[go: up one dir, main page]

GB2419491A - Enabling communication between two network nodes - Google Patents

Enabling communication between two network nodes Download PDF

Info

Publication number
GB2419491A
GB2419491A GB0423640A GB0423640A GB2419491A GB 2419491 A GB2419491 A GB 2419491A GB 0423640 A GB0423640 A GB 0423640A GB 0423640 A GB0423640 A GB 0423640A GB 2419491 A GB2419491 A GB 2419491A
Authority
GB
United Kingdom
Prior art keywords
address
packet
addresses
sending node
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB0423640A
Other versions
GB0423640D0 (en
Inventor
Oliver Veits
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Siemens AG
Siemens Corp
Original Assignee
Siemens AG
Siemens Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens AG, Siemens Corp filed Critical Siemens AG
Priority to GB0423640A priority Critical patent/GB2419491A/en
Publication of GB0423640D0 publication Critical patent/GB0423640D0/en
Priority to PCT/EP2005/010162 priority patent/WO2006042607A2/en
Publication of GB2419491A publication Critical patent/GB2419491A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2564NAT traversal for a higher-layer protocol, e.g. for session initiation protocol [SIP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2575NAT traversal using address mapping retrieval, e.g. simple traversal of user datagram protocol through session traversal utilities for NAT [STUN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2578NAT traversal without involvement of the NAT server
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1069Session establishment or de-establishment

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Multimedia (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

The network address translation (NAT) carried out by routers in communication networks hides the true IP addresses of nodes in a local network. This poses several challenges on all protocols like e.g. H.323 and SIP, which place IP-addresses in the signalling data. RFC 3489 - "STUN - Simple Traversal of User Datagram Protocol" describes a method on how an endpoint of a data flow can learn about its globally valid internet address. However, there exist situations, where this global internet address is not visible to communication partners, e.g. because the addresses within a corporate network overlap with official internet addresses. The current invention seeks to generalize the concept described in RFC 3489 in order to also solve those situations, where an address translation of both, the source and the destination address takes place in a single network node. In addition a method of translating IP addresses found in signalling data by intermediate nodes (e.g. Gatekeepers) is defined. With this method, the H.323- or SIP-stack of the endpoints can be kept unchanged, while all translation work is done in the intermediate nodes.

