1. Field
The present application relates generally to communications, and more specifically to systems, methods, and device (such as routers) for efficient processing of internet protocol (IP) fragments using network address translation (NAT) functionality.
2. Background
Communication systems are widely deployed to provide various types of communication (e.g., voice, data, multimedia services, etc.) between communication devices (e.g., mobile handsets, PDAs (Personal Data Assistants), personal computers, smart phones, servers, or any other electronic device capable of communicating via a network). The devices may transmit/receive data between each other via a network of interconnected devices. For example, client devices may exchange data with server devices over a network.
Due to the limited availability of IPv4 addresses for devices, client devices may access a network through another device, such as a device running network address translation (NAT) functionality (herein referred to as a “NAT device”). NAT devices may provide public domain access to a group of client devices (which may be grouped in a local area network (LAN)). A single publicly routeable IPv4 address may be assigned to the NAT device for the group of client devices to access the public network, instead of each client device having its own publicly routeable IPv4 address. This saves on the assignment of IPv4 addresses. Further, using a NAT device allows security protocols to be established at the NAT device that help protect all the client devices, since all the traffic flows through the NAT device.
For the client devices to communicate with a server device, the data sent from client devices to the server device is routed through the NAT device. For the server to communicate with the client devices, the server devices send data to the NAT device, and the NAT device sends the data to the client devices.
The NAT device may perform network address translation for the data exchanged between the client devices and server devices. Utilizing NAT, the NAT device may modify the internet protocol (IP) addresses of data packets from the client devices before sending the data packets to the server. Similarly, the NAT device may modify the IP addresses of data packets from the server before sending the data packets to the clients.
For example, the client devices may be part of a local network that uses “private” IP addresses for each of the client devices to communicate within the local network. These private IP addresses, however, may not enable the client devices to communicate with devices that reside on a “public” network, such as server devices that reside on the Internet. The NAT device, however, may be associated with a public IP address and enabled to communicate with devices on the public network. Accordingly, the NAT device may receive data packets from the client devices with private IP address, the packets being destined for devices on the public network. The NAT device may modify the private IP addresses of the data packets to reflect the public IP address of the NAT device and send the data packets to a server on the public network. The NAT device (e.g., a symmetric NAT device) may further modify other information in the data packets, such as transport layer port information in order to, for example, monitor multiple traffic flows from a single client device. The server may then send data packets in response to the NAT device using the public IP address. The NAT device must then determine to which client devices each response data packet belongs, and modify the response data packets to have the appropriate private IP addresses of the client devices.
In order to be able to perform NAT, the NAT device may need to wait before all the IP fragments of a data packet have arrived at the NAT from a client device before performing NAT and sending the data packet to the server, which may lead to delay sin communication and increased memory buffering requirements in the NAT device. This may be especially true where IP fragments arrive at the NAT device out of order with the first IP fragment arriving at the NAT device last as further discussed herein.
Further, in some instances, two or more client devices that are associated with the same NAT device may send IP datagrams or fragments to the same server using the same IP-ID for the datagrams or fragments. In such instances, after NAT is performed by the NAT device and the datagrams or fragments are sent to the server, the server may may not be able to distinguish between the datagrams or fragments from a first client and a second client device sent via the NAT device. This leads to inefficiencies and errors in communications. Thus, enhanced systems and methods of performing NAT are needed.