The present invention relates to network telephony systems. More particularly, the present invention relates to providing distributed network address translation for a network telephony system.
As the quality of network telephony systems has improved, there has been a migration of users from the traditional Public Switched Telephone Network (PSTN) to network telephony systems. With the proliferation of the Internet, Internet telephony has enabled distantly located users to communicate with one another using data protocols underlying the Internet. For example, the Internet Protocol suite along with various signaling protocols has made IP telephony a popular form of network telephony.
Session Initiation Protocol (SIP) is a signaling protocol that may be used to assist with call set-up, management, and teardown. Other signaling protocols, such as the ITU-T H.323, MEGACO, and MGCP protocols, may also be used to implement various signaling functions. While these network telephony systems have provided advantages in cost and flexibility, certain challenges have arisen. In particular, problems have arisen that are due, in part, to the success of the Internet as a whole.
The Internet Protocol (IP) is an addressing protocol designed to route traffic within a network or between networks. Current versions of IP such as IP version 4 (IPv4) are becoming obsolete because of limited address space. With a 32-bit address-field, it is possible to assign 232 different addresses, which amounts to more than 4 billion possible addresses. Unique IP numbers are typically assigned to network devices (such as network phones) using IP, whether or not the network is connected to the Internet. Most organizations, such as corporations and universities, have multiple networks using IP, with multiple network devices assigned IP addresses. With the explosive growth of the Internet and intranets, IP addresses using a 32-bit address-field may soon be exhausted. IP version 6 (IPv6) proposes the use of a 128-bit address-field for IP addresses. However, a large number of legacy networks, including a large number of Internet nodes, will still be using older versions of IP with a 32-bit address space for many years to come.
Network Address Translation (NAT) has been proposed to extend the lifetime of IPv4 and earlier versions of IP by allowing a small home or office network to exist behind a single IP address. The single IP address is used for communication with external networks such as the Internet. Internally, the small home or office network uses private addressing. When a device or node using private addressing desires to communicate with the external world, a private address is translated to a common IP address by a NAT device. Network telephony systems may be located on networks having NAT routing devices. For example, SIP-aware routers with NAT functionality have been proposed by 3Com Corporation, the assignee of the present invention.
There are several problems associated with using NAT to extend the life of IP. NAT interferes with the end-to-end routing principal of the Internet, which specifies that packets flow end-to-end between network devices without the contents of any packet changing along a transmission route (see e.g., Routing in the Internet, by C. Huitema, Prentice Hall, 1995). Current versions of NAT replace a private network address in a data packet header with an external network address on outbound traffic, and replace an external address in a data packet header with a private network address on inbound traffic. This type of address translation is computationally expensive, causes security problems by preventing certain types of encryption from being used, and/or breaks a number of existing applications in a network that cannot do NAT (e.g., File Transfer Protocol (xe2x80x9cFTPxe2x80x9d)). Because encryption may be desired in a network telephony system, NAT is therefore not an optimal solution.
Current versions of NAT may have problems scaling beyond a small network containing a few dozen nodes or devices because of the computational and other resources required. This may be unacceptable for organizations planning to implement large network telephony systems. NAT potentially requires that support for many different internal network protocols be specifically programmed into a translation mechanism for external protocols in a NAT device, such as a NAT router. As is known in the art, a router translates differences between network protocols and routes data packets to an appropriate network node or network device. Computational burdens placed on a NAT router may be significant and may degrade network performance, especially if several NAT-enabled stub networks share the same NAT router. In a worst case scenario, a NAT router translates every inbound and outbound data packet. This may result in delays, and thus, degradation of call quality for a network telephony system. Call quality is typically a primary concern in network telephony systems.
