[go: up one dir, main page]

WO2004066587A1 - Sessions intiated from a first to a second computer network - Google Patents

Sessions intiated from a first to a second computer network Download PDF

Info

Publication number
WO2004066587A1
WO2004066587A1 PCT/IB2003/006314 IB0306314W WO2004066587A1 WO 2004066587 A1 WO2004066587 A1 WO 2004066587A1 IB 0306314 W IB0306314 W IB 0306314W WO 2004066587 A1 WO2004066587 A1 WO 2004066587A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
address
port number
list
devices
Prior art date
Application number
PCT/IB2003/006314
Other languages
French (fr)
Inventor
Alain R. P. Bouffioux
Original Assignee
Koninklijke Philips Electronics N.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics N.V. filed Critical Koninklijke Philips Electronics N.V.
Priority to AU2003292476A priority Critical patent/AU2003292476A1/en
Publication of WO2004066587A1 publication Critical patent/WO2004066587A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2517Translation of Internet protocol [IP] addresses using port numbers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2582NAT traversal through control of the NAT server, e.g. using universal plug and play [UPnP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/51Discovery or management thereof, e.g. service location protocol [SLP] or web services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/327Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the session layer [OSI layer 5]

Definitions

  • the present invention generally relates to the field qf communication between computer networks and more particularly to the interface between two computer networks.
  • the present invention more particularly relates to a method, interface device and system of computing devices for enabling starting of sessions from a first computational device communicating via a first network having a first addressing realm to a second computational device on a second network having a second addressing realm as well as to a computer program product and a computer program element including program code for performing said method.
  • the gateway In order to initiate sessions from such devices within a local network with other devices via a global network, the gateway is normally provided with a NAT (Network Address Translation) or NAPT (Network Address and Port Translation) unit, which translates the local address to a global address for the communication with the other devices and optionally used port numbers.
  • a device within the local network can then start a session with a device outside the local network and the NAT unit would then set up an entry in the NAT table for such sessions, indicating how addresses are to be translated in order for the two devices to communicate with each other and also the port numbers used for the session.
  • NAT Network Address Translation
  • NAPT Network Address and Port Translation
  • Such a task can be to raise a temperature setting of a radiator in a home via a device included in a local network, when travelling towards home in order to have a warm house at the arrival. It can also be the reviewing on phone calls received at home or the prograimning of a video recorder when away on a business trip, which is done by accessing devices connected to a local network. These were just a few of the examples where it might be necessary to access the local network from outside by a user.
  • the Internet Society describes one method of starting sessions from a global network to a device within a local network in RFC 2694 by P. Srisuresh, G. Tsirtsis, P. Akkiraju and A. Heffernan, September 1999.
  • a gateway which is an interface between the local network and the global network, has a number of addresses that can be used in the global network.
  • the gateway also includes a NAT unit and a DNS_ALG (Domain Name Service Application Level Gateway) unit and the local network also includes a DNS server.
  • DNS_ALG Domain Name Service Application Level Gateway
  • the gateway forwards this query to the DNS server, which returns a local address of a local device, associated with the queried name to the gateway.
  • the gateway binds one of its global addresses to the local address and returns the global address as an answer to the query.
  • the device on the global network can then start a session with this global address and the gateway immediately knows which device communication is intended for because of the binding.
  • the document also describes binding of port numbers at the same time. There are a few problems with this solution and that is that one global address is reserved for each session. If there are many parallel sessions to one or more devices on the local network, there have to be many global addresses available for the gateway, which is normally a shortage in present day systems.
  • the local network only has one address, this one address will be tied up to one session and there is no possibility for more inbound sessions.
  • the user also has to know the name of the device itself in order to set up a session.
  • This solution furthermore requires the use of a DNS server in the local system, which adds to the cost of the local system.
  • this object is achieved by a method of initiating sessions from a first computational device communicating via a first network having a first addressing realm to a second computational device in a second network having a second addressing realm, comprising the steps of: receiving a request from the first device, providing a list of devices or services including at least one device or service within the second network to the first device as a response to the request, requesting to an address translation service binding of at least a first port number to the local address of a second device within the second addressing realm, binding said port number to the local address in the address translation service, and providing at least said selected port number to the first device, such that a session can be started from the first network.
  • a server device for enabling initiation of sessions from a first device communicating via a first network having a first addressing realm to a second device in a second network having a second addressing realm, comprising: a store including a list of devices or services including at least one device or service accessible from the first network, and a control unit arranged to:
  • this object is also achieved by a system of computing devices for comiection to a first network having a first addressing realm, via which first network a first computational device can initiate sessions with the system, which system is provided in a second network having a second addressing realm, said system comprising: at least one second computational device, an address translation device arranged to bind at least selected port numbers to addresses of devices in the second addressing realm for use in communications between devices in the first and second network, a server comprising:
  • control unit arranged to: provide a list of devices or services including at least one device or service within the second network to the first device upon reception of a request, request a binding of at least one free port number in the address translation device to the local address of a second device associated with the list, and provide to the first device at least the port number bound to the second device, such that a session can be started from the first network, an interface device provided between the first and second networks arranged to: receive all communication to the second network having said address of the second network in the first addressing realm including the request from the first device, forward the request to the server, receive the list of devices or services and bound port numbers from the server, and forward the list of devices or services and bound port numbers provided by the server to the first device.
  • a computer program code and a computer program product for enabling initiation of sessions from a first device communicating via a first network having a first addressing realm to a second device in a second network having a second addressing realm and to be used on a computer for the second network, comprising a computer readable medium having thereon: computer program code means, to make the computer execute, when said program is loaded in the computer, the steps of:
  • Claims 2 and 13 are directed towards enabling starting of sessions in two steps.
  • Claims 4 and 14 are directed towards directly providing information to the first device, such that a session can be started in a simple fashion directly upon reception of the table. Another object is to enable a gateway to recognize a session having been initiated. This object is obtained by the features defined in claim 8.
  • Claims 11 and 20 ensure that the first packets of a session are not started until the address translation table has been set.
  • the present invention has the advantage of allowing several parallel sessions with different devices in the second network started from the first network even though only one address in the first addressing realm is used for the second network. Sessions can furthermore be started in an easy fashion from the first network, for instance by just clicking on a page comprising a list of available devices. Hereby the user does not have to memorize which devices he can control from outside the second network. There is furthermore no need for a name server capability in the second network.
  • binding of a port number to a local address is meant the binding of an address in the first addressing realm to an address in the second addressing realm together with a binding of said port number for use in the first addressing realm to a port number for use in the second addressing realm, which binding is made in an address translation table.
  • the general idea behind the invention is thus to provide a list of devices or services, including at least one device or service, in a second network accessible from a first network upon the reception of a request and bind port numbers to the local addresses of devices in or associated with the list, ranging from one to all devices, such that a session can be started from the first network.
  • Fig. 1 shows a schematic drawing of a first network connected to a second network via a gateway
  • Fig. 2 shows a block schematic of the gateway for the second network
