priority network traffic and a second timeout interval having a second initial duration,wherein the first initial duration is different than the second initial duration.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, further comprising limiting the first portion to a predefined size.
  - 17. The method of claim 15, further comprising limiting the low priority network traffic to a predefined packet rate.
  - 18. The method of claim 15, further comprising limiting the low priority network traffic to a first bandwidth to guarantee a predefined second bandwidth is available to the high priority network traffic.
  - 19. The method of claim 15, further comprising removing the first entry after the first timeout interval and removing the second entry after the second timeout interval.
  - 20. The method of claim 15, wherein the first timeout interval is shorter than the second timeout interval.

21. A gateway comprising:
- a memory configured to include a network address translation table, the network address translation table including a plurality of entries for network traffic between a public network and a private network, a first portion of the plurality of entries including a first type designation corresponding to low priority network traffic and a first timeout interval having a first initial duration, and a second portion of the plurality of entries including a second type designation corresponding to high priority network traffic and a second timeout interval having a second initial duration, wherein the first initial duration is different than the second initial duration; and
  
  a processor configured to;
  
  enforce a first limit on the number of processor cycles used for maintenance of the first portion and a second limit on the number of processor cycles used for maintenance of the second portion in response to a processor utilization exceeding a threshold;
  
  receive a first network packet of a first network traffic type;
  
  determine the first network packet corresponds to the low priority network traffic based upon the first network packet being of the first network traffic type; and
  
  add a first entry to the network address translation table, the entry including the first type designation and the first timeout interval.
- View Dependent Claims (22, 23)
- - 22. The gateway of claim 21, wherein the processor is further configured to limit the low priority network traffic to a predefined packet rate.
  - 23. The gateway of claim 21, wherein the processor is further configured to limit the low priority network traffic to a first bandwidth to guarantee a predefined second bandwidth is available to the high priority network traffic.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Knowledge Ventures, L.P. (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Savoor, Raghvendra, Li, Zhi, Livescu, Jian
Primary Examiner(s)
BLANTON, JOHN D

Application Number

US11/940,137
Publication Number

US 20090073987A1
Time in Patent Office

1,721 Days
Field of Search

370/401, 370/466, 370/392, 395/430, 395/405, 395/493
US Class Current

370/395.31
CPC Class Codes

H04L 47/10   Flow control; Congestion co...

H04L 47/2416   Real-time traffic

H04L 47/2441   relying on flow classificat...

H04L 47/36   by determining packet size,...

H04L 61/255   Maintenance or indexing of ...

Methods and systems for network address translation management

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

35 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for network address translation management

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links