专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09525661B2 Efficient method of NAT without reassemling IPV4 fragments 有权
标题翻译： NAT的有效方法，无需重新分发IPV4片段
公开(公告)号：US09525661B2
公开(公告)日：2016-12-20
申请号：US14478406
申请日：2014-09-05
申请人： Alcatel-Lucent Canada Inc.
发明人： Nirmesh Patel , Gajendran Kanapathipillai
IPC分类号： H04L29/12 , H04L29/06
CPC分类号： H04L61/2514 , H04L29/0653 , H04L29/12452 , H04L61/2557 , H04L61/256 , H04L61/2575 , H04L61/6018
摘要： A method, apparatus, and machine readable storage medium is disclosed for performing network address translation (NAT) on fragments of a Internet Protocol (IP) packet, comprising: receiving a packet fragment of the packet; calculating a hash key based on a subset of header information in the fragment; if the packet fragment is the first fragment of the packet; initiating a NAT session for the packet; storing the NAT session identifier at an entry in the linked list indexed by the hash key; and if the packet fragment is not the first fragment of the packet, then: retrieving a NAT session identifier, if available, at an entry in said linked list indexed by said hash key; and performing NAT on the fragment using the NAT session identified by the NAT session identifier. The hash key is a subset of a CRC32 calculation performed on: IPv4 source address; IPv4 destination address; and IP Identifier of the fragment. If the indexed entry in the linked list is not available, accessing a second dimension of the linked list.
摘要翻译：公开了一种在互联网协议（IP）分组的片段上执行网络地址转换（NAT）的方法，装置和机器可读存储介质，包括：接收分组的分组片段; 基于片段中的标题信息的子集来计算散列密钥; 如果分组片段是分组的第一个分片; 发起分组的NAT会话; 将所述NAT会话标识符存储在由所述散列密钥索引的所述链表中的条目处; 并且如果分组片段不是分组的第一片段，则：在由所述散列密钥索引的所述链表中的条目处检索NAT会话标识符（如果可用）; 并使用由NAT会话标识符标识的NAT会话在片段上执行NAT。哈希密钥是CRC32计算的一个子集，执行于：IPv4源地址; IPv4目的地址; 和IP标识符。如果链表中的索引条目不可用，则访问链表的第二维。

2. 发明授权

US08688994B2 Federation among services for supporting virtual-network overlays 有权
标题翻译：支持虚拟网络覆盖的服务之间的联合
公开(公告)号：US08688994B2
公开(公告)日：2014-04-01
申请号：US12823891
申请日：2010-06-25
申请人： Hasan Alkhatib , Geoffrey Outhred , Deepak Bansal , Anatoliy Panasyuk , Dharshan Rangegowda , Anthony Chavez
发明人： Hasan Alkhatib , Geoffrey Outhred , Deepak Bansal , Anatoliy Panasyuk , Dharshan Rangegowda , Anthony Chavez
IPC分类号： H04L9/32 , H04L9/00 , H04L12/28 , G06F15/16 , H04N7/14
CPC分类号： G06F21/31 , H04L9/3234 , H04L9/3247 , H04L29/12264 , H04L29/12452 , H04L61/2046 , H04L61/2535 , H04L61/2546 , H04L63/0815 , H04L63/104 , H04L2209/60
摘要： Computerized methods, systems, and computer-readable media for promoting cooperation between a first and second virtual network overlay (“overlay”) are provided. The first overlay is governed by a first authority domain and includes members assigned virtual IP addresses from a first address range. The second overlay is governed by a second authority domain, which is associated with a second federation mechanism, for negotiating on behalf of the second overlay. The second federation mechanism is capable of negotiating with, or soliciting delegation of authority from, a first federation mechanism that is associated with the first authority domain. When negotiations are successful or authority is delegated, the second federation mechanism establishes a communication link between the second overlay and the first overlay or joins a member of the second overlay to the first overlay. Joining involves allocating a guest IP address from the first address range to the member.
摘要翻译：提供了用于促进第一和第二虚拟网络覆盖（“覆盖”）之间的协作的计算机化方法，系统和计算机可读介质。第一个覆盖由第一个授权域管理，并包括从第一个地址范围分配虚拟IP地址的成员。第二重叠由第二权限域管理，第二权限域与第二联合机制相关联，用于代表第二重叠进行协商。第二个联邦机制能够与第一个与第一个权威机构相关联的第一个联合机制进行谈判或者征集授权。当谈判成功或授权被授权时，第二联合机制在第二重叠和第一覆盖之间建立通信链接，或者将第二覆盖的成员连接到第一重叠。加入涉及将访客IP地址从第一个地址范围分配给该成员。

