WO2006084957A1 - Communication channel between at least two private networks - Google Patents

Communication channel between at least two private networks Download PDF

Info

Publication number
WO2006084957A1
WO2006084957A1 PCT/FI2006/050062 FI2006050062W WO2006084957A1 WO 2006084957 A1 WO2006084957 A1 WO 2006084957A1 FI 2006050062 W FI2006050062 W FI 2006050062W WO 2006084957 A1 WO2006084957 A1 WO 2006084957A1
Authority
WO
WIPO (PCT)
Prior art keywords
proxy
address
network
private network
private
Prior art date
Application number
PCT/FI2006/050062
Other languages
English (en)
French (fr)
Inventor
Sami Ehoniemi
Jussi VAINIONPÄÄ
Jari Weckman
Original Assignee
Teliasonera Ab
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Teliasonera Ab filed Critical Teliasonera Ab
Priority to EP06708966A priority Critical patent/EP1849274A4/en
Publication of WO2006084957A1 publication Critical patent/WO2006084957A1/en
Priority to NO20073988A priority patent/NO20073988L/no

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2521Translation architectures other than single NAT servers
    • H04L61/2528Translation at a proxy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2521Translation architectures other than single NAT servers
    • H04L61/2535Multiple local networks, e.g. resolving potential IP address conflicts

