SYSTEM AND METHOD FOR REAL-TIME BIDIRECTIONAL COMMUNICATION THROUGH FIREWALLS

US 20100011115A1
Filed: 08/24/2009
Published: 01/14/2010
Est. Priority Date: 09/05/2003
Status: Active Grant

First Claim

Patent Images

1. A system comprising a sender and receiver for high reliability bidirectional data communication in real-time through one or more firewalls and optional NAT devices, wherein the sender or receiver is at least one real-time client behind the firewall or firewalls or the optional NAT devices, and a real-time server on the outside of the firewall or firewalls or the optional NAT devices, or vice versa, wherein each of the real time client and the real-time server comprises at least one bidirectional HTTPS connection or at least at least two uni-directional HTTP connections, wherein the real-time client resides in a client computer for running at least one real-time application, wherein the real time client and the real time server each comprises means for caching and and means for dropping RTP packets in the TCP stream, and wherein said real-time client is configured to support a HTTP/HTTPS proxy.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for real-time data transmission through data communication networks are disclosed. The system and the method allow for real time communication between applications located in different internal networks protected by firewalls by means of representing the applications by proxies and establishing TCP channels towards an intermediate proxy server localized outside the firewalls. A set of parameters residing in the server determines i.a. the number of required TCP channels based on the ratio of measured bandwidth between the data flow directions.

28 Citations

View as Search Results

16 Claims

1. A system comprising a sender and receiver for high reliability bidirectional data communication in real-time through one or more firewalls and optional NAT devices, wherein the sender or receiver is at least one real-time client behind the firewall or firewalls or the optional NAT devices, and a real-time server on the outside of the firewall or firewalls or the optional NAT devices, or vice versa, wherein each of the real time client and the real-time server comprises at least one bidirectional HTTPS connection or at least at least two uni-directional HTTP connections, wherein the real-time client resides in a client computer for running at least one real-time application, wherein the real time client and the real time server each comprises means for caching and and means for dropping RTP packets in the TCP stream, and wherein said real-time client is configured to support a HTTP/HTTPS proxy.
- View Dependent Claims (2, 3, 4, 5)
- - 2. A system according to claim 1, comprising two or more HTTP/HTTPS connections.
  - 3. A system according to claim 1, wherein the real-time client and the real-time server each comprises a TCP acknowledge module.
  - 4. A system according to claim 1, wherein the real-time client and the real-time server each comprises an authentication module.
  - 5. A system according to claim 1,wherein said real-time server before a new connection is set up from a client is adapted to wait for a first portion of data, the first portion of data including a user id and a hashed password in order to enable a new connection on the real-time server.

6. A method for high reliability bidirectional data communication in real-time through one or more firewalls and optional NAT devices, wherein the method is implemented by a system comprising at least one real-time client behind the firewall or firewalls and optional NAT devices and a real-time server outside said firewall or firewalls or optional NAT devices or vice versa, said real-time client and real-time server respectively comprising means for caching and dropping RTP packets in the TCP stream, and wherein the method comprises steps for establishing either at least one bidirectional HTTPS connection, or at least two unidirectional HTTP/HTTPS connections, and establishing the data communication between the real-time client and the real-time server and one or more new HTTP/HTTPS connections before time-out on one or more preceding HTTP/HTTPS connections and subject to disabling Nagle'"'"'s algorithm.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 7. A method according to claim 6, comprising establishing two or more bi-directional HTTP/HTTPS connections.
  - 8. A method according to claim 6,wherein the method comprises a step for establishing new TCP connections by means of said real-time client whenever one or more of the following conditions are satisfied:
    - a first cache level is full,a second cache level is full,the first cache level has reached a predetermined threshold level,the second cache level has reached a predetermined threshold level,a rate of dropping packets has reached a predetermined drop rate level,a function of a current drop rate and one or more previous drop rates is satisfied, anda ratio between a total transmitted bandwidth and a total receiving bandwidth exceeds a predetermined threshold with reference to said real-time client.
  - 9. A method according to claim 6,comprising reducing TCP connections by means of said real-time client whenever one or more of the following conditions are satisfied:
    - a first cache level is empty,a second cache level is empty,the first cache level has reached a predetermined threshold level,the second cache level has reached a predetermined threshold level,a rate of dropping packets has reached a predetermined drop rate level,a function of a current drop rate and a previous drop rate or drop rates are satisfied,a ratio between the total transmitted bandwidth and the total receiving bandwidth exceeds a predetermined threshold with reference to said r-al-time client.
  - 10. A method according to claim 6,characterized in establishing new TCP connections by means of the real time server whenever one or more of the following conditions are satisfied:
    - a first cache level is full,a second cache level is full,the first cache level has reached a predetermined threshold level,the second cache level has reached a predetermined threshold level,a rate of dropping packets has reach a predetermined drop rate level,a function of a current drop rate and a previous drop rate or drop rates are satisfied,a ratio between the total transmitted bandwidth and the total receiving bandwidth exceeds a predetermined threshold with reference to said real-time client.
  - 11. A method according to claim 6,comprising determining a maximum number of subsequent RTP packets transmitted on a specific TCP connection by measuring in the sender at predetermined intervals, a ratio between a round trip delay and a number of HTTP/HTTPS connections times a time interval between every single RTP packet, whereby a TCP throughput can be optimized.
  - 12. A method according to claim 6,comprising ranking a best available TCP connection by means of a ranking algorithm based on one or more of the following conditions being satisfied:
    - a first cache level is full,a second cache level is full,the first cache level has reached a predetermined threshold level,the second cache level has reached a predetermined threshold level,a rate of dropping packets has reach a predetermined drop rate level,a function of a current drop rate and a previous drop rate or drop rates are satisfied,a ratio between a total transmitted bandwidth and the total receiving bandwidth exceeds a predetermined threshold with reference to said real-time client.
  - 13. A method according to claim 6, comprising acknowledging all the time in the receiver that all TCP packets are received, and modifying in the receiver if TCP packets are lost a TCP 32-bit acknowledge number of the TCP packet to be equal to a TCP bit sequence number of a last received TCP packet.
  - 14. A method according to claim 6, comprising improving a TCP throughput by modifying a TCP stack and adding a fixed bit pattern to every RTP packet by means of the sender.
  - 15. A method according to claim 12, comprising synchronizing the sender with the RTP packets, and initializing in the receiver a search algorithm for searching a first occurrence of the fixed bit pattern when a TCP segment with a fractional RTP packet is lost.
  - 16. A method according to claim 6, comprising improving a TCP throughput, by inserting a new RTP packet into a TCP segment that has to be resent when the real time server as a sender detects that the TCP segment is lost.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lifesize, Inc. (Enghouse Systems Limited)
Original Assignee
Lifesize, Inc. (Enghouse Systems Limited)
Inventors
KLILAND, Kevin, FARNER, Knut

Granted Patent

US 8,230,091 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/230
CPC Class Codes

H04L 63/029   Firewall traversal, e.g. tu...

H04L 69/14   Multichannel or multilink p...

H04L 69/16   Implementation or adaptatio...

H04L 69/163   In-band adaptation of TCP d...

SYSTEM AND METHOD FOR REAL-TIME BIDIRECTIONAL COMMUNICATION THROUGH FIREWALLS

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

28 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR REAL-TIME BIDIRECTIONAL COMMUNICATION THROUGH FIREWALLS

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links