As is known in the art, Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are often used over IP in computer networks. TCP provides a connection-oriented, end-to-end reliable protocol designed to fit into a layered hierarchy of protocols that supports multi-network applications. UDP provides a transaction-oriented datagram protocol, where delivery and duplicate packet protection are not guaranteed. When NAT is used to translate a TCP/IP or UDP/IP data packet, the packet""s IP, TCP, or UDP checksums are recalculated. When a port in a TCP or UDP header is translated, the packet""s TCP or UDP checksums are also recalculated. This further increases the computational cost of translation in a NAT router.
When an IP address or port is translated with NAT, a new length may result for the data packet and a possible change in a TCP sequence number. A running sequence number offset (i.e., a delta) must then be maintained throughout the remainder of the connection. This delta must be applied to future traffic, further increasing computational time in a NAT router. In addition to TCP or UDP, a NAT router must be able to translate addresses and/or ports, change lengths, and maintain sequence numbers for a number of different protocols that may transmit an IP address or port number (e.g., SIP, FTP, H.323, H.324, CUSeeMe, RealAudio, Internet Relay Chat, and others). Thus, it is desirable to provide NAT without large computational burdens in a NAT router.
Besides being computationally expensive, NAT breaks some of the functionality of SIP and other signaling protocols. For example, a SIP-based network phone typically advertises a local IP address, even to network devices located outside the local network. This local IP address is likely to be completely different from an external address provided by a NAT device. Similarly, problems may arise while negotiating a media channel to exchange media (such as voice data) between two network phones located remotely from one another.
It would desirable to provide network address translation in a network telephony system while avoiding some of the problems of a NAT implementation.
In accordance with an illustrative embodiment of the present invention, some of the problems associated with addressing in a network telephony system are addressed.
According to one embodiment, a method for distributed network address translation in a network telephony system is provided. A first network phone with a first protocol, requests at least one locally unique port from a first network device. The first network phone and the first network device are located on a first network. The first network phone receives, with the first protocol, the at least one locally unique port from the first network device. At least one default or ephemeral port on the first network phone is replaced with the at least one locally unique port. A combination network address is created for the first network phone with the at least one locally unique port and a common external network address, thereby identifying the first network phone for communications with a second network device located on a second network. The second network device may, for example, be a second network phone. In a preferred embodiment, the first protocol is a Port Allocation Protocol, such as the Realm Specific Internet Protocol.
In another embodiment, the method additionally includes the first network phone sending a request to the first network device on the first network. The first network device routes the request to the second network. The first network device receives a reply on the first network for the first network phone on the common external network address for the first network from the combination network address. The first network device routes the reply to the first network phone using the at least one locally unique port from the combination network address.
In yet another embodiment, a method for distributed network address translation on a network telephony system is provided. A first network phone requests, with a first protocol, at least one locally unique port from a first network device. The first network phone and the first network device are located on a first network. The first network phone receives, with the first protocol, the at least one locally unique port from the first network device. A higher level protocol layer in a layered protocol stack on the first network phone creates, for a second network device on a second network, a request including a common external network address and a local port on the first network phone. The higher level protocol layer forwards the request to a lower level protocol layer in the first network phone. The lower level protocol layer translates the local port in the request to a locally unique port on the first network phone. The first network phone sends the request to a third network device on the first network. The third network device forwards the request to the second network device.
In still yet another embodiment, the method additionally includes the third network device receiving a response on the common external network address for the first network phone from the second network device. The response includes the common external network address and the locally unique port for the first network phone. The third network device sends the response to the first network phone. The lower level protocol layer in the first network phone translates the locally unique port in the response to the local port for the first network phone. The lower level protocol layer forwards the response to the higher level protocol layer on the first network phone.
In another embodiment of the present invention, a system for distributed network address translation in a network telephony system is provided. The system includes a first network phone on a first network, with a combination network address from a Port Allocation Protocol. The combination network address allows distributed network address translation and includes a locally unique port on the first network and a common external network address for the first network. The first network phone is operable to transmit an request, including the combination network address. The system also includes a second network phone on a second network, operable to receive the invite request and to transmit a response to the first network phone. The response also includes the combination network address.