1. Field of the Invention
This invention relates generally to communication between a network and multiple servers represented by a common Internet Protocol (IP) address. Specifically, this invention relates to the establishment of a multi-media connection for the delivery of IP datagrams belonging to the same multimedia call between an H.323 multi-media terminal and the same H.323 multimedia server.
2. Background of the Invention
The personal computer is rapidly becoming a key communication device for millions of users. This trend has accelerated with the increased use of the Internet. Computer communications have typically involved the exchange of electronic mail, however recent advancements have introduced voice and video connectivity. With the increased reliance upon such services, communications providers are in need of standard ways of providing connectivity while cost effectively managing the routing of the incoming multi-media traffic. In addition to providing such manageability, the H.323 real time multi-media communications standards provide for compatibility and any subsequent expansion.
The ITU-T (International Telecommunications Union) H.323 standard defines how a flexible, real-time, interactive set of multimedia communications can be exchanged on packet-based networks. This international standard is the first standard that was provided through the collective input of both traditional telephony communications experts and those from computer communications arena. In addition to fully-interactive media communications such as conferencing, H.323 also has provisions for other forms of communications, such as multimedia streaming. H.323 offers benefits to end-users, developers and service providers of Internet telephony and Internet multi-media applications. The H.323 standard itself provides new business opportunities for valueadded services such as call tracking, multimedia conferencing and multimedia collaboration.
A typical multi-media networking environment includes a proxy. A proxy allows contact between entities on one side, typically a public networking environment such as the Internet, and a second side, typically a private networking environment. The H.323 proxy typically sits on an enterprise firewall and monitors and processes all H.323 traffic that travels through the firewall. The proxy ensures that only valid H.323 traffic passes through the firewall.
A Network Address Translator (NAT) is an address proxy that performs a firewall function. The NAT can be thought of as an associating device that translates a source Internet Protocol (IP) address to its own external address and forwards the packet to a destination for a packet delivery external to the private network. For packet traffic incoming into a private network, the NAT translates the destination IP address to an internal address based on information in the packet header, such as the source IP address, source port number or the destination port number.
There is a substantial difference between an H.323 proxy and a NAT in terms of the required processing needs. A NAT performs the address translation based on physical interfaces, source/destination addresses, or ports depending on applications or administrative requirements. This information can be easily and quickly ascertained. As such, the NAT reduces the amount of processing resources necessary to process the call. In comparison, the use of an H.323 proxy requires the call to terminate at the firewall, sort through a substantial amount of user information to determine the call characteristics and then establish a new connection from the H.323 proxy to the server each time a new end-to-end H.323 call is to be established. Therefore, there is additional processing time required whenever the call passes through the H.323 proxy to the destination.
For the multimedia protocol services, the NAT can be placed in front of the group of multi-media servers in the data network for three purposes. First, the NAT is used for security purposes to protect the IP processors in the server from potential security attacks from external networks. For the NAT to perform address translations, it will generally examine incoming packets to determine the translation rule to use. If packet filtering is also part of the rule, the NAT also effectively serves as an access controller as well as its main function to hide the internal addresses from external networks. Second, the NAT shields the growth of internal IP processors from the external networks because the external networks are oblivious of the internal addresses. This simplifies the data that an external gateway finding directory server needs to keep, thus simplifying its administration. Third, the NAT is used to distribute multimedia IP traffic to the IP processors in the server bank.
In the TCP/IP world, applications use what are commonly referred to as xe2x80x9cwell-known portsxe2x80x9d to communicate with each other. A well-known port specifies that a service should or must use a particular port, for example an HTTP server will listen on TCP port 80 by default. When a client application sends out a request to a well-known port for a particular application, the client application assumes that the corresponding server application is xe2x80x9clisteningxe2x80x9d on the well known port associated with that application. For example, the well-known port number for multi-media applications is TCP port 1720. A server application will actively listen for incoming connection requests on TCP port 1720 for a client application requesting a multimedia service. Client applications connect to the well-known destination port to establish a TCP multi-media connection. For H.323 multi-media communications, subsequent TCP connections using dynamic port numbers may be made for further communication controls.