3. 发明授权

US08176189B2 Peer-to-peer network computing platform 有权
标题翻译：对等网络计算平台
公开(公告)号：US08176189B2
公开(公告)日：2012-05-08
申请号：US10055645
申请日：2002-01-22
申请人： Bernard A. Traversat , Gregory L. Slaughter , Thomas E. Saulpaugh , Mohamed M. Abdelaziz , Michael J. Duigou , Eric Pouyoul , Jean-Christophe Hugly , Li Gong , William J. Yeager , William N. Joy , Michael J. Clary
发明人： Bernard A. Traversat , Gregory L. Slaughter , Thomas E. Saulpaugh , Mohamed M. Abdelaziz , Michael J. Duigou , Eric Pouyoul , Jean-Christophe Hugly , Li Gong , William J. Yeager , William N. Joy , Michael J. Clary
IPC分类号： G06F15/16
CPC分类号： H04L67/104 , G06F9/4416 , G06F9/544 , G06Q10/10 , G06Q30/02 , H04L29/06 , H04L29/12009 , H04L29/12047 , H04L29/12113 , H04L29/12207 , H04L29/12452 , H04L29/12783 , H04L51/00 , H04L51/04 , H04L61/1541 , H04L61/20 , H04L61/2546 , H04L61/35 , H04L63/0209 , H04L63/029 , H04L63/0428 , H04L63/0442 , H04L63/061 , H04L63/08 , H04L63/0823 , H04L63/10 , H04L63/105 , H04L63/123 , H04L63/126 , H04L63/164 , H04L63/166 , H04L67/1044 , H04L67/1046 , H04L67/1048 , H04L67/1057 , H04L67/1059 , H04L67/1061 , H04L67/1063 , H04L67/1068 , H04L67/107 , H04L67/1093 , H04L67/1095 , H04L67/28 , H04L67/2814 , H04L67/2823 , H04L67/2842 , H04L67/34 , H04L69/329 , Y10S707/99939
摘要： A peer-to-peer platform that may provide mechanisms through which peers may discover each other, communicate with each other, and cooperate with each other to form peer groups is described. The peer-to-peer platform may comprise several layers including a peer-to-peer platform layer, a peer-to-peer services layer, and a peer-to-peer applications layer. At the highest abstraction level, the peer-to-peer platform may be viewed as a set of protocols. Each protocol may be defined by one or more messages exchanged among participants of the protocol. In one embodiment, the peer-to-peer platform may include, but is not limited to, one or more of a peer discovery protocol, a peer resolver protocol, a peer information protocol, a peer membership protocol, a pipe binding protocol, and an endpoint routing protocol. To underpin this set of protocols, the peer-to-peer platform may define a number of concepts including peer, peer group, advertisement, message, pipe, and endpoint.
摘要翻译：一种对等平台，可以提供对等体可以彼此发现，彼此通信，彼此协作以形成对等体组的机制。对等平台可以包括数个层，包括对等平台层，对等服务层和对等应用层。在最高抽象级别，对等平台可以被视为一组协议。每个协议可以由在协议的参与者之间交换的一个或多个消息来定义。在一个实施例中，对等平台可以包括但不限于对等体发现协议，对等解析器协议，对等信息协议，对等成员协议，管道绑定协议和管理绑定协议中的一个或多个端点路由协议。为了支持这套协议，对等平台可以定义许多概念，包括对等体组，对等体组，广告，消息，管道和端点。

