WO2013061116A1 - Method and apparatus for facilitating maintenance of a connection state - Google Patents

Abstract

A method and apparatus are provided for facilitating maintenance of a connection state. A method may include determining, at a network node, existence of a condition indicative of a presence of a middlebox in a path between the network node and a remote node. The method may further include, in response to determining the existence of the condition, causing the network node to send a request to trigger the middlebox to maintain a connection state for the network node. The method may also include receiving a confirmation message indicating that the middlebox has agreed to maintain the connection state. The method may additionally include determining, based at least in part on the received confirmation message, a lifetime for which the connection state is to be maintained by the middlebox without requiring the network node to send keep-alive messages to the remote node. A corresponding apparatus is also provided.

Description

METHOD AND APPARATUS FOR FACILITATING

MAINTENANCE OF A CONNECTION STATE

TECHNOLOGICAL FIELD

Example embodiments of the present invention relate generally to

communications technology and, more particularly, relate to a method and apparatus for facilitating maintenance of a connection state.

BACKGROUND

The modern communications era has brought about a tremendous expansion of wireline and wireless networks. Wireless and mobile networking technologies have addressed related consumer demands, while providing more flexibility and immediacy of information transfer. Concurrent with the expansion of networking technologies, an expansion in computing power has resulted in development of affordable computing devices capable of taking advantage of services made possible by modern networking technologies. This expansion in computing power has led to a reduction in the size of computing devices and given rise to a new generation of mobile devices that are capable of performing functionality that only a few years ago required processing power that could be provided only by the most advanced desktop computers. Consequently, mobile computing devices having a small form factor have become ubiquitous and are used to access network applications and services by consumers of all socioeconomic

backgrounds.

Advancements are also being made in protocols that may be used by mobile computing devices for data transfer on mobile networks. For example, various versions of mobile Internet Protocol (IP), such as version 6 of mobile IP (MIP6), enable mobile computing devices to move from network to network while maintaining a permanent IP address, known as a home address. In order to facilitate mobility in mobile IP, a mobile node is associated with a care-of address, which identifies its current location. The mobile node's home address is associated with the local endpoint of a tunnel to its home agent. A node wanting to communicate with the mobile node may use the permanent home address of the mobile node as the destination address to which to send packets. The home agent may then receive and redirect these packets towards the care of address for the mobile node using the tunnel.

Accordingly, mobile IP may enable a mobile computing device to utilize a variety of network services while still maintaining mobility abilities. However, if connectivity between the mobile node and the home agent with which it has registered is not maintained, packets destined for the mobile device may be undeliverable, and may be dropped in the network.

BRIEF SUMMARY

A system, method, and apparatus are herein provided for facilitating maintenance of a connection state. Systems, methods, and apparatuses in accordance with various embodiments may provide several advantages to computing devices, computing device users, and network operators. In this regard, some example embodiments facilitate maintenance of a connection state, such as a connection state for maintaining a tunnel between a mobile node and a home agent in mobile IP. More particularly, in some example embodiments, a network node and a middlebox on a path between the network node and a remote node are configured to reach an agreement for the middlebox to maintain a connection state for the network node for a period of time without requiring the network node to send keep-alive messages to the remote node. Accordingly, such example embodiments may reduce the amount of signaling overhead required to send keep-alive messages, thus reducing otherwise unnecessary network bandwidth consumption, as well as overhead required of nodes sending and receiving keep-alive messages.

Some example embodiments may be particularly beneficial for mobile networks. In this regard, mobile computing device may conserve battery power by not being required to send as frequent keep-alive messages when their connection state is maintained by a middlebox in accordance with some example embodiments. Moreover, in accordance with some example embodiments, a mobile computing device may be enabled to enter a sleep, or idle, period during a lifetime for which a connection state is maintained by a middlebox, as the mobile computing device may not be required to send keep-alive messages during the lifetime in order to maintain the connection state.

Further, signaling at L2 and L3 levels may be reduced by avoiding the need to setup and teardown radio bearers to send keep-alive messages on an air interface.

In a first example embodiment, a method is provided, which may comprise determining, at a network node, existence of a condition indicative of a presence of a middlebox in a path between the network node and a remote node. The method may further comprise, in response to determining the existence of the condition, causing the network node to send a request to trigger the middlebox to maintain a connection state for the network node. The method of this example embodiment may also comprise receiving, at the network node, a confirmation message indicating that the middlebox has agreed to maintain the connection state. The method of this example embodiment may additionally comprise determining, based at least in part on the received confirmation message, a lifetime for which the connection state is to be maintained by the middlebox without requiring the network node to send keep-alive messages to the remote node to maintain the connection state.

In a second example embodiment, an apparatus comprising at least one processor and at least one memory storing computer program code is provided. The at least one memory and stored computer program code may be configured, with the at least one processor, to cause the apparatus of this example embodiment to at least determine existence of a condition indicative of a presence of a middlebox in a path between a network node and a remote node. The at least one memory and stored computer program code may be configured, with the at least one processor, to also the apparatus of this example embodiment, in response to determining the existence of the condition, to cause the network node to send a request to trigger the middlebox to maintain a connection state for the network node. The at least one memory and stored computer program code may be configured, with the at least one processor, to further cause the apparatus of this example embodiment to receive a confirmation message indicating that the middlebox has agreed to maintain the connection state. The at least one memory and stored computer program code may be configured, with the at least one processor, to additionally cause the apparatus of this example embodiment to determine, based at least in part on the received confirmation message, a lifetime for which the connection state is to be maintained by the middlebox without requiring the network node to send keep-alive messages to the remote node to maintain the connection state.

In a third example embodiment, an apparatus is provided that may comprise means for determining existence of a condition indicative of a presence of a middlebox in a path between a network node and a remote node. The apparatus of this example embodiment may also comprise means for, in response to determining the existence of the condition, causing the network node to send a request to trigger the middlebox in to maintain a connection state for the network node. The apparatus of this example embodiment may further comprise means for receiving a confirmation message indicating that the middlebox has agreed to maintain the connection state. The apparatus of this example embodiment may additionally comprise means for determining, based at least in part on the received confirmation message, a lifetime for which the connection state is to be maintained by the middlebox without requiring the network node to send keep-alive messages to the remote node to maintain the connection state.

The above summary is provided merely for purposes of summarizing some example embodiments of the invention so as to provide a basic understanding of some aspects of the invention. Accordingly, it will be appreciated that the above described example embodiments are merely examples and should not be construed to narrow the scope or spirit of the invention in any way. It will be appreciated that the scope of the invention encompasses many potential embodiments, some of which will be further described below, in addition to those here summarized.

BRIEF DESCRIPTION OF THE DRAWINGS

Having thus described example embodiments of the invention in general terms, reference will now be made to the accompanying drawings, which are not necessarily drawn to scale, and wherein:

FIG. 1 illustrates a system for facilitating maintenance of a connection state according to some example embodiments;

FIG. 2 is a schematic block diagram of a mobile terminal according to some example embodiments;

FIG. 3 illustrates a block diagram of a network node according to some example embodiments;

FIG. 4 illustrates a block diagram of a middlebox according to some example embodiments;

FIG. 5 illustrates an example signaling diagram that may be exchanged among network entities for facilitating maintenance of a connection state in accordance with some example embodiments;

FIG. 6 illustrates another example signaling diagram that may be exchanged among network entities for facilitating maintenance of a connection state in accordance with some example embodiments;

FIG. 7 illustrates a further example signaling diagram that may be exchanged among network entities for facilitating maintenance of a connection state in accordance with some example embodiments;

FIG. 8 illustrates a flowchart according to an example method for facilitating maintenance of a connection state according to some example embodiments; and

FIG. 9 illustrates a flowchart according to another example method for facilitating maintenance of a connection state according to some example embodiments. DETAILED DESCRIPTION

Some example embodiments of the present invention will now be described more fully hereinafter with reference to the accompanying drawings, in which some, but not all embodiments of the invention are shown. Indeed, the invention may be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will satisfy applicable legal requirements. Like reference numerals refer to like elements throughout.

As used herein, the terms "data," "content," "information" and similar terms may be used interchangeably to refer to data capable of being transmitted, received, displayed and/or stored in accordance with various example embodiments. Thus, use of any such terms should not be taken to limit the spirit and scope of the disclosure.

The term "computer-readable medium" as used herein refers to any medium configured to participate in providing information to a processor, including instructions for execution. Such a medium may take many forms, including, but not limited to a non- transitory computer-readable storage medium (for example, non-volatile media, volatile media), and transmission media. Transmission media include, for example, coaxial cables, copper wire, fiber optic cables, and carrier waves that travel through space without wires or cables, such as acoustic waves and electromagnetic waves, including radio, optical and infrared waves. Examples of non-transitory computer-readable media include a floppy disk, hard disk, magnetic tape, any other non-transitory magnetic medium, a compact disc read only memory (CD-ROM), compact disc compact discrewritable (CD-RW), digital versatile disc (DVD), Blu-Ray, any other non-transitory optical medium, a random access memory (RAM), a programmable read only memory (PROM), an erasable programmable read only memory (EPROM), a FLASH-EPROM, any other memory chip or cartridge, or any other non-transitory medium from which a computer can read. The term computer-readable storage medium is used herein to refer to any computer-readable medium except transmission media. However, it will be appreciated that where embodiments are described to use a computer-readable storage medium, other types of computer-readable mediums may be substituted for or used in addition to the computer-readable storage medium in alternative embodiments.