  • Fig. 3 shows a block schematic of a home server according to the invention
  • Fig. 4 shows a flow chart of a method of initiating a session from the first network to the second network according to the invention
  • Fig. 5 shows a table of devices present in the server according to the invention
  • Fig. 6 schematically shows the contents of an address translation table present in the gateway after a port number has been selected according to the invention
  • Fig. 7 schematically shows a computer readable medium on which is stored program code for performing the method according to the invention.
  • Fig. 1 shows a schematic drawing of the invention and its environment. In fig.
  • an interface device 10 connected to a first network 12, which in this case is the Internet.
  • a first computational device 14 is connected to the first network 12.
  • the interface device which preferably is a gateway 10, is also connected to a second network 16, which network includes a second and a third computational device 18 and 20 as well as a home server 22.
  • the first network 12 has a first addressing realm and the second network 16 has a second addressing realm.
  • the first addressing realm is here an IP-addressing realm, for instance IPv4, and used globally, while the second addressing realm is a local addressing realm used inside the second network 16. This second addressing realm is normally also using IP-addressing.
  • the second network 16 is in the preferred embodiment a private home network.
  • the first computational device 14 is also denoted Z, the second computational device 18 denoted Y, the third computational device 20 denoted X and the gateway 10 denoted G.
  • the different devices thus have different addresses in the different realms.
  • the first device 14 has an address AZ in the first addressing realm
  • the gateway has an address AG in the first addressing realm
  • the second device 18 has an address AY in the second addressing realm
  • the third device 20 has an address AX in the second addressing realm.
  • the address of the gateway 10 in the first addressing realm is in fact the address used for connection with all devices in the second network 16 from any device in the first network 12.
  • the gateway 10 and the home server 22 also have addresses in the second addressing realm.
  • the second and third devices 18, 20 can be regular computers, but are not limited to this. They can be other computational devices as well such as Internet Radios, printers, scanners, video recorders or temperature regulating devices or any other type of computer equipment, which can be connected in computer networks using an address. It should also be realized that there might be more or fewer devices in the second network 16.
  • the first device 14 might be any suitable client device, which can be connected to the Internet 12. It should also be realized that the first device 14 might be a device on a private or local network communicating with the Internet via a gateway. It is here shown as a device connected directly to the Internet in order to better explain the invention.
  • a simplified version of the gateway 10 according to the invention is shown in a block schematic in fig. 2.
  • the gateway 10 has a first input 24 connected to the Internet for reception of data packets and a first output 26 also connected to the Internet for sending of data packets.
  • the gateway 10 also has a second output 28 connected to the second network for sending of data packets and a second input 30 also connected to the second network for reception of data packets.
  • a first register 32 is connected between the first input 24 and the second output 28, while a second register 34 is connected between the second input 30 and the first output 26.
  • the directions the data packets are travelling are indicated with arrows.
  • the first and second registers 32 and 34 are both connected to a control unit 38, which control unit 38 is connected to an address translation table 36.
  • the address translation table 36 is a table used for ongoing sessions started outside of the second network, i.e. for sessions started by devices in the first network that want to communicate with devices in the second network and sessions started from inside the second network with devices in the first network.
  • Fig. 3 shows a simplified version of the home server 22 in a block schematic.
  • the home server has an input 42 on which it receives data packets and an output 44 on which it sends data packets.
  • the server 22 furthermore comprises a control unit 46 connected both to the input 42 and the output 44 as well as a device table store 48 comprising a table of devices reachable from the first network. Also here the directions data is sent and received is indicated with arrows.
  • Fig. 4 shows a flow chart of a method according to one embodiment of the invention, where the different method steps are performed in the gateway and in the home server.
  • Fig. 5 shows the contents of the device table store 48, in the home server.
  • the device table includes a first column 64 including a listing of the devices on the second network that can be accessed from the Internet, a second column 66 including the local addresses in the second addressing realm associated with these devices and a third column 67 including port numbers associated with the devices in the second network.
  • the table thus shows device X, i.e. the second device, and Y, i.e. the third device, their local addresses AX and AY, respectively, and port numbers PX and PY associated with these addresses.
  • Fig. 6 shows the contents of the address translation table 36 in the gateway for ongoing sessions.
  • Each row of the table is dedicated to an ongoing session or a session that has been initiated.
  • One row is preset with a special dedicated address translation. For simplicity only two rows are shown here, one for a session and another for a special purpose, although it should be realized that there can be several rows for sessions between different devices and actually several rows for different sessions between the same two devices.
  • a first column 68 is used for the addresses in the first addressing realm of devices in the second network and here is shown the address AG of the gateway in the first and second rows. Note that the gateway can have more than one address.
  • a second column 70 is used for port numbers associated with the address of the first network, which column here shows a special port number 80 in the first row and a port number PA selected according to the invention to be used for the session in the second row.
  • a third column 72 is intended for the address of devices in the second network involved or to be involved in sessions, which column here shows a local address of the home server AS in the first row and the local address AY of the second device in the second addressing realm in the second row, while a fourth column 74 is intended for port numbers that the local devices in the second network are using, which here shows the same dedicated port number 80 in the first row for the home server and one port number PY in the second row for the second device. Note that local devices can have a special port number associated with some kind of service.
  • the first device 14 contacts the gateway 10 using the address AG of the second network 16. This is typically done by using a web browser in the first device and contacting the home server 22 therefrom. The contact could have been preceded by sending a name query to a DNS server within the first network 12 and having received the address of the gateway 10 from that server as a response to the query. Thereafter the first device 14 sends a request using the address of the gateway 10 and a request port number through the web browser. A request is standardized in the sense that they are using dedicated port numbers. In this case the port number for the request is port number 80. The gateway receives this request, step 50, and stores it in the first register 32.
  • the gateway control unit 38 checks the port number associated with the gateway address in the request by looking in the address translation table 36.
  • the address translation table 36 already has a setting for this address and port number combination, which has been stored when initiating the second network.
  • the gateway control unit 38 then translates the address according to the setting in the address translation table 36 and forwards the request to the home server 22 via the second output 28, step 52, i.e. it exchanges the address AG with the address AS.
  • the home server 22 receives the request on input 42 and forwards it to home server control unit 46.
  • the home server control unit 46 looks in device table store 48 and retrieves a list of devices therefrom, which list may be provided in the form of an HTML- page listing the devices and may include links to local addresses of the devices in the second addressing realm.
  • a link is here a special device identifier, which the home server uses for identifying a selected device.
  • the home server 22 returns the list with the links but without the local addresses to the first device 14, step 54.
  • the gateway 10 receives this reply, because all outgoing messages are passed this way, and temporarily stores the reply in the second register 34 before sending it on the first output 26 to the first device 14.
  • the gateway here translates the local address of the home server 22 to the address of the gateway before sending the reply.
  • the user of the first device 1 selects a device, and in the present example the second device 18, by clicking on the link in the received page. Thereby a selection is made and sent, which is received by the gateway 10, step 56.
  • the gateway 10 then forwards the selection to the home server 22 in the same way as the request was forwarded, step 58.
  • the home server 22 contacts the gateway control unit 38 and requests a scanning of the address translation table 36 for a free port number, i.e. port numbers that are not used in any session or reserved for any other reasons.
  • the gateway control unit 38 therefore scans the address translation table 36 and picks a free port number PA, which it forwards to the home server 22.
  • the home server control unit 46 receives this port number PA, and then requests that the gateway control unit 38 binds the selected port number for a session between the first and second devices 14 and 18. This is done by sending the local address AY and port number PY of the second device 18 as well as the selected port number PA.