4. 发明申请

US20110320821A1 FEDERATION AMONG SERVICES FOR SUPPORTING VIRTUAL-NETWORK OVERLAYS 有权
标题翻译：联合服务支持虚拟网络覆盖
公开(公告)号：US20110320821A1
公开(公告)日：2011-12-29
申请号：US12823891
申请日：2010-06-25
申请人： HASAN ALKHATIB , GEOFFREY OUTHRED , DEEPAK BANSAL , ANATOLIY PANASYUK , DHARSHAN RANGEGOWDA , ANTHONY CHAVEZ
发明人： HASAN ALKHATIB , GEOFFREY OUTHRED , DEEPAK BANSAL , ANATOLIY PANASYUK , DHARSHAN RANGEGOWDA , ANTHONY CHAVEZ
IPC分类号： H04L9/32 , G06F15/16
CPC分类号： G06F21/31 , H04L9/3234 , H04L9/3247 , H04L29/12264 , H04L29/12452 , H04L61/2046 , H04L61/2535 , H04L61/2546 , H04L63/0815 , H04L63/104 , H04L2209/60
摘要： Computerized methods, systems, and computer-readable media for promoting cooperation between a first and second virtual network overlay (“overlay”) are provided. The first overlay is governed by a first authority domain and includes members assigned virtual IP addresses from a first address range. The second overlay is governed by a second authority domain, which is associated with a second federation mechanism, for negotiating on behalf of the second overlay. The second federation mechanism is capable of negotiating with, or soliciting delegation of authority from, a first federation mechanism that is associated with the first authority domain. When negotiations are successful or authority is delegated, the second federation mechanism establishes a communication link between the second overlay and the first overlay or joins a member of the second overlay to the first overlay. Joining involves allocating a guest IP address from the first address range to the member.
摘要翻译：提供了用于促进第一和第二虚拟网络覆盖（“覆盖”）之间的协作的计算机化方法，系统和计算机可读介质。第一个覆盖由第一个授权域管理，并包括从第一个地址范围分配虚拟IP地址的成员。第二重叠由第二权限域管理，第二权限域与第二联合机制相关联，用于代表第二重叠进行协商。第二个联邦机制能够与第一个与第一个权威机构相关联的第一个联合机制进行谈判或者征集授权。当谈判成功或授权被授权时，第二联合机制在第二重叠和第一覆盖之间建立通信链接，或者将第二覆盖的成员连接到第一重叠。加入涉及将访客IP地址从第一个地址范围分配给该成员。

5. 发明申请

US20100205282A1 NETWORK ADDRESS TRANSLATION TYPE FOR FLEXIBLE NEIGHBOR SELECTION IN OVERLAY NETWORKS 有权
标题翻译：网络地址转换类型，用于覆盖网络中的灵活邻域选择
公开(公告)号：US20100205282A1
公开(公告)日：2010-08-12
申请号：US12767688
申请日：2010-04-26
申请人： Yutaka TAKEDA , Howard L. Berkey, III , Payton R. White , Attila Vass
发明人： Yutaka TAKEDA , Howard L. Berkey, III , Payton R. White , Attila Vass
IPC分类号： G06F15/177 , G06F15/173
CPC分类号： H04L61/2575 , H04L29/12452 , H04L29/12528 , H04L29/12537 , H04L61/2546 , H04L61/2578 , H04L67/104 , H04L67/1072
摘要： An overlay network uses flexible neighbor selection based on network address translation (NAT) to define routing between nodes. The NAT type is used as a flexible neighbor selection criteria, either alone or in conjunction with other criteria. A method of selecting a neighboring node for a first node in a distributed hash table network includes determining a desired key value for a node finger table entry and requesting a set of candidate neighboring nodes near this desired key value. The method determines a network address translation type of each of the set of candidate neighboring nodes and ranks the set of candidate neighboring nodes accordingly. The method selects one of the set of candidate neighboring nodes based on the ranking. The NAT types of candidate neighboring nodes are determined by sending probe messages or from data received from a central overlay network server.
摘要翻译：覆盖网络使用基于网络地址转换（NAT）的灵活的邻居选择来定义节点之间的路由。 NAT类型用作灵活的邻居选择标准，单独或与其他标准结合使用。在分布式哈希表网络中为第一节点选择相邻节点的方法包括：确定节点手指表条目的期望密钥值，并且在该期望密钥值附近请求一组候选相邻节点。所述方法确定所述一组候选相邻节点中的每一个的网络地址转换类型，并且相应地对所述候选相邻节点的集合进行排序。该方法基于排名选择一组候选相邻节点中的一个。通过发送探测消息或从中央覆盖网络服务器接收的数据来确定候选邻居节点的NAT类型。