Additionally, as used herein, the term 'circuitry' refers to (a) hardware-only circuit implementations (for example, implementations in analog circuitry and/or digital circuitry);

(b) combinations of circuits and computer program product(s) comprising software and/or firmware instructions stored on one or more computer readable memories that work together to cause an apparatus to perform one or more functions described herein; and

(c) circuits, such as, for example, a microprocessor(s) or a portion of a microprocessor(s), that require software or firmware for operation even if the software or firmware is not physically present. This definition of 'circuitry' applies to all uses of this term herein, including in any claims. As a further example, as used herein, the term 'circuitry' also includes an implementation comprising one or more processors and/or portion(s) thereof and accompanying software and/or firmware. As another example, the term 'circuitry' as used herein also includes, for example, a baseband integrated circuit or applications processor integrated circuit for a mobile phone or a similar integrated circuit in a server, a cellular network device, other network device, and/or other computing device.

MIP6 and Dual stack Mobile IP Version 6 (DSMIP6) enable a mobile node (MN) to create a binding with a home agent (HA) while attached to an Internet Protocol Version 4 (IPv4) or Internet Protocol Version 6 (IPv6) access network. The access network to which the MN is attached to may contain Network Address Translation (NAT) devices (for example, in case of an IPv4 access network) and/or firewalls. These middleboxes may be stateful, but they generally release that state if they do not see any traffic on the connection for a period of time. When an MN is attached to an access network and a middlebox (for example, a NAT, firewall, and/or other middlebox) is present on the path between the MN and HA, the MN has to maintain state in the NAT and/or firewall network elements to ensure that any state created by middleboxes is maintained and that packets can flow freely to the MN from the HA. If there is no traffic on the connection used to send packets between the MN and HA, the middlebox will release the state associated with the connection, which will result in the MN becoming unreachable from the HA. Packets sent to the MN from the HA in an instance in which the state is released are dropped by the middlebox.

MIP6 and DSMIP6 attempt to address the problem of a middlebox releasing a connection state by having the MN send periodic keep-alive messages to the HA. In this regard, in MIP6 and DSMIP6, the MN and HA exchange binding update and binding acknowledgement messages every few seconds. This message exchange (periodic re- registration) keeps the binding state in the NATs and firewalls on the path and thereby reachability of the MN from the Internet is preserved.

However, this relatively frequent exchange of keep-alive messages results in several consequences. In this regard, the MN has to periodically send the binding update request to the HA and process the corresponding acknowledgement. These operations consume power from the MN, which is generally battery constrained. While some mobile devices have the capability to switch to sleep mode when they have no data to send or receive, to preserve battery life, the need to periodically generate binding updates and wait for binding acknowledgements causes the device to wake up periodically to generate the binding update and wait for the binding acknowledgment, preventing the mobile device from remaining, or in some cases even entering, in sleep mode even when the mobile device does not have any substantive data packets to send. As a result, user experience may suffer due to shorter battery life. Further, the air-interface on cellular networks is a scarce resource. Signaling traffic such as keep-alive messages generally does not generate revenue for network operators. Additionally, transmission of keep- alive messages reduces the overall capacity of the link in terms of the substantive traffic that can be transmitted. Moreover, activation of a radio and requesting a bearer for transmission of a keep-alive message may generate a significant amount of L2 signaling traffic, which may overload the signaling channel of the network.

FIG. 1 illustrates a diagram of a system 100 for facilitating maintenance of a connection state according to some example embodiments. It will be appreciated that the system 100 as well as the illustrations in other figures are each provided as an example of some embodiments and should not be construed to narrow the scope or spirit of the disclosure in any way. In this regard, the scope of the disclosure encompasses many potential embodiments in addition to those illustrated and described herein. As such, while FIG. 1 illustrates one example of a configuration of a system for facilitating maintenance of a connection state, numerous other configurations may also be used to implement embodiments of the present invention.

In some example embodiments, the system 100 may include a network node 102, which may be configured to access the network 1 10. In some instances, such as that illustrated in FIG. 1 , the network node 102 may be connected to the network 1 10 via a path 106, which may traverse a middlebox 104.

The network node 102 may comprise any computing device configured to connect to the network 1 10 to communicate with one or more other computing devices over the network 1 10, such as a remote network node 108, network management entity 1 12, and/or the like. By way of non-limiting example, the network node 102 may be embodied as a computer, laptop computer, server, mobile terminal, mobile computer, mobile phone, mobile communication device, tablet computing device, game device, digital

camera/camcorder, audio/video player, television device, radio receiver, digital video recorder, positioning device, wrist watch, portable digital assistant (PDA), a chipset, an apparatus comprising a chipset, any combination thereof, and/or the like.

The network 1 10 may comprise any network, or combination of a plurality of networks. By way of non-limiting example, the network 1 10 may comprise one or more wireless networks (for example, a cellular network, wireless local area network, wireless metropolitan area network, and/or the like), one or more wireline networks, or some combination thereof, and in some embodiments may comprise at least a portion of the internet. The middlebox 104 may comprise any middlebox computing entity that may be implemented on the network 1 10 and/or on a network positioned between the network node 102 and the network 1 10. By way of non-limiting example, the middlebox 104 may comprise a computing device configured to implement a firewall (for example, a firewall device), a network address translation (NAT) device, and/or other middlebox.

In some example embodiments, the middlebox 104 may additionally provide the functionality of a port control server. In this regard, the middlebox 104 may be configured to provide an entity configured to implement a protocol for facilitating the control, maintenance, and/or mapping of ports. By way of non-limiting example, such protocol may include Port Control Protocol (PCP), Universal Plug and Play Internet Gateway

Device technology (UPnP IGD), NAT Port Mapping Protocol (NAT-PMP), and/or the like. While some example embodiments are described herein in the context of PCP, it will be appreciated that this description is by way of example, and not by way of limitation, as Universal Plug and Play Internet Gateway Device technology (UPnP IGD), NAT Port Mapping Protocol (NAT-PMP), and/or other appropriate protocols may be substituted for and/or used to supplement usage of PCP in some example embodiments.

The system 100 may further comprise one or more remote network nodes 108. A remote network node 108 may comprise any computing device, or plurality of computing devices, configured to receive data from and/or send data to the network node 102 over the network 1 10 on a path (for example, the path 106) traversing the middlebox 104. By way of non-limiting example, a network node 108 may be embodied as a computer, laptop computer, server, mobile terminal, mobile computer, mobile phone, mobile communication device, tablet computing device, game device, digital camera/camcorder, audio/video player, television device, radio receiver, digital video recorder, positioning device, wrist watch, portable digital assistant (PDA), a chipset, an apparatus comprising a chipset, any combination thereof, and/or the like. In some example embodiments, such as in some example embodiments wherein the network node 102 is implemented as a mobile IP client, the remote network node 108 may comprise a home agent that may be associated with the network node 102.

In some example embodiments, the system 100 may additionally comprise a network management entity 1 12. The network management entity 1 12 may comprise any computing device, or plurality of computing devices, configured to assign and/or provide address information for one or more other network entities, such as for a port control server, the middlebox 104, and/or the like. In this regard, the network management entity 1 12 may be configured to receive an address query from the network node 102, and provide a response to the query including a requested address for a network entity. In some example embodiments, the network management entity 1 12 may comprise a dynamic host configuration protocol (DHCP) server. It will be appreciated, however, that a network management entity 1 12 may be configured to use other protocols for handling address queries in addition to, or in lieu of, DHCP. Thus, where example embodiments are described to use DHCP and/or DHCP servers, it will be appreciated that this description is provided merely for purposes of providing an illustrative example of some embodiments, and not by way of limitation to the use of DHCP and/or of DHCP servers.

According to some example embodiments, the network node 102 may be embodied as a mobile terminal, such as that illustrated in FIG. 2. In this regard, FIG. 2 illustrates a block diagram of a mobile terminal 10 representative of some embodiments of a network node 102. It should be understood, however, that the mobile terminal 10 illustrated and hereinafter described is merely illustrative of one type of network node 102 that may implement and/or benefit from various embodiments and, therefore, should not be taken to limit the scope of the disclosure. While several embodiments of the electronic device are illustrated and will be hereinafter described for purposes of example, other types of electronic devices, such as mobile telephones, mobile computers, portable digital assistants (PDAs), tablet computers, pagers, laptop computers, desktop computers, gaming devices, televisions, and other types of electronic systems, may employ various embodiments of the invention.