Description

A METHOD FOR ENABLING COMMUNICATION BETWEEN TWO
NETWORK NODES AND APPARATUS
This invention relates to a method for enabling communication between two network nodes and apparatus.
Nodes in a communication network are allocated particular addresses in accordance with a protocol called the Internet Protocol abbreviated to IP. Data is sent between these nodes by datagrams to including a destination IP-address and sender IP-address.
Where such networks are to be connected to others outside of an organization, such as the Internet or via an external network to another site or organization, gatekeepers are provided to interface the internet network to the external networks.
A Network Address Translator or NAT is provided to enhance security and flexibility for the internal network.
The NAT is an example of a network node which hides the true network IP address from other network nodes. It includes a translation table associating a network address with an address which is used by the outside world. In this way the outside world does not have a knowledge of the network address.
When a datagram passes through the NAT, the sender's network address is translated to a global or Internet address.
Accordingly, the sender's network address remains undetectable to a recipient of the datagram because the datagram has the Internet address.
s Network nodes can include computer terminals which provide the communication functionality of a telephone. These so-called soft phones are designed to enable conversations to be held between a caller and a called party.
to A problem arises where these devices are used in networks involving nodes which hide the IP-address such as NATs. This is because they are designed to use protocols such as H.323 and SIP (Session Initiation Protocol). These protocols are designed to transfer IP addresses in the data part of IP packets. Thus, the Is problem in a broad sense is that certain applications transfer network addresses in the data part of a packet or datagram but certain network nodes may modify, translate or convert the addresses in a header of the packet.
The invention seeks to mitigate the above-mentioned problem.
According to the invention there is provided a method comprising receiving a first packet from a sending node with a modified address after it has passed via a network node, forming a second packet with a data part including the modified address and transmitting the second packet to the sending node, at the sending node reading the second packet and determining therefrom the - 2 modified address and utilising the modified address as a sender address in at least some subsequent communications.
A specific embodiment of the invention will now be described by s way of example only with reference to the drawing in which: Figures 1 and 2 show communication systems in accordance with the invention; and Figures 3 and 4 are explanatory figures showing the steps of the method in accordance with the invention.
As is shown in figure 1, a first embodiment of the invention shows a local network 1 comprising a plurality of telephones two of which "A" and "B" are shown linked together by in a local zone 2. The local zone 2 includes access to the Internet 3 by a Network Address Translator 4 and a gatekeeper 5.
Direct communication between telephones "A" and "B" is established by using the invention in the following way. "A" sends a packet 6 to the gatekeeper 5 via the zone 2 and the NAT4. The so packet 6 has a destination address for "B". Gatekeeper 5 receives the packet and forwards it as packet 7 and in doing so sets the source address as A(GK), which is the IP-Address of A like seen from the Gatekeeper and can be read from the IP Header of the received packet. Since the Gatekeeper 5 is forwarding a packet with a source us IP address, which is not his own, the Gatekeeper is said to perform "IP Address-Spoofing". Note, that a NAT device is placed between A and Gatekeeper 5, so that A(GK) can differ from A(A), i.e. - 3 the address of A like seen from A, which is A's real address. "B" reads the source address of the received packet which is A(B), i.e. the address of A like seen from B. "B" then sends a message 8 to "A" using destination address A(B) and placing A(B) also in the data part of the packet. A will receive the packet and read A(B) from the data part of the packet. Note, that while the destination address of the received packet has been changed back by the NAT device(s) from A(B) to A(A), the value of the address A(B) in the data part remains unchanged. Now A knows the IP-Address, B has to use, in order to to reach A. For some protocols like H.323 and SIP, this information is needed in order to establish a data flow from B to A. For instance, in VolP situations, A will use H.225 or SIP messages to tell B. that it has to send an RTP stream to A(B) in order to reach A The procedure is repeated by B sending a message to A via the Is NAT4 and the gatekeeper 5 to determine B(A). This is communicated to B by placing the address in a data-part of a message as before, which B in turn will use e. g. in H.225 or SIP messages in order to tell A, to use this address if A wishes to make contact.
The procedure works whether or not NAT devices are placed in any place between A, B and gatekeeper 5. However, like in STUN environments, we are restricted to non-symmetrical NAT translations.
i.e. a one-step translation of the source-address A of a packet sent directly from A to B leads to the same result A(B), like a two-step translation of an other packet, which is first sent from A to the OK and 4 then from the OK to B. while OK does not change the source- address as read in the received packet.
Figure 2 shows another embodiment of the invention with two s networks linked via NAT and gatekeepers to the Internet.
As is shown in figure 2, apparatus operating in accordance with the invention comprises two local networks 9, 10 linked to the Internet 11.
The local networks are nominally identical having a plurality a soft phones (A,B) arranged on LAN's 12, 13. The LAN's 12, 13 are coupled to a server 14, 15 having a network address translation function (NAT). The server is connected via a gatekeeper 16,17 to Is the Internet 11 via a network service provider.
The method of establishing a connection between subscriber A to subscriber B will be described with reference to figure 3.
go The telephone used by subscriber A has an actual IP address 10.1.1.1 and that used by subscriber B is 20.1.1.1. Between A and B lie the NAT 14 (and 15) which translates the IP address 10.1.1.1 to 11.1.1.1. In the case of transmissions from B to A NAT 14 translates 20.1.1.1 to 21.1.1.1. s
In a first step 20, A registers with the gatekeeper 17 by sending a packet. The packet is received by the gatekeeper 17 after it has passed through the NAT 15. s
The gatekeeper 17 sees the IP packet with an address A' = A (GK) where A(GK) has the meaning IP address of A, like seen from the point of view of the Gatekeeper. The gatekeeper 17 reads the address and returns a packet to A including in the data part A(GK) to (step 22).
A reads the returned packet and the data part in step 23. In this way A becomes aware of its IP address after translation, A(GK). This address will be used for those type of future communications, where Is GK is a proxy with respect to the application flow. However, for direct communication between endpoints A and B. different IP addresses than A(GK) and B(GK) have to be used, see below.
The same process steps 20-23 are followed for B to determine go its translated IP address B(GK) where the gatekeeper is gatekeeper 16.
Steps 20 to 23 may therefore be considered as a registration process where a message sent by A, B to the gatekeeper is used to us determine the terminals address after translation. The gatekeeper responds to the message to return the translated address back to the terminal in the data part of a response data packet. - 6
Once registered A may initiate a communication with B by the process shown in Figure 4. In a first step 30 A signals to the gatekeeper 17 that it wishes to initiate a communication with B. s In step 31, gatekeeper 17 sends an IP packet with the IP address A' = A(GK) as the IP Header sender address to B. The IP packet traverses the Internet 11, the gatekeeper 16 and to the NAT 14. The NAT 14 translates the sender IP address A' = A(GK) into A" = A(B) which is the IP address of A as seen by B. This takes place in step 32.
In step 33, B receives the IP packet and reads out the IP address A" = A(B).
In step 34, B sends the information A" = A(B) in the data part of a NAT discovery packet to gatekeeper 16. (It might be possible in an alternative embodiment to send this to A but by sending it to the ho gatekeeper the translation work required can be handled there rather than changing the call set up at A).
In step 35, H.225 or SIP signalling is sent by A to B with A(A) in the data part of the signalling data part. The gatekeeper 16 translates us the data part of the packets with address A(A)into A" = A(B). (In the - 7 alternative embodiment mentioned above, A is sending A(B) in the data part of H.225 or SIP messages already, and the OK does not need to translate the Address A(A) to A(B)). In step 36, B sends its RTP stream directly to IP address A" = A(B).
A similar process is carried out if B wishes to receive a packet flow from A, which is mostly the case e.g. in VolP environments.
In another embodiment, IP address-spoofing can be omitted, if in the discover process, packets in DNS format is used. In the above embodiment where the message is sent from A to gatekeeper 17, gatekeeper 17 to gatekeeper 16, gatekeeper 16 to B the DNS response or DNS reverse look-up request packet format may be used. The address A(A) is placed in the data part of the DNS request. The NAT 15 will replace A(A) with A(GK) in the data part of the DNS reverse look-up request.
Gatekeeper 17 forwards the packet with A(GK) in the data part of the DNS packet to gatekeeper 16. Gatekeeper 16 receives the packet with the address A(B) in the data part of the DNS packet and send a response in a non-DNS format to A. The response is in a non-DNS format to prevent to the translation taking place at the NAT devices 14, 15. A now can read A(B) in the data part of the non-DNS formatted packet and will send A(B) in subsequent H.225 or SIP signalling messages, when establishing a data (RTP) flow from B to
A - 8

