A computer network includes computer processors or “hosts” that host software applications that provide or request services, or both. The hosts may be network terminals or end stations that do not perform network traffic routing or forwarding functions. The hosts communicate with each other through network devices, such as switches and routers, sometimes called intermediate devices, which do perform routing and forwarding functions. When a host is added to a network by connecting directly to another host, or indirectly to another host through one or more intermediate devices, the host must be configured for network operations. For example, the newly added host is assigned a logical network address for itself, and a network address for the intermediate device that routes or forwards its traffic, among other configuration information.
Many computer networks, including the Internet, employ the Transmission Control Protocol and Internet Protocol (TCP/IP) for sending packets of information between devices on the network. TCP/IP packets include data fields holding data indicating a destination, a destination port, a source, and a source port. The destination field holds data indicating the IP address of the intermediate device or host that is to receive the TCP/IP packet. Routers efficiently transmit TCP/IP packets using hardware configured to interpret the destination address in the destination field. An IP address consists of 32 bits, often represented as four 8-bit numbers separated by periods, e.g., A.B.C.D, where the letters A, B, C, D each represent one 8-bit number. An 8-bit number can represent values from 0 though 255. The source field holds data indicating the IP address of the intermediate device or host that sent the TCP/IP packet. The destination port field holds data indicating the service requested on the destination device, so that the destination device provides the packet to the appropriate server process executing on the destination device. The source port is used to distinguish several client processes operating simultaneously on the same host.
Computer networks that employ TCP/IP are proliferating, and as a result, logical network addresses that are used to locate each device on the network have become scarce. In many local networks with many different computers, the number and location of the computers connected to the network may change regularly. In addition, of the many computers physically connected at one time, only a fraction of the computers are on and operating at one time. Thus one or more hosts are being added and dropped frequently.
A specific context in which this problem arises involves large-scale cable modem networks in which voice and other services are delivered over an Internet Protocol (IP) network that uses coaxial cable for communications. In this context, cable modems of end users become active and inactive regularly as users initiate and terminate use of service. In this context, it is wasteful to give every computer a unique and permanent network address. A number of addresses sufficient for the simultaneously operating computers can be shared, and re-assigned as one host drops off the network and another host adds onto the network. Configuring each host is a tedious process to perform manually.
The Dynamic Host Configuration Protocol (DHCP) provides a mechanism through which computers using TCP/IP can obtain network addresses and other configuration information automatically. DHCP is an open standard protocol for dynamic host configuration described in request for comments (RFC) documents numbered 2131 and 2132 available at the time of this writing as rfc2131.html and rfc2132.html, respectively, on the worldwide web (www) at domain dhcp.org. A DHCP server process operates on a DHCP server host that is conveniently located for several hosts on one or more local networks. One or more DHCP server hosts and processes are set up by a system administrator with information to configure the hosts on one or more local networks to reflect the current architecture of those local networks. A DHCP client process operates on each host of the local networks. As used hereinafter, a server refers to the server process and a client refers to the client process unless otherwise indicated to refer to the host or device on which the process executes.
Another mechanism used to conserve scarce IP addresses is the network address and port translation (NAPT) process. NAPT is a process by which many network addresses and their TCP ports are translated into a single network address and its TCP ports. A conventional NAPT is an open standard for address translation described in request for comments (RFC) document number 3022 available at the time of this writing as rfc3022.txt on directory rfc, on the worldwide web (www) at domain ietf.org.
NAPT allows a local network with private addresses to connect to an external network with unique registered addresses. For example, assume that private IP addresses 1.1.1.0 through 1.1.1.255 are used on a local network. These addresses may already be registered on the public Internet to other devices on one or more other networks, or reserved for private addresses only, and so not used by the Internet at all. Thus, these addresses cannot be used by hosts on the local network to send or receive messages over the Internet. To communicate with a device on the Internet, data packets from hosts on the local network must go through an intermediate device with an NAPT process. Each data packet has a source port, often randomly generated at the host for each client process sending one or more messages. The intermediate device has an Internet registered address, for example, 125.125.125.130 and a local address, for example, 1.1.1.1. The NAPT process on the intermediate device translates the 256 private addresses 1.1.1.0 through 1.1.1.255, each with one or more ports, to the single address 125.125.125.130 with 256 or more different ports. For example, the NAPT process maps the 256 hosts, each using a single port, to 256 ports ranging from port 3000 to 3255. On messages originating on the private network for the Internet, NAPT substitutes the translated single address (125.125.125.130) for the source addresses and the translated ports (3000 to 3255) for the source ports, and then sends the message over the Internet. On data packets destined for the hosts on the private network from the Internet, NAPT translates the destination address and destination ports to the associated local IP addresses and local ports, and sends the messages onto the local network.