6. 发明申请

US20090285216A1 MAINTAINING SECRECY OF ASSIGNED UNIQUE LOCAL ADDRESSES FOR IPV6 NODES WITHIN A PRESCRIBED SITE DURING ACCESS OF A WIDE AREA NETWORK 有权
标题翻译：在获取宽域网络的情况下，维护在指定网站内的IPV6节点分配的唯一本地地址的分配
公开(公告)号：US20090285216A1
公开(公告)日：2009-11-19
申请号：US12468507
申请日：2009-05-19
申请人： PASCAL THUBERT , ERIC M. LEVY-ABEGNOLI
发明人： PASCAL THUBERT , ERIC M. LEVY-ABEGNOLI
IPC分类号： H04L12/56
CPC分类号： H04L61/1511 , H04L29/12066 , H04L29/12405 , H04L29/12433 , H04L29/12452 , H04L29/12915 , H04L61/2528 , H04L61/2539 , H04L61/2546 , H04L61/6059 , H04L63/0272 , H04L63/0407 , H04L69/16 , H04L69/169
摘要： A network includes network nodes and a gateway. Each network node has a corresponding unique in-site IPv6 address for communication within a prescribed site, each in-site IPv6 address having a first IPv6 address prefix that is not advertised outside of the prescribed site. Network nodes can obtain from within the prescribed site a unique extra-site IPv6 address for mobile or extra-site communications. The extra-site IPv6 address has a second IPv6 address prefix, distinct from the first IPv6 address prefix, advertised by the gateway to the prescribed site and the wide area network. The gateway establishes a secure connection (e.g., tunnel) with each corresponding IPv6 node using its corresponding extra-site IPv6 address, and creates a corresponding binding cache entry specifying the corresponding extra-site IPv6 address and in-site IPv6 address. Hence, the gateway provides wide area network access while maintaining secrecy of the in-site IPv6 addresses.
摘要翻译：网络包括网络节点和网关。每个网络节点具有用于在规定站点内进行通信的对应唯一的站点内IPv6地址，每个站点内IPv6地址具有未在规定站点外部通告的第一IPv6地址前缀。网络节点可以从规定的站点内获得用于移动或场外通信的独特的站外IPv6地址。外部IPv6地址具有第二个IPv6地址前缀，不同于第一个IPv6地址前缀，由网关发布到规定的站点和广域网。网关与每个对应的IPv6节点使用其对应的站外IPv6地址建立安全连接（例如，隧道），并创建指定相应的站点外IPv6地址和站点内IPv6地址的对应绑定缓存条目。因此，网关提供广域网访问，同时保持现场IPv6地址的保密性。

