×

Secure media address learning for endpoints behind NAPT devices

  • US 8,984,110 B1
  • Filed: 02/14/2012
  • Issued: 03/17/2015
  • Est. Priority Date: 02/14/2012
  • Status: Active Grant
First Claim
Patent Images

1. A method of operating a media device, comprising:

  • transmitting an UPDATE request or a reINVITE request corresponding to a user session having a first endpoint that uses a first IP address and port combination of the media device as part of said user session;

    negotiating, during the user session, a second IP address and port combination for the media device to receive future media packets from the first endpoint during said user session;

    receiving on the second IP address and port combination of the media device, during the user session, a second media packet from a second endpoint, the second media packet including a second source IP address and port combination identifying the second endpoint;

    receiving, by the media device between the core network and the access network, a plurality of media packets on the second IP address and port combination, the plurality of media packets including the second media packet from the second endpoint;

    comparing a first IP address of a first source IP address and port combination to a second IP address of the second source IP address and port combination for the second media packet received on the second IP address and port combination;

    taking an action based on the result of said comparing;

    categorizing, by the media device, source addresses for the plurality of media packets in a trusted category or a suspect category; and

    if the first IP address does not match the second IP address and if the second IP address matches an entry in the suspect category, relaying, by the media device between the core network and the access network, media packets from the core network to the first endpoint on the access network using a third source IP address and port combination of a third media packet, received on the second IP address and port combination, wherein the third media packet is a packet of the plurality of media packets and the third media packet has a third IP address that is not in the suspect category.

View all claims
  • 10 Assignments
Timeline View
Assignment View
    ×
    ×