  • the gateway control unit 38 then sets a row of the address translation table 36 such that the first column 68 includes the address of the gateway AG, the second column 70 includes the selected port number PA for the session, the third column includes the local address AY of the second device and the fourth column 74 includes a port number PY for the address AY.
  • the address translation table 36 in the gateway 10 has been contacted, a free port number selected and the selected port number bound to the local address of the selected device, step 60.
  • the home server control unit 46 sends a message as a reply to the selection, where this message includes the selected port number PA to be used in the session when communicating with the second device as well as the local address of the home server.
  • the gateway 10 thereafter substitutes the local address of the home server 22 with the address of the gateway AG in the message before sending it through to the first device 14, step 62. After this the first device 14 can immediately start sessions with the second device 18. By requesting binding before responding to the question, the home server ensures that packets are not sent before the address translation table is set.
  • the address translation table 36 can be filled with information about outbound sessions, i.e. sessions started by devices 18 and 20 as well. This information is extracted locally and from the first packet of the session as issued by the device 18 or 20. This packet includes information such as address and port number of a device in the first network (destination address), address and port number of the device in the second network starting the session (source address). A free port number and the gateway address are found locally in the gateway.
  • the gateway 10 receives a packet from the first network 12 on the first input 24, which packet is stored in the first register 32.
  • the gateway control unit 38 then examines the data packet and first looks in the address translation table 36 if there are any entries made for the data packet or not. If there are, the data packet is sent from the first register 32 via the second output 28 to the device on the second network 16 obtained by address translation according to settings in that table 36.
  • the gateway control unit 38 changes the address of the second network in the first addressing realm to the address of the device in the second network picked from table 36, and also changes the port number to the port number associated with the device also picked from table 36 and sends the data packet from the first register 32 to the second device 18 in the second network 16 via the second output 28.
  • the gateway 10 will in a similar fashion receive a data packet on the second input 30 from the second network 16, which is then transferred to the second register 34.
  • the control unit 38 checks the address translation table 36 and changes source address in the packets according to the entries made in that table 36 if there are entries and if there are no entries a new entry is made according to known principles of address translation for outbound initiated sessions.
  • the described method can be varied.
  • One first variation of the invention is that the gateway might have several addresses, in which case one has to be selected for the session.
  • the home server will receive an address of the gateway and a port number to be used for the session as a response to the request of binding the local address and the local port number.
  • the home server should then also include this gateway address in the message sent to the first device as information about addresses to use for the session.
  • the home server maintains a list of the accessible devices and requests a binding of them in the address translation table as soon they are discovered in the second network.
  • the home server then receives the selected port numbers and stores them in the device table store together with a gateway address to be used together with each selected port number.
  • the server sends a page including the list of the devices that are accessible together with the links, which links now include an address of the gateway and the selected port numbers instead of the device identifier.
  • a user of the first device may then directly access the second device by selecting a device in the table, in which case communication is set up directly with the second device using the information in the link.
  • the different units in the gateway and the home server are normally provided in the form of one or more processors together with suitable program memory containing appropriate program code for performing the method according to the invention.
  • the tables are also normally provided in the form of memories.
  • the software or program code for performing the method according to the invention can also be provided on a computer program product in the form of a computer readable medium, which will perform the method according to the invention when loaded into the home server, which is a type of computer.
  • One such medium in the form of a CD Rom 72 is depicted in fig. 7, although there are many different mediums possible such as diskettes.
  • the program code can also be downloaded remotely from a server outside the second network.
  • the gateway described could include several more registers in the form of different input, output and buffer registers. The numbers have intentionally been kept low for getting a better understanding of the invention. Also the home server can include input, output registers as well as other functionalities.
  • the present invention thus provides a possibility to initiate sessions from outside the second network, while at the same time only needing one address in the first addressing realm for the second network and still allowing several inbound sessions. This does not mean that the gateway must have only one address in the first addressing realm, but it can have several such addresses.
  • the present invention thus allows peer-to-peer networking, such that the first and second devices can both act as clients and servers and have both inbound and outbound sessions. This is advantageous when a user perhaps wants to connect to his home system when he is out travelling.
  • the invention has a further advantage and that is that it does not have to include a DNS (Domain Name Server) device, which reduces the cost of the second network.
  • DNS Domain Name Server
  • a user does furthermore not have to know beforehand which devices he can control, but is presented with a list when contacting the second network.
  • the invention can furthermore be combined with different security systems for ensuring that the person getting access is actually allowed access.
  • the address translation device is part of the gateway. This simplifies the way messages are translated.
  • the address translation device can be a separate entity on with which the gateway would communicate in order to perform address translation.
  • the home server is also preferably provided in the home network. It is in the described embodiment provided as a separate entity in the network. This server can however also be provided as a part of the gateway. If the home server is in the gateway, the dedicated port number 80 may be associated with the home server and no forwarding of the request is needed.
  • the home server can as an alternative be provided as a separate entity on the internet. In order to function, it would then need a virtual private connection with the gateway of the second network.
  • the present invention thus provides a system, a server device, a method, a program product and program code, which facilitates initiation of sessions from a first network to a second network.
  • the invention is not limited to IP-addressing, but other types of addressing are also possible.
  • the list might furthermore not list devices, it can just as well list different services, where a service is associated with one or perhaps more devices. In the same manner one device can have several services associated with it, where each such service associated with a device can be provided in the list and have a different local port number associated with the service.
  • the device table store in the home server does not have to include the local addresses of the devices in the second network, but can use any other type of information suitable for identifying the devices. It is however important that this information can easily be associated with the local address of the devices for setting in the address translation table.
  • the sent list does not have to be provided as an HTML-page, but can be an XML-page or some other suitable page.
  • the list can also be provided in other suitable formats. There does furthermore not have to be a link provided, even though this greatly simplifies election of devices.
  • the server may provide the list of devices with their local addresses and port number; in this case the interface device located between the first and second network is associated with an ALG (Application level Gateway), that translates all references to a local address and port number (that is from the second addressing realm) to a public address and port number (that is from the first addressing realm).
  • ALG Application level Gateway
  • the networks do also not need to be fixed networks, but can also for instance be wireless networks or partly wireless networks.
  • the invention is thus only to be limited by the following claims.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to a method, a server device (22) and a system of computing devices for enabling starting of sessions from a first (12) to a second network (16) as well as to a computer program product and computer program element performing the method. A home server (22) comprises a store listing devices or services accessible from the first network and a control unit, which provides the list of devices or services within the second network to a first device (14) upon reception of a request, requests binding of a free port number in an address translation table of an interface device (10) to the local address of a second device (18, 20), and provides to the first device at least the port number bound to the second device, such that a session can be started from the first network.

