Method and system for consolidating TCP ports

US 7,978,731 B2
Filed: 09/19/2007
Issued: 07/12/2011
Est. Priority Date: 09/19/2007
Status: Expired due to Fees

First Claim

Patent Images

1. A computer implemented method in a data processing device for consolidating TCP ports, the computer implemented method comprising:

responsive to initiating a connection to a hidden port within a plurality of hidden ports via a network, creating by a processing device communicatively coupled to the data processing device a TCP in TCP packet that includes sequence and acknowledgement numbers on a per-port basis to provide logically independent data transmission flows for each hidden port within the plurality of hidden ports; and

sending by the data processing device the TCP in TCP packet to the hidden port via the network via a network visible port, wherein the data processing system sends the TCP in TCP packet without recalculating checksums, and wherein the network includes a firewall that has the network visible port as the only open port on the firewall, and wherein an IP layer passes the TCP in TCP packet to a TCP in TCP handler based on an identification field in an IP header of the TCP in TCP packet that identifies the TCP in TCP packet.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for consolidating TCP ports. In response to initiating a connection to a hidden port via a network, a TCP in TCP packet is created. Then, the TCP in TCP packet is sent to the hidden port via the network via a network visible port.

7 Citations

View as Search Results

17 Claims

1. A computer implemented method in a data processing device for consolidating TCP ports, the computer implemented method comprising:
- responsive to initiating a connection to a hidden port within a plurality of hidden ports via a network, creating by a processing device communicatively coupled to the data processing device a TCP in TCP packet that includes sequence and acknowledgement numbers on a per-port basis to provide logically independent data transmission flows for each hidden port within the plurality of hidden ports; and
  
  sending by the data processing device the TCP in TCP packet to the hidden port via the network via a network visible port, wherein the data processing system sends the TCP in TCP packet without recalculating checksums, and wherein the network includes a firewall that has the network visible port as the only open port on the firewall, and wherein an IP layer passes the TCP in TCP packet to a TCP in TCP handler based on an identification field in an IP header of the TCP in TCP packet that identifies the TCP in TCP packet.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The computer implemented method of claim 1, further comprising:
    - configuring a client device with the network visible port.
  - 3. The computer implemented method of claim 1, wherein the TCP in TCP handler creates the TCP in TCP packet.
  - 4. The computer implemented method of claim 1, wherein the TCP in TCP handler is implemented in an operating system kernel.
  - 5. The computer implemented method of claim 1, wherein the TCP in TCP handler is located in a server device and a client device.
  - 6. The computer implemented method of claim 1, wherein the TCP in TCP handler multiplexes a plurality of TCP connections onto a single connection by encapsulating TCP in TCP.
  - 7. The computer implemented method of claim 1, wherein the TCP in TCP packet includes an outer TCP header and an inner TCP header, and wherein the inner TCP header is encapsulated in the outer TCP header.
  - 8. The computer implemented method of claim 7, wherein the outer TCP header includes source/destination ports for corresponding network visible ports, and wherein the inner TCP header includes source/destination ports for corresponding hidden ports.
  - 9. The computer implemented method of claim 8, wherein the inner TCP header containing the corresponding hidden ports determines a final destination of the TCP in TCP packet, and wherein the final destination of the TCP in TCP packet is an application socket.
  - 10. The computer implemented method of claim 1, wherein the sequence and acknowledgement numbers on the per-port basis provide multiple sub-connections within a single TCP physical connection.
  - 11. The computer implemented method of claim 1, wherein the network visible port is used to establish a TCP connection, and wherein the hidden port is only visible to the TCP in TCP handler.
  - 12. The computer implemented method of claim 11, wherein the TCP in TCP handler uses the hidden port to de-multiplex incoming data to form de-multiplexed data and deliver the de-multiplexed data to an appropriate process.

13. A data processing system for consolidating TCP ports, comprising:
- a bus system;
  
  a storage device connected to the bus system, wherein the storage device includes a set of instructions; and
  
  a processing unit connected to the bus system, wherein the processing unit executes the set of instructions to create a TCP in TCP packet that includes sequence and acknowledgement numbers on a per-port basis to provide logically independent data transmission flows for each hidden port within a plurality of hidden ports in response to initiating a connection to a hidden port within the plurality of hidden ports via a network and send the TCP in TCP packet to the hidden port via the network via a network visible port, wherein the data processing system sends the TCP in TCP packet without recalculating checksums, and wherein the network includes a firewall that has the network visible port as the only open port on the firewall, and wherein an IP layer passes the TCP in TCP packet to a TCP in TCP handler based on an identification field in an IP header of the TCP in TCP packet that identifies the TCP in TCP packet.
- View Dependent Claims (14)
- - 14. The data processing system of claim 13, wherein the processing unit executes a further set of instructions to configure a client device with the network visible port.

15. A computer program product stored in a non-transitory computer usable storage medium having computer usable program code embodied therein for consolidating TCP ports, the computer program product comprising:
- computer usable program code configured to create a TCP in TCP packet that includes sequence and acknowledgement numbers on a per-port basis to provide logically independent data transmission flows for each hidden port within a plurality of hidden ports in response to initiating a connection to a hidden port within the plurality of hidden ports via a network; and
  
  computer usable program code configured to send the TCP in TCP packet to the hidden port via the network via a network visible port, wherein a data processing system sends the TCP in TCP packet without recalculating checksums, and wherein the network includes a firewall that has the network visible port as the only open port on the firewall, and wherein an IP layer passes the TCP in TCP packet to a TCP in TCP handler based on an identification field in an IP header of the TCP in TCP packet that identifies the TCP in TCP packet.
- View Dependent Claims (16, 17)
- - 16. The computer program product of claim 15, further comprising:
    - computer usable program code configured to configure a client device with the network visible port.
  - 17. The computer program product of claim 15, wherein the TCP in TCP handler creates the TCP in TCP packet.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Baratakke, Kavitha Vittal Murthy, Sethi, Varun, Hegde, Nikhil, Accapadi, Jos Manuel
Primary Examiner(s)
Ferris; Derrick W
Assistant Examiner(s)
KHIRODHAR, MAHARISHI V

Application Number

US11/857,533
Publication Number

US 20090074003A1
Time in Patent Office

1,392 Days
Field of Search

370/395.52, 370/448, 370/389, 370/469, 709/236, 709/223, 709/230
US Class Current

370/469
CPC Class Codes

H04L 63/029   Firewall traversal, e.g. tu...

H04L 69/16   Implementation or adaptatio...

H04L 69/165   Combined use of TCP and UDP...

H04L 69/22   Parsing or analysis of headers

Method and system for consolidating TCP ports

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

7 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for consolidating TCP ports

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

7 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links