Communicating with an entity inside a private network using an existing connection to initiate communication

US 8,234,358 B2
Filed: 08/30/2002
Issued: 07/31/2012
Est. Priority Date: 08/30/2002
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method at a network interface device, the method comprising:

establishing a communication link to a server device connected to a public network, the communication link established via a communication port at the network interface device, and the communication link being identified by a connection identifier that includes a communication port identifier of the communication port and a public network address corresponding to the network interface device;

receiving a communication for a first device that is initiated from a second device connected to the public network, the communication routed via the public network from the second device to the network interface device bypassing the server device and received at the communication port of the network interface device, the second device having previously requested the connection identifier of the communication link from the server device, received the connection identifier that includes the communication port identifier and the public network address from the server device, and initiated the communication for the first device directed to the communication port at the network interface device according to the connection identifier; and

determining that the communication port correlates to a private address of the first device to route the communication that is received from the second device to the first device that is connected to the network interface device via a private network.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system is disclosed that allows an entity outside of a private network to initiate communication with another entity inside the private network. A first entity inside the private network maintains a persistent connection with a second entity outside the private network, with a port identification associated with the first entity'"'"'s persistent connection. A third entity outside the private network obtains the port identification and initiates communication with the first entity by sending a message to the first entity using the port identification. The first and third entities then exchange communications outside the persistent connection. In an alternate implementation, the third entity uses the port identification to send the first entity a request for establishing a connection. The request is forwarded to the first entity through the persistent connection. The first entity responds by establishing a connection with the third entity outside the persistent connection.

169 Citations

39 Claims

1. A computer-implemented method at a network interface device, the method comprising:
- establishing a communication link to a server device connected to a public network, the communication link established via a communication port at the network interface device, and the communication link being identified by a connection identifier that includes a communication port identifier of the communication port and a public network address corresponding to the network interface device;
  
  receiving a communication for a first device that is initiated from a second device connected to the public network, the communication routed via the public network from the second device to the network interface device bypassing the server device and received at the communication port of the network interface device, the second device having previously requested the connection identifier of the communication link from the server device, received the connection identifier that includes the communication port identifier and the public network address from the server device, and initiated the communication for the first device directed to the communication port at the network interface device according to the connection identifier; and
  
  determining that the communication port correlates to a private address of the first device to route the communication that is received from the second device to the first device that is connected to the network interface device via a private network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. A method as recited in claim 1, wherein the communication that is received for the first device does not include a public address associated with the first device.
  - 3. A method as recited in claim 1, wherein the connection identifier that identifies the communication link is translatable by the network interface device to determine the private address of the first device connected in the private network.
  - 4. A method as recited in claim 1, further comprising:
    - receiving a response communication for the second device that is initiated from the first device; and
      
      forwarding the response communication to the second device via a separate communication link bypassing the server device.
  - 5. A method as recited in claim 4, wherein the response communication is forwarded to the second device via the separate communication link that is established via a different communication port at the network interface device.
  - 6. A method as recited in claim 5, wherein the separate communication link is identified by a new connection identifier that includes a different communication port identifier of the different communication port and the public network address corresponding to the network interface device.
  - 7. A method as recited in claim 6, wherein the second device is connected in a second private network, and wherein the response communication is forwarded to the second device via a second NAT device that connects the public network and the second private network.
  - 8. A method as recited in claim 5, wherein the response communication that is forwarded to the second device includes a UDP segment that is received by the second device having a header that lists a new connection identifier that identifies the separate communication link.
  - 9. A method as recited in claim 1, wherein the network interface device comprises a NAT device, and wherein the method further comprises forwarding the communication that is received for the first device to the first device via the private network.
  - 10. A method as recited in claim 9, wherein the second device is connected in a second private network, and wherein the communication that is initiated from the second device is routed to the network interface device via a second NAT device that connects the public network and the second private network.
  - 11. A method as recited in claim 1, wherein the communication that is received for the first device includes a UDP segment that is received by the first device having a header that lists a new connection identifier that identifies a separate communication link that is established via a different communication port at the network interface device, the new connection identifier including a different communication port identifier of the different communication port and the public network address corresponding to the network interface device.
  - 12. A method as recited in claim 1, wherein the communication link is established to provide access to the first device by the second device that is connected to the public network.
  - 13. A method as recited in claim 1, wherein the first device registers with the server device when the communication link to the server device is established.

