Inline network address translation within a mobile gateway router
First Claim
Patent Images
1. A method comprising:
- receiving, with a mobile gateway, a request to attach a wireless device of a subscriber to a mobile wireless network;
establishing, with a control plane of the mobile gateway, a packet-based network connection for the wireless device to communicate using the mobile wireless network, wherein establishing the network connection comprises assigning a private network address to the wireless device;
upon establishing the network connection and prior to receiving subscriber data traffic from the wireless device, pre-allocating with the control plane of the mobile gateway a public network address and a port range for the wireless device;
constructing, with the control plane of the mobile gateway, a network address translation (NAT) profile specifying the public network address and the port range and installing the NAT profile within a hardware forwarding element of the mobile gateway;
upon receiving a packet of a new packet flow of the subscriber data traffic, dynamically selecting a port within the port range of the NAT profile for the subscriber with the hardware forwarding element and creating a NAT binding within the hardware forwarding element that maps the private network address for the wireless device to the public network address and the selected port; and
performing network address translation on packets for the packet flow within the hardware forwarding element based on the NAT binding.
0 Assignments
0 Petitions
Accused Products
Abstract
Techniques are described for performing inline NAT functions in a forwarding element of a mobile gateway router or other device in which subscriber sessions of a mobile access network are distributed across a plurality of session management cards. The session management cards pre-allocate a public network address and port range for subscribers at the time a network connection is established in response to connection request prior to receiving any data traffic associated with the subscriber. NAT profiles are programmed into hardware forwarding elements of the mobile gateway router for inline NAT when routing subscriber traffic for the mobile access network.
-
Citations
17 Claims
-
1. A method comprising:
-
receiving, with a mobile gateway, a request to attach a wireless device of a subscriber to a mobile wireless network; establishing, with a control plane of the mobile gateway, a packet-based network connection for the wireless device to communicate using the mobile wireless network, wherein establishing the network connection comprises assigning a private network address to the wireless device; upon establishing the network connection and prior to receiving subscriber data traffic from the wireless device, pre-allocating with the control plane of the mobile gateway a public network address and a port range for the wireless device; constructing, with the control plane of the mobile gateway, a network address translation (NAT) profile specifying the public network address and the port range and installing the NAT profile within a hardware forwarding element of the mobile gateway; upon receiving a packet of a new packet flow of the subscriber data traffic, dynamically selecting a port within the port range of the NAT profile for the subscriber with the hardware forwarding element and creating a NAT binding within the hardware forwarding element that maps the private network address for the wireless device to the public network address and the selected port; and performing network address translation on packets for the packet flow within the hardware forwarding element based on the NAT binding. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A mobile gateway comprising:
-
a plurality of interfaces configured to send and receive network packets for wireless devices of subscribers of a mobile access network; a plurality of session management cards that provide a distributed control plane to establish network connections for the wireless devices in accordance with private network addresses assigned to the wireless devices; a forwarding integrated circuit having a forwarding information base (FIB) for routing the packets between the plurality of interfaces, the forwarding integrated circuit comprising an internal network address translation (NAT) element, wherein each of the session management cards is programmed to construct for each subscriber a NAT profile upon authenticating the subscriber and prior to receiving subscriber data traffic from the subscriber, wherein the NAT profile specifies a pre-allocated public network address and port range, and wherein the session management cards are programmed to install the NAT profiles within the forwarding integrated circuit of the mobile gateway for inline NAT within the forwarding integrated circuit when routing packets for the subscribers. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method comprising:
-
receiving, with a mobile gateway, a request to attach a wireless device of a subscriber to a mobile wireless network; establishing, with a control plane of the mobile gateway, a packet-based network connection for the wireless device to communicate using the mobile wireless network, wherein establishing the network connection comprises assigning a private network address to the wireless device; upon establishing the network connection and prior to receiving subscriber data traffic from the wireless device, pre-allocating with the control plane of the mobile gateway a public network address range and a port range for the wireless device; constructing, with the control plane of the mobile gateway, a network address translation (NAT) profile specifying the public network address range and the port range and installing the NAT profile within a hardware forwarding element of the mobile gateway; upon receiving a packet of a new packet flow of the subscriber data traffic, dynamically selecting a public network address within the public network address range and a port within the port range of the NAT profile for the subscriber and creating a NAT binding within the hardware forwarding element that maps the private network address for the wireless device to the selected public network address and the selected port; and performing network address translation on packets for the packet flow within the hardware forwarding element based on the NAT binding. - View Dependent Claims (17)
-
Specification