Claims (8)

1. A method for communication comprising receiving a first packet from a sending node with a modified address after it has passed via one or more network nodes, forming a second packet with a data part including the modified address and transmitting the second packet to the sending node, at the sending node reading the second packet and determining therefrom the modified address and utilising the modified address as a sender address in at least some subsequent communications.
2. A method as claimed in claim 1 wherein the method is repeated at a remote recipient mode.
3. A method as claimed in claim 2 wherein the at least some subsequent communications involve the sending node and the remote recipient node.
4. A method as claimed in claim 3 wherein the sending node and the remote recipient node utilise the respective modified addresses for communication therebetween.
5. A method as claimed in claim 4 wherein a packet sent from the sending node comprises a sending address being the modified address of the sending node and a destination header being the modified address of the remote recipient mode.
6. Apparatus for communication in a network of nodes comprising means to determine a modified address of a sending node following modification of the address by an intermediate node; means to send a packet to the sending node including in a data portion of the packet the determined modified address.
7. Apparatus as claimed in claim 6 including means at the sending node to receive the node and to determine therefrom the modified address.
8. Apparatus as claimed in claim 7 wherein the sending node uses as its sender address the determined modified address for at least some further communications. - o
GB0423640A 2004-10-23 2004-10-23 Enabling communication between two network nodes Withdrawn GB2419491A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
GB0423640A GB2419491A (en) 2004-10-23 2004-10-23 Enabling communication between two network nodes
PCT/EP2005/010162 WO2006042607A2 (en) 2004-10-23 2005-09-16 A method for enabling communication between two network nodes and apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB0423640A GB2419491A (en) 2004-10-23 2004-10-23 Enabling communication between two network nodes

Publications (2)

Publication Number Publication Date
GB0423640D0 GB0423640D0 (en) 2004-11-24
GB2419491A true GB2419491A (en) 2006-04-26

Family

ID=33485135

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0423640A Withdrawn GB2419491A (en) 2004-10-23 2004-10-23 Enabling communication between two network nodes

Country Status (2)