A particular TCP connection is defined by the port and address of both the originating endpoint (or its proxy) and the terminating endpoint (or its proxy). By its very nature, a TCP connection is an application to application connection. A TCP connection is established as an end-to-end medium or lower level transport for other H.323 protocols. All H.323 control protocols are encapsulated within TCP connections. To establish a multi-media transport requires at least three connections with different H.323 control and data transport features. First, a TCP connection is established to transfer H.225 protocol messages. Second, a TCP connection is established to transfer H.245 protocol messages. Third, an unreliable UDP connection is established for the transfer of real time sensitive data packets or another TCP connection is established to transfer data reliably.
It is an object of the present invention to allow a NAT to deliver IP datagrams, i.e. data packets, belonging to the same call to the same H.323 server. It is desirable to perform the IP datagram delivery without the use of a typical H.323 proxy, thereby reducing the resources necessary to process the call and allowing for a xe2x80x9cone-to-many distribution.xe2x80x9d Instead of searching the many layers of user-to-user information, which is required by a typical H.323 proxy, the destination should be quickly and easily ascertainable. Additionally, it is desirable to provide a reusable block of TCP and UDP port numbers and internet protocol addresses associated with independent H.323 servers for processing the end point/terminal H.323 multi-media calls, coupled with a mechanism to randomly select an H.323 processor to process all transactions at the time a particular H.323 multi-media call request is made.
In accordance with one aspect of the invention, the foregoing object is achieved by providing a method and apparatus for establishing a multi-media call between an originating H.323 terminal and an H.323 server through an intermediate device. The H.323 terminal is typically connected to a public network, such as the Internet. The H.323 server is typically part of a private networking environment containing a number of H.323 servers. The intermediate device, a Network Address Translator (NAT), serves as a go-between and substitutes for an H.323 proxy.
In accordance with another aspect of the present invention, incoming multimedia traffic from the Internet is addressed to the globally unique IP address identifying the NAT, not the many addresses of the number of H.323 servers contained in the private network. The xe2x80x9cone-to-many distributionxe2x80x9d results from the directing of a multimedia call from the globally unique address identifying the NAT to any one of the many private network addresses identifying any one of the H.323 multi-media servers in the private network. When a call comes into the NAT requesting a multimedia service, the NAT determines the best available server to handle the incoming call based upon an algorithm at an intermediate device. The multi-media call will then be distributed from the xe2x80x9cone,xe2x80x9d the NAT, to one of the xe2x80x9cmanyxe2x80x9d H.323 servers.
An aspect of the present invention currently not available with any available H.323 proxy device provides for the same server to be used for the duration of the data transmission after the initial assigning of the server to process the multi-media call. Prior to the step of assigning of a TCP or UDP port uniquely identifying the server, there is a unique cooperation between the NAT and the server for any transmission by a multimedia terminal represented by a port and IP address requesting a multi-media service on a well-known port. Once the request is presented to the NAT for multi-media service on a well-known port, the NAT determines the IP address of the H.323 server processing the call and this IP address is recorded at the NAT for future reference. The NAT associates the port and IP address of the source of the multimedia call with the IP address of the multi-media server handling the call. The NAT will then recognize that any incoming transmission from the particular port and IP address destined for the multi-media well-known port is mapped to the associated destination multi-media server.
In accordance with another aspect of the invention, the H.323 server assigns a TCP port or UDP port uniquely identifying the H.323 server. The identity of the TCP port or UDP port assigned by the H.323 server is transmitted to the originating H.323 terminal for the establishment of the next TCP or UDP connection. For any transmission from the H.323 terminal to the NAT with the designated destination as a particular TCP port or UDP port that is not a well-known port, the NAT performs a calculation using the value of the destination port number to determine the identity of the H.323 server responsible for the processing of the H.323 multimedia call. As such, the call will always use the same multi-media server allowing efficient use of resources and reducing the possibility of lost data. Additionally, the calculation process eliminates the typical H.323 proxy and therefore increases the speed of the transmission and lessens the strain on the processing resources. The calculation process eliminates the necessity to search the many layers of the user-to-user information in its entirety for the information to process the multi-media call. The destination multi-media server can be ascertained from the destination TCP or UDP port information.
By substituting a NAT containing the processing capabilities of the present invention for a typical H.323 proxy, a multimedia call originating from an H.323 multi-media terminal will be processed quickly and efficiently by the same H.323 server.