Description

Sessions initiated from a first to a second computer network
The present invention generally relates to the field qf communication between computer networks and more particularly to the interface between two computer networks. The present invention more particularly relates to a method, interface device and system of computing devices for enabling starting of sessions from a first computational device communicating via a first network having a first addressing realm to a second computational device on a second network having a second addressing realm as well as to a computer program product and a computer program element including program code for performing said method.
In the field of addressing in computer systems, there is normally a shortage of available public addresses to be used by different devices. This has led to many local systems having only one or a few public addresses used for the whole local system and thus the local system will communicate with a global network via a gateway controlling these few addresses. Normally such a gateway will in this case be using a local addressing system for allowing communication between the devices in the local network in that the destination address of packets intended for devices in the local addressing system will be translated from the global address of the local system in the global network to the local address of the device in the local system. In the same way the source address of data packets intended for the global network will be translated from the local address in the local system to the address of the local system in the global network.
In order to initiate sessions from such devices within a local network with other devices via a global network, the gateway is normally provided with a NAT (Network Address Translation) or NAPT (Network Address and Port Translation) unit, which translates the local address to a global address for the communication with the other devices and optionally used port numbers. A device within the local network can then start a session with a device outside the local network and the NAT unit would then set up an entry in the NAT table for such sessions, indicating how addresses are to be translated in order for the two devices to communicate with each other and also the port numbers used for the session. There is however one problem with these kind of known NAT units, in that they do not allow communication sessions to be started from a device outside the local network, but only from inside the local network. There is a need for being able to start sessions from outside.
One example of such a situation is when a user of a network is not physically in place at the site of the network, but still wants to get in contact with it in order to perform some task. Such a task can be to raise a temperature setting of a radiator in a home via a device included in a local network, when travelling towards home in order to have a warm house at the arrival. It can also be the reviewing on phone calls received at home or the prograimning of a video recorder when away on a business trip, which is done by accessing devices connected to a local network. These were just a few of the examples where it might be necessary to access the local network from outside by a user.
The Internet Society describes one method of starting sessions from a global network to a device within a local network in RFC 2694 by P. Srisuresh, G. Tsirtsis, P. Akkiraju and A. Heffernan, September 1999. Here a gateway, which is an interface between the local network and the global network, has a number of addresses that can be used in the global network. The gateway also includes a NAT unit and a DNS_ALG (Domain Name Service Application Level Gateway) unit and the local network also includes a DNS server. When a device on the global network wants to start a session, it sends a recursive name query, which eventually reaches the gateway. The gateway forwards this query to the DNS server, which returns a local address of a local device, associated with the queried name to the gateway. The gateway binds one of its global addresses to the local address and returns the global address as an answer to the query. The device on the global network can then start a session with this global address and the gateway immediately knows which device communication is intended for because of the binding. The document also describes binding of port numbers at the same time. There are a few problems with this solution and that is that one global address is reserved for each session. If there are many parallel sessions to one or more devices on the local network, there have to be many global addresses available for the gateway, which is normally a shortage in present day systems. If the local network only has one address, this one address will be tied up to one session and there is no possibility for more inbound sessions. The user also has to know the name of the device itself in order to set up a session. This solution furthermore requires the use of a DNS server in the local system, which adds to the cost of the local system.
There is thus a need for a simpler and cheaper system for connection to a local network from an external network. It is an object of the present invention to provide a mechanism allowing sessions to be started form a first network in a first addressing realm to a second network in a second addressing realm having a limited number of addresses in the first realm in a simpler and easier way without having to provide name server capability in .the second network and without having to use more than one address in the first realm for the second network for sessions started from the first network..
According to a first aspect of the invention, this object is achieved by a method of initiating sessions from a first computational device communicating via a first network having a first addressing realm to a second computational device in a second network having a second addressing realm, comprising the steps of: receiving a request from the first device, providing a list of devices or services including at least one device or service within the second network to the first device as a response to the request, requesting to an address translation service binding of at least a first port number to the local address of a second device within the second addressing realm, binding said port number to the local address in the address translation service, and providing at least said selected port number to the first device, such that a session can be started from the first network.
According to a second aspect of the invention, this object is also achieved by a server device for enabling initiation of sessions from a first device communicating via a first network having a first addressing realm to a second device in a second network having a second addressing realm, comprising: a store including a list of devices or services including at least one device or service accessible from the first network, and a control unit arranged to:
- provide the list of devices or services within the second network to the first device upon reception of a request,
- request a binding of at least one free port number (PA) in an address translation table to the local address (AY) of a second device associated with the list, and
- provide to the first device at least the port number bound to the second device, such that a session can be started from the first network. According to a third aspect of the present invention, this object is also achieved by a system of computing devices for comiection to a first network having a first addressing realm, via which first network a first computational device can initiate sessions with the system, which system is provided in a second network having a second addressing realm, said system comprising: at least one second computational device, an address translation device arranged to bind at least selected port numbers to addresses of devices in the second addressing realm for use in communications between devices in the first and second network, a server comprising:
- a store including a list of devices or services accessible from the first network, and