As shown, the mobile terminal 10 may include an antenna 12 (or multiple antennas 12) in communication with a transmitter 14 and a receiver 16. The mobile terminal 10 may also include a processor 20 configured to provide signals to and receive signals from the transmitter and receiver, respectively. The processor 20 may, for example, be embodied as various means including circuitry, one or more

microprocessors with accompanying digital signal processor(s), one or more processor(s) without an accompanying digital signal processor, one or more coprocessors, one or more multi-core processors, one or more controllers, processing circuitry, one or more computers, various other processing elements including integrated circuits such as, for example, an ASIC (application specific integrated circuit) or FPGA (field programmable gate array), or some combination thereof. Accordingly, although illustrated in FIG. 2 as a single processor, in some example embodiments the processor 20 may comprise a plurality of processors. These signals sent and received by the processor 20 may include signaling information in accordance with an air interface standard of an applicable cellular system, and/or any number of different wireline or wireless networking techniques, comprising but not limited to Wi-Fi, wireless local access network (WLAN) techniques such as Institute of Electrical and Electronics Engineers (IEEE) 802.1 1 , 802.16, and/or the like. In addition, these signals may include speech data, user generated data, user requested data, and/or the like. In this regard, the mobile terminal may be capable of operating with one or more air interface standards, communication protocols, modulation types, access types, and/or the like. More particularly, the mobile terminal may be capable of operating in accordance with various first generation (1 G), second generation (2G), 2.5G, third-generation (3G) communication protocols, fourth-generation (4G) communication protocols, Internet Protocol Multimedia Subsystem (IMS) communication protocols (for example, session initiation protocol (SIP)), and/or the like. For example, the mobile terminal may be capable of operating in accordance with 2G wireless

communication protocols IS-136 (Time Division Multiple Access (TDMA)), Global System for Mobile communications (GSM), IS-95 (Code Division Multiple Access (CDMA)), and/or the like. Also, for example, the mobile terminal may be capable of operating in

accordance with 2.5G wireless communication protocols General Packet Radio Service (GPRS), Enhanced Data GSM Environment (EDGE), and/or the like. Further, for example, the mobile terminal may be capable of operating in accordance with 3G wireless communication protocols such as Universal Mobile Telecommunications System (UMTS), Code Division Multiple Access 2000 (CDMA2000), Wideband Code Division Multiple Access (WCDMA), Time Division-Synchronous Code Division Multiple Access (TD-SCDMA), and/or the like. The mobile terminal may be additionally capable of operating in accordance with 3.9G wireless communication protocols such as Long Term Evolution (LTE) or Evolved Universal Terrestrial Radio Access Network (E-UTRAN) and/or the like. Additionally, for example, the mobile terminal may be capable of operating in accordance with fourth-generation (4G) wireless communication protocols and/or the like as well as similar wireless communication protocols that may be developed in the future.

Some Narrow-band Advanced Mobile Phone System (NAMPS), as well as Total Access Communication System (TACS), mobile terminals may also benefit from embodiments of this invention, as should dual or higher mode phones (for example, digital/analog or TDMA CDMA analog phones). Additionally, the mobile terminal 10 may be capable of operating according to Wi-Fi or Worldwide Interoperability for Microwave Access (WiMAX) protocols.

It is understood that the processor 20 may comprise circuitry for implementing audio/video and logic functions of the mobile terminal 10. For example, the processor 20 may comprise a digital signal processor device, a microprocessor device, an analog-to- digital converter, a digital-to-analog converter, and/or the like. Control and signal processing functions of the mobile terminal may be allocated between these devices according to their respective capabilities. The processor may additionally comprise an internal voice coder (VC) 20a, an internal data modem (DM) 20b, and/or the like. Further, the processor may comprise functionality to operate one or more software programs, which may be stored in memory. For example, the processor 20 may be capable of operating a connectivity program, such as a web browser. The connectivity program may allow the mobile terminal 10 to transmit and receive web content, such as location-based content, according to a protocol, such as Wireless Application Protocol (WAP), hypertext transfer protocol (HTTP), and/or the like. The mobile terminal 10 may be capable of using a Transmission Control Protocol/Internet Protocol (TCP/IP) to transmit and receive web content across the internet or other networks.

The mobile terminal 10 may also comprise a user interface including, for example, an earphone or speaker 24, a ringer 22, a microphone 26, a display 28, a user input interface, and/or the like, which may be operationally coupled to the processor 20. In this regard, the processor 20 may comprise user interface circuitry configured to control at least some functions of one or more elements of the user interface, such as, for example, the speaker 24, the ringer 22, the microphone 26, the display 28, and/or the like. The processor 20 and/or user interface circuitry comprising the processor 20 may be configured to control one or more functions of one or more elements of the user interface through computer program instructions (for example, software and/or firmware) stored on a memory accessible to the processor 20 (for example, volatile memory 40, non-volatile memory 42, and/or the like). The mobile terminal may comprise a battery for powering various circuits related to the mobile terminal, for example, a circuit to provide mechanical vibration as a detectable output. The user input interface may comprise devices allowing the mobile terminal to receive data, such as a keypad 30, a touch display, a joystick, and/or other input device. In embodiments including a keypad, the keypad may comprise numeric (0-9) and related keys (#, ^*), and/or other keys for operating the mobile terminal.

As shown in FIG. 2, the mobile terminal 10 may also include one or more means for sharing and/or obtaining data. For example, the mobile terminal may comprise a short-range radio frequency (RF) transceiver and/or interrogator 64 so data may be shared with and/or obtained from electronic devices in accordance with RF techniques. The mobile terminal may comprise other short-range transceivers, such as, for example, an infrared (IR) transceiver 66, a Bluetooth™ (BT) transceiver 68 operating using

Bluetooth™ brand wireless technology developed by the Bluetooth™ Special Interest Group, a wireless universal serial bus (USB) transceiver 70 and/or the like. The

Bluetooth™ transceiver 68 may be capable of operating according to ultra-low power Bluetooth™ technology (for example, Wibree™) radio standards. In this regard, the mobile terminal 10 and, in particular, the short-range transceiver may be capable of transmitting data to and/or receiving data from electronic devices within a proximity of the mobile terminal, such as within 10 meters, for example. The mobile terminal may be capable of transmitting and/or receiving data from electronic devices according to various wireless networking techniques, including Wi-Fi, WLAN techniques such as IEEE 802.1 1 techniques, IEEE 802.15 techniques, IEEE 802.16 techniques, and/or the like.

The mobile terminal 10 may comprise memory, such as a removable or nonremovable subscriber identity module (SIM) 38, a soft SIM 38, a fixed SIM 38, a removable or non-removable universal subscriber identity module (USIM) 38, a soft USIM 38, a fixed USIM 38, a removable user identity module (R-UIM), and/or the like, which may store information elements related to a mobile subscriber. In addition to the SIM, the mobile terminal may comprise other removable and/or fixed memory. The mobile terminal 10 may include volatile memory 40 and/or non-volatile memory 42. For example, volatile memory 40 may include Random Access Memory (RAM) including dynamic and/or static RAM, on-chip or off-chip cache memory, and/or the like. Non-volatile memory 42, which may be embedded and/or removable, may include, for example, readonly memory, flash memory, magnetic storage devices (for example, hard disks, floppy disk drives, magnetic tape, etc.), optical disc drives and/or media, non-volatile random access memory (NVRAM), and/or the like. Like volatile memory 40, non-volatile memory 42 may also include a cache area for temporary storage of data. The memories may store one or more software programs, instructions, pieces of information, data, and/or the like which may be used by the mobile terminal for performing functions of the mobile terminal. For example, the memories may comprise an identifier, such as an international mobile equipment identification (IMEI) code, capable of uniquely identifying the mobile terminal 10.

Referring now to FIG. 3, FIG. 3 illustrates a block diagram of a network node 102 according to some example embodiments. In some example embodiments, the network node 102 may include various means for performing the various functions herein described. These means may comprise one or more of a processor 310, memory 312, communication interface 314, user interface 316, or connection state control module 318. The means of the network node 102 as described herein may be embodied as, for example, circuitry, hardware elements (for example, a suitably programmed processor, combinational logic circuit, and/or the like), a computer program product comprising a computer-readable medium (for example memory 312) storing computer-readable program instructions (for example, software or firmware) that are executable by a suitably configured processing device (for example, the processor 310), or some combination thereof.

In some example embodiments, one or more of the means illustrated in FIG. 3 may be embodied as a chip or chip set. In other words, the network node 102 may comprise one or more physical packages (for example, chips) including materials, components and/or wires on a structural assembly (for example, a baseboard). The structural assembly may provide physical strength, conservation of size, and/or limitation of electrical interaction for component circuitry included thereon. In this regard, the processor 310, memory 312, communication interface 314, user interface 316, and/or connection state control module 318 may be embodied as a chip or chip set. The network node 102 may therefore, in some example embodiments, be configured to implement example embodiments of the present invention on a single chip or as a single "system on a chip." As another example, in some example embodiments, the network node 102 may comprise component(s) configured to implement embodiments of the present invention on a single chip or as a single "system on a chip." As such, in some cases, a chip or chipset may constitute means for performing one or more operations for providing the functionalities described herein and/or for enabling user interface navigation with respect to the functionalities and/or services described herein.

