A network typically enables nodes connected to the network to exchange messages, such as datagrams comprised of packets. A node may be a general-purpose computer system, such as a personal computer, or may be one of a variety of special-purpose devices, including firewalls, proxy servers, and other security devices; routers, switches, gateways, and other network control devices; packet sniffers and other network monitoring devices; and special-purpose network appliances. The networking schemes used in most networks permit a new node to be connected to an existing network.
Each node in a network is typically identified by a hardware address, also called a physical address. A hardware address is typically determined for the life a device by the device's manufacturer, and chosen in an attempt to render the hardware address unique within a typical network, if not unique in the world. For example, in an Ethernet network, nodes are identified by hardware addresses called media access control addresses (“MAC addresses”). A sender node that must send a datagram to a destination node that is connected to the same network as the sender node typically sends the datagram to the destination node using the hardware address of the destination node.
Two or more networks may be interconnected in order to permit nodes in each interconnected network to exchange datagrams with nodes in interconnected networks. Datagrams are generally exchanged between nodes of different networks using a higher-level address, called a logical addresses or protocol addresses. For example, where Internet Protocol is employed between interconnected networks, a node is identified to nodes in networks connected to its network by a logical address called an “IP address.”
To send a datagram to a destination node of an interconnected network, a sender node uses a protocol address of the destination node by sending packets of the datagram to a receiver node in the network of the destination node designated to receive packets for this protocol address. The receiver node, in turn, determines the hardware address of the node having the destination protocol address, and sends the packets of the datagram to the destination node using the hardware address of the destination node.
Because the sender node uses the protocol address of the destination node to send a datagram to the destination node when these nodes are in separate interconnected networks, such sending is generally not possible when the protocol address of the destination node is unknown to the sender node. Even more pervasively, if the destination node has not yet been assigned a protocol address, it generally cannot receive datagrams from any nodes outside its network.
This can cause a problem for a sender node that needs to communicate with a destination node before the destination node has a protocol address, or before the protocol address of the destination node is known to the sender node. This problem arises commonly when a new device, such as a firewall, is connected to a network. A new device may generally be connected to a network merely by installing a network cable between a network port on the device and a network jack that is connected to the network. In view of the straightforwardness of this installation, it may be completed by almost anyone. At this point, however, the device does not have a protocol address that is coordinated with the network. In addition to needing to be configured with a protocol address that is coordinated with the network, the device may also need additional configuration in order to operate properly on the network. For example, a firewall may need to receive information describing the network, its nodes, and its uses in order to be able to effectively protect the network.
Conventional approaches to performing such needed configuration leave much to be desired. A first approach involves directing a networking expert to physically visit the connected device in order to manually configure it. The relative scarcity of networking experts generally causes this approach to have a high pecuniary cost, as well as significant time latency.
A second approach involves including a telephone modem in the device, and requiring the person connecting the device's network port to a network jack to also connect the device's modem to a standard telephone jack. The device uses the modem to establish a telephone connection to a configuration computer system, which configures the device via the telephone connection. This approach also has a significant pecuniary cost, as it requires the inclusion of additional hardware—the modem—in the device. It may also be difficult, in many cases, to successfully connect to the configuration computer system. For example, given the prevalence of non-standard telephone networks that use non-standard wiring to support extra telephone features, it may not be possible to connect the modem to a standard telephone jack. Furthermore, once the device is connected to a standard telephone jack, characteristics of the telephone network may make it impossible for the device to successfully connect to the configuration computer system.
In view of these disadvantages of conventional approaches, an effective approach to establishing communication with an unconfigured device connected to a network from a node in a connected network would have significant utility.