Definitions

  • This invention relates to a method, to a network system and to a proxy for providing a communication channel from a sending terminal in a first private network to at least one receiving terminal in a second private network.
  • IP addresses unique addresses for differentiating various devices connected to the network.
  • the addresses are provided for enabling a communication between the devices over the network. Therefore, all devices connected to the network should have a distinct network address for preventing overlapping of addresses.
  • private networks are provided. These private networks are independent from the general network and therefore devices connected to such may have private addresses that differentiates from other devices in said private network but can overlap with the addresses of devices in another private network. This is possible, because the private networks are separate and not connected to each other.
  • a transformation between the addresses is needed.
  • the transformation can be done by a proxy server that makes, based on a request from a private network client, a request to a general network in client's network and sends, in response to private network client, a response from general network to the request.
  • a transformation is presented in a publication US2002/0087721 A1. In the publication a plurality of private networks are connected to general network despite of possible overlapping of private addresses.
  • Respective private networks possess virtual local area network identification information, whereby when the respective private network is connected with the general network, a duplicate network address- translating device performs a translation between the private address and the general address by utilizing the virtual local area network identification and the private address of the respective private networks in pairs.
  • a method, a system and a proxy are provided.
  • the method is mainly characterized in that the method comprises steps for mapping the first private network address to a first proxy assigned address and mapping the second private network address to a second proxy assigned address, for informing the first proxy assigned address to the receiving terminal and informing the second proxy assigned address to the sending terminal, for receiving an originating application packet from a sending terminal to be communicated to the second proxy assigned address, for transforming said originating packet into a targeting application packet having a second private network address instead of the second proxy assigned address, and for sending the targeting packet to the receiving terminal.
  • the network system is mainly characterized in that the network system comprises first means for mapping the first private network address to a first proxy assigned address and mapping the second private network address to a second proxy assigned address, second means for informing the first proxy assigned address to the receiving terminal and informing the second proxy assigned address to the sending terminal, wherein the sending terminal is capable of sending an originating application packet to the second proxy assigned address, whereby the first means are capable of transforming said originating packet into a targeting application packet having a second private network address instead of the second proxy assigned address, and sending the targeting packet to the receiving terminal.
  • the proxy is mainly characterized in that the proxy is capable of mapping the first private network address to a first proxy assigned address and mapping the second private network address to a second proxy assigned address, informing the first proxy assigned address to the receiving terminal and informing the second proxy assigned address to the sending terminal, receiving an originating application packet from the sending terminal to be communicated to the second proxy assigned address, and transforming said originating packet into a targeting application packet having a second private network address instead of the second proxy assigned address, and sending the targeting packet to the receiving terminal.
  • the current solution enables communication between several networks even with same network addresses, whereby overlapping of network addresses of e.g. private networks is not prohibited.
  • the current solution will help to combine different kind of network environments, and in particular to combine different networks seamlessly from users' point of view.
  • This solution also enables an interworking between several separate and independently build service networks that offer services to end- users.
  • a service network is mobile network (e.g. UMTS, GPRS, CDMA), WLAN (Wireless Local Area Network) hotspot and DSL (Digital Subscriber Line).
  • IMS/SIP IP Multimedia Subsystem/Session Initiation Protocol
  • Figure 1 illustrates an example of a network system
  • Figure 2 illustrates an example of an address processing by the proxy
  • Figures 3a, b illustrate signaling examples of session initiation
  • Figures 4a, b illustrate application packet communication according to one example of the method.
  • address refers to such an address that can be used for reaching a specific terminal or a device in a network.
  • address refers to IP address/port pair information, but other network identifying addresses are possible as well.
  • the idea is to determine into which network a packet belongs and to reestablish the packet in such a manner that the packet can be directed to that network.
  • the determination of the network can base on control plane signaling. The implementation of the procedure is described next.
  • Figure 1 illustrates an example of a network system wherein private networks 110, 120, 130 are connected to a proxy 150.
  • the connection to the proxy 150 can be made by tunnels 113, 123, 133.
  • the proxy 150 may have an access to the IP space of the private networks.
  • the private networks 110, 120, 130 are separate from other private networks and from each others; they have specific network addresses that may overlap with the others.
  • a sending terminal X and a receiving terminal Y are illustrated.
  • the proxy 150 is arranged to form the communication channel between terminal and between private networks and to transmit application packets between them. For doing that, the proxy 150 is capable of handling said packets and determining a correct destination address (e.g. IP address/port pair) and using said destination address for transferring the packets into the correct network address.
