1. Field of the Invention
The present invention relates generally to packet networks, and specifically to packet networks employing network address translation for routing of packet.
2. Description of Related Art
In recent years, the need for remote computing has dramatically increased, thereby further increasing utilization of the Internet as one of the primary communication media for many individuals and businesses. Since the early days of the Internet, subscribers have normally connected to the Internet through a single service provider that provides access to the Internet or other type of packet network
In a typical scenario, a subscriber initiates a packet session by causing a machine (e g., a personal computer, laptop computer, personal digital assistant, wireless phone or any other computing device capable of connecting to the Internet) to dial a number associated with a particular service provider to setup a packet call connection between the machine and a point of presence (access point) of that particular service provider. After the connection between the machine and the point of presence of the service provider is established, the subscriber is authenticated before being granted access to the Internet. During the entire packet session, the subscriber uses the same service provider for all of the applications accessed by the subscriber.
However, the types of applications provided by the different service providers may vary widely from one service provider to another. As subscribers become more sophisticated and begin demanding a variety and multitude of applications, subscribers may be forced to register with more than one service provider to meet all of the subscribers needs, which is both unpractical and costly for the subscriber. In the alternative, in order to keep customers, service providers may also be forced to upgrade their systems to offer additional applications, which may also be unpractical and costly for the service provider.
For example, a physician in a clinic may need basic Internet access to xe2x80x9csurf the webxe2x80x9d for general information, such as traffic reports, hospital addresses, weather information and many other basic common information. That same physician, however, may also need a secure link to a clearing house web site to clear medical claims that contain confidential patient information. Hence, in addition to a basic Internet application, the service provider may also need to provide a secure application that includes encryption technology and/or other secure treatment of the confidential patient information. Furthermore, the physician may also need to send high resolution medical images for x-rays, or may need to participate in online tele-medicine events, such as surgery. Thus, to meet all of the physicians needs, the service provider may need to provide not only a basic Internet application and a secure application, but also a low latency, low jitter, real-time application capable of handling high resolution images.
Most likely, today""s service providers would not be able to provide all of these applications to the physician. Therefore, the physician would have to register with and separately connect to three different service providers, one for basic web and email applications, another for VPN (virtual private network) or encryption applications and a third for real time communication applications. Each service provider may separately charge the physician at different intervals, resulting in three separate bills. In addition, to connect to all three service providers simultaneously, the physician may further require three machines and three communication access lines (e.g, telephone lines, DSL, cable, etc.), adding to the physician""s expense.
To overcome the deficiencies of the prior art, embodiments of the present invention provide a network address translation (NAT) rule that translates an address identifying a subscriber and associated with a first service provider into an address identifying the subscriber and associated with a second service provider for a particular application. The subscriber registers with a single home service provider and connects to that single home service provider for a packet session. A subscriber profile that includes the NAT rule is downloaded from the home service provider to a router and stored in a policy table therein. In one embodiment, the router is located at the border between the local network of the subscriber and an access network of the home service provider.
In one implementation embodiment, the header of each IP (Internet Protocol) packet received at the router to or from the subscriber is read to determine the subscriber""s address and an application identifier. Based on the combination of both the subscriber""s address and the application identifier, the router translates the subscriber""s address into a new address, using the NAT rule. For example, for outgoing IP packets, the translated IP address of the subscriber can be an address associated with a different service provider that has been contracted to support the particular application associated with the application identifier. In another implementation embodiment, the router uses the combination of the subscriber""s address and an address associated with the other service provider to translate the subscriber""s address into a new address, using the NAT rule. The new address is used to connect the subscriber to an additional service provider for a particular application during the packet session with the home service provider.
In one configuration embodiment, the NAT rule can be downloaded to the router upon log-in and authentication of the subscriber. In other configuration embodiments, the NAT rule can be downloaded to the router during the packet session. For example, the subscriber can be provided a web portal during the packet session that allows the subscriber to select specific applications provided by other service providers that the subscriber would like to access during the packet session. In still further configuration embodiments, the NAT rule can be a static, pre-configured rule maintained by the router