System and method for remote monitoring and control of network devices
First Claim
1. A method of operating a centralized server coupled over a public communication network to a plurality of network traffic devices in local networks, the method comprising:
- providing for remote management of the plurality of network traffic devices over the public communication network from the centralized server, the plurality of network traffic devices include at least one wireless access point and each network traffic device provides an interface to the public communication network for one or more endpoint nodes associated with the each network traffic device in a respective local network;
assigning, by the centralized server, a non-public IP address to each endpoint node for communicating with the centralized server via a tunnel such that each endpoint node has a unique non-public IP address, wherein at least one network traffic device is a network address translation (NAT) device and at least one endpoint node is behind the NAT device;
listening, by the centralized server, for user datagram protocol (UDP) packets corresponding to one or more endpoint nodes over a persistent UDP connection to a well-known IP address and UDP port of the centralized server, one or more UDP packets include non-public IP addresses of one or more endpoint nodes;
mapping, by the centralized server, a public IP address for each network traffic device to a non-public IP address for the network traffic device for communicating with the centralized server via a tunnel in a node mapping table;
mapping, by the centralized server, the non-public IP address for each endpoint node to the public IP address of the network traffic device that provides the interface to the public communication network for the each endpoint node in the node mapping table such that the centralized server does not know if any endpoint node is behind any traffic device;
maintaining, by the centralized server, the node mapping table to reach each of the network traffic devices and each of the endpoint nodes via respective tunnels; and
exchanging, by the centralized server, Internet Protocol (IP) packets with the plurality of network traffic devices and the endpoint nodes using IP over UDP encapsulation according to the node mapping table, including sending network configuration data and receiving operational statistics, wherein the IP over UDP encapsulation provides UDP headers having a source and a destination address that include at least one of the well-known IP address of the centralized server, the non-public IP address for one of the network devices, or the non-public IP addresses for one of the endpoint nodes.
2 Assignments
0 Petitions
Accused Products
Abstract
A managed network provides unique network addresses that are assigned to nodes such that no two nodes will have the same address in the managed network and such that each node will always have the same network address regardless of changing its location or changing the network to which it is joined. The nodes, communicating together, comprise a mesh network. Remote management and control of the nodes is possible from the host server, which is located outside of the mesh network, even if a node is located behind a firewall or network address translator (NAT), because server management messages are encapsulated within headers so that a persistent connection between the node and the external host server is maintained once the node sends a message to the host.
93 Citations
13 Claims
-
1. A method of operating a centralized server coupled over a public communication network to a plurality of network traffic devices in local networks, the method comprising:
-
providing for remote management of the plurality of network traffic devices over the public communication network from the centralized server, the plurality of network traffic devices include at least one wireless access point and each network traffic device provides an interface to the public communication network for one or more endpoint nodes associated with the each network traffic device in a respective local network; assigning, by the centralized server, a non-public IP address to each endpoint node for communicating with the centralized server via a tunnel such that each endpoint node has a unique non-public IP address, wherein at least one network traffic device is a network address translation (NAT) device and at least one endpoint node is behind the NAT device; listening, by the centralized server, for user datagram protocol (UDP) packets corresponding to one or more endpoint nodes over a persistent UDP connection to a well-known IP address and UDP port of the centralized server, one or more UDP packets include non-public IP addresses of one or more endpoint nodes; mapping, by the centralized server, a public IP address for each network traffic device to a non-public IP address for the network traffic device for communicating with the centralized server via a tunnel in a node mapping table; mapping, by the centralized server, the non-public IP address for each endpoint node to the public IP address of the network traffic device that provides the interface to the public communication network for the each endpoint node in the node mapping table such that the centralized server does not know if any endpoint node is behind any traffic device; maintaining, by the centralized server, the node mapping table to reach each of the network traffic devices and each of the endpoint nodes via respective tunnels; and exchanging, by the centralized server, Internet Protocol (IP) packets with the plurality of network traffic devices and the endpoint nodes using IP over UDP encapsulation according to the node mapping table, including sending network configuration data and receiving operational statistics, wherein the IP over UDP encapsulation provides UDP headers having a source and a destination address that include at least one of the well-known IP address of the centralized server, the non-public IP address for one of the network devices, or the non-public IP addresses for one of the endpoint nodes. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A non-transitory computer-readable medium containing machine instructions executable by a centralized server, which is coupled to a plurality of network traffic devices in respective local networks over a public communication network, the instructions, when executed, cause the centralized server to:
