System and method for traversing a NAT device for peer-to-peer hybrid communications

US 8,406,229 B2
Filed: 03/20/2012
Issued: 03/26/2013
Est. Priority Date: 06/29/2004
Status: Active Grant

First Claim

Patent Images

1. A method for enabling a first endpoint to traverse a network address translation (NAT) device associated with a second endpoint in a peer-to-peer communications system, wherein the NAT device includes a pinhole maintained between the NAT device and a server, the method comprising:

determining whether a message sent to the second endpoint from an external source will only pass through the NAT device if the second endpoint has first sent a message to the external source;

if the determining indicates that the second endpoint must first send a message, sending a first message to a stateless reflector for reflection to the second endpoint, wherein the first message includes a first message header identifying the stateless reflector as the message destination and the first endpoint as the message source and a second message header identifying the second endpoint as the message destination and the server as the message source;

modifying the first message header by the stateless reflector, wherein the modifying uses the second message header and inserts the second endpoint as the message destination and the server as the message source; and

sending the modified first message to the second endpoint via the pinhole in the NAT device, wherein the stateless reflector reflects the first message using only information from the first message header and the second message header contained in the first message.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An improved system and method are disclosed for peer-to-peer communications. In one example, the method enables an endpoint to traverse a NAT device using a stateless reflector.

Citations

20 Claims

1. A method for enabling a first endpoint to traverse a network address translation (NAT) device associated with a second endpoint in a peer-to-peer communications system, wherein the NAT device includes a pinhole maintained between the NAT device and a server, the method comprising:
- determining whether a message sent to the second endpoint from an external source will only pass through the NAT device if the second endpoint has first sent a message to the external source;
  
  if the determining indicates that the second endpoint must first send a message, sending a first message to a stateless reflector for reflection to the second endpoint, wherein the first message includes a first message header identifying the stateless reflector as the message destination and the first endpoint as the message source and a second message header identifying the second endpoint as the message destination and the server as the message source;
  
  modifying the first message header by the stateless reflector, wherein the modifying uses the second message header and inserts the second endpoint as the message destination and the server as the message source; and
  
  sending the modified first message to the second endpoint via the pinhole in the NAT device, wherein the stateless reflector reflects the first message using only information from the first message header and the second message header contained in the first message.

2. A method for enabling a peer-to-peer first endpoint to communicate with a peer-to-peer second endpoint, wherein the second endpoint is associated with a network address translation (NAT) device, the method comprising:
- performing, by the first endpoint, a login process with an access server, wherein the login process sends an Internet Protocol (IP) address of the first endpoint and an external port number of the first endpoint to the access server;
  
  receiving, by the first endpoint, a profile directly from the access server in response to performing the login process, wherein the profile includes a status of the second endpoint, an IP address of the NAT device, an external port number of the NAT device, and a NAT type of the NAT device, wherein the NAT type of the second endpoint indicates that the second endpoint can only be contacted by the first endpoint via a stateless reflector; and
  
  sending, by the first endpoint, a notification message to the stateless reflector for reflection to the second endpoint, wherein the notification message includes a first header identifying the stateless reflector as the message destination and the first endpoint as the message source and a second header identifying the second endpoint as the message destination and the access server as the message source, wherein the stateless reflector replaces the first header with the second header before forwarding the notification message to the second endpoint.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 3. The method of claim 2 further comprising selecting, by the first endpoint, the stateless reflector from a plurality of stateless reflectors based on location.
  - 4. The method of claim 2 further comprising selecting, by the first endpoint, the stateless reflector from a plurality of stateless reflectors based on NAT type.
  - 5. The method of claim 2 wherein the profile further includes an IP address of the stateless reflector.
  - 6. The method of claim 2 further comprising receiving, by the first endpoint, a message from the second endpoint via the stateless reflector.
  - 7. The method of claim 2 further comprising receiving, by the first endpoint, a message directly from the second endpoint, wherein the message does not pass through the stateless reflector.
  - 8. The method of claim 7 further comprising capturing, by the first endpoint, a port number of the second endpoint from the message.
  - 9. The method of claim 7 further comprising sending, by the first endpoint, additional messages directly to the second endpoint, wherein the additional messages do not pass through the stateless reflector.
  - 10. The method of claim 2 wherein the first endpoint is associated with a NAT device, the method further comprising receiving, by the first endpoint, an instruction from the access server to maintain a pinhole through the NAT device associated with the first endpoint.
  - 11. The method of claim 2 wherein the first endpoint is associated with a NAT device, the method further comprising receiving, by the first endpoint, an instruction from the access server to send a message to a third endpoint to open a pinhole through the NAT device associated with the first endpoint for the third endpoint.
  - 12. The method of claim 11 wherein the pinhole is limited to the third endpoint.
  - 13. The method of claim 11 wherein third endpoint is a buddy of the first endpoint.
  - 14. The method of claim 11 further comprising closing, by the first endpoint, the pinhole if the first endpoint does not receive a message from the third endpoint within a predefined amount of time.
  - 15. The method of claim 2 wherein the stateless reflector reflects the notification message using only information from the first header and the second header.
  - 16. The method of claim 2 further comprising:
    - selecting, by the first endpoint, a random unused port of the first endpoint as a new external port number in response to detecting that the first endpoint is idle;
      