The processor 310 may, for example, be embodied as various means including one or more microprocessors with accompanying digital signal processor(s), one or more processor(s) without an accompanying digital signal processor, one or more

coprocessors, one or more multi-core processors, one or more controllers, processing circuitry, one or more computers, various other processing elements including integrated circuits such as, for example, an ASIC (application specific integrated circuit) or FPGA (field programmable gate array), one or more other hardware processors, or some combination thereof. Accordingly, although illustrated in FIG. 3 as a single processor, in some example embodiments the processor 310 may comprise a plurality of processors. The plurality of processors may be in operative communication with each other and may be collectively configured to perform one or more functionalities of the network node 102 as described herein. The plurality of processors may be embodied on a single computing device or distributed across a plurality of computing devices collectively configured to function as the network node 102. In embodiments wherein the network node 102 is embodied as a mobile terminal 10, the processor 310 may be embodied as or may comprise the processor 20. In some example embodiments, the processor 310 may be configured to execute instructions stored in the memory 312 or otherwise accessible to the processor 310. These instructions, when executed by the processor 310, may cause the network node 102 to perform one or more of the functionalities of the network node 102 as described herein. As such, whether configured by hardware or software methods, or by a combination thereof, the processor 310 may comprise an entity capable of performing operations according to embodiments of the present invention while configured accordingly. Thus, for example, when the processor 310 is embodied as an ASIC, FPGA or the like, the processor 310 may comprise specifically configured hardware for conducting one or more operations described herein. Alternatively, as another example, when the processor 310 is embodied as an executor of instructions, such as may be stored in the memory 312, the instructions may specifically configure the processor 310 to perform one or more algorithms and operations described herein.

The memory 312 may comprise, for example, volatile memory, non-volatile memory, or some combination thereof. In this regard, the memory 312 may comprise a non-transitory computer-readable storage medium. Although illustrated in FIG. 3 as a single memory, the memory 312 may comprise a plurality of memories. The plurality of memories may be embodied on a single computing device or may be distributed across a plurality of computing devices collectively configured to function as the network node 102. In various example embodiments, the memory 312 may comprise a hard disk, random access memory, cache memory, flash memory, a compact disc read only memory (CD- ROM), digital versatile disc read only memory (DVD-ROM), an optical disc, circuitry configured to store information, or some combination thereof. In embodiments wherein the network node 102 is embodied as a mobile terminal 10, the memory 312 may comprise the volatile memory 40 and/or the non-volatile memory 42. The memory 312 may be configured to store information, data, applications, instructions, or the like for enabling the network node 102 to carry out various functions in accordance with various example embodiments. For example, in some example embodiments, the memory 312 may be configured to buffer input data for processing by the processor 310. Additionally or alternatively, the memory 312 may be configured to store program instructions for execution by the processor 310. The memory 312 may store information in the form of static and/or dynamic information. This stored information may be stored and/or used by the connection state control module 318 during the course of performing its

functionalities.

The communication interface 314 may be embodied as any device or means embodied in circuitry, hardware, a computer program product comprising a computer readable medium (for example, the memory 312) storing computer readable program instructions that are executable by a processing device (for example, the processor 310), or a combination thereof that is configured to receive and/or transmit data from/to another computing device. According to some example embodiments, the communication interface 314 may be at least partially embodied as or otherwise controlled by the processor 310. In this regard, the communication interface 314 may be in communication with the processor 310, such as via a bus. The communication interface 314 may include, for example, an antenna, a transmitter, a receiver, a transceiver and/or supporting hardware or software for enabling communications with one or more remote computing devices. The communication interface 314 may be configured to receive and/or transmit data using any protocol that may be used for communications between computing devices. In this regard, the communication interface 314 may be configured to receive and/or transmit data using any protocol that may be used for transmission of data over a wireless network, wireline network, some combination thereof, or the like by which the network node 102 and one or more computing devices or computing resources may be in communication. As an example, the communication interface 314 may be configured to enable communication with one or more further computing devices (for example, a remote network node 108, network management entity 1 12, and/or the like) over the network 1 10 along a path 106, which may traverse the middlebox 104. The communication interface 314 may additionally be in communication with the memory 312, user interface 316, and/or connection state control module 318, such as via a bus.

The user interface 316 may be in communication with the processor 310 to receive an indication of a user input and/or to provide an audible, visual, mechanical, or other output to a user. As such, the user interface 316 may include, for example, a keyboard, a mouse, a joystick, a display, a touch screen display, a microphone, a speaker, and/or other input/output mechanisms. In embodiments wherein the user interface 316 comprises a touch screen display, the user interface 316 may additionally be configured to detect and/or receive an indication of a touch gesture or other input to the touch screen display. The user interface 316 may be in communication with the memory 312, communication interface 314, and/or connection state control module 318, such as via a bus.

The connection state control module 318 may be embodied as various means, such as circuitry, hardware, a computer program product comprising a computer readable medium (for example, the memory 312) storing computer readable program instructions that are executable by a processing device (for example, the processor 310), or some combination thereof and, in some example embodiments, may be embodied as or otherwise controlled by the processor 310. In embodiments wherein the connection state control module 318 is embodied separately from the processor 310, the connection state control module 318 may be in communication with the processor 310. The connection state control module 318 may further be in communication with one or more of the memory 312, communication interface 314, or user interface 316, such as via a bus.

Referring now to FIG. 4, FIG. 4 illustrates a block diagram of a middlebox 104 according to some example embodiments. In some example embodiments, the middlebox 104 may include various means for performing the various functions herein described. These means may comprise one or more of a processor 410, memory 412, communication interface 414, or connection state maintenance module 418. The means of the middlebox 104 as described herein may be embodied as, for example, circuitry, hardware elements (for example, a suitably programmed processor, combinational logic circuit, and/or the like), a computer program product comprising a computer-readable medium (for example memory 412) storing computer-readable program instructions (for example, software or firmware) that are executable by a suitably configured processing device (for example, the processor 410), or some combination thereof.

In some example embodiments, one or more of the means illustrated in FIG. 4 may be embodied as a chip or chip set. In other words, the middlebox 104 may comprise one or more physical packages (for example, chips) including materials, components and/or wires on a structural assembly (for example, a baseboard). The structural assembly may provide physical strength, conservation of size, and/or limitation of electrical interaction for component circuitry included thereon. In this regard, the processor 410, memory 412, communication interface 414, and/or connection state maintenance module 418 may be embodied as a chip or chip set. The middlebox 104 may therefore, in some example embodiments, be configured to implement embodiments of the present invention on a single chip or as a single "system on a chip." As another example, in some example embodiments, the middlebox 104 may comprise

component(s) configured to implement embodiments of the present invention on a single chip or as a single "system on a chip." As such, in some cases, a chip or chipset may constitute means for performing one or more operations for providing the functionalities described herein and/or for enabling user interface navigation with respect to the functionalities and/or services described herein.

The processor 410 may, for example, be embodied as various means including one or more microprocessors with accompanying digital signal processor(s), one or more processor(s) without an accompanying digital signal processor, one or more

coprocessors, one or more multi-core processors, one or more controllers, processing circuitry, one or more computers, various other processing elements including integrated circuits such as, for example, an ASIC (application specific integrated circuit) or FPGA (field programmable gate array), one or more other hardware processors, or some combination thereof. Accordingly, although illustrated in FIG. 4 as a single processor, in some example embodiments the processor 410 may comprise a plurality of processors. The plurality of processors may be in operative communication with each other and may be collectively configured to perform one or more functionalities of the middlebox 104 as described herein. The plurality of processors may be embodied on a single computing device or distributed across a plurality of computing devices collectively configured to function as the middlebox 104. In some example embodiments, the processor 410 may be configured to execute instructions stored in the memory 412 or otherwise accessible to the processor 410. These instructions, when executed by the processor 410, may cause the middlebox 104 to perform one or more of the functionalities of the middlebox 104 as described herein. As such, whether configured by hardware or software methods, or by a combination thereof, the processor 410 may comprise an entity capable of performing operations according to embodiments of the present invention while configured accordingly. Thus, for example, when the processor 410 is embodied as an ASIC, FPGA or the like, the processor 410 may comprise specifically configured hardware for conducting one or more operations described herein. Alternatively, as another example, when the processor 410 is embodied as an executor of instructions, such as may be stored in the memory 412, the instructions may specifically configure the processor 410 to perform one or more algorithms and operations described herein.

The memory 412 may comprise, for example, volatile memory, non-volatile memory, or some combination thereof. In this regard, the memory 412 may comprise a non-transitory computer-readable storage medium. Although illustrated in FIG. 4 as a single memory, the memory 412 may comprise a plurality of memories. The plurality of memories may be embodied on a single computing device or may be distributed across a plurality of computing devices collectively configured to function as the middlebox 104. In various example embodiments, the memory 412 may comprise a hard disk, random access memory, cache memory, flash memory, a compact disc read only memory (CD- ROM), digital versatile disc read only memory (DVD-ROM), an optical disc, circuitry configured to store information, or some combination thereof. The memory 412 may be configured to store information, data, applications, instructions, or the like for enabling the middlebox 104 to carry out various functions in accordance with various example embodiments. For example, in some example embodiments, the memory 412 may be configured to buffer input data for processing by the processor 410. Additionally or alternatively, the memory 412 may be configured to store program instructions for execution by the processor 410. The memory 412 may store information in the form of static and/or dynamic information. This stored information may be stored and/or used by the connection state maintenance module 418 during the course of performing its functionalities.

