System and method of TCP tunneling

US 8,799,504 B2
Filed: 07/02/2010
Issued: 08/05/2014
Est. Priority Date: 07/02/2010
Status: Active Grant

First Claim

Patent Images

1. A Transmission Control Protocol (TCP) tunnel for transmitting data between a computer and a network, comprising:

a modified transport layer configured to execute on the computer, wherein the computer includes a TCP stack having a plurality of protocol layers, one of the plurality of protocol layers is a transport layer, and the modified transport layer executes in parallel with the transport layer;

an interface configured to communicate with the modified transport layer and with at least one protocol layer higher than the transport layer, the interface configured to receive a payload from a calling application executing on the at least one protocol layer higher than the transport layer; and

a packet capture module configured to execute on the modified transport layer, wherein the modified transport layer is executable to receive the payload from the interface, encapsulate the payload as a TCP segment and insert the TCP segment into the TCP stack on the computer, the packet capture module is configured to receive data from the TCP stack on the computer and to provide the data to the modified transport layer, and the modified transport layer is executable to receive the data from the packet capture module, determine whether a TCP segment is encapsulated in the data, transmit the data to the calling application when a TCP segment is encapsulated in the data, and transmit the data to the transport layer when no TCP segment is encapsulated in the data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Tunneling is a mechanism used to aggregate payloads from a network protocol at or below the tunneling layer into a single packet. A user-space application establishes a Transmission Control Protocol (TCP) tunnel and encapsulates an end-to-end TCP payload into a TCP segment for transmission over a TCP connection. This enhanced TCP tunnel eliminates TCP meltdown and can be used over any network which supports TCP. The calling application either identifies the parameters of an existing TCP socket or establishes a new TCP socket. A modified transport layer uses the identified TCP connection in forming the enhanced TCP tunnel. The enhanced TCP tunnel manages the data transmission on the TCP stack to eliminate TCP meltdown.

74 Citations

View as Search Results

18 Claims

1. A Transmission Control Protocol (TCP) tunnel for transmitting data between a computer and a network, comprising:
- a modified transport layer configured to execute on the computer, wherein the computer includes a TCP stack having a plurality of protocol layers, one of the plurality of protocol layers is a transport layer, and the modified transport layer executes in parallel with the transport layer;
  
  an interface configured to communicate with the modified transport layer and with at least one protocol layer higher than the transport layer, the interface configured to receive a payload from a calling application executing on the at least one protocol layer higher than the transport layer; and
  
  a packet capture module configured to execute on the modified transport layer, wherein the modified transport layer is executable to receive the payload from the interface, encapsulate the payload as a TCP segment and insert the TCP segment into the TCP stack on the computer, the packet capture module is configured to receive data from the TCP stack on the computer and to provide the data to the modified transport layer, and the modified transport layer is executable to receive the data from the packet capture module, determine whether a TCP segment is encapsulated in the data, transmit the data to the calling application when a TCP segment is encapsulated in the data, and transmit the data to the transport layer when no TCP segment is encapsulated in the data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The TCP tunnel of claim 1, wherein the payload includes a TCP segment.
  - 3. The TCP tunnel of claim 2, wherein the modified transport layer inserts TCP segments into the TCP stack without receiving data which includes an acknowledgement.
  - 4. The TCP tunnel of claim 1, wherein the modified transport layer periodically passes a stay-alive segment to the transport layer.
  - 5. The TCP tunnel of claim 1, wherein the modified transport layer generates a test message, passes the test message to the TCP stack, and reads a sequence number and an acknowledgement number from a return message captured from the TCP stack.
  - 6. The TCP tunnel of claim 1, wherein the interface establishes a TCP connection, stores an address and a port number corresponding to the TCP connection, and passes the address and the port number to the modified transport layer.
  - 7. The TCP tunnel of claim 1, wherein the modified transport layer can insert the TCP segment into any layer of the TCP stack below the transport layer.
  - 8. The TCP tunnel of claim 1, wherein the modified transport layer includes a firewall for blocking selected TCP segments at least one of from and to the TCP stack.
  - 9. The TCP tunnel of claim 1, wherein the packet capture module captures TCP segments from the TCP stack.
  - 10. The TCP tunnel of claim 1, wherein the modified transport layer selectively bypasses the transport layer and interfaces directly with the network layer.
  - 11. The TCP tunnel of claim 1, wherein the modified transport layer extracts a first TCP sequence number and a first TCP acknowledgment number of an established TCP connection, andcomputes a second TCP sequence number and a second TCP acknowledgment number corresponding to the first TCP sequence number and the first TCP acknowledgment number respectively.

12. A method of transmitting data between a computer and a network using a Transmission Control Protocol (TCP) tunnel, comprising the steps of:
- passing connection parameters for a TCP socket from an application executing on the computer to an interface executing on the computer, wherein the computer includes a TCP stack having a plurality of protocol layers, one of the plurality of protocol layers is a transport layer, and the application is executing at a protocol layer higher than the transport layer;
  
  initializing a modified transport layer executing on the computer using the connection parameters;
  
  obtaining a sequence number and an acknowledgement number for a TCP connection from the connection parameters;
  
  accepting an incoming payload from a calling application with the modified transport layer;
  
  constructing a TCP segment in the modified transport layer using the payload and the sequence number and the acknowledgment number for the established TCP connection;
  
  inserting the TCP segment at or below the transport layer of the TCP stack;
  
  receiving data from the TCP stack with the modified transport layer;
  
  determining whether a TCP segment is encapsulated in the data, transmitting the data to the application via the modified transport layer when a TCP segment is encapsulated in the data; and
  
  transmitting the data to the transport layer when no TCP segment is encapsulated in the data.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The method of claim 12, further comprising the steps of:
    - reading the sequence number and the acknowledgement number from the data; and
      
      computing a next sequence number and a next acknowledgment number corresponding to the sequence number and the acknowledgment number, respectively.
  - 14. The method of claim 12, wherein the TCP socket is one end of an established TCP connection.
  - 15. The method of claim 14, wherein the TCP tunnel obtains the sequence number and the acknowledgement number for the TCP connection by probing the established TCP connection.
  - 16. The method of claim 15, wherein said probing includes:
    - creating a test segment;
      
      sending the test segment on the TCP connection;
      
      capturing a return segment from the TCP connection; and
      
      reading the sequence number and the acknowledgement number from the return segment.
  - 17. The method of claim 12, wherein the connection parameters include a source Internet Protocol (IP) address, a destination IP address, a source port number, and a destination port number for the TCP Socket.
  - 18. The method of claim 17, wherein the TCP tunnel establishes a TCP connection, and wherein the source IP address, the destination IP address, the source port number, and the destination port number are stored while establishing the TCP connection.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NETGEAR, Inc.
Original Assignee
NETGEAR, Inc.
Inventors
Capone, Jeffrey M., Immaneni, Pramod
Primary Examiner(s)
Nguyen, Dustin
Assistant Examiner(s)
Mesa, Joel

Application Number

US12/829,779
Publication Number

US 20120005369A1
Time in Patent Office

1,495 Days
Field of Search

709/236, 709/230
US Class Current

709/236
CPC Class Codes

H04L 69/161   Implementation details of T...

H04L 69/163   In-band adaptation of TCP d...

H04L 69/22   Parsing or analysis of headers

H04L 9/40   Network security protocols

System and method of TCP tunneling

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

74 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

System and method of TCP tunneling

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

74 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links