NAPT is useful for conserving IP addresses in circumstances interconnecting several local networks using private addresses that are not used outside the local network for privacy reasons or because those addresses are invalid outside the local network. Consider a retailer having dozens or hundreds of store locations, each store having its own local network of hosts running cash register processes. Installing a local network at each store is simplified if every local network can use the same set of IP addresses, e.g., 1.1.1.0 through 1.1.1.255.
In addition, if each local network can use the same IP addresses, a limited pool of unique registered IP addresses can be used for all the hosts at a very large number of sites. For example, assume that of 1000 unique registered IP addresses in a pool for the external network, all 1000 are used for 1000 different sites on the corporate wide-area network. At each site, any IP addresses can be used as local addresses, because such addresses are not presented to the wide area network.
A limit for the number of local addresses that can use NAPT in this manner is imposed by the number of unique port values that NAPT can use to distinguish the local addresses. Some ports are well-known ports used by certain processes running on a host. For example the port for an HTTP server is 80 and the port for a DHCP server is 67. The number of ports that are not reserved is well over 32,000. Thus, using NAPT, a pool of 1000 IP addresses can be used to access over 32,000 hosts on each of 1000 local networks—a total of over 32 million hosts.
However, the hardware and software that forms an NAPT process may fail in some important circumstances. For example, when the computers distributed across more than one network operate the Windows operating system of Microsoft Corp., communications that involve NAPT ultimately fail. The Windows operating system uses a network protocol called network basic input/output system (NetBIOS). NetBIOS is an open standard protocol for providing services over a TCP network described in request for comments (RFC) document number 1001, available at the time of this writing as rfc1001.htm on directory rfc, on the worldwide web (www) at domain ietf.org.
Many small offices and home offices use low-cost, personal computers for small local networks. Tens of millions of personal computers already deployed run the Windows operating system. An enterprise that has many sites, each with local networks of personal computers running Windows, is unable to utilize NAPT in attempts to obtain Windows services across those sites over an internetwork. Furthermore, large enterprises installing local networks at large numbers of sites may prefer to install low-cost personal computer networks at each site. Therefore, a failure of NAPT when interconnecting networks of such personal computers prevents data interchange among such enterprises.
Unlike NAPT, a simple network address translation (NAT) process has been configured to operate successfully with the NetBIOS protocol. A NAT process translates a local IP address to one of a set of corporate IP addresses associated with the intermediate device on which the NAT process executes. The number of corporate IP addresses used by the NAT process limits the number of local hosts simultaneously communicating with the corporate network, and is often a small subset of the total number of local hosts. The NAT process associates the local IP address with one corporate IP address of the set of corporate IP addresses for the intermediate device on which the NAT process executes. The NAT process is configured to operate successfully with NetBIOS by replacing the local IP address included in a field of the NetBIOS message originating on the local host having that local IP address. The NAT process configured for the NetBIOS protocol places into that field of the NetBIOS message the one corporate IP address associated with that local IP address by the NAT process. A NAT correction to support NetBIOS is described in a document available at the time of this writing as 27.asp on directory support/kb/articles/q172/2, on the worldwide web (www) at domain support.microsoft.com.
However a NAT process is not as desirable and powerful as a NAPT process. A NAT process is not as efficient as a NAPT process in saving corporate IP addresses. For example, a NAT process uses several corporate addresses; while an NAPT process may use a single corporate IP address. Furthermore, the NAT process does not allow as many local hosts to communicate with the corporate network as a NAPT process. For example, a NAT process may limit the number of local hosts that communicate with devices on the corporate network to 8 or 32; while a NAPT process may allow tens of thousands of local hosts to simultaneously communicate with devices on the corporate network.
Based on the foregoing, there is a clear need for a way to use NAPT with interconnected local networks of computers that use the NetBIOS network protocol.
There is a specific need for a way to use NAPT in systems that run the Microsoft Windows operating system.
Furthermore, there is a need for an NAPT process that works with other network protocols that fail to function with the conventional NAPT process.