Country Link
GB (1) GB2419491A (en)
WO (1) WO2006042607A2 (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002003217A1 (en) * 2000-06-30 2002-01-10 Net2Phone System, method, and computer program product for resolving addressing in a network including a network address translator
US20020141384A1 (en) * 2001-03-28 2002-10-03 Fu-Hua Liu System and method for determining a connectionless communication path for communicating audio data through an address and port translation device
US20030152068A1 (en) * 2002-02-11 2003-08-14 Mehmet Balasaygun Determination of endpoint virtual address assignment in an internet telephony system
WO2003094366A2 (en) * 2002-05-06 2003-11-13 Qualcomm Incorporated System and method for registering ip address of wireless communication device
JP2004015685A (en) * 2002-06-11 2004-01-15 Matsushita Electric Ind Co Ltd Communication terminal and global IP address specifying method
US20040017818A1 (en) * 2002-07-25 2004-01-29 Chenming Chung Network address coversion system and the method thereof
CN1479499A (en) * 2002-08-26 2004-03-03 丽台科技股份有限公司 Network address translation system and method thereof
US20040139225A1 (en) * 2002-11-01 2004-07-15 Sony Corporation Information processing system, information processing apparatus, information processing method, and information processing program

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002003217A1 (en) * 2000-06-30 2002-01-10 Net2Phone System, method, and computer program product for resolving addressing in a network including a network address translator
US20020141384A1 (en) * 2001-03-28 2002-10-03 Fu-Hua Liu System and method for determining a connectionless communication path for communicating audio data through an address and port translation device
US20030152068A1 (en) * 2002-02-11 2003-08-14 Mehmet Balasaygun Determination of endpoint virtual address assignment in an internet telephony system
WO2003094366A2 (en) * 2002-05-06 2003-11-13 Qualcomm Incorporated System and method for registering ip address of wireless communication device
JP2004015685A (en) * 2002-06-11 2004-01-15 Matsushita Electric Ind Co Ltd Communication terminal and global IP address specifying method
US20040017818A1 (en) * 2002-07-25 2004-01-29 Chenming Chung Network address coversion system and the method thereof
CN1479499A (en) * 2002-08-26 2004-03-03 丽台科技股份有限公司 Network address translation system and method thereof
US20040139225A1 (en) * 2002-11-01 2004-07-15 Sony Corporation Information processing system, information processing apparatus, information processing method, and information processing program

Also Published As

Publication number Publication date
WO2006042607A3 (en) 2009-01-15
WO2006042607A2 (en) 2006-04-27
GB0423640D0 (en) 2004-11-24

Similar Documents

Publication Publication Date Title
Johnston SIP: understanding the session initiation protocol
JP3972733B2 (en) Address translation device, address translation system, and SIP server
KR100511479B1 (en) SIP service method in network with NAT
US6992974B1 (en) System and method for providing fault tolerance in a network telephony system
JP4349766B2 (en) Address translation device
US7599347B2 (en) System and method for allocating session initiation protocol (SIP) identifications (IDs) to user agents
EP1545096B1 (en) Apparatus and method for providing VoIP service
US20050185672A1 (en) IPv6/IPv4 translator
JP3891195B2 (en) Data communication method
EP2018756B1 (en) Address translation in a communication system
KR101368172B1 (en) Traversal of nat address translation equipment for signalling messages complying with the sip protocol
US20050066038A1 (en) Session control system, communication terminal and servers
US20040158606A1 (en) Transmission method of multimedia data over a network
AU2005201075B2 (en) Apparatus and method for voice processing of voice over internet protocol (VOIP)
EP1613024A1 (en) Method and call server for establishing a bidirectional peer-to-peer communication link
US8374178B2 (en) Apparatus and method for supporting NAT traversal in voice over internet protocol system
GB2419491A (en) Enabling communication between two network nodes
Koski et al. The sip-based system used in connection with a firewall
JP4889620B2 (en) IP packet relay method and gateway device in communication network
Lambrinos et al. Integrating voice over IP services in IPv4 and IPv6 networks
JP2004165823A (en) IP address translator
JP4793477B2 (en) Address translation apparatus, message processing method and apparatus
US20070081545A1 (en) Voice over Internet protocol terminal and communication method thereof
Gaylani et al. Handling NAT traversal and mobility for multimedia traffic
JP4793476B2 (en) Address translation apparatus, message processing method and apparatus

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)