14. One or more processor readable storage devices comprising processor readable code that is executable and, in response, directs a network interface device to:
- establish a communication link to a server device connected to a public network, the communication link being established via a communication port at the network interface device, and the communication link being identified by a connection identifier that includes a communication port identifier of the communication port and a public network address corresponding to the network interface device;
  
  receive a communication for the a first device that is initiated from a second device which is connected to the public network, the communication routed via the public network from the second device to the network interface device bypassing the server device and received at the communication port of the network interface device, the second device having previously requested the connection identifier of the communication link from the server device, received the connection identifier that includes the communication port identifier and the public network address from the server device, and initiated the communication for the first device directed to the communication port at the network interface device according to the connection identifier; and
  
  determine that the communication port correlates to a private address of the first device to route the communication that is received from the second device to the first device that is connected to the network interface device via a private network.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 15. One or more processor readable storage devices as recited in claim 14, further comprising processor readable code that is executable and, in response, directs the network interface device to receive the communication for the first device without a public address associated with the first device.
  - 16. One or more processor readable storage devices as recited in claim 14, further comprising processor readable code that is executable and, in response, directs the network interface device to translate the connection identifier that identifies the communication link to determine the private address of the first device connected in the private network.
  - 17. One or more processor readable storage devices as recited in claim 14, further comprising processor readable code that is executable and, in response, directs the network interface device to:
    - receive a response communication for the second device that is initiated from the first device; and
      
      forward the response communication to the second device via a separate communication link bypassing the server device.
  - 18. One or more processor readable storage devices as recited in claim 17, further comprising processor readable code that is executable and, in response, directs the network interface device to forward the response communication to the second device via the separate communication link that is established via a different communication port at the network interface device.
  - 19. One or more processor readable storage devices as recited in claim 18, further comprising processor readable code that is executable and, in response, directs the network interface device to forward the response communication that includes a UDP segment that is received by the second device having a header that lists a new connection identifier that identifies the separate communication link.
  - 20. One or more processor readable storage devices as recited in claim 14, further comprising processor readable code that is executable and, in response, directs the network interface device to forward the communication that is received for the first device to the first device via the private network.
  - 21. One or more processor readable storage devices as recited in claim 14, further comprising processor readable code that is executable and, in response, directs the network interface device to receive the communication that includes a UDP segment that is received by the first device having a header that lists a new connection identifier that identifies a separate communication link that is established via a different communication port of the network interface device, the new connection identifier including a different communication port identifier of the different communication port and the public network address corresponding to the network interface device.
  - 22. One or more processor readable storage devices as recited in claim 14, further comprising processor readable code that is executable and, in response, directs the network interface device to establish the communication link to provide access to the first device by the second device that is connected to the public network.
  - 23. One or more processor readable storage devices as recited in claim 14, further comprising processor readable code that is executable and, in response, directs the network interface device to establish the communication link to the server device via which the first device is configured to register with the server device.

24. A network interface device comprising:
- a private network interface configured to interface with a first device connected in a private network;
  
  a public network interface configured to interface with a server device connected to a public network;
  
  a communication interface configured to;
  
  establish a communication link to the server device, the communication link configured to be established via a communication port at the network interface device, and the communication link being identified by a connection identifier that includes a communication port identifier of the communication port and a public network address corresponding to the network interface device;
  
  receive a communication for the first device that is initiated from a second device connected to the public network, the communication configured to be received when routed via the public network from the second device to the network interface device bypassing the server device, the second device having previously requested the connection identifier of the communication link from the server device, received the connection identifier that includes the communication port identifier and the public network address from the server device, and initiated the communication for the first device directed to the communication port at the network interface device according to the connection identifier;
  
  receive a response communication for the second device that is initiated from the first device; and
  
  forward the response communication to the second device via a separate communication link that is established via a different communication port at the network interface device, the separate communication link being identified by a new connection identifier that includes a different communication port identifier of the different communication port and the public network address corresponding to the network interface device.
- View Dependent Claims (25, 26, 27, 28, 29)
- - 25. A network interface device as recited in claim 24, wherein the communication that is received for the first device does not include a public address associated with the first device.
  - 26. A network interface device as recited in claim 24, wherein the connection identifier that identifies the communication link is translatable to determine a private address of the first device connected in the private network.
  - 27. A network interface device as recited in claim 24, wherein the communication interface is further configured to establish the communication link to provide access to the first device by the second device that is connected to the public network.
  - 28. A network interface device as recited in claim 24, wherein the network interface device comprises a stateful edge device connected in the private network.
  - 29. A network interface device as recited in claim 24, wherein the first device is configured to register with the server device when the communication link to the server device is established.