7. 发明申请

US20090245278A1 NETWORK ADDRESS TRANSLATION BYPASSING BASED ON NETWORK LAYER PROTOCOL 审中-公开
标题翻译：基于网络层协议的网络地址转换
公开(公告)号：US20090245278A1
公开(公告)日：2009-10-01
申请号：US12059062
申请日：2008-03-31
申请人： Tommy Wing Chau Kee
发明人： Tommy Wing Chau Kee
IPC分类号： H04J3/16
CPC分类号： H04L29/12358 , H04L29/12452 , H04L61/251 , H04L61/2546
摘要： A system, method and apparatus are described herein that allow a mix computers or other devices that are configured for communication in accordance with different network layer protocols, such as Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6), to share a single physical connection to a WAN. To achieve this, a networking device such as a router resides between a plurality of local devices and the physical connection to the WAN and routes network layer packets between the local devices and the WAN. The networking device determines whether each local device is IPv4-capable or IPv6-capable. Based on this determination, the networking device selectively applies Network Address Translation (NAT) and optional firewall functionality to network traffic originating from or destined for the IPv4-capable devices, while bypassing such functionality for IPv6 network traffic originating from or destined for the IPv6-capable devices.
摘要翻译：本文描述了允许根据诸如因特网协议版本4（IPv4）和因特网协议版本6（IPv6）的不同网络层协议进行通信的混合计算机或其他设备共享的系统，方法和装置，以共享与WAN的单一物理连接。为了实现这一点，诸如路由器的网络设备驻留在多个本地设备之间，并且与WAN的物理连接并且在本地设备和WAN之间路由网络层分组。网络设备确定每个本地设备是否支持IPv4或IPv6。基于这一决定，网络设备选择性地将网络地址转换（NAT）和可选的防火墙功能应用于源自或发往具有IPv4能力的设备的网络流量，同时绕过来自IPv6或IPv6地址的IPv6网络流量的此类功能，有能力的设备。

8. 发明授权

US07596693B1 Controlling ARP packet traffic to enhance network security and scalability in TCP/IP networks 有权
标题翻译：控制ARP数据包流量，增强TCP / IP网络的网络安全性和可扩展性
公开(公告)号：US07596693B1
公开(公告)日：2009-09-29
申请号：US11591620
申请日：2006-10-31
申请人： Evan John Caves , Henri Altarac , Koral Ilgun
发明人： Evan John Caves , Henri Altarac , Koral Ilgun
IPC分类号： H04L29/06
CPC分类号： H04L29/12028 , H04L29/12452 , H04L61/103 , H04L61/2546 , H04L63/1466
摘要： A method of preventing ARP broadcast flooding of subscriber access links where an ARP packet is received at a subscriber network edge device and the source and destination information contained within the ARP packet is compared to address lease information for subscribers of a subscriber network. If the destination information obtained from the ARP packet is not associated with an address lease assigned to one of the subscribers, the network device only broadcasts the ARP packet to network uplinks. The method further includes preventing subscribers of a subscriber network from spoofing ARP responses by responding to an ARP request packet with an ARP response packet containing false information. The ARP response packet information is compared to address lease information for the transmitting subscriber. If the source information obtained from the ARP response packet corresponds to address lease information of the transmitting subscriber the ARP response packet is accordingly forwarded.
摘要翻译：一种防止在用户网络边缘设备处接收到ARP分组的用户接入链路的ARP广播洪泛以及ARP分组中包含的源和目的地信息与用户网络用户的地址租用信息进行比较的方法。如果从ARP报文获取的目的地信息与分配给其中一个用户的地址租约没有关联，则网络设备只将ARP报文广播到网络上行链路。该方法还包括通过响应具有包含虚假信息的ARP响应分组的ARP请求分组来防止用户网络的用户欺骗ARP响应。将ARP响应分组信息与发送用户的地址租用信息进行比较。如果从ARP响应报文获取的源信息对应于发送用户的地址租约信息，则相应地转发ARP响应报文。