The communication interface 414 may be embodied as any device or means embodied in circuitry, hardware, a computer program product comprising a computer readable medium (for example, the memory 412) storing computer readable program instructions that are executable by a processing device (for example, the processor 410), or a combination thereof that is configured to receive and/or transmit data from/to another computing device. According to some example embodiments, the communication interface 414 may be at least partially embodied as or otherwise controlled by the processor 410. In this regard, the communication interface 414 may be in communication with the processor 410, such as via a bus. The communication interface 414 may include, for example, an antenna, a transmitter, a receiver, a transceiver and/or supporting hardware or software for enabling communications with one or more remote computing devices. The communication interface 414 may, for example, be configured to receive and/or transmit data using any protocol that may be used for communications between the middlebox 104 and another computing device, such as a network node 102, remote network node 108, network management entity 1 12, and/or the like. In this regard, the communication interface 414 may be configured to receive and/or transmit data using any protocol that may be used for transmission of data over the network 1 12 (for example, via the path 106). The communication interface 414 may additionally be in communication with the memory 412, and/or connection state maintenance module 418, such as via a bus.

The connection state maintenance module 418 may be embodied as various means, such as circuitry, hardware, a computer program product comprising a computer readable medium (for example, the memory 412) storing computer readable program instructions that are executable by a processing device (for example, the processor 410), or some combination thereof and, in some example embodiments, may be embodied as or otherwise controlled by the processor 410. In embodiments wherein the connection state maintenance module 418 is embodied separately from the processor 410, the connection state maintenance module 418 may be in communication with the processor 410. The connection state maintenance module 418 may further be in communication with one or more of the memory 412, or communication interface 414, such as via a bus.

In some example embodiments, the network node 102 may have established a connection over the network 1 10, which may traverse the middlebox 104 along the path 106. In this regard, the established connection may comprise a connection with one or more remote network nodes 108. The path 106 may, for example, comprise a tunnel through the middlebox 104. The network node 102 may accordingly, by way of non- limiting example, function as a mobile IP client (for example, a MIP6 client, DSMIP6 client, and/or the like), a virtual private network (VPN) client, and/or the like, which may be connected to one or more remote network nodes 108 via a tunnel (for example, the path 106) through one or more middleboxes 104. The connection may be a stateful connection, in that the middlebox 104 may have to keep one or more ports open and/or maintain one or more address-port mappings to support the connection. In this regard, the connection state may, for example, comprise a connection state for some specific application or protocol such as Mobile IP or IPsec (VPN), and/or the like. Accordingly, if the middlebox 104 releases the state of the connection, data transmitted from the remote network node 108 to the network node 102 may be dropped at the middlebox 104 rather than being delivered to the network node 102. In some example embodiments, the connection state control module 318 associated with a network node 102 may be configured to determine whether a condition exists that is indicative of a presence of a middlebox in a path (for example, the path 106) between the network node 102 and a remote node (for example, the remote network node 108). This determination may be made in response to establishment of a network connection, periodically while connected to a network, and/or the like. The determination may, for example, be performed in accordance with client-side logic that may define one or more predefined conditions indicative of a presence of a middlebox in a path between the network node 102 and a remote node. In this regard, the connection state control module 318 may determine whether one or more predefined conditions indicative of presence of a middlebox in a path between the network node 102 and a remote node exists. It will be appreciated that while in some example embodiments determination of existence of a condition indicative of a presence of a middlebox may include actual discovery of the middlebox, determining existence of a condition indicative of a presence of a middlebox does not include actual discovery of the middlebox (for example discovery of an address for the middlebox) in some example embodiments.

By way of non-limiting example, such a predefined condition that may be indicative of a presence of a middlebox may comprise knowledge that a tunneled connection exists between the network node 102 and a remote node. As another example, determination of a predefined condition indicative of a presence of a middlebox may comprise determination that an address that maybe associated with the network node 102 comprises an address to which network address translation has been applied (the address is "NAT'd"). An example of a situation wherein an address associated with the network node 102 may be NAT'd is an instance wherein an IP version 4 address that may be associated with the network node 102 may be NAT'd with an IP version 6 address. As a further example, determination of a predefined condition indicative of a presence of a middlebox may comprise determining that the network node 102 is in a domain (for example, an enterprise domain) and/or is communicating with a network node that is in a domain known to be behind a middlebox. As still a further example, in some example embodiments wherein the network node 102 is embodied as a mobile computing device, determination of a predefined condition indicative of a presence of a middlebox may comprise determining that the network node 102 is located on a visited network, and has an associated home agent. As yet another example, determination of a predefined condition indicative of a presence of a middlebox may comprise determining that the network node 102 has been assigned a local address type (for example, a unique local address (ULA)), such as for a care-of address, in an instance in which the network node 102 is contacting to a home agent in a global address space. As yet another example, in some example embodiments, determination of a predefined condition indicative of a presence of a middlebox may comprise the connection state control module 318 determining that the network node 102 is unable to send a binding update message. As still a further example, determination of a predefined condition indicative of a presence of a middlebox may comprise the connection state control module 318 determining that the network node 102 has sent a binding update message, but has not received a binding acknowledgement after a defined number of retries. As another example, determination of a predefined condition indicative of a presence of a middlebox may comprise the connection state control module 318 determining that a received binding acknowledgment includes an option indicating the presence of a middlebox (for example, a NAT device) on the path.

In an instance in which existence of a condition indicative of a presence of a middlebox is determined, the connection state control module 318 may be configured, in response to the determination, to request that the middlebox 104 maintain a connection state (for example, a connection state for the path 106) for the network node 102 for an agreed upon period of time without necessitating the network node 102 to send periodic keep-alive traffic along the path 106 in order to maintain the connection state.

Accordingly, in accordance with such example embodiments, the network node 102 may rely on the middlebox 104 maintaining the communication state for an agreed upon lifetime without sending keep-alive messages to the remote network node 108 during the agreed upon lifetime. As such, if the network node 102 does not have data to send, the network node 102 may enter a power-saving sleep mode during the agreed upon lifetime since the network node 102 does not have to concern itself with sending keep-alive messages in order to maintain the connection state.

In some example embodiments, the connection state control module 318 may be configured to format a request that the middlebox 104 maintain a connection state for the network node 102. The request may, for example, comprise a PCP message, such as a PCP PEER request message, PCP MAP request message, and/or the like. However, it will be appreciated that embodiments are not limited to the use of PCP, as requests formatted in accordance with other protocols, such as UPnP IGD, NAT-PMP, and/or the like are contemplated within the scope of the disclosure.

The connection state control module 318 may be further configured to cause to the formatted request to be sent to a network entity, so as to trigger the middlebox 104 to maintain a connection state for the network node 102. In some example embodiments, the connection state control module 318 may be configured to cause the request to be sent to a port control server. The port control server (for example, a PCP server) may, for example, be co-located with the middlebox 104. Alternatively, in some example embodiments, the port control server may comprise an entity that is separate from the middlebox 104, but which may be configured to interact with the middlebox 104 in accordance with the request to trigger the middlebox 104 to maintain a connection state for the network node 102.

The connection state control module 318 may be configured to determine the address of the port control server, and cause the request to be sent to the determined address. In some example embodiments, the connection state control module 318 may be configured and/or otherwise provisioned with the address of the port control server, such as at a time of establishing a connection with the network 1 10. Additionally or alternatively, in some example embodiments, the connection state control module 318 may be configured to request the address of a port control server from the network management entity 1 12 so that the request for the middlebox 104 to maintain the connection state may be sent to the port control server. The network management entity 1 12 may be configured to respond to the query with an address for a port control server. In some example embodiments wherein the network management entity 1 12 comprises a DHCP server, the connection state control module 318 may be configured to send a DHCP request to the network management entity 1 12 and receive a DHCP response including the address for the port control server. Accordingly, for example, in accordance with some example embodiments, DHCP may be extended to provide for sending and receiving a PCP server option in DHCP messages.

The connection state maintenance module 418 associated with the middlebox 104 may receive a request originated by the network node 102 that the middlebox 104 maintain a connection state for the network node 102. In this regard, in some example embodiments wherein the request is sent to the middlebox 104, such as embodiments wherein a port control server is implemented on the middlebox 104, the connection state maintenance module 418 may receive a request sent by the network node 102.

Alternatively, in some example embodiments, the connection state maintenance module 418 may receive a request sent by another network entity responsive to the request sent by the network node 102. Thus, for example, in some example embodiments wherein a port control server is embodied separately from the middlebox 104 and the network node 102 sends a request to the port control server, the port control server may send a request to the middlebox 104 based on the request sent to the port control server. As another example, the network node 102 may send a response to a default gateway, first hop router, and/or other node that may reside on the path 106, and this node may then forward the request to the middlebox 104.

The connection state maintenance module 418 may be configured responsive to the request to cause the connection state to be maintained at the middlebox 104. Maintenance of the connection state may, for example, comprise keeping one or more ports at the middlebox 104 open for the network node 102 such that the remote network node 108 may send data to the network node 102 over the path 106 via the port(s).

Maintenance of the connection state may further comprise maintaining a mapping between the port(s) and one or more of an address for the network node 102 (for example, a care of address for the network node in embodiments using mobile IP) or an address for the remote network node 108.