- a control unit arranged to: provide a list of devices or services including at least one device or service within the second network to the first device upon reception of a request, request a binding of at least one free port number in the address translation device to the local address of a second device associated with the list, and provide to the first device at least the port number bound to the second device, such that a session can be started from the first network, an interface device provided between the first and second networks arranged to: receive all communication to the second network having said address of the second network in the first addressing realm including the request from the first device, forward the request to the server, receive the list of devices or services and bound port numbers from the server, and forward the list of devices or services and bound port numbers provided by the server to the first device.
According to a fourth aspect of the present invention, the object is also achieved by a computer program code and a computer program product for enabling initiation of sessions from a first device communicating via a first network having a first addressing realm to a second device in a second network having a second addressing realm and to be used on a computer for the second network, comprising a computer readable medium having thereon: computer program code means, to make the computer execute, when said program is loaded in the computer, the steps of:
- providing a list of devices or services including at least one device or service within the second network accessible from the first network to the first device upon reception of a request,
- requesting a binding of at least one free port number in an address translation table to the local address of a second device associated with the list, and
- providing to the first device at least the port number bound to the second device, such that a session can be started from the first network. Claims 2 and 13 are directed towards enabling starting of sessions in two steps.
Claims 4 and 14 are directed towards directly providing information to the first device, such that a session can be started in a simple fashion directly upon reception of the table. Another object is to enable a gateway to recognize a session having been initiated. This object is obtained by the features defined in claim 8.
Claims 11 and 20 ensure that the first packets of a session are not started until the address translation table has been set.
The present invention has the advantage of allowing several parallel sessions with different devices in the second network started from the first network even though only one address in the first addressing realm is used for the second network. Sessions can furthermore be started in an easy fashion from the first network, for instance by just clicking on a page comprising a list of available devices. Hereby the user does not have to memorize which devices he can control from outside the second network. There is furthermore no need for a name server capability in the second network.
With the binding of a port number to a local address is meant the binding of an address in the first addressing realm to an address in the second addressing realm together with a binding of said port number for use in the first addressing realm to a port number for use in the second addressing realm, which binding is made in an address translation table. The general idea behind the invention is thus to provide a list of devices or services, including at least one device or service, in a second network accessible from a first network upon the reception of a request and bind port numbers to the local addresses of devices in or associated with the list, ranging from one to all devices, such that a session can be started from the first network. These and other aspects of the invention will be apparent from and elucidated with reference to the embodiments described hereinafter.
The present invention will now be explained in more detail in relation to the enclosed drawings, where
Fig. 1 shows a schematic drawing of a first network connected to a second network via a gateway,
Fig. 2 shows a block schematic of the gateway for the second network, Fig. 3 shows a block schematic of a home server according to the invention,
Fig. 4 shows a flow chart of a method of initiating a session from the first network to the second network according to the invention,
Fig. 5 shows a table of devices present in the server according to the invention, Fig. 6 schematically shows the contents of an address translation table present in the gateway after a port number has been selected according to the invention, and
Fig. 7 schematically shows a computer readable medium on which is stored program code for performing the method according to the invention.
Fig. 1 shows a schematic drawing of the invention and its environment. In fig.
1 there is shown an interface device 10 connected to a first network 12, which in this case is the Internet. A first computational device 14 is connected to the first network 12. The interface device, which preferably is a gateway 10, is also connected to a second network 16, which network includes a second and a third computational device 18 and 20 as well as a home server 22. The first network 12 has a first addressing realm and the second network 16 has a second addressing realm. The first addressing realm is here an IP-addressing realm, for instance IPv4, and used globally, while the second addressing realm is a local addressing realm used inside the second network 16. This second addressing realm is normally also using IP-addressing. The second network 16 is in the preferred embodiment a private home network. It should however be realized that the invention is not limited to private home networks, but can also be used for example in a corporate network. The first computational device 14 is also denoted Z, the second computational device 18 denoted Y, the third computational device 20 denoted X and the gateway 10 denoted G. The different devices thus have different addresses in the different realms. The first device 14 has an address AZ in the first addressing realm, the gateway has an address AG in the first addressing realm, while the second device 18 has an address AY in the second addressing realm and the third device 20 has an address AX in the second addressing realm. The address of the gateway 10 in the first addressing realm is in fact the address used for connection with all devices in the second network 16 from any device in the first network 12. It should be noted that the gateway 10 and the home server 22 also have addresses in the second addressing realm. The second and third devices 18, 20 can be regular computers, but are not limited to this. They can be other computational devices as well such as Internet Radios, printers, scanners, video recorders or temperature regulating devices or any other type of computer equipment, which can be connected in computer networks using an address. It should also be realized that there might be more or fewer devices in the second network 16. The first device 14 might be any suitable client device, which can be connected to the Internet 12. It should also be realized that the first device 14 might be a device on a private or local network communicating with the Internet via a gateway. It is here shown as a device connected directly to the Internet in order to better explain the invention.
A simplified version of the gateway 10 according to the invention is shown in a block schematic in fig. 2. The gateway 10 has a first input 24 connected to the Internet for reception of data packets and a first output 26 also connected to the Internet for sending of data packets. The gateway 10 also has a second output 28 connected to the second network for sending of data packets and a second input 30 also connected to the second network for reception of data packets. A first register 32 is connected between the first input 24 and the second output 28, while a second register 34 is connected between the second input 30 and the first output 26. The directions the data packets are travelling are indicated with arrows. The first and second registers 32 and 34 are both connected to a control unit 38, which control unit 38 is connected to an address translation table 36. The address translation table 36 is a table used for ongoing sessions started outside of the second network, i.e. for sessions started by devices in the first network that want to communicate with devices in the second network and sessions started from inside the second network with devices in the first network. Fig. 3 shows a simplified version of the home server 22 in a block schematic.
The home server has an input 42 on which it receives data packets and an output 44 on which it sends data packets. The server 22 furthermore comprises a control unit 46 connected both to the input 42 and the output 44 as well as a device table store 48 comprising a table of devices reachable from the first network. Also here the directions data is sent and received is indicated with arrows.
