1. Field of the Invention
The present invention relates generally to communication between hosts in data networks, and more particularly to mechanisms for implementing redundancy based routing in an environment that uses network address translation (NAT) across different address spaces.
2. Background of the Invention
All devices connected to the Internet require an Internet protocol (IP) address to communicate with other Internet-attached devices. Typically, these address take the form of a 32-bit IP version 4 (IPv.4) or 128-bit IP version 6 (IPv.6) address assigned to an organization by the Internet Assigned Numbers Authority (IANA). The majority of internet-attached devices still communicate using older IPv.4 address due to the slow migration of internet service providers to IPv.6. One of the inherent limitations of IPv.4 is that the address space is relatively small compared to the total number of networked devices.
The network address translation (NAT) protocol developed as a solution to the shortage of addresses and the over-assignment of large blocks of IPv.4 addresses in the 1980s and 1990s. See K. Egevang and P. Francis, “The IP Network Address Translator (NAT),” RFC 1631, Cray Communications, NTT, May 1994, which is incorporated herein by reference for all purposes. NAT is based on one or more intermediate NAT device positioned between a local network and the public Internet. The local network does not use globally unique IP addresses. Blocks of IP addresses for use in local networks are defined in RFC 1631 for organizations to use only in their private networks. Thus, different local networks may use the same private IP addresses inside their individual local networks.
A device on a local network attempting to access a remote device on the public Internet is assigned a temporary unique public IP address for use outside the local network by the NAT device. The NAT device translates packets traveling between the local and remote devices, replacing the local hosts IP address with the temporary public, unique IP on communications sent from the local host to the remote host, and replacing the temporary public, unique IP address with the local hosts IP address on communications sent from a remote host to the local host. Once a communication between a local host and a remote host is completed, the temporary public, unique IP address is available for other local hosts for use in accessing computer resources outside their local networks.
In another technology area, virtual router protocols such as HSRP (Hot Standby Router Protocol) and VRRP (Virtual Router Redundancy Protocol) are typically used to provide a redundant router service on a subnet of redundant routers. The subnet of redundant routers are typically available to a local network of devices that are accessing outside hosts through the redundant routers. Specifically, the subnet of redundant routers are accessible via a virtual router having a particular address. In a setup procedure, two or more routers in the subnet typically participate in the election of an active router that is responsible for forwarding traffic sent to the virtual router. If that active router fails then another member of the group will take its place and continue to forward traffic sent to the virtual router.
NAT devices can also be configured with routing capabilities and serve as a redundant router group. Unfortunately, when some of the NAT devices utilize different public address spaces for their translations, the integration of redundant routing and NAT capabilities will fail to maintain connectivity under various conditions. In general, problems arise in the context of a communication protocol that utilizes a third party device or address server to facilitate communication between a remote host and a local host and the local hosts is associated with two NAT devices having differing public address spaces. In a first problem scenario, when a local host registers its address with an address server through a first NAT and such first NAT fails and a second NAT with a different address space takes over, remote hosts can no longer access the local host through its address information retained at the address server because the address information for the local host is no longer valid with the second NAT.
Second, when a communication session is set up between a remote host and a local host via a first NAT device that also serves as the active router in the redundant router group, this first NAT device may fail while such communication session is still in force. When the first NAT device fails and a second NAT device then takes over as the active router, the second NAT device is typically not aware of the public and private addresses used in the session that was established through the first NAT device prior to failure of the first NAT device. Thus, the addresses of packets transmitted to the remote host from the local host will not be properly translated by the second NAT device. The remote host will also not be able to reach the local host using the old public address assigned by the first NAT.
Accordingly, improved mechanisms for maintaining connectivity in an environment that implements redundant routing, NAT or the like, and a session based protocol are needed.