The connection state maintenance module 418 may be configured to cause the connection state to be maintained for a defined period of time, referred to as a "lifetime." The connection state maintenance module 418 may accordingly be configured to determine the lifetime for which the connection state is to be maintained. As an example, the lifetime may be a requested lifetime, such as may be expressed in the request sent by the network node 102. As another example, the lifetime may be a lifetime that may be negotiated between the network node 102 and the middlebox 104. In this regard, the network node 102 and middlebox 104 may exchange one or more messages to negotiate a lifetime for which the middlebox 104 will maintain the connection state. As a further example, the lifetime may be a lifetime determined by the connection state maintenance module 418 in accordance with a locally implemented policy, such as may be specified by an entity operating the middlebox 104, an operator of the network 1 10, and/or other entity that may be responsible for overseeing aspects of the network 1 10. Determination of a lifetime in accordance with such policy may be based at least in part on one or more factors, such as based on a load or demand for ports at the middlebox 104, network conditions, and/or the like. For example, determination of the lifetime may be based at least in part on how many users/devices are below the middlebox 104, as the number of users may be indicative of a demand for ports, as if there is a higher demand for ports, a relatively shorter lifetime may be determined than if demand is low. If, however the middlebox 104 has a sufficient amount of unused ports (for example, at least a threshold number of unused ports), demand for ports is otherwise low, and/or the middlebox 104 has a sufficient (for example, at least a threshold number) of available external addresses, a relatively longer lifetime may be determined. As another example, the lifetime may be determined based at least in part on a port that would be kept open for the lifetime. For example, if the port is a more in demand port, a relatively shorter lifetime may be determined than for a port that is not used as frequently. As a further example, determination of the lifetime may be based at least in part on a transport protocol used, as, for example, the lifetime for a UDP port mapping may be shorter than for a

Transmission Control Protocol port mapping. In some example embodiments wherein the network node 102 comprises a mobile IP client, the lifetime may be a value equal to or less than a binding lifetime authorized by the home agent at registration.

The connection state maintenance module 418 may be configured to cause a confirmation message to be sent to the network node 102. The confirmation massage may be indicative of the lifetime for which the connection state is to be maintained by the middlebox 104. The connection state control module 318 may be configured to receive the confirmation message, and may be configured to determine, based at least in part on the confirmation message, the lifetime for which the connection state is to be maintained by the middlebox 104.

At, or prior to, the expiration of the lifetime, the connection state control module

318 of some example embodiments may be configured to initiate another request for the connection state to be maintained by the middlebox 104, such that the lifetime may be extended. Alternatively, at the expiration of the lifetime, the network node 102 may send keep-alive messages as may be needed to maintain the connection state. As another example, if the network node 102 no longer needs for the connection state to be maintained, the network node 102 may allow the connection state to be released by the middlebox 104.

FIG. 5 illustrates an example signaling diagram that may be exchanged among network entities for facilitating maintenance of a connection state in accordance with some example embodiments. In this regard, FIG. 5 illustrates signals that may be exchanged among entities in some example embodiments wherein a mobile node using mobile IP may be connected to a network (for example, a visited network) with an assigned care of address. The mobile node 502 may accordingly comprise an embodiment of a network node 102. The PCP server 504 may comprise an embodiment of the middlebox 104 that may be configured to function as a PCP server. The home agent 506 may comprise an embodiment of the remote network node 108. The DHCP server 508 may comprise an embodiment of the network management entity 1 12.

The mobile node 502 may be configured as a MIP6/DSMIP6 client, which may obtain a care of address when it attaches to an access network. For example, the mobile node 502 may obtain the care of address via DHCP. As another example, the mobile node 502 may obtain the care of address using a stateless-local-address-autoconfig (SLAAC) mechanism. The mobile node 502 may use a stateless DHCP mechanism, such as that defined in RFC3736 for obtaining additional configuration data.

At operation 510, a connection state control module 318 that may be associated with the mobile node 502 may cause the mobile node 502 to send a DHCP request to the DHCP server 508 for the address of the PCP server 504. Operation 510 and/or one or more subsequent operations may, for example, be performed in response to determining the existence of a condition indicative of a presence of a middlebox (for example, the PCP server 504) in a path between the mobile node 502 and the home agent 506. At operation 520, the DHCP server 508 may respond to the request with the address of the PCP server 504. Operation 530 may comprise the mobile node 502 sending a binding update to the home agent 506. Although not illustrated, the home agent 506 may send a binding acknowledgment to the mobile node 502 in response to the binding update.

Operation 540 may comprise the connection state control module 318 causing the mobile node 502 to send a PCP PEER request to the PCP server 504. In sending the PCP PEER request, the connection state control module 318 may use the source address and port from which the binding update of operation 530 was sent and the destination address and port to which the binding update was sent. Responsive to the PCP PEER request, at operation 550, a connection state maintenance module 418 that may be associated with the PCP server 504 may cause the connection state (for example, a mapping between the source address and port from which the binding update of operation 530 was sent and the destination address and port to which the binding update was sent) to be maintained for the mobile node 502. The lifetime of the mapping may be a value equal to or less than the binding lifetime authorized by the Home Agent 506 in the registration.

Operation 560 may comprise the connection state maintenance module 418 causing the PCP server 504 to send a PCP response confirming maintenance of the connection state. The PCP response may indicate the lifetime for which the connection state is to be maintained. Operation 570 may comprise the connection state control module 318 associated with the mobile node 502 determining, based at least in part on the received PCP response, the lifetime for which the connection state is to be maintained. The mobile node 502 may accordingly be assured that the port(s) for the mobile node 502 will be kept open by the PCP server 504, and hence any incoming traffic from the home agent 506 will be delivered to the mobile node 502 since the middlebox has created and maintained the associated connection state mapping. Accordingly, the mobile node 502 need not be required to send frequent binding updates to the home agent 506 during the lifetime to maintain the connection state bindings. The mobile node 502 may accordingly go into idle or sleep mode if it does not have data to send.

FIG. 6 illustrates another example signaling diagram that may be exchanged among network entities for facilitating maintenance of a connection state in accordance with some example embodiments. In this regard, FIG. 6 illustrates signals that may be exchanged among entities in some example embodiments wherein a mobile node using mobile IP may be connected to a network (for example, a visited network) with an assigned care of address. The mobile node 602 may accordingly comprise an embodiment of a network node 102. The PCP server 604 may comprise an embodiment of the middlebox 104 that may be configured to function as a PCP server. The home agent 606 may comprise an embodiment of the remote network node 108. The DHCP server 608 may comprise an embodiment of the network management entity 1 12.

The mobile node 602 may be configured as a MIP6/DSMIP6 client, which may obtain a care of address when it attaches to an access network. For example, the mobile node 602 may obtain the care of address via DHCP. As another example, the mobile node 602 may obtain the care of address using a stateless-local-address-autoconfig (SLAAC) mechanism. The mobile node 602 may use a stateless DHCP mechanism, such as that defined in RFC3736 for obtaining additional configuration data.

At operation 610, a connection state control module 318 that may be associated with the mobile node 602 may cause the mobile node 602 to send a DHCP request to the DHCP server 608 for the address of the PCP server 604. Operation 610 and/or one or more subsequent operations may, for example, be performed in response to determining the existence of a condition indicative of a presence of a middlebox (for example, the PCP server 604) in a path between the mobile node 602 and the home agent 606. At operation 620, the DHCP server 608 may respond to the request with the address of the PCP server 604.

Operation 630 may comprise the connection state control module 318 causing the mobile node 602 to send a PCP MAP request to the PCP server 604. The PCP MAP request may, for example, include a suggested lifetime for maintaining the connection state, a protocol number, internal port number, external address, external port number, and/or the like to facilitate creation of a mapping by the PCP server 604 for maintaining the connection state. Responsive to the PCP MAP request, at operation 640, a connection state maintenance module 418 that may be associated with the PCP server 604 may cause the connection state to be maintained for the mobile node 602. The lifetime for which the connection state may be maintained may be a value equal to or less than the binding lifetime authorized by the Home Agent 606 in the registration.

Operation 650 may comprise the connection state maintenance module 418 causing the PCP server 604 to send a PCP response confirming maintenance of the connection state. The PCP response may indicate the lifetime for which the connection state is to be maintained. Operation 660 may comprise the connection state control module 318 associated with the mobile node 602 determining, based at least in part on the received PCP response, the lifetime for which the connection state is to be maintained. Operation 670 may comprise the mobile node 602 sending a binding update to the home agent 606. Although not illustrated, the home agent 606 may send a binding acknowledgment to the mobile node 602 in response to the binding update.

FIG. 7 illustrates a further example signaling diagram that may be exchanged among network entities for facilitating maintenance of a connection state in accordance with some example embodiments. In this regard, FIG. 7 illustrates signals that may be exchanged among entities in some example embodiments wherein a mobile node using mobile IP may be connected to a network (for example, a visited network) with an assigned care of address. The mobile node 702 may accordingly comprise an embodiment of a network node 102. The default gateway 704 may comprise an embodiment of the middlebox 104, or an entity that may have knowledge of a middlebox. The home agent 706 may comprise an embodiment of the remote network node 108. The DHCP server 708 may comprise an embodiment of the network management entity 1 12.