  • the terminals X, Y connected to the proxy 150 does not necessarily need to know the addresses of other terminals. Because the communication is handled by the proxy, the terminals X, Y does not need to communicate directly to each other.
  • Packet 1 illustrates an example of a packet originating from the sending terminal (X) in the private network 110 and packet 2 illustrates the same packet targeting the receiving terminal (Y) in the private network 120.
  • the proxy 150 situates between these private networks 110, 120 and it is arranged to transform the originating packet 1 into form of the targeting packet 2.
  • Both packets 1 , 2 are composed of a tunneling packet 1.3, 2.3 inside which an application packet 1.5, 2.5 is encapsulated.
  • Networks 110, 120 having same private network addresses are used as an example.
  • the terminals X, Y have differentiating individual names (referred as "network names") that are more popular (e.g. user can be reached by user@network) because of the network names are easier to use.
  • the proxy 150 may have one or more network addresses, according to which the proxy 150 may communicate with each of the networks 110, 120.
  • the communication channel between the terminals X, Y needs to be formed.
  • the purpose of the channel forming is 1 ) to find out between which networks the communication channel is to be formed; 2) to find out in which private network addresses and ports the terminals desire to receive the packets; 3) and to determine, into which private network addresses and gates the terminals will send the packets.
  • the communication channel can be formed by signaling, for example, as illustrated in examples in figures 3a, 3b.
  • the sending terminal X requests communication with receiving terminal Y having a same private IP address (IP 10.0.0.1 :1234). From figure 3a it can be seen that the invite signaling comprises information about the receiving terminal
  • the invite message is signaled to a routing server (IMS A) of a first network 110, which further signals the invite message to the proxy 150 (having address, e.g. IP: 23.23.23.23).
  • the proxy 150 forms and reserves an internal state, e.g. 23.23.23.23:2000, and implements a mapping (310) between said state and the address of the sending terminal X (10.0.0.1 :1234).
  • Internal state corresponds to a single mapping and to an address in the proxy 150 identifying said mapping.
  • the proxy 150 assigns a new address for the private network in question, which proxy assigned address is stored in the internal state.
  • the proxy stores information about the network 110, whereby state "23.23.23.23:2000" corresponds "10.0.0.1 :1234 in network 110".
  • the proxy 150 transmits the invite message to routing server (IMS B) in network 120.
  • the proxy is capable of transmitting the message to the correct network according to the domain information (@120) of the receiving terminal Y.
  • the invite message comprises also information concerning where the sending terminal X is capable of receiving data. That information is changed from the address of sending terminal (X) to the address assigned by the proxy 150.
  • the routing server (IMS B) further sends the invite message to receiving terminal Y.
  • Figure 3b presents the response situation, wherein the receiving terminal Y at IP address 10.0.0.1 signals a response message wherein its private IP address 10.0.0.1 :1234 is indicated.
  • This response message is transmitted to the proxy 150 that forms and reserves (320) another internal state, e.g. 23.23.23.23:2001 corresponding the address "10.0.0.1 :1234 in network 120".
  • the response message is further transmitted to the routing server IMS A, which signals it to sending terminal X.
  • this response message comprises information about the address assigned by the proxy for network 120, where the receiving terminal Y is capable of receiving data.
  • the proxy 150 selects the internal state addresses in such a manner that the same state or address is not used in more than one communication simultaneously.
  • the assigned address replaces the source network address/port in the signaling.
  • the proxy 150 can store the selected state and information about the location (network 110, network 120) of the terminal (X, Y).
  • Figures 4a, 4b presents the communication of application packets.
  • the sending terminal X may send application data to the receiving terminal Y.
  • the application data is sent as data packets, as illustrates in figure 2.
  • Figures 4a, 4b both illustrate a situation for communicating application data between terminals X, Y.
  • the sending terminal is terminal X and receiving terminal is terminal Y.
  • the sending terminal is terminal Y and the receiving terminal is terminal X. It will be appreciated that in the same session the sending terminal may act also as receiving terminal and vice versa.
  • What is common to figures 4a, 4b is that when sending terminal sends application packet having a destination address, the destination address corresponds the proxy assigned address reserved in the proxy 150.
  • the sending terminal X forms an application packet to destination 23.23.23.23:2001.
  • This packet is send to the proxy 150, which makes a search (410) "who is 23.23.23.23:2001 " to its memory means and an internal table therein.
  • the proxy 150 receives "10.0.0.1 :1234 in network 120".
  • the proxy 150 transforms the originating application packet into targeting packet having the actual private address of receiving terminal Y (destination: 10.0.0.1 :1234).
  • the communication from the receiving terminal to the sending terminal can be done (see figure 4b).
  • the first destination address is 23.23.23.23:2000, which is searched (420) for founding the corresponding address 10.0.0.1 in network 110.
  • the proxy 150 When terminals X and Y have completed the communication, the proxy 150 is informed about the situation by signaling. Because of this, the proxy 150 may remove the internal table for the proxy assigned addresses and the states and the locations of terminals from its storage means. In addition to the aforementioned capabilities the proxy may have other functionalities as well, e.g. for enhancing the pOcedure or controlling the signaling.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)
PCT/FI2006/050062 2005-02-14 2006-02-13 Communication channel between at least two private networks WO2006084957A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP06708966A EP1849274A4 (en) 2005-02-14 2006-02-13 COMMUNICATION CHANNEL BETWEEN AT LEAST TWO PRIVATE NETWORKS
NO20073988A NO20073988L (no) 2005-02-14 2007-08-01 Kommunikasjonskanal mellom i det minste to private nettverk