Fig. 4 shows a flow chart of a method according to one embodiment of the invention, where the different method steps are performed in the gateway and in the home server.
Fig. 5 shows the contents of the device table store 48, in the home server. The device table includes a first column 64 including a listing of the devices on the second network that can be accessed from the Internet, a second column 66 including the local addresses in the second addressing realm associated with these devices and a third column 67 including port numbers associated with the devices in the second network. The table thus shows device X, i.e. the second device, and Y, i.e. the third device, their local addresses AX and AY, respectively, and port numbers PX and PY associated with these addresses.
Fig. 6 shows the contents of the address translation table 36 in the gateway for ongoing sessions. Each row of the table is dedicated to an ongoing session or a session that has been initiated. One row is preset with a special dedicated address translation. For simplicity only two rows are shown here, one for a session and another for a special purpose, although it should be realized that there can be several rows for sessions between different devices and actually several rows for different sessions between the same two devices. A first column 68 is used for the addresses in the first addressing realm of devices in the second network and here is shown the address AG of the gateway in the first and second rows. Note that the gateway can have more than one address. A second column 70 is used for port numbers associated with the address of the first network, which column here shows a special port number 80 in the first row and a port number PA selected according to the invention to be used for the session in the second row. A third column 72 is intended for the address of devices in the second network involved or to be involved in sessions, which column here shows a local address of the home server AS in the first row and the local address AY of the second device in the second addressing realm in the second row, while a fourth column 74 is intended for port numbers that the local devices in the second network are using, which here shows the same dedicated port number 80 in the first row for the home server and one port number PY in the second row for the second device. Note that local devices can have a special port number associated with some kind of service.
Now the invention will be described in relation to an embodiment of the invention with reference being made to fig. 1, 2, 3, 4, 5 and 6. The first device 14 contacts the gateway 10 using the address AG of the second network 16. This is typically done by using a web browser in the first device and contacting the home server 22 therefrom. The contact could have been preceded by sending a name query to a DNS server within the first network 12 and having received the address of the gateway 10 from that server as a response to the query. Thereafter the first device 14 sends a request using the address of the gateway 10 and a request port number through the web browser. A request is standardized in the sense that they are using dedicated port numbers. In this case the port number for the request is port number 80. The gateway receives this request, step 50, and stores it in the first register 32. The gateway control unit 38, then checks the port number associated with the gateway address in the request by looking in the address translation table 36. The address translation table 36 already has a setting for this address and port number combination, which has been stored when initiating the second network. After seeing that the request has the request port number 80, the gateway control unit 38 then translates the address according to the setting in the address translation table 36 and forwards the request to the home server 22 via the second output 28, step 52, i.e. it exchanges the address AG with the address AS.
The home server 22 receives the request on input 42 and forwards it to home server control unit 46. The home server control unit 46 then looks in device table store 48 and retrieves a list of devices therefrom, which list may be provided in the form of an HTML- page listing the devices and may include links to local addresses of the devices in the second addressing realm. A link is here a special device identifier, which the home server uses for identifying a selected device. Thereafter the home server 22 returns the list with the links but without the local addresses to the first device 14, step 54. The gateway 10 receives this reply, because all outgoing messages are passed this way, and temporarily stores the reply in the second register 34 before sending it on the first output 26 to the first device 14. The gateway here translates the local address of the home server 22 to the address of the gateway before sending the reply. The user of the first device 1 then selects a device, and in the present example the second device 18, by clicking on the link in the received page. Thereby a selection is made and sent, which is received by the gateway 10, step 56. The gateway 10 then forwards the selection to the home server 22 in the same way as the request was forwarded, step 58. When the home server 22 has received the selection it contacts the gateway control unit 38 and requests a scanning of the address translation table 36 for a free port number, i.e. port numbers that are not used in any session or reserved for any other reasons. The gateway control unit 38 therefore scans the address translation table 36 and picks a free port number PA, which it forwards to the home server 22. The home server control unit 46 receives this port number PA, and then requests that the gateway control unit 38 binds the selected port number for a session between the first and second devices 14 and 18. This is done by sending the local address AY and port number PY of the second device 18 as well as the selected port number PA. The gateway control unit 38 then sets a row of the address translation table 36 such that the first column 68 includes the address of the gateway AG, the second column 70 includes the selected port number PA for the session, the third column includes the local address AY of the second device and the fourth column 74 includes a port number PY for the address AY. Thus the address translation table 36 in the gateway 10 has been contacted, a free port number selected and the selected port number bound to the local address of the selected device, step 60. Thereafter the home server control unit 46 sends a message as a reply to the selection, where this message includes the selected port number PA to be used in the session when communicating with the second device as well as the local address of the home server. The gateway 10 thereafter substitutes the local address of the home server 22 with the address of the gateway AG in the message before sending it through to the first device 14, step 62. After this the first device 14 can immediately start sessions with the second device 18. By requesting binding before responding to the question, the home server ensures that packets are not sent before the address translation table is set. Thereafter messages are exchanged between the first and second device in dependence of the settings in the address translation table 36. First it has to be pointed out that the address translation table 36 can be filled with information about outbound sessions, i.e. sessions started by devices 18 and 20 as well. This information is extracted locally and from the first packet of the session as issued by the device 18 or 20. This packet includes information such as address and port number of a device in the first network (destination address), address and port number of the device in the second network starting the session (source address). A free port number and the gateway address are found locally in the gateway.
