The present invention relates generally to address portability and, more particularly, to a method and apparatus for address portability to provide fully transparent internet protocol (IP) mobility services to IP-enabled network devices in any Ethernet local area network (LAN).
The transmission control protocol/internet protocol (TCP/IP protocol), a suite of communications protocols used by host computers to exchange information between application processes over LANs or wide area networks (WANs), was designed when laptops and other mobile IP devices were essentially nonexistent. As a result, there was no issue with mobility, since each IP network device was typically a workstation, minicomputer, or the like. The movement of devices from place to place in such a static environment was expected to be a very rare occurrence, and one that could be adequately handled by manual intervention. This assumption, in conjunction with various resource constraints, influenced the development of the IP protocol such that each LAN only operated with a limited range (a subnet) of IP addresses. Any device with an IP address outside of that range was simply ignored by the LAN""s router, rendering it unable to communicate with any device within that network.
Over the last several years, the IP protocol has become the primary data communications protocol on virtually every computer in the world. This includes a substantial number of laptops and other portable computer devices. As the prevalence of laptops increases, IP mobility issues have substantially increased. For example, it is now common for customers, vendors, and even business associates that have laptops or other mobile IP devices to attempt to hook into a xe2x80x9cforeignxe2x80x9d LAN and attempt to use its facilities. Typically, this results in significant frustration since the amount and complexity of reconfiguration to permit the connection is not insubstantial.
One attempted solution to this problem, dynamic host configuration protocol (DHCP), evolved over the last couple of years. Under DHCP, a computer configured to use that protocol may retrieve local IP configuration data automatically when the mobile IP device is connected to the network. While this is a reasonable solution to mobility problems, its scope is somewhat limited. For example, the mobile network device must be configured to use DHCP, and the LAN must have a DHCP server enabled. Moreover, the duration of DHCP xe2x80x9ctimeoutsxe2x80x9d within the mobile network device must be short enough to allow the device to request a new address at the new location. As a result of at least these limitations, DHCP has not sufficiently solved the problem. In some cases, DHCP has proven unacceptable to the network clients who may not have DHCP pre-configured or to network administrators who wish to have more knowledge of and control over the mobile IP devices that enter and leave the network.
It is, therefore, desirable to provide fully transparent IP mobility services for clients in a dynamic network environment.
Systems and methods consistent with the present invention satisfy this and other needs by supporting and providing full IP client functionality to any IP-enabled network device in any mobility-enabled LAN. The present invention provides full functionality regardless of both the IP address of the mobile device and subnet restrictions of the LAN.
A method for use with a proxy server consistent with the present invention establishes communications between a device in a first network and a destination device having an arbitrary address on a second network outside of the first network. The method includes the step of generating an address resolution protocol packet to identify the arbitrary address for the destination device. The proxy server receives the address resolution protocol packet and generates an address resolution protocol response packet including the arbitrary address of the destination device. The method also includes the step of transmitting the address resolution protocol response packet from the proxy server to the device in the first network.
Another method consistent with the present invention is for use with a proxy server and establishes communications between a random device and a destination device having an arbitrary address on a network. The method includes the steps of generating an address resolution protocol packet to identify the arbitrary address for the destination device and receiving, by the proxy server, the address resolution protocol packet. The method also includes the steps of generating an address resolution protocol response packet including the arbitrary address of the destination device and transmitting the address resolution protocol response packet from the proxy server to the random device.
Yet another method consistent with the present invention is for use with a proxy server which is in communication with a mobile device and remote name server. The method permits obtaining an internet protocol address from the remote name server for the mobile device and includes the steps of generating a query packet including a request for an address associated with a domain name and receiving the query packet from the mobile device in the proxy server. The method also includes the steps of forwarding the query packet to the remote name server and generating a response packet including the requested address. The method also includes transmitting the response packet to the proxy server and transmitting the response packet to the mobile device.
Another method consistent with the present invention is for use with a proxy server and provides for communications between a random device and a destination device in a network. The method includes the steps of performing a proxy address resolution protocol to initiate communications between the random device and the destination device, performing a proxy domain name service to identify a destination address in the second network associated with a domain name, and performing a network address translation of an arbitrary random address associated with traffic from the random device to an appropriate address for routing the traffic to the destination device in the network. Use of this combination allows a system to support and provide full client functionality to mobile network devices.
Systems are also provided for carrying out these and other methods consistent with the present invention.
Several advantages accrue to method and systems consistent with the present invention. For example, these systems and methods provide a secure and complete mobility solution, including the various cases where prior art solutions were inadequate. Such systems and methods are completely transparent to the end-user, who may or may not use DHCP, but will still be able to communicate with a LAN or even with a WAN. They are also more xe2x80x9cadministrator-friendlyxe2x80x9d, especially when the acceptance protocol involves e-mail notification to the network administrator tat a new device has joined the network. Security is enhanced by reducing the network""s exposure to foreign snooping.
The above and additional features and advantages of the present invention will be readily appreciated by one of ordinary skill in the art from the following detailed description.
FIG. 1 is a diagram of a random Ethernet LAN environment consistent with the present invention;
FIG. 2 is a high level system diagram of a proxy server consistent with the present invention;
FIGS. 3 and 4 illustrate network address translation associated with the routing of traffic from a random LAN to a legal LAN consistent with the present invention;
FIGS. 5 and 6 illustrate network address translation associated with the routing of traffic from a legal LAN to a random LAN consistent with the present invention;
FIGS. 7 and 8 illustrate generation of a proxy address resolution protocol (ARP) packet and generation of a proxy ARP response packet consistent with the present invention;
FIGS. 9-12 are flowcharts depicting steps for proxy ARP consistent with the present invention;
FIGS. 13 and 14 illustrate generation of a proxy domain name service (DNS) query packet and generation of a proxy DNS response packet consistent with the present invention;
FIGS. 15 and 16 are flowcharts depicting steps for proxy DNS consistent with the present invention;
FIG. 17 illustrates an alternative proxy server implementation consistent with the present invention;
FIG. 18 illustrates normal traffic flow in the alternative proxy server implementation of FIG. 16;
FIGS. 19-22 illustrate network address translation for use with the alternative proxy server implementation consistent with the present invention; and
FIGS. 23-24 illustrate proxy ARP for use with the alternative proxy server implementation consistent with the present invention.