Detection of support for security protocol and address translation integration

US 20030233576A1
Filed: 06/13/2002
Published: 12/18/2003
Est. Priority Date: 06/13/2002
Status: Active Grant

First Claim

Patent Images

1. A method for network address translation for source address protected packets, comprising:

providing a client computer;

providing an address server computer in communication with the client computer;

first requesting from the client computer for a first address from the address server computer, the client computer identifiable by the address server computer by a medium access control number;

providing by the address server computer to the client computer a private address in response to the first request;

generating an alteration of the medium access control number by the client computer to provide an altered medium access control number;

second requesting from the client computer for a second address from the address server, the client computer identifiable by the address server computer by the altered medium access control number;

associating by the address server computer the client computer with the first request and the second request by relating the medium access control number with the altered medium access control number; and

providing by the address server computer to the client computer a public address in response to the second request.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method and apparatus for integration of network address translation and source address security, including, but not limited to, determining whether a gateway computer is integrated for network address translation and source address security, is described. A client computer requests a first address from the gateway computer and then requests a second address from the gateway computer. The latter request is done with a different client identifier that is nearly equivalent, except for one bit, to the client identifier used for the prior address request. If the gateway computer is integrated for network address translation and source address security, in response to the latter request a public address will be provided from the gateway computer to the client computer.

104 Citations

View as Search Results

21 Claims

1. A method for network address translation for source address protected packets, comprising:
- providing a client computer;
  
  providing an address server computer in communication with the client computer;
  
  first requesting from the client computer for a first address from the address server computer, the client computer identifiable by the address server computer by a medium access control number;
  
  providing by the address server computer to the client computer a private address in response to the first request;
  
  generating an alteration of the medium access control number by the client computer to provide an altered medium access control number;
  
  second requesting from the client computer for a second address from the address server, the client computer identifiable by the address server computer by the altered medium access control number;
  
  associating by the address server computer the client computer with the first request and the second request by relating the medium access control number with the altered medium access control number; and
  
  providing by the address server computer to the client computer a public address in response to the second request.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 wherein the step of generating the alteration of the medium access control number comprises flipping state of a bit of the medium access control number.
  - 3. The method of claim 2 wherein the medium access control number is a Medium Access Control (MAC) address, and wherein the bit flipped is a Local bit of the MAC address.
  - 4. The method of claim 3 wherein the address server computer is configured with Dynamic Host Configuration Protocol (DHCP) server software.
  - 5. The method of claim 4 wherein the address server computer is configured with Network Address Translation (NAT) software to provide a NAT gateway computer.
  - 6. The method of claim 5 wherein the public address is an Internet Protocol (IP) public address of the NAT gateway computer.
  - 7. The method of claim 5 wherein the public address is an Internet Protocol (IP) public address from a pool of public IP addresses managed by the NAT gateway.

8. A method for probing a gateway computer by a client computer to determine if network address translation is integrated with source address secunty, comprising:
- first requesting a first address from the gateway computer with a first client identifier;
  
  receiving the first address from the gateway computer in response to the first request. second requesting a second address from the gateway computer with a second client identifier, the second client identifier similar to the first client identifier;
  
  receiving the second address from the gateway computer in response to the second request; and
  
  determining from the second address requested whether the network address translation is integrated with the source address security for the gateway computer.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8 wherein the second address is a global Internet Protocol address of the gateway computer indicating that the network address translation is integrated with the source address security.
  - 10. The method of claim 8 wherein the second address is from a pool of public addresses available to the gateway computer indicating that the network address translation is integrated with the source address security.
  - 11. The method of claim 8 wherein the second address is a local domain address indicating that the network address translation is not integrated with the source address security.
  - 12. The method of claim 8 wherein the first client identifier and the second client identifier are identical to one another except for one bit.
  - 13. The method of claim 12 wherein the one bit is a Local bit.
  - 14. The method of claim 13 further comprising flipping the Local bit to provide the second client identifier.

15. A signal-bearing medium containing a program which, when executed by a client computer, causes execution of a method comprising:
- requesting an address from the gateway computer with a client identifier;
  
  altering the client identifier to provide another client identifier similar to the client identifier;
  
  requesting another address from the gateway computer with the other client identifier; and
  
  determining from response of the gateway computer to the requesting with the other client identifier whether the gateway computer is integrated with the source address security.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The method of claim 15 wherein the other address is a global Internet Protocol address of the gateway computer indicating that the network address translation is integrated with the source address security.
  - 17. The method of claim 15 wherein the other address is from a pool of public addresses available to the gateway computer indicating that the network address translation is integrated with the source address security.
  - 18. The method of claim 15 wherein the other address is a local domain address indicating that the network address translation is not integrated with the source address security.
  - 19. The method of claim 15 wherein the client identifier and the other client identifier are identical to one another except for one bit.
  - 20. The method of claim 19 wherein the one bit is a Local bit.
  - 21. The method of claim 20 wherein the step of altering comprises flipping the Local bit to provide the other client identifier.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NVIDIA Corporation
Original Assignee
NVIDIA Corporation
Inventors
Sidenblad, Paul J., Nanda, Sameer, Maufer, Thomas Albert

Granted Patent

US 7,191,331 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/226
CPC Class Codes

H04L 61/10   of different types

H04L 61/2514   between local and global IP...

H04L 61/2564   for a higher-layer protocol...

H04L 61/5007   Internet protocol [IP] addr...

H04L 61/5014   using dynamic host configur...

H04L 61/5076   Update or notification mech...

H04L 63/0428   wherein the data content is...

H04L 63/164   at the network layer

H04L 69/24   Negotiation of communicatio...

H04L 9/40   Network security protocols

Detection of support for security protocol and address translation integration

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

104 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

Detection of support for security protocol and address translation integration

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

104 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others