Voice over Internet Protocol (or “VoIP”) features the routing of voice conversations over the Internet or through another type of Internet Protocol-based network. Voice signals from the voice conversations to be routed are digitized and formatted into data packets, which are then transmitted through the network. A telecommunications network that is based on VoIP is able to transmit voice conversations between devices that are able to access the network. FIG. 1 depicts a schematic diagram of telecommunications system 100 in the prior art, which is able to transmit voice conversations between end-user devices such as telephones. Telecommunications system 100 comprises:                i. backbone packet network 101;        ii. local area network (LAN) 102;        iii. Internet Protocol-capable endpoints 103-1 through 103-R, wherein R is a positive integer;        iv. gateways 104-1 through 104-S, wherein S is a positive integer;        v. Public Switched Telephone Network (PSTN) 105;        vi. PSTN telecommunications terminal 106; and        vii. gatekeeper 107.All of the elements depicted in FIG. 1 are interconnected as shown.        
System 100 comprises a plurality of different types of networks, including backbone packet network 101, local area network 102, and Public Switched Telephone Network 105. Backbone packet network 101 comprises one or more transmission-related nodes such as routers that are used to direct data packets, in this case voice packets, from one or more sources to the correct destinations of those packets. Network 101 is capable of handling Internet Protocol-based messages that are transmitted between Internet Protocol-capable devices, such as endpoints 103-1 through 103-R, and gateways, such as gateways 104-1 through 104-S. Local area network (or “LAN”) 102 provides for the local distribution of signals, such as in an enterprise system, and comprises networking equipment such as hubs, bridges, and switches between backbone packet network 101 and Internet Protocol-capable endpoints 103-1 through 103-R. LAN 102 operates in accordance with a networking protocol such as Ethernet or IEEE 802.3. Public Switched Telephone Network 105 comprises one or more transmission-related nodes such as switches that are used to direct call-related signals from one or more sources to the correct destinations of those signals. Network 105 is capable of handling either analog or digital bearer information in circuit-switched calls between devices such as PSTN terminal 106 and gateway 104-1.
Backbone network 101, as well as some of the depicted nodes, is governed by the H.323 protocol standard specified by the International Telecommunication Union. Nodes depicted in FIG. 1 that are governed by the H.323 standard include endpoints 103-1 through 103-R, gateways 104-1 through 104-S, and gatekeeper 107, which are described below. Some VoIP systems other than system 100 are governed by the Session Initiation Protocol (or “SIP”) or a proprietary protocol.
Internet Protocol-capable endpoint 103-r, for r=1 through R, is a communication appliance such as a deskset, a conferencing unit, a wireless terminal, a desktop or portable computer (i.e., “softphone”), an Internet phone, and so forth. As depicted, endpoint 103-r operates in a local area network. Endpoint 103-r is capable of digitizing voice signals from its user and formatting the digitized signals into transmittable data packets through an audio compressor/decompressor (or “CODEC”) circuit. Similarly, the CODEC circuit of endpoint 103-r is also capable of receiving data packets and converting the information contained within those packets into voice signals that are understandable by the endpoint's user.
Gateway 104-s, for s=1 through S, is a data-processing system that acts as a translator between two types of networks; for example, gateway 104-1 interconnects and acts as a translator between backbone packet network 101 and Public Switched Telephone Network 105. Because gateway 104-s connects two different types of networks together, one of its main functions is to convert between the different transmission and coding techniques used across the two networks. Gateway 104-1 is a Voice over Internet Protocol (VoIP)-capable gateway that performs the conversion between time division multiplexed voice signals that originate at a switched telephone network telecommunications terminal, such as terminal 106, and VoIP signals that are intended for an Internet Protocol network endpoint, such as one of IP-capable endpoints 103-1 through 103-R, as part of a telephone conversation between two parties. Gateway 104-1 performs the conversion in the reverse direction as well (i.e., from an IP terminal to a PSTN terminal) and is able to perform bidirectional conversion for multiple calls concurrently.
Gatekeeper 107 is a data-processing system that manages each collection of IP-capable endpoint devices that belong to a particular zone. Gatekeeper 107 provides address translation and routing for the IP-capable devices in their zone. In addition, gatekeeper 107 provides the call admission control, in terms of specifying which of IP-capable devices 103-1 through 103-R may call which other devices in telecommunications system 100.
Gatekeeper 107 receives one or more registration messages from each Internet Protocol-capable endpoint 103-r when the endpoint first connects to the network. The registration message indicates the current IP address of the endpoint and enables endpoint 103-r to use the network, such as to make a call. When the user of endpoint 103-r desires to make a call, the endpoint transmits a message that includes the destination telephone number. After network 101 determines which gateway the destination telephone number corresponds to, gatekeeper 107 transmits the address of the destination gateway to the calling endpoint 103-r. The endpoint then can send packets directly to the gateway (e.g., gateway 104-1, etc.), and the gateway initiates a local call to the destination telephone (e.g., terminal 106, etc.).
As can be seen from the call-control scenario just described, it is crucial for each endpoint 103-r and gatekeeper 107 to maintain an ongoing awareness of each other and an ongoing ability to communicate with each other. To maintain this ongoing relationship with each other, each endpoint 103-r exchanges a “heartbeat” message with gatekeeper 107. A loss of the heartbeat would prompt the affected endpoint to rediscover a gatekeeper or would prompt the affected gatekeeper to deregister the endpoint, or both.
FIG. 2 depicts such a heartbeat mechanism in the prior art, in which endpoint 103-1 is the instigator of the heartbeat sequence and gatekeeper 107 responds to each heartbeat message that it receives from endpoint 103-1. Note that gatekeeper 107 can also be the instigator of a heartbeat sequence with endpoint 103-1, or with a different endpoint, but that is not shown here. As depicted, endpoint 103-1 has been transmitting a series of normal “keep-alive” packets, such as packet 201, and in response to each keep-alive packet, gatekeeper 107 has transmitted an acknowledgment packet, such as packet 202. Endpoint 103-1 transmits the keep-alive packets at regular, predetermined intervals. If endpoint 103-1 does not receive an acknowledgment packet in response to a keep-alive packet, such as with keep-alive packet 203, the endpoint commences transmitting retry keep-alive packets, such as packets 204 through 207, but at a faster rate than before. If the retry keep-alive packets go unanswered, endpoint 103-1 eventually deregisters and goes into a discovery mode at event 208, in which it attempts to find and reregister with a gatekeeper.
The heartbeat-based reliability technique described above works well under ordinary conditions. However, in a non-ordinary condition endpoint 103-r or gatekeeper 107, or both, can be subjected to what is known as a “packet attack,” sometimes referred to as a “Denial-of-Service attack,” in which an intruder can target one or more devices and continuously transmit, at a high rate, packets that are addressed to the targeted device. If a device, such as endpoint 103-r or gatekeeper 107, is under a packet attack, the device might not have enough processing power to continue to generate or process heartbeats. If endpoint 103-r is targeted, gatekeeper 107 will eventually deregister endpoint 103-r, which will then go into discovery mode to reregister with a gatekeeper. As implied above, the absence of a heartbeat leads to additional message traffic in the network and increases the processing load on gatekeeper 107, which possibly degrades its performance and reduces its overall availability to the other nodes in system 100. Furthermore, if a large number of endpoints were to reregister concurrently, a flood of registration-related messages would occur, creating an even higher load on gatekeeper 107 and ultimately leading to degraded performance across system 100.
What is needed is a technique to mitigate the problems that a packet attack causes, without some of the disadvantages in the prior art.