-
provide for remote management of the plurality of network traffic devices over the public communication network from the centralized server, the plurality of network traffic devices include at least one wireless access point, and each network traffic device provides an interface to the public communication network for one or more endpoint nodes associated with the each network traffic device in a respective local network; assign a non-public IP address to each endpoint node for communicating with the centralized server via a tunnel such that each endpoint node has a unique non-public IP address, wherein at least one network traffic device is a network address translation (NAT) device and at least one endpoint node is behind the NAT device; listening, by the centralized server, for user datagram protocol (UDP) packets corresponding to one or more endpoint nodes over a persistent UDP connection to a well-known IP address and UDP port of the centralized server, one or more UDP packets include non-public IP addresses of one or more endpoint nodes; map a public IP address for each network traffic device to a non-public IP address for the network traffic device for communicating with the centralized server via a tunnel in a node mapping table; map the non-public IP address for each endpoint node to the public IP address of the network traffic device that provides the interface to the public communication network for the each endpoint node in the node mapping table such that the centralized server does not know if any endpoint node is behind any traffic device; maintain the node mapping table to reach each of the network traffic devices and each of the endpoint nodes via respective tunnels; and exchange Internet Protocol (IP) packets with the plurality of network traffic devices and endpoint nodes using IP over UDP encapsulation according to the node mapping table, including sending network configuration data and receiving operational statistics, wherein the IP over UDP encapsulation provides UDP headers having a source and a destination address that include at least one of the well-known IP address of the centralized server, the non-public IP address for one of the network devices, or the non-public IP addresses for one of the endpoint nodes. - View Dependent Claims (11)
-
-
12. A system for managing a plurality of network traffic devices in local networks over a public communication network, the system comprising:
-
a plurality of network traffic devices associated with a plurality of local networks, the plurality of network traffic devices include at least one wireless access point and each of the network traffic devices provides an interface to the public communication network for one or more endpoint nodes associated with the each network traffic device in a respective local network to; and a centralized server that provides remote management of the plurality of network traffic devices over the public communication network, the centralized server is operable to; assign a non-public IP address to each endpoint node for communicating with the centralized server via a tunnel such that each network traffic device has a unique non-public IP address, wherein at least one network traffic device is a network address translation (NAT) device and at least one endpoint node is behind the NAT device; listen for user datagram protocol (UDP) packets corresponding to one or more endpoint nodes over a persistent UDP connection to a well-known IP address and UDP port of the centralized server, one or more UDP packets include non-public IP addresses of one or more endpoint nodes; map a public IP address for each network traffic device to a non-public IP address for the network traffic device for communicating with the centralized server via a tunnel in a node mapping table; map the non-public IP address for each endpoint node to the public IP address of the network traffic device that provides the interface to the public communication network for the each endpoint node in the node mapping table such that the centralized server does not know if any endpoint node is behind any traffic device; maintain the node mapping table to reach each of the network traffic devices and each of the endpoint nodes via respective tunnels; and exchange Internet Protocol (IP) packets with the plurality of network traffic devices and endpoint nodes using IP over UDP encapsulation according to the node mapping table, including sending network configuration data and receiving operational statistics, wherein the IP over UDP encapsulation provides UDP headers having a source and a destination address that include at least one of the well-known IP address of the centralized server, the non-public IP address for one of the network devices, or the non-public IP address for one of the endpoint nodes. - View Dependent Claims (13)
-
Specification