The present invention relates to methods and apparatus for processing data within a computer network. More specifically, this invention relates to mechanisms for performing network address translation on data.
For a particular computer to communicate with other computers or web servers within a network (e.g., the Internet), the particular computer must have a unique IP address. IP protocol version 4 specifies 32 bits for the IP address, which theoretically gives about 4,294,967,296 unique IP addresses. However, there are actually only between 3.2 and 3.3 billion available IP addresses since the addresses are separated into classes and set aside for multicasting, testing and other special uses. With the explosion of the Internet, the number of IP address is not enough to give each computer a unique IP address.
One solution for addressing computers with the limited number of IP addresses is referred to as network address translation (NAT). NAT allows an intermediary device (e.g., computer, router or switch) located between the Internet network and a local network to serve as an agent for a group of local computers. A small range of IP addresses or a single IP address is assigned to represent the group of local computers. Each computer within the local group is also given a local IP address that is only used within that local group. However, the group's local IP addresses may duplicate of IP address that are used outside of the local network. When a local computer attempts to communicate with a computer outside the local network, the intermediary device matches the local computer's local IP address (and port) to one of the intermediary device's assigned IP addresses (and ports). The intermediary device than replaces the local computer's local address (and port) with the matched assigned IP address (and port). This matched assigned IP address (and port) is then used to communicate between the local computer and the outside computer. Thus, NAT techniques allow IP address to be duplicated across local networks.
Another solution to the lack of available IP addresses is to redesign the address format to allow for more possible IP addresses. The recent introduction of IPv6 provides 128 bits for the IP address, as compared with IPv4 which provides 32 bits for the IP address. However, until all network devices and computers are converted to IPv6, it is still necessary to allow an existing IPv4 device to communicate with an IPv6 device. One popular method that allows IPv4 to IPv6 communication is referred to as protocol translation (NAT-PT). The IP addresses are converted by NAT-PT from one protocol to another protocol (e.g., IPv4 to IPv6 or vice versa) or from an external protocol to an internal protocol (e.g., IPv4 to IPv4). These address are typically within the packet's IP header. Additionally, there are applications above the IP layer (e.g., the transport TCP layer) that may contain IP address information. This information may include, for example, an FTP address or an HTTP address. In addition to the IP addresses, the NAT-PT also converts any relevant IPv4 or IPv6 information during a protocol translation.
When converting from IPv4 to IPv6, a conventional NAT-PT conversion increases the size of a packet since the IP address (and possibly other upper layer IP address information) is changed to a larger sized address. Additionally, since the IP address may form part of the payload of a packet (e.g., upper layer IP information), the packet's payload may increase after the conversion from IPv4 to IPv6. If the packet size is increased, the packet may then have to be dropped or fragmented to meet network packet size requirements. Thus, a server may receive two packet fragments: one packet with most of the information and one packet with just a few bytes that result from the larger address added in the NAT process.
Unfortunately, fragments require more processing than whole packets. When small fragments are formed and sent by a router within a computer network, the router TCP software allocates buffer space, forms a fragment header, and computes a checksum for each fragment. Additionally, router IP software encapsulates the fragment in a datagram, computes a header checksum, and routes the datagram to the receiver software. The server IP software verifies the IP header checksum, and passes the fragment to TCP software which then verifies the fragment checksum, examines the sequence number, extracts the data, and places it within a buffer. Additionally, fragmentation introduces delays in communication and increases packet congestion within the network.
Accordingly, there is a need for mechanisms for avoiding problems with packets, such as fragmentation, caused by being converted between IPv6 and IPv4, as well as between other types of protocols.