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FI20055064A FI118316B (fi) 2005-02-14 2005-02-14 Tiedonsiirtokanava ainakin kahden yksityisen verkon välillä
FI20055064 2005-02-14

Publications (1)

Publication Number Publication Date
WO2006084957A1 true WO2006084957A1 (en) 2006-08-17

Family

ID=34224274

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FI2006/050062 WO2006084957A1 (en) 2005-02-14 2006-02-13 Communication channel between at least two private networks

Country Status (4)

Country Link
EP (1) EP1849274A4 (fi)
FI (1) FI118316B (fi)
NO (1) NO20073988L (fi)
WO (1) WO2006084957A1 (fi)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009062504A1 (en) * 2007-11-13 2009-05-22 Tnm Farmguard Aps Secure communication between a client and devices on different private local networks using the same subnet addresses
US9183028B1 (en) * 2010-09-30 2015-11-10 Amazon Technologies, Inc. Managing virtual computing nodes
US20160072764A1 (en) * 2014-09-10 2016-03-10 T-Mobile Usa, Inc. Dynamic double network address translator
US9959132B2 (en) 2010-09-30 2018-05-01 Amazon Technologies, Inc. Managing virtual computing nodes using isolation and migration techniques
US10445124B2 (en) 2010-09-30 2019-10-15 Amazon Technologies, Inc. Managing virtual computing nodes using isolation and migration techniques
CN113098991A (zh) * 2021-03-29 2021-07-09 北京金山云网络技术有限公司 一种报文处理方法、装置、专线接入网关以及公有云系统
US11455181B1 (en) * 2014-09-19 2022-09-27 Amazon Technologies, Inc. Cross-network connector appliances

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6038233A (en) * 1996-07-04 2000-03-14 Hitachi, Ltd. Translator for IP networks, network system using the translator, and IP network coupling method therefor
US20020010799A1 (en) * 2000-04-04 2002-01-24 Makoto Kubota Communication data relay system and method of controlling connectability between domains
US6434627B1 (en) * 1999-03-15 2002-08-13 Cisco Technology, Inc. IP network for accomodating mobile users with incompatible network addressing
US6493765B1 (en) * 1999-03-23 2002-12-10 Nortel Networks Limited Domain name resolution in a network having multiple overlapping address domains
US6629137B1 (en) * 2000-04-26 2003-09-30 Telefonaktiebolaget L.M. Ericsson Network interface devices methods system and computer program products for connecting networks using different address domains through address translation
US20040024879A1 (en) * 2002-07-30 2004-02-05 Dingman Christopher P. Method and apparatus for supporting communications between a computing device within a network and an external computing device
WO2005048106A2 (en) * 2003-11-11 2005-05-26 Net6, Inc. Virtual private network with pseudo server

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7272650B2 (en) * 2001-04-17 2007-09-18 Intel Corporation Communication protocols operable through network address translation (NAT) type devices

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6038233A (en) * 1996-07-04 2000-03-14 Hitachi, Ltd. Translator for IP networks, network system using the translator, and IP network coupling method therefor
US6434627B1 (en) * 1999-03-15 2002-08-13 Cisco Technology, Inc. IP network for accomodating mobile users with incompatible network addressing
US6493765B1 (en) * 1999-03-23 2002-12-10 Nortel Networks Limited Domain name resolution in a network having multiple overlapping address domains
US20020010799A1 (en) * 2000-04-04 2002-01-24 Makoto Kubota Communication data relay system and method of controlling connectability between domains
US6629137B1 (en) * 2000-04-26 2003-09-30 Telefonaktiebolaget L.M. Ericsson Network interface devices methods system and computer program products for connecting networks using different address domains through address translation
US20040024879A1 (en) * 2002-07-30 2004-02-05 Dingman Christopher P. Method and apparatus for supporting communications between a computing device within a network and an external computing device
WO2005048106A2 (en) * 2003-11-11 2005-05-26 Net6, Inc. Virtual private network with pseudo server