30. A computer-implemented method at a server device, the method comprising:
- establishing a communication link from a public network to a network interface device that connects the public network and the a private network via a communication port at the network interface device, the communication link being identified by a connection identifier that includes a communication port identifier of the communication port and a public network address corresponding to the network interface device, and the private network connects a first device to the network interface device;
  
  receiving a request from a second device to resolve a domain name that is associated with the first device, the second device being connected via the public network to the server device; and
  
  communicating the connection identifier that includes the communication port identifier and the public network address of the network interface device to the second device that then initiates a communication to the first device directed to the communication port at the network interface device according to the connection identifier when the communication is routed via the public network from the second device to the network interface device bypassing the server device, the communication being routed to the first device through the network interface device.
- View Dependent Claims (31, 32, 33)
- - 31. A method as recited in claim 30, wherein the communication from the second device to the first device does not include a public address associated with the first device.
  - 32. A method as recited in claim 30, wherein:
    - the communication link is established to include a first connection between the server device and the network interface device via the public network, and to include a second connection between the network interface device and the first device via the private network; and
      
      the connection identifier that identifies the communication link is translatable by the network interface device to obtain a private address of the first device connected in the private network.
  - 33. A method as recited in claim 30, further comprising registering the first device at the server device when the communication link is established.

34. One or more processor readable storage devices comprising processor readable code that is executable and, in response, directs a server device to:
- establish a communication link from a public network to a network interface device that connects the public network and a private network via a communication port at the network interface device, the communication link being identified by a connection identifier that includes a communication port identifier of the communication port and a public network address corresponding to the network interface device, and the private network connects a first device to the network interface device;
  
  receive a request from a second device to resolve a domain name that is associated with the first device, the second device being connected via the public network to the server device; and
  
  communicate the connection identifier that includes the communication port identifier and the public network address of the network interface device to the second device that then initiates a communication to the first device directed to the communication port at the network interface device according to the connection identifier when the communication is routed via the public network from the second device to the network interface device bypassing the server device, the communication being routed to the first device through the network interface device.
- View Dependent Claims (35, 36)
- - 35. One or more processor readable storage devices as recited in claim 34, further comprising processor readable code that is executable and, in response, directs the server device to establish the communication link to include a first connection between the server device and the network interface device via the public network, and to include a second connection between the network interface device and the first device via the private network.
  - 36. One or more processor readable storage devices as recited in claim 34, further comprising processor readable code that is executable and, in response, directs the server device to register the first device when the communication link is established.

37. A server device comprising:
- a storage device configured to store a connection identifier that identifies a communication link to a network interface device;
  
  a communication interface configured to;
  
  establish the communication link from a public network to the network interface device that connects the public network and a private network via a communication port at the network interface device, the communication link being identified by a connection identifier that includes a communication port identifier of the communication port and a public network address corresponding to the network interface device, and the private network connects a first device to the network interface device;
  
  receive a request from a second device to resolve a domain name that is associated with the first device, the second device being connected via the public network to the server device; and
  
  communicate the connection identifier that includes the communication port identifier and the public network address of the network interface device to the second device that then initiates a communication to the first device directed to the communication port at the network interface device according to the connection identifier when the communication is routed via the public network from the second device to the network interface device bypassing the server device, the communication being routed to the first device through the network interface device.
- View Dependent Claims (38, 39)
- - 38. A server device as recited in claim 37, wherein:
    - the communication link is established to include a first connection between the server device and the network interface device via the public network, and to include a second connection between the network interface device and the first device via the private network; and
      
      the connection identifier that identifies the communication link is translatable by the network interface device to obtain a private address of the first device connected in the private network.
  - 39. A server device as recited in claim 37, wherein the first device is configured to register with the server device when the communication link is established.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
F Poszat Hu LLC (Intellectual Ventures LLC)
Original Assignee
Inpro Network Facility LLC (Intellectual Ventures LLC)
Inventors
Alkhatib, Hasan S., Elwailly, Farid F., Wootton, Bruce C., Tabagi, Fouad A.
Primary Examiner(s)
TODD, GREGORY G

Application Number

US10/233,288
Publication Number

US 20040044777A1
Time in Patent Office

3,623 Days
Field of Search

709/222, 709/228, 709/237, 709/244
US Class Current

709/222
CPC Class Codes

H04L 61/2514   between local and global IP...

H04L 61/2517   using port numbers

H04L 61/2567   for reachability, e.g. inqu...

H04L 61/4557   Directories for hybrid netw...

H04L 67/04   specially adapted for termi...

H04L 67/14   Session management for real...

H04L 67/63   Routing a service request d...

Communicating with an entity inside a private network using an existing connection to initiate communication

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

169 Citations

39 Claims

Specification

Solutions

Use Cases

Quick Links

Communicating with an entity inside a private network using an existing connection to initiate communication

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

169 Citations

39 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links