The mobile node 702 may be configured as a MIP6/DSMIP6 client, which may obtain a care of address when it attaches to an access network. For example, the mobile node 702 may obtain the care of address via DHCP. As another example, the mobile node 702 may obtain the care of address using a stateless-local-address-autoconfig (SLAAC) mechanism. The mobile node 702 may use a stateless DHCP mechanism, such as that defined in RFC3736 for obtaining additional configuration data.

In the example of FIG. 7, the mobile node 702 may not know whether there is a middlebox in the path between the mobile node 702 and the home agent 706. For example, the mobile node 702 may be attached to an access network for which network address translation is not used, and thus may know that there is not a NAT device on the path. However, the mobile node 702 may not know whether there is a firewall on the path. Accordingly, the mobile node 702 may not know whether a connection state needs to be maintained, but may attempt to trigger a middlebox that may be in the path, if it exists, to maintain the connection state for the mobile node 704. In some example embodiments, the mobile node 702 may attempt to trigger a middlebox that may be in the path to maintain the connection state in response to determining existence of a condition indicative of a presence of a middlebox in the path.

At operation 710, a connection state control module 318 that may be associated with the mobile node 702 may cause the mobile node 502 to send a DHCP request to the DHCP server 708 for the address of a PCP server. At operation 720, the DHCP server 708 may respond to the request. If the response includes the address of a PCP server, the mobile node 702 may proceed as illustrated in FIG. 5 and/or in FIG. 6. However, in the example illustrated in FIG. 7, the response of operation 720 does not include an address of a PCP server.

Operation 730 may comprise the connection state control module 318 causing the mobile node 502 to send a PCP PEER request to the default gateway 704. The default gateway 704 may comprise a first hop router that may be seen by the mobile node 702 from the tunnel to the home agent 706. In sending the PCP PEER request, the connection state control module 318 may use the source address and port from which a binding update was sent to the home agent 706 (not illustrated in FIG. 7) and the destination address and port to which the binding update was sent.

If the default gateway acts as a PCP server, or is aware of the identity of a PCP server, the default gateway may process the request locally. If the default gateway does not act as a PCP server, but is aware of a PCP server further upstream on the path between the mobile node 702 and home agent 706, the default gateway 704 may forward the request to the PCP server. In the example illustrated in FIG. 7, the default gateway 704 locally processes the PCP PEER request. If, however, the default gateway 704 did not function as a PCP server, the illustration of FIG. 7 would differ in some example embodiments in that the default gateway may forward the PCP PEER request to a PCP server, which may perform operations 740 and 750.

Responsive to the PCP PEER request, at operation 740, a connection state maintenance module 418 that may be associated with the default gateway 704 (or PCP server to which the default gateway 704 may forward the PCP PEER request) may cause the connection state to be maintained for the mobile node 702. The lifetime for which the connection state may be maintained may be a value equal to or less than the binding lifetime authorized by the Home Agent 706 in the registration.

Operation 750 may comprise the connection state maintenance module 418 causing the default gateway 704 (or PCP server to which the default gateway 704 may forward the PCP PEER request) to send a PCP response confirming maintenance of the connection state. The PCP response may indicate the lifetime for which the connection state is to be maintained. Operation 760 may comprise the connection state control module 318 associated with the mobile node 702 determining, based at least in part on the received PCP response, the lifetime for which the connection state is to be maintained.

In some example embodiments, such as those illustrated in FIGs. 5-7, the network node (for example, a mobile node) may signal to the tunnel endpoint (for example, to the home agent), the lifetime for which the connection state is to be maintained. In this regard, the tunnel endpoint may use the lifetime to more rapidly detect when the client has become unreachable. For example, if PCP server gives 1 hour timeout for a NAT mapping, a mobile node could send a binding update to its home agent indicating binding maximum lifetime of one hour. If the binding is not updated in that time, it means the binding is likely erased in a NAT and hence the connection has been lost.

While FIGs. 5-7 illustrate a mobile IP context, it will be appreciated that various example embodiments may be applied to other tunneling contexts. For example, some example embodiments may be used to reduce keep-alive messages that may be sent by secure IP (IPsec)-based virtual private network (VPN) clients to a VPN gateway. As another example, where a firewall does not allow communications through by default, a PCP server may be configured in accordance with some example embodiments to allow communication to a specific network node, such as a specific home agent.

FIG. 8 illustrates a flowchart according to an example method for facilitating maintenance of a connection state according to some example embodiments. In this regard, FIG. 8 illustrates operations that may be performed at the network node 102. The operations illustrated in and described with respect to FIG. 8 may, for example, be performed by, with the assistance of, and/or under the control of one or more of the processor 310, memory 312, communication interface 314, user interface 316, or connection state control module 318. Operation 800 may comprise determining, at a network node, existence of a condition indicative of a presence of a middlebox in a path between the network node and a remote node. The processor 310, memory 312, communication interface 314, and/or connection state control module 318 may, for example, provide means for performing operation 800. Operation 810 may comprise, in response to determining the existence of the condition, causing the network node to send a request to trigger the middlebox to maintain a connection state for the network node. The processor 310, memory 312, communication interface 314, and/or connection state control module 318 may, for example, provide means for performing operation 810. Operation 820 may comprise receiving a confirmation message indicating that the middlebox has agreed to maintain the connection state. The processor 310, memory 312, communication interface 314, and/or connection state control module 318 may, for example, provide means for performing operation 820. Operation 830 may comprise determining, based at least in part on the received confirmation message, a lifetime for which the connection state is to be maintained by the middlebox without requiring the network node to send keep-alive messages to the remote node to maintain the connection state. The processor 310, memory 312, and/or connection state control module 318 may, for example, provide means for performing operation 830.

FIG. 9 illustrates a flowchart according to another example method for facilitating maintenance of a connection state according to some example embodiments. In this regard, FIG. 9 illustrates operations that may be performed at a middlebox 104. The operations illustrated in and described with respect to FIG. 9 may, for example, be performed by, with the assistance of, and/or under the control of one or more of the processor 410, memory 412, communication interface 414, or connection state maintenance module 418. Operation 900 may comprise receiving at a middlebox in a path between a network node and a remote node, a request originated by the network node that the middlebox maintain a connection state for the network node. The processor 410, memory 412, communication interface 414, and/or connection state maintenance module 418 may, for example, provide means for performing operation 900. Operation 910 may comprise, responsive to the request, causing the connection state to be maintained at the middlebox for a period of time without requiring the network node to send keep-alive messages to the remote node during the period of time for which the connection state is maintained. The processor 410, memory 412, communication interface 414, and/or connection state maintenance module 418 may, for example, provide means for performing operation 910. Operation 920 may comprise causing a confirmation message to be sent to the network node, the confirmation message being indicative of the time period for which the connection state is to be maintained by the middlebox. The processor 410, memory 412, communication interface 414, and/or connection state maintenance module 418 may, for example, provide means for performing operation 920.

FIGs. 8-9 each illustrate a flowchart of a system, method, and computer program product according to some example embodiments. It will be understood that each block of the flowcharts, and combinations of blocks in the flowcharts, may be implemented by various means, such as hardware and/or a computer program product comprising one or more computer-readable mediums having computer readable program instructions stored thereon. For example, one or more of the procedures described herein may be embodied by computer program instructions of a computer program product. In this regard, the computer program product(s) which embody the procedures described herein may be stored by one or more memory devices of a mobile terminal, server, or other computing device (for example, in the memory 312 and/or in the memory 412) and executed by a processor in the computing device (for example, by the processor 310 and/or by the processor 410). In some example embodiments, the computer program instructions comprising the computer program product(s) which embody the procedures described above may be stored by memory devices of a plurality of computing devices. As will be appreciated, any such computer program product may be loaded onto a computer or other programmable apparatus (for example, a middlebox 104, network node 102, and/or other apparatus) to produce a machine, such that the computer program product including the instructions which execute on the computer or other programmable apparatus creates means for implementing the functions specified in the flowchart block(s). Further, the computer program product may comprise one or more computer- readable memories on which the computer program instructions may be stored such that the one or more computer-readable memories can direct a computer or other

programmable apparatus to function in a particular manner, such that the computer program product may comprise an article of manufacture which implements the function specified in the flowchart block(s). The computer program instructions of one or more computer program products may also be loaded onto a computer or other programmable apparatus (for example, a middlebox 104, network node 102, and/or other apparatus) to cause a series of operations to be performed on the computer or other programmable apparatus to produce a computer-implemented process such that the instructions which execute on the computer or other programmable apparatus implement the functions specified in the flowchart block(s).

Accordingly, blocks of the flowcharts support combinations of means for performing the specified functions. It will also be understood that one or more blocks of the flowcharts, and combinations of blocks in the flowcharts, may be implemented by special purpose hardware-based computer systems which perform the specified functions, or combinations of special purpose hardware and computer program product(s).

The above described functions may be carried out in many ways. For example, any suitable means for carrying out each of the functions described above may be employed to carry out embodiments of the invention. According to some example embodiments, a suitably configured processor (for example, the processor 310 and/or processor 410) may provide all or a portion of the elements. In other example embodiments, all or a portion of the elements may be configured by and operate under control of a computer program product. The computer program product for performing the methods of some example embodiments may include a computer-readable storage medium (for example, the memory 312 and/or the memory 412), such as the non-volatile storage medium, and computer-readable program code portions, such as a series of computer instructions, embodied in the computer-readable storage medium.

