FIG. 1 shows a private network 15 that includes endpoint devices such as computers 16A and 16B and a Voice Over IP (VoIP) Internet phone 18. The devices 16A, 16B and 18 in the private network 15 are connected to the public Internet 14 through a Network Address Translator (NAT) 20 and modem 21. The public Internet 14 is also connected to other endpoint devices such as computer 24 and other Internet phones 26.
The NAT 20 is designed for Internet Protocol (IP) address simplification and conservation, by enabling the private IP network 15 to use non-registered IP addresses to connect to the public Internet 14. The NAT 20 operates as a router, usually connecting two networks together, and translates the private (not globally unique) addresses used in the private network 15 into legal public IP addresses before packets are forwarded onto public network 14. As part of this functionality, NAT 20 can be configured to advertise only one address for the entire private network 15 to the outside world.
In this example, the computers 16A and 16B, and phone 18, communicate over Internet network 14 using the public IP address 38 provided by the NAT 20. The NAT 20 receives a packet 30A from one of the connected devices, such as IP phone 18. The packet 30A includes a source address 32, destination address 34, and a payload 36. The NAT 20 reformats packet 30A into packet 30C by replacing the source address 32 with the NAT's public IP address 38 and a port number 40. The NAT 20 then forwards the reformatted packet 30C to an endpoint associated with the destination address 34, such as IP phone 26.
The IP phone 26 sends packets back to the IP phone 18 that include the IP address 38 and port number 40 for the NAT 20. The NAT 20 receives the packets and forwards the packets to the local private address 32 associated with IP phone 18.
The NAT 20 does not work until one of the private network devices 16A, 16B or 18 sends packets out to another device on the Internet 14. For example, IP phone 26 cannot connect to phone 18 until the private address 32 of phone 18 is first linked with the public IP address 38 and port number of NAT 20.
For this reason, the NAT 20 cannot be used with some IP applications. For example, IP peer-to-peer multimedia connections, such as those established in a VoIP call, include a signaling phase. During the signaling phase, the originating endpoint, such as IP phone 18, may need to send a public IP address and port number to a call signaling server, such as a Signal Initiation Protocol (SIP) or Quake server. However, the IP phone 18 does not know the public IP address 38 and port number used by the NAT 20.
Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATS) (STUN) is an operation described in Request for Comment (RFC) 3489 which is herein incorporated by reference. A STUN server 22 enables an endpoint device to discover the public IP address and port number of the NAT 20. For example, the IP phone 18 can send an IP packet 30A to the STUN server 22. The NAT 20 again replaces the source address 32 with the public IP address 38 and port number 40 before forwarding the reformatted packet 30B to the STUN server 22.
The STUN server inserts the public NAT address 38 and port number 40 into the payload 44 of a return packet 30D and sends the return packet back to NAT 20. The NAT 20 then forwards the packet 30D back to the IP phone 18. The IP phone 18 can then use the IP address 38 and port number 40 in the payload 44 for VoIP signaling.
The devices 16A, 16B and 18 contact the public STUN server 22 for every new NAT binding, that is, for every phone call. This places a heavy reliance on the STUN server 22 and prevents STUN reliant applications from operating while the STUN server 22 is unavailable. For example, the phone 18 cannot make a VoIP call while STUN server 22 is down.
The present invention addresses this and other problems associated with the prior art.