In a session, the gateway 10 receives a packet from the first network 12 on the first input 24, which packet is stored in the first register 32. The gateway control unit 38 then examines the data packet and first looks in the address translation table 36 if there are any entries made for the data packet or not. If there are, the data packet is sent from the first register 32 via the second output 28 to the device on the second network 16 obtained by address translation according to settings in that table 36. If there are no entries in the table 36 the packet is rejected, If there are entries, the gateway control unit 38 changes the address of the second network in the first addressing realm to the address of the device in the second network picked from table 36, and also changes the port number to the port number associated with the device also picked from table 36 and sends the data packet from the first register 32 to the second device 18 in the second network 16 via the second output 28. The gateway 10 will in a similar fashion receive a data packet on the second input 30 from the second network 16, which is then transferred to the second register 34. This means that the control unit 38 checks the address translation table 36 and changes source address in the packets according to the entries made in that table 36 if there are entries and if there are no entries a new entry is made according to known principles of address translation for outbound initiated sessions.
With the binding of a port number to a local address described in this application there has been made a simplified conceptual view in order to better understand the invention. Normally a binding is made between two disjoint addressing realms such that a local address is bound to a global address and a local port number to a global port number, which is done in the address translation table.
The described method can be varied. One first variation of the invention is that the gateway might have several addresses, in which case one has to be selected for the session. In this case the home server will receive an address of the gateway and a port number to be used for the session as a response to the request of binding the local address and the local port number. The home server should then also include this gateway address in the message sent to the first device as information about addresses to use for the session.
According to an alternative embodiment of the present invention, the home server maintains a list of the accessible devices and requests a binding of them in the address translation table as soon they are discovered in the second network. The home server then receives the selected port numbers and stores them in the device table store together with a gateway address to be used together with each selected port number. When a request is received from the first device, the server sends a page including the list of the devices that are accessible together with the links, which links now include an address of the gateway and the selected port numbers instead of the device identifier. A user of the first device may then directly access the second device by selecting a device in the table, in which case communication is set up directly with the second device using the information in the link.
The different units in the gateway and the home server are normally provided in the form of one or more processors together with suitable program memory containing appropriate program code for performing the method according to the invention. The tables are also normally provided in the form of memories. The software or program code for performing the method according to the invention can also be provided on a computer program product in the form of a computer readable medium, which will perform the method according to the invention when loaded into the home server, which is a type of computer. One such medium in the form of a CD Rom 72 is depicted in fig. 7, although there are many different mediums possible such as diskettes. The program code can also be downloaded remotely from a server outside the second network.
It should also be understood that the gateway described could include several more registers in the form of different input, output and buffer registers. The numbers have intentionally been kept low for getting a better understanding of the invention. Also the home server can include input, output registers as well as other functionalities.
The present invention thus provides a possibility to initiate sessions from outside the second network, while at the same time only needing one address in the first addressing realm for the second network and still allowing several inbound sessions. This does not mean that the gateway must have only one address in the first addressing realm, but it can have several such addresses. The present invention thus allows peer-to-peer networking, such that the first and second devices can both act as clients and servers and have both inbound and outbound sessions. This is advantageous when a user perhaps wants to connect to his home system when he is out travelling. In order to for instance watch a mailbox of incoming e-mail, he then accesses the home server and is presented with a page of devices he can contact by clicking on the link for the device in the list and thereafter contact the mailbox in order to see what e-mail he has received. This can also be combined with several other services, such as increasing the temperature at home while away, starting recording of a video etc. The invention has a further advantage and that is that it does not have to include a DNS (Domain Name Server) device, which reduces the cost of the second network. A user does furthermore not have to know beforehand which devices he can control, but is presented with a list when contacting the second network. There does furthermore not have to be a list presented to the user, but selection can also be performed in an automatic fashion in that a device is automatically selected from the list, for instance depending on the type of device.
The invention can furthermore be combined with different security systems for ensuring that the person getting access is actually allowed access. In the preferred embodiment the address translation device is part of the gateway. This simplifies the way messages are translated.
In an alternative embodiment, the address translation device can be a separate entity on with which the gateway would communicate in order to perform address translation. The home server is also preferably provided in the home network. It is in the described embodiment provided as a separate entity in the network. This server can however also be provided as a part of the gateway. If the home server is in the gateway, the dedicated port number 80 may be associated with the home server and no forwarding of the request is needed. The home server can as an alternative be provided as a separate entity on the internet. In order to function, it would then need a virtual private connection with the gateway of the second network.
There might furthermore be provided more servers in the second network and then the gateway. The present invention thus provides a system, a server device, a method, a program product and program code, which facilitates initiation of sessions from a first network to a second network.
There are a number of possible variations to the invention, which can be made in addition to those already mentioned. The invention is not limited to IP-addressing, but other types of addressing are also possible. The list might furthermore not list devices, it can just as well list different services, where a service is associated with one or perhaps more devices. In the same manner one device can have several services associated with it, where each such service associated with a device can be provided in the list and have a different local port number associated with the service. The device table store in the home server does not have to include the local addresses of the devices in the second network, but can use any other type of information suitable for identifying the devices. It is however important that this information can easily be associated with the local address of the devices for setting in the address translation table. The sent list does not have to be provided as an HTML-page, but can be an XML-page or some other suitable page. The list can also be provided in other suitable formats. There does furthermore not have to be a link provided, even though this greatly simplifies election of devices. The server may provide the list of devices with their local addresses and port number; in this case the interface device located between the first and second network is associated with an ALG (Application level Gateway), that translates all references to a local address and port number (that is from the second addressing realm) to a public address and port number (that is from the first addressing realm).
The networks do also not need to be fixed networks, but can also for instance be wireless networks or partly wireless networks. The invention is thus only to be limited by the following claims.