Many modifications and other embodiments of the inventions set forth herein will come to mind to one skilled in the art to which these inventions pertain having the benefit of the teachings presented in the foregoing descriptions and the associated drawings. Therefore, it is to be understood that the embodiments of the invention are not to be limited to the specific embodiments disclosed and that modifications and other embodiments are intended to be included within the scope of the invention. Moreover, although the foregoing descriptions and the associated drawings describe example embodiments in the context of certain example combinations of elements and/or functions, it should be appreciated that different combinations of elements and/or functions may be provided by alternative embodiments without departing from the scope of the invention. In this regard, for example, different combinations of elements and/or functions than those explicitly described above are also contemplated within the scope of the invention. Although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.

Claims

WHAT IS CLAIMED IS:

1. A method comprising:

determining, at a network node, existence of a condition indicative of a presence of a middlebox in a path between the network node and a remote node;

in response to determining the existence of the condition, causing the network node to send a request to trigger the middlebox to maintain a connection state for the network node;

receiving, at the network node, a confirmation message indicating that the middlebox has agreed to maintain the connection state; and

determining, based at least in part on the received confirmation message, a lifetime for which the connection state is to be maintained by the middlebox without requiring the network node to send keep-alive messages to the remote node to maintain the connection state.

2. The method of Claim 1 , wherein the network node does not send keep- alive messages to the remote node during the determined lifetime.

3. The method of any of Claims 1 -2, wherein maintenance of the connection state by the middlebox comprises keeping a port open for the network node.

4. The method of Claim 3, wherein maintenance of the connection state by the middlebox comprises maintaining a mapping between the port and one or more of an address for the network node or an address for the remote node.

5. The method of any of Claims 1 -4, wherein the network node comprises a mobile node using mobile Internet Protocol, and wherein the remote node comprises a home agent associated with the mobile node.

6. The method of any of Claims 1 -5, wherein the sent request comprises a port control protocol message.

7. The method of any of Claims 1 -6, further comprising:

determining an address of a port control server; and

wherein causing the request to be sent comprises causing the request to be sent to the port control server.

8. The method of Claim 7, wherein the remote node comprises a home agent associated with the network node, the method further comprising:

causing a binding update to be sent to the home agent; and

wherein causing the request to be sent to the port control server comprises, subsequent to causing the binding update to be sent, using a source address and port from which the binding update was sent and a destination address and port to which the binding update was sent to cause a port control protocol PEER request to be sent.

9. The method of Claim 7, wherein the remote node comprises a home agent associated with the network node, and wherein causing the request to be sent to the port control server comprises causing a port control protocol MAP message to be sent to the port control server, the method further comprising:

causing a binding update to be sent to the home agent subsequent to causing the port control protocol MAP message to be sent.

10. The method of any of Claims 1 -6, wherein in an instance in which an address of a port control server is not known to the network node, causing the request to be sent comprises causing the request to be sent to a default gateway for the network node.

1 1 . A computer program comprising instructions, which when performed by an apparatus, are configured to cause the apparatus to perform a method in accordance with any of Claims 1-10.

12. An apparatus comprising at least one processor and at least one memory storing computer program code, wherein the at least one memory and stored computer program code are configured, with the at least one processor, to cause the apparatus to at least perform:

determining existence of a condition indicative of a presence of a middlebox in a path between a network node and a remote node;

in response to determining the existence of the condition, causing the network node to send a request to trigger the middlebox in to maintain a connection state for the network node;

receiving a confirmation message indicating that the middlebox has agreed to maintain the connection state; and

determining, based at least in part on the received confirmation message, a lifetime for which the connection state is to be maintained by the middlebox without requiring the network node to send keep-alive messages to the remote node to maintain the connection state.

13. The apparatus of Claim 12, wherein the network node does not send keep- alive messages to the remote node during the determined lifetime.

14. The apparatus of any of Claims 12-13, wherein maintenance of the connection state by the middlebox comprises keeping a port open for the network node.

15. The apparatus of Claim 14, wherein maintenance of the connection state by the middlebox comprises maintaining a mapping between the port and one or more of an address for the network node or an address for the remote node.

16. The apparatus of any of Claims 12-15, wherein the network node comprises a mobile node using mobile Internet Protocol, and wherein the remote node comprises a home agent associated with the mobile node.

17. The apparatus of any of Claims 12-16, wherein the sent request comprises a port control protocol message.

18. The apparatus of any of Claims 12-17, wherein the at least one memory and stored computer program code are configured, with the at least one processor, to cause the apparatus to further perform:

determining an address of a port control server; and

wherein causing the request to be sent comprises causing the request to be sent to the port control server.

19. The apparatus of Claim 18, wherein the remote node comprises a home agent associated with the network node, and wherein the at least one memory and stored computer program code are configured, with the at least one processor, to cause the apparatus to further perform:

causing a binding update to be sent to the home agent; and

wherein causing the request to be sent to the port control server comprises, subsequent to causing the binding update to be sent, using a source address and port from which the binding update was sent and a destination address and port to which the binding update was sent to cause a port control protocol PEER request to be sent.

20. The apparatus of Claim 18, wherein the remote node comprises a home agent associated with the network node, and wherein causing the request to be sent to the port control server comprises causing a port control protocol MAP message to be sent to the port control server, and wherein the at least one memory and stored computer program code are configured, with the at least one processor, to cause the apparatus to further perform:

causing a binding update to be sent to the home agent subsequent to causing the port control protocol MAP message to be sent.

21 . The apparatus of any of Claims 12-17, wherein in an instance in which an address of a port control server is not known to the network node, causing the request to be sent comprises causing the request to be sent to a default gateway for the network node.

22. The apparatus of any of Claims 12-21 , wherein the apparatus comprises or is embodied on the terminal apparatus, the terminal apparatus comprising a mobile computing device comprising user interface circuitry and user interface software stored on one or more of the at least one memory; wherein the user interface circuitry and user interface software are configured to:

facilitate user control of at least some functions of the mobile computing device through use of a display; and

cause at least a portion of a user interface of the mobile computing device to be displayed on the display to facilitate user control of at least some functions of the mobile computing device.

23. A computer program product comprising at least one computer-readable medium having computer-readable program instructions stored therein, the computer- readable program instructions comprising instructions, which when performed by an apparatus, are configured to cause the apparatus to at least perform:

determining existence of a condition indicative of a presence of a middlebox in a path between a network node and a remote node;

in response to determining the existence of the condition, causing the network node to send a request to trigger the middlebox in to maintain a connection state for the network node;

receiving a confirmation message indicating that the middlebox has agreed to maintain the connection state; and determining, based at least in part on the received confirmation message, a lifetime for which the connection state is to be maintained by the middlebox without requiring the network node to send keep-alive messages to the remote node to maintain the connection state.

24. The computer program product of Claim 23, wherein the network node does not send keep-alive messages to the remote node during the determined lifetime.

25. The computer program product of any of Claims 23-24, wherein maintenance of the connection state by the middlebox comprises keeping a port open for the network node.

26. The computer program product of Claim 25, wherein maintenance of the connection state by the middlebox comprises maintaining a mapping between the port and one or more of an address for the network node or an address for the remote node.

27. The computer program product of any of Claims 23-26, wherein the network node comprises a mobile node using mobile Internet Protocol, and wherein the remote node comprises a home agent associated with the mobile node.

28. The computer program product of any of Claims 23-27, wherein the sent request comprises a port control protocol message.

29. The computer program product of any of Claims 23-28, the computer- readable program instructions further comprising instructions, which when performed by the apparatus, are configured to cause the apparatus to further perform:

determining an address of a port control server; and

wherein causing the request to be sent comprises causing the request to be sent to the port control server.

30. The computer program product of Claim 29, wherein the remote node comprises a home agent associated with the network node, the computer-readable program instructions further comprising instructions, which when performed by the apparatus, are configured to cause the apparatus to further perform:

causing a binding update to be sent to the home agent; and

wherein causing the request to be sent to the port control server comprises, subsequent to causing the binding update to be sent, using a source address and port from which the binding update was sent and a destination address and port to which the binding update was sent to cause a port control protocol PEER request to be sent.

31 . The computer program product of Claim 29, wherein the remote node comprises a home agent associated with the network node, and wherein causing the request to be sent to the port control server comprises causing a port control protocol MAP message to be sent to the port control server, the computer-readable program instructions further comprising instructions, which when performed by the apparatus, are configured to cause the apparatus to further perform:

causing a binding update to be sent to the home agent subsequent to causing the port control protocol MAP message to be sent.

32. The computer program product of any of Claims 23-28, wherein in an instance in which an address of a port control server is not known to the network node, causing the request to be sent comprises causing the request to be sent to a default gateway for the network node.

33. An apparatus comprising:

means for determining existence of a condition indicative of a presence of a middlebox in a path between a network node and a remote node;

means for, in response to determining the existence of the condition, causing the network node to send a request to trigger the middlebox in to maintain a connection state for the network node;

means for receiving a confirmation message indicating that the middlebox has agreed to maintain the connection state; and

means for determining, based at least in part on the received confirmation message, a lifetime for which the connection state is to be maintained by the middlebox without requiring the network node to send keep-alive messages to the remote node to maintain the connection state.