1. Field of the Invention
This invention generally relates to computer networking and, more particularly, to a system and method that permits a wide area network (WAN) to be selectively connected to a local area network (LAN) using an inter-network router bypass.
2. Description of the Related Art
As noted in Wikipedia, a wide area network (WAN) is a computer network that covers a broad area (i.e., any network whose communications links cross metropolitan, regional, or national boundaries). This distinction is in contrast to personal area networks (PANs), local area networks (LANs), campus area networks (CANs), or metropolitan area networks (MANs) which are usually limited to a room, building, campus or specific metropolitan area, respectively.
WANs are used to connect LANs and other types of networks together, so that users and computers in one location can communicate with users and computers in other locations. Many WANs are built for one particular organization and are private. Others, built by Internet service providers, provide connections from an organization's LAN to the Internet. WANs are often built using leased lines. At each end of the leased line, a router connects to the LAN on one side and a hub within the WAN on the other. Leased lines can be very expensive. Instead of using leased lines, WANs can also be built using less costly circuit switching or packet switching methods. Network protocols including TCP/IP deliver transport and addressing functions. Protocols including Packet over SONET/SDH, MPLS, ATM and Frame relay are often used by service providers to deliver the links that are used in WANs. X.25 was an important early WAN protocol, and is often considered to be the “grandfather” of Frame Relay as many of the underlying protocols and functions of X.25 are still in use today (with upgrades) by Frame Relay.
A router is an electronic device used to connect two or more computers or other electronic devices to each other, and usually to the Internet (i.e. WAN), by wire or radio signals. A router permits several computers to communicate with each other and to the Internet at the same time. If wired, each computer is connected by its own wire to the router. Modern wired-only routers designed for the home or small business typically have one “input” (WAN) port (to the Internet) and four “output” (LAN) ports, one or more of which can be connected to other computers. A typical modern home wireless router, in addition to having four wired ports, also allows several devices to connect with it wirelessly. Most modern personal computers are built with a wired port (almost always an Ethernet type), which allows them to connect to a router with the addition of just a cable (typically a Category 5e type).
More technically, a router is a networking device whose software and hardware are usually tailored to the tasks of routing and forwarding information. Routers connect two or more logical subnets, which do not necessarily map one-to-one to the physical interfaces of the router.
Residential gateways (often called routers) are frequently used in homes to connect to a broadband service, such as IP over cable or DSL. Such a router may also include an internal DSL or cable modem. Residential gateways and SOHO routers typically provide network address translation and port address translation in addition to routing. Instead of directly presenting the IP addresses of local computers to the remote network, such a residential gateway makes multiple local computers appear to be a single computer. Thus, it is difficult for a remote (WAN-connected) client to connect to a particular computer or LAN agent in a LAN network.
In providing connectivity to external networks, the router's functionality must be carefully considered as part of the overall security architecture. A router may include Firewall functions and a virtual private network (VPN) concentrator.
Generally, a modem (modulator-demodulator) is a device that modulates an analog carrier signal to encode digital information, and also demodulates such a carrier signal to decode the transmitted information. The types of fast modems used by Internet users are cable, ADSL, and broadband modems. In telecommunications, wide-band radio modems transmit repeating frames of data at very high data rates over microwave radio links. Some microwave modems transmit more than a hundred million bits per second. Optical modems transmit data over optical fibers. Optical modems routinely have data rates in excess of a billion (1×109) bits per second. A 56 k modem can transfer data at up to 56,000 bit/s (7 kB/s) over the phone line.
FIG. 1 is a schematic block diagram depicting a home network (LAN) with one or more client PCs 100 and a gateway/router device 102 that connects to a DSL or cable modem 104 (prior art).
FIG. 2 is a schematic block diagram depicting a first option for adding services to the basic home network of FIG. 1 (prior art). In this aspect, the router of FIG. 1 is replaced with a services router 200. The services router 200 can be augmented to supply additional inline security, such as IPS, virus scanning, content inspection, and URL filtering, in addition the security features supplied by conventional routers. In addition, the router supplies a service that is conventionally supplied by an agent of the LAN network. One example of such a service is network-attached storage (NAS). Advantageously, the service is always available to a WAN connected device. However, the introduction of such a unique device would require significant start-up costs. The servicing and support services may also be expensive. Further, there may have problems installing and using such a complex networking device. The typical user wants their networking device to be simple, cheap, and failure proof.
FIG. 3 is a schematic block diagram depicting a third option for adding services to the basic home network of FIG. 1 (prior art). In this aspect, an inline service box 400 (e.g., a NAS) is added to the LAN. Because the service box in part of the LAN, it can provide an in-network service (e.g., NAS), but it cannot provide additional inline security.
FIG. 4 is a schematic block diagram depicting a fourth option for adding services to the basic home network of FIG. 1 (prior art). In this aspect, an inline appliance 500 is added between the router 102 and the modem 104. The inline appliance 500 can supply additional inline security. However, because the appliance 500 is on the other side of the router firewall from the LAN, it cannot provide service (e.g., NAS) for LAN network PCs 100 using built-in windows clients.
FIG. 5 is a schematic block diagram depicting a fifth option for adding services to the basic home network of FIG. 1 (prior art). In this aspect, an inline box 500 provides additional