Claims

CLAIMS:
1. Method of initiating sessions from a first computational device (14) communicating via a first network (12) having a first addressing realm to a second computational device (18) in a second network having a second addressing realm, comprising the steps of: receiving a request from the first device, (step 50), providing a list of devices or services, including a least one device or service, within the second network to the first device as a response to the request, (step 54), requesting to an address translation service binding of at least a first port number (PA) to the local address (AY) of a second device within the second addressing realm, (step 60), binding said port number to the local address in the address translation service, (step 60), and providing at least said selected port number to the first device, (step 62), such that a session can be started from the first network..
2. Method according to claim 1, further comprising the step of receiving a selection of a second device or service in the list from the first device, (step 56), and wherein the step of providing said selected port number includes sending a message comprising an address of the first addressing realm belonging to the whole second network and said port number as a response to the selection.
3. Method according to claim 1, wherein the steps of requesting binding and binding are performed before the step of receiving a request.
4. Method according to claim 3, wherein the list of devices or services furthermore includes at least the bound port numbers.
5. Method according to claim 1, wherein the steps of requesting binding and binding are performed after the step of receiving a request.
6. Method according to claim 1, wherein the step of providing the selected port number also comprises providing an address of the first addressing realm belonging to the whole second network.
7. Method according to claim 1, wherein the step of binding also includes as parameters an address of the first addressing realm belonging to the whole second network and the port number of the second device.
8. Method according to claim 1, further comprising the step of binding the local address of the second device to a free port number in an address translation table, (step 60).
9. Method according to claim 1, further comprising the steps of: receiving the request in an interface device of the second network, (step 50), and forwarding the request to a server for the second network, (step 52).
10. Method according to claim 1, wherein each device or service in the list is provided with a link to a device in the second addressing realm.
11. Method according to claim 1, further including the step of selecting a free port number before binding it to the address of the second device, (step 60).
12. Server device (22) for enabling initiation of sessions from a first device (14) communicating via a first network (12) having a first addressing realm to a second device (18) in a second network (16) having a second addressing realm, comprising: a store (48) including a list of devices or sen/ices including at least one device or service accessible from the first network, and a control unit (46) arranged to:
- provide the list of devices or services within the second network to the first device upon reception of a request,
- request a binding of at least one free port number (PA) in an address translation table to the local address (AY) of a second device associated with the list, and
- provide to the first device at least the port number bound to the second device, such that a session can be started from the first network.
13. Server device according to claim 12, wherein the control unit upon the reception of a selection of the second device or service from the first device is arranged to generate a response to the selection as a message comprising said selected port number as well as information at least enabling the provision of an address belonging to the second network in the first addressing realm in the message.
14. Server device according to claim 12, wherein the list in the store also includes port numbers bound to the local addresses of devices in the second network.
15. Server device according to claim 12, wherein the control unit in requesting a binding is arranged also to request binding of an address of the first addressing realm belonging to the whole second network to the local address of the second device.
16. Server device according to claim 12, wherein each device or service in the list is provided with a link to a device in the second addressing realm.
17. System of computing devices for connection to a first network (12) having a first addressing realm, via which first network a first computational device (14) can initiate sessions with the system, which system comprises a second network (16) having a second addressing realm, said system comprising: at least one second computational device (18), an address translation device (36) arranged to bind at least one selected port number to an address of one device in the second addressing realm for use in communications between devices in the first and second network, a server (22) comprising:
- a store (48) including a list of devices or services accessible from the first network, including at least one device or service, and
- a control unit (46) arranged to: provide a list of devices or services within the second network to the first device upon reception of a request, request the binding of at least one free port number (PA) in the address translation device to the local address (AY) of a second device (18) associated with the list, and provide to the first device at least the port number bound to the second device, such that a session can be started from the first network, and an interface device (10) provided between the first and second networks arranged to: - receive all communication to the second network having said address of the second network in the first addressing realm including the request from the first device,
- forward the request to the server,
- receive the list of devices or services and bound port numbers from the server, and - forward the list of devices or services and bound port numbers provided by the server to the first device.
18. System of computing devices according to claim 17, wherein the interface device is further arranged to forward the request and selection to the server using a port number previously set in the address translation table.
19. System of computing devices according to claim 17, wherein the address translation device (36) is included in the interface device (10).
20. System according to claim 17, wherein the address translation device when receiving a request for binding is arranged to select a free port number before performing the binding.
21. Computer program product (72) for enabling initiation of sessions from a first device communicating via a first network having a first addressing realm to a second device in a second network having a second addressing realm and to be used on a computer for the second network, comprising a computer readable medium having thereon: computer program code means, to make the computer execute, when said program is loaded in the computer, the steps of: - providing a list of devices or services including at least one device or service within the second network accessible from the first network to the first device upon reception of a request,
- requesting a binding of at least one free port number in an address translation table to the local address of a second device associated with the list, and - providing to the first device at least the port number bound to the second device, such that a session can be started from the first network.
22. Computer program element for enabling initiation of sessions from a first device communicating via a first network having a first addressing realm to a second device in a second network having a second addressing realm and to be used on a computer for the second network, said computer program element comprising: computer program code means, to make the computer execute, when said program is loaded in the computer, the steps of: - providing a list of devices or services including at least one device or service within the second network accessible from the first network to the first device upon reception of a request,
- requesting a binding of at least one free port number in an address translation table to the local address of a second device associated with the list upon the reception of a selection of the second device from the first device, and
- providing to the first device at least the port number bound to the second device, such that a session can be started from the first network.
PCT/IB2003/006314 2003-01-20 2003-12-10 Sessions intiated from a first to a second computer network WO2004066587A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2003292476A AU2003292476A1 (en) 2003-01-20 2003-12-10 Sessions intiated from a first to a second computer network

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP03100105.0 2003-01-20
EP03100105 2003-01-20

Publications (1)

Publication Number Publication Date
WO2004066587A1 true WO2004066587A1 (en) 2004-08-05

Family

ID=32748925

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2003/006314 WO2004066587A1 (en) 2003-01-20 2003-12-10 Sessions intiated from a first to a second computer network

Country Status (2)

Country Link
AU (1) AU2003292476A1 (en)
WO (1) WO2004066587A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6058431A (en) * 1998-04-23 2000-05-02 Lucent Technologies Remote Access Business Unit System and method for network address translation as an external service in the access server of a service provider
US20020040397A1 (en) * 2000-10-02 2002-04-04 Samsung Electronics Co., Ltd. IP based network system and networking method thereof
US20020083342A1 (en) * 2000-12-21 2002-06-27 Webb Brian T. Systems, methods and computer program products for accessing devices on private networks via clients on a public network

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6058431A (en) * 1998-04-23 2000-05-02 Lucent Technologies Remote Access Business Unit System and method for network address translation as an external service in the access server of a service provider
US20020040397A1 (en) * 2000-10-02 2002-04-04 Samsung Electronics Co., Ltd. IP based network system and networking method thereof
US20020083342A1 (en) * 2000-12-21 2002-06-27 Webb Brian T. Systems, methods and computer program products for accessing devices on private networks via clients on a public network

Also Published As

Publication number Publication date
AU2003292476A1 (en) 2004-08-13

Similar Documents

Publication Publication Date Title
JP4354294B2 (en) Gateway device connected to a plurality of networks having different network segments, and program and method for transferring IP packet
EP2253124B1 (en) Method and apparatus for communication of data packets between local networks
US9253149B2 (en) Method for providing an internal server with a shared public IP address
AU2009304186B2 (en) NAT traversal method and apparatus
US7792995B2 (en) Accessing data processing systems behind a NAT enabled network
US6157950A (en) Methods and apparatus for interfacing a computer or small network to a wide area network such as the internet
WO2004043046A1 (en) Method and apparatus allowing remote access in data networks
US20080168181A1 (en) Initiating Communication Sessions from a First Computer Network to a Second Computer Network
WO2004030318A1 (en) Host name based network address stranslation
US7440466B2 (en) Method, apparatus and system for accessing multiple nodes on a private network
US20060031514A1 (en) Initiating communication sessions from a first computer network to a second computer network
US20070168551A1 (en) Address and port number abstraction when setting up a connection between at least two computational devices
JPH10126440A (en) Network communication method and apparatus
KR20010091016A (en) Method and system for domain-server management using a personal computer with dynamic IP
WO2004066587A1 (en) Sessions intiated from a first to a second computer network
KR100562390B1 (en) Network Data Flow Identification Method and System Using Host Routing and IP Aliasing Technique
JP2008206081A (en) Data relay apparatus and data relay method used in multihoming communication system
JP2006135704A (en) Router and control method thereof
KR20020036994A (en) Private Web Hosting to access web servers in private network
JP4145152B2 (en) COMMUNICATION CONNECTION DEVICE AND METHOD, COMPUTER PROGRAM
JP2000101648A (en) Network connector
JP2000148636A (en) Address integration method, apparatus, and recording medium
WO2005010644A2 (en) System and method for increased network security

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP