Method and apparatus for a mobile node to connect different access routers while maintaining a consistent network address
First Claim
1. A method of accessing resources on a data network, the data network having at least one mobile node, a plurality of access routers located at an edge of the data network and at least one mobility server, the at least one mobility server being configured to allocate a network address identifier for the at least one mobile node so that the at least one mobile node can connect to different ones of the access routers while maintaining a consistent network address to other devices in the data network, and maintain data packet tunnels to different ones of the plurality of access routers at different times in dependence on a current network location of the at least one mobile node;
- and a data store storing at least one association between said user of the at least one node and a respective access router from the plurality of access routers configured as the private local area network access router for said user to provide selective access to a private local area network, wherein one of the plurality of access routers is a private local area network access router associated with a user of the at least one mobile node, and connected to a local network of devices configured with network addresses in a private network address range, the method comprising;
the at least one mobile node sending data packets addressed to the private network address range via a first data packet tunnel to the at least one mobility server;
the at least one mobility server;
maintaining a second data packet tunnel with the private local area network access router associated with the user of the at least one mobile node;
inspecting said data packets sent from the at least one mobile node;
determining a user associated with said data packets;
accessing said data store to determine whether the user of the at least one mobile node has an associated private local area network access router permission to access the private network address range;
if the user has permission, identifying the second data packet tunnel from the mobility server to the private local area network access router associated with the user of the at least one mobile node based on the private network address range contained in the data packets sent from the at least one mobile node; and
redirecting said data packets to the second data packet tunnel to the private local area network access router associated with the user of the at least one mobile node, andthe private local area network access router forwarding data packets received from the second data packet tunnel to the local network of devices, so as to allow data packets to be exchanged between the at least one mobile node and the local network of devices.
1 Assignment
0 Petitions
Accused Products
Abstract
In a Proxy Mobile IPv6 (PMIP) network, a mobile node can roam between different access networks while maintaining a consistent IP address for session continuity. To provide access to a user'"'"'s home LAN resources, even when the user'"'"'s mobile node is not directly attached to the home LAN, a local mobility anchor and mobility access gateway are configured to authenticate the mobile node credentials and if authorized, to provide access to the user'"'"'s LAN resources by via data tunnels and routing table reconfigurations.
-
Citations
10 Claims
-
1. A method of accessing resources on a data network, the data network having at least one mobile node, a plurality of access routers located at an edge of the data network and at least one mobility server, the at least one mobility server being configured to allocate a network address identifier for the at least one mobile node so that the at least one mobile node can connect to different ones of the access routers while maintaining a consistent network address to other devices in the data network, and maintain data packet tunnels to different ones of the plurality of access routers at different times in dependence on a current network location of the at least one mobile node;
- and a data store storing at least one association between said user of the at least one node and a respective access router from the plurality of access routers configured as the private local area network access router for said user to provide selective access to a private local area network, wherein one of the plurality of access routers is a private local area network access router associated with a user of the at least one mobile node, and connected to a local network of devices configured with network addresses in a private network address range, the method comprising;
the at least one mobile node sending data packets addressed to the private network address range via a first data packet tunnel to the at least one mobility server; the at least one mobility server; maintaining a second data packet tunnel with the private local area network access router associated with the user of the at least one mobile node; inspecting said data packets sent from the at least one mobile node; determining a user associated with said data packets; accessing said data store to determine whether the user of the at least one mobile node has an associated private local area network access router permission to access the private network address range; if the user has permission, identifying the second data packet tunnel from the mobility server to the private local area network access router associated with the user of the at least one mobile node based on the private network address range contained in the data packets sent from the at least one mobile node; and redirecting said data packets to the second data packet tunnel to the private local area network access router associated with the user of the at least one mobile node, and the private local area network access router forwarding data packets received from the second data packet tunnel to the local network of devices, so as to allow data packets to be exchanged between the at least one mobile node and the local network of devices. - View Dependent Claims (2, 3, 4)
- and a data store storing at least one association between said user of the at least one node and a respective access router from the plurality of access routers configured as the private local area network access router for said user to provide selective access to a private local area network, wherein one of the plurality of access routers is a private local area network access router associated with a user of the at least one mobile node, and connected to a local network of devices configured with network addresses in a private network address range, the method comprising;
-
5. A data network comprising:
-
at least one mobile node; a plurality of access routers located at an edge of the data network, one of the plurality of access routers being configured as a private local area network access router associated with a user of the at least one mobile node, and connected to a local network of devices configured with network addresses in a private network address range; at least one mobility server configured to; allocate a network address identifier for the at least one mobile node so that the at least one mobile node can connect to different ones of the access routers while maintaining a consistent network address to other devices in the data network, and maintain data packet tunnels to different ones of the plurality of access routers at different times in dependence on a current network location of the at least one mobile node; and a data store storing at least one association between said user of the at least one node and a respective access router from the plurality of access routers configured as the private local area network access router for said user to provide selective access to a private local area network, wherein the at least one mobile node is operable to send data packets addressed to the private network address range via a first data packet tunnel to the at least one mobility server; the mobility server is operable to; maintain a second data packet tunnel with the private local area network access router associated with the user of the at least one mobile node; inspect said data packets sent from the at least one mobile node; and determine a user associated with said data packets; access said data store to determine whether the user of the at least one mobile node has an associated private local area network access router permission to access the private network address range; if the user has permission, identify the second data packet tunnel from the mobility server to the private local area network access router associated with the user of the at least one mobile node, based on the private network address range contained in the data packets sent from the at least one mobile node; and redirect said data packets to the second packet tunnel to the private local area network access router associated with the user of the at least one mobile node, and the private local area network access router is operable to forward data packets received from the second data packet tunnel to the local network of devices, so as to allow data packets to be exchanged between the at least one mobile node and the local network of devices. - View Dependent Claims (6, 7, 8)
-
-
9. A system for data access in a data network supporting mobile device mobility, comprising:
-
at least one mobile device, each mobile device being associated with a user; a mobility server for allocating a network address identifier to the at least one mobile device and for maintaining data packet tunnels to different ones of a plurality of routers at different times in dependence on a current network location of the at least one mobile device; a first router, which is one of said plurality of routers, connected to said at least one mobile device and said mobility server via a first data packet tunnel, and configured to forward data packets sent from a correspondent node and received from the mobility server, to the at least one mobile device; a second router, which is another one of said plurality of routers, connected to said mobility server via a second data packet tunnel and further connected to a private local area network of private local area network devices associated with the user of the at least one mobile device; a data store for storing at least one association between said user of the at least one mobile device and the private local area network to provide selective access to a private local area network; wherein; when the at least one mobile device sends data packets addressed to the private local area network of private local area network devices associated with the user, the first router is configured to send the data packets to the mobility server via the first data packet tunnel; the mobility server is configured to; maintain the second data packet tunnel with the second router; access the data store to determine whether the at least one mobile device and the private local area network are associated with the same user so as to determine whether or not the user has permission to access the private local area network; if the at least mobile device and the private local area network are not associated with the same user, the mobility server rejects the data packets; and if the at least one mobile device and private local area network are associated with the same user so that the user has permission to access the private local area network, the mobility server forwards the data packets via the second data packet tunnel to the second router; and the second router is configured to; route data packets received from the second data packet tunnel to the private local area network of private local area network devices associated with the user.
-
-
10. A mobility server for use in a data network which further comprises at least one mobile node and a plurality of access routers, one of the plurality of access routers being configured as a private local area network access router associated with a user of the at least one mobile node, and connected to a local network of devices configured with network addresses in a private network address range, wherein the mobility server is configured at least to:
-
allocate a network address identifier for the at least one mobile node so that the at least one mobile node can connect to different ones of the access routers while maintaining a consistent network address to other devices in the data network; maintain data packet tunnels to different ones of the plurality of access routers at different times in dependence on a current network location of the at least one mobile node; and provide access to a data store storing at least one association between said user of the at least one node and a respective access router from the plurality of access routers configured as the private local area network access router for said user to provide selective access to a private local area network, maintain a second data packet tunnel with the private local area network access router associated with the user of the at least one mobile node; receive data packets addressed to the private network address range and sent from the at least one mobile node via a first data packet tunnel; inspect said received data packets sent from the at least one mobile node; determine a user associated with said data packets; access said data store to determine whether the user of the at least one mobile device has an associated private local area network access router permission to access the private network address range; if the user has permission, identify a second data packet tunnel from the mobility server to the private local area network access router associated with the user of the at least one mobile node, based on the private network address range contained in the data packets sent from the at least one mobile node; and redirect said data packets to the second packet tunnel to the private local area network access router associated with the user of the at least one mobile node, thereby enabling the private local area network access router to forward data packets received from the second data packet tunnel to the local network of devices, and thereby allowing data packets to be exchanged between the at least one mobile node and the local network of devices.
-
Specification