      sending a first change message to the access server to inform the access server of the new external port number; and
      
      sending a second change message to the second endpoint to inform the second endpoint of the new external port number.
  - 17. The method of claim 2 further comprising encrypting, by the first endpoint, a payload of the notification message.
  - 18. The method of claim 17 further comprising encrypting, by the first endpoint, the second header, wherein the stateless reflector can only decrypt the second header and not the payload.
  - 19. The method of claim 2 wherein all signaling between the first endpoint and the second endpoint passes through the stateless reflector, and all media is transferred directly between the first endpoint and the second endpoint without passing through the stateless reflector.

20. A first endpoint device comprising:
- a hardware platform; and
  
  an architecture havinga graphical user interface (GUI) configured to provide user access to an endpoint engine;
  
  an operating system configured to provide access to the hardware platform; and
  
  the endpoint engine coupled to the GUI and the operating system, the endpoint engine having a plurality of functional components configured for;
  
  performing a login process with an access server, wherein the login process sends an Internet Protocol (IP) address of the first endpoint device and an external port number of the first endpoint device to the access server;
  
  receiving a profile directly from the access server in response to the login process, wherein the profile includes a status of a second endpoint device associated with a network address translation (NAT) device, an IP address of the NAT device, an external port number of the NAT device, and a NAT type of the NAT device, wherein the NAT type of the second endpoint device indicates that the second endpoint device can only be contacted by the first endpoint device via a stateless reflector; and
  
  sending a notification message to the stateless reflector for reflection to the second endpoint device, wherein the notification message includes a first header identifying the stateless reflector as the message destination and the first endpoint device as the message source and a second header identifying the second endpoint device as the message destination and the access server as the message source, wherein the stateless reflector replaces the first header with the second header before forwarding the notification message to the second endpoint device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Damaka, Inc.
Original Assignee
Damaka, Inc.
Inventors
Chaturvedi, Sivakumar, Gundabathula, Satish
Primary Examiner(s)
Shah, Chirag
Assistant Examiner(s)
NGUYEN, MINH TRANG T

Application Number

US13/424,985
Publication Number

US 20120179758A1
Time in Patent Office

371 Days
Field of Search

None
US Class Current

370/389
CPC Class Codes

H04L 45/00   Routing or path finding of ...

H04L 45/54   Organization of routing tables

H04L 45/745   Address table lookup; Addre...

H04L 51/48   Message addressing, e.g. ad...

H04L 61/2514   between local and global IP...

H04L 61/2567   for reachability, e.g. inqu...

H04L 61/2575   using address mapping retri...

H04L 61/2578   without involvement of the ...

H04L 63/0227   Filtering policies mail mes...

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/0428   wherein the data content is...

H04L 63/10   for controlling access to d...

H04L 67/02   based on web technology, e....

H04L 67/104   Peer-to-peer [P2P] networks

H04L 67/14   Session management for real...

H04W 12/06   Authentication

System and method for traversing a NAT device for peer-to-peer hybrid communications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for traversing a NAT device for peer-to-peer hybrid communications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links