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP1849274A4 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009062504A1 (en) * 2007-11-13 2009-05-22 Tnm Farmguard Aps Secure communication between a client and devices on different private local networks using the same subnet addresses
US9183028B1 (en) * 2010-09-30 2015-11-10 Amazon Technologies, Inc. Managing virtual computing nodes
US9959132B2 (en) 2010-09-30 2018-05-01 Amazon Technologies, Inc. Managing virtual computing nodes using isolation and migration techniques
US9979694B2 (en) 2010-09-30 2018-05-22 Amazon Technologies, Inc. Managing communications between virtual computing nodes in a substrate network
US10445124B2 (en) 2010-09-30 2019-10-15 Amazon Technologies, Inc. Managing virtual computing nodes using isolation and migration techniques
US20160072764A1 (en) * 2014-09-10 2016-03-10 T-Mobile Usa, Inc. Dynamic double network address translator
US11455181B1 (en) * 2014-09-19 2022-09-27 Amazon Technologies, Inc. Cross-network connector appliances
CN113098991A (zh) * 2021-03-29 2021-07-09 北京金山云网络技术有限公司 一种报文处理方法、装置、专线接入网关以及公有云系统
CN113098991B (zh) * 2021-03-29 2022-11-04 北京金山云网络技术有限公司 一种报文处理方法、装置、专线接入网关以及公有云系统

Also Published As

Publication number Publication date
EP1849274A1 (en) 2007-10-31
FI118316B (fi) 2007-09-28
NO20073988L (no) 2007-09-14
EP1849274A4 (en) 2010-07-07
FI20055064A (fi) 2006-08-15
FI20055064A0 (fi) 2005-02-14

Similar Documents

Publication Publication Date Title
US9531667B2 (en) Peer-to-peer connection establishment using TURN
TWI437863B (zh) 異質性ipv4網路中之同級間行動能力管理
ES2377488T3 (es) Combinación de dispositivos que tienen direcciones locales y dispositivos que tienen direcciones de red de área amplia (WAN) en una única red
US8914486B2 (en) Method, system and device for implementing identity identifier and location separation
EP3720100A1 (en) Service request processing method and device
WO2007033363A2 (en) System and method for providing packet connectivity between heterogeneous networks
US20060056420A1 (en) Communication apparatus selecting a source address
JP4511603B2 (ja) 公衆陸上移動網におけるピア・ツー・ピア通信を提供するための構成
CN101212393B (zh) 介质无关切换消息的传输方法、系统及设备
CN102075420B (zh) 基于位置标识和主机标识分离的系统及其移动性管理方法
US8724630B2 (en) Method and system for implementing network intercommunication
CA2533875A1 (en) Mobility in a multi-access communication network
WO2006084957A1 (en) Communication channel between at least two private networks
CN102215160A (zh) 数据通信系统及方法
KR101381701B1 (ko) 데이터 메시지 처리 방법, 시스템 및 접속 서비스 노드
JP2012505579A (ja) Natトラバーサル方法及び装置
CN102035813A (zh) 端到端呼叫的实现方法、端到端呼叫终端及系统
JP2013504956A (ja) 新たなネットワークとインターネットとの相互通信の実現方法、システム及び通信端
TW200840282A (en) Systems and methods for transporting data across an air interface using reduced address headers
US20070091875A1 (en) Method and System For Device Mobility Using Application Label Switching In A Mobile Communication Network
Albuquerque et al. Global information grid (GIG) edge network interface architecture
Pierrel et al. A policy system for simultaneous multiaccess with host identity protocol
WO2011124121A1 (zh) 网间数据通讯系统及方法
TWI248282B (en) Telecommunication system and method for routing data of an IP-based PBX extension to a host
CN102957618A (zh) 基于身份位置分离网络内服务器通讯方法、系统和服务器

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
DPE2 Request for preliminary examination filed before expiration of 19th month from priority date (pct application filed from 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2006708966

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE

WWP Wipo information: published in national office

Ref document number: 2006708966

Country of ref document: EP