9. 发明申请

US20090162058A1 FIBRE CHANNEL FABRIC AND SWITCHES WITH FLEXIBLE PREFIX ADDRESSING 有权
标题翻译：具有灵活的前缀寻址的光纤通道织物和开关
公开(公告)号：US20090162058A1
公开(公告)日：2009-06-25
申请号：US12396302
申请日：2009-03-02
申请人： Claudio DeSanti , Silvano Gai , Dante Malagrino , Dinesh G. Dutt
发明人： Claudio DeSanti , Silvano Gai , Dante Malagrino , Dinesh G. Dutt
IPC分类号： H04J14/00
CPC分类号： H04L61/6045 , H04L29/12452 , H04L29/12801 , H04L29/12886 , H04L45/00 , H04L45/54 , H04L49/252 , H04L49/357 , H04L61/2546 , H04L61/6004
摘要： A way to assign flexible prefixes to Switches in Fibre Channel Fabrics while using the currently defined FC_ID address space. This allows end devices in different Fibre Channel Fabrics to communicate with one another, without requiring modifications to existing end devices, nor to perform Network Address Translation between Fabrics. The existing address space for each Switch includes a dynamically configurable number of host bits sufficient to address all the end devices coupled to the Switch and the Switch itself. The remaining bits, called the Switch prefix, are used to identify the Switch in the switching Fabric. In an alternative embodiment, the Switch prefix bits may be further configured into a first sub-set of bits used to identify a specific Fabric (Fabric prefix) and a second sub-set of bits used to identify the Switch in the Fabric (Switch_ID). The flexible addressing scheme enables end devices in different Fabrics to communicate with one another without expanding the Fibre Channel address space or the need to perform Network Address Translations.
摘要翻译：在使用当前定义的FC_ID地址空间的同时，可以为光纤通道结构中的交换机分配灵活的前缀。这允许不同光纤通道结构中的终端设备彼此进行通信，而不需要修改现有的终端设备，也不需要在Fabric之间执行网络地址转换。每个交换机的现有地址空间包括可动态配置的主机位数，足以解决耦合到交换机和交换机本身的所有终端设备。称为交换机前缀的其余位用于标识交换结构中的交换机。在替代实施例中，交换机前缀比特可以进一步配置为用于标识特定结构（结构前缀）的第一比特组，以及用于标识组合中的交换机（Switch_ID）的第二比特子集合，。灵活的寻址方案使不同结构中的终端设备能够彼此通信，而不会扩展光纤通道地址空间或者需要执行网络地址转换。

10. 发明授权

US07490351B1 Controlling ARP traffic to enhance network security and scalability in TCP/IP networks 有权
标题翻译：控制ARP流量，增强TCP / IP网络的网络安全性和可扩展性
公开(公告)号：US07490351B1
公开(公告)日：2009-02-10
申请号：US10388251
申请日：2003-03-12
申请人： Evan John Caves , Henri Altarac , Koral Ilgun
发明人： Evan John Caves , Henri Altarac , Koral Ilgun
IPC分类号： G06F9/00 , G06F11/00
CPC分类号： H04L29/12028 , H04L29/12452 , H04L61/103 , H04L61/2546 , H04L63/1466
摘要： A method of preventing ARP broadcast flooding of subscriber access links where an ARP packet is received at a subscriber network edge device and the source and destination information contained within the ARP packet is compared to address lease information for subscribers of a subscriber network. If the destination information obtained from the ARP packet is not associated with an address lease assigned to one of the subscribers, the network device only broadcasts the ARP packet to network uplinks. The method further includes preventing subscribers of a subscriber network from spoofing ARP responses by responding to an ARP request packet with an ARP response packet containing false information. The ARP response packet information is compared to address lease information for the transmitting subscriber. If the source information obtained from the ARP response packet corresponds to address lease information of the transmitting subscriber the ARP response packet is accordingly forwarded.
摘要翻译：一种防止在用户网络边缘设备处接收到ARP分组的用户接入链路的ARP广播洪泛以及ARP分组中包含的源和目的地信息与用户网络用户的地址租用信息进行比较的方法。如果从ARP报文获取的目的地信息与分配给其中一个用户的地址租约没有关联，则网络设备只将ARP报文广播到网络上行链路。该方法还包括通过响应具有包含虚假信息的ARP响应分组的ARP请求分组来防止用户网络的用户欺骗ARP响应。将ARP响应分组信息与发送用户的地址租用信息进行比较。如果从ARP响应报文获取的源信息对应于发送用户的地址租约信息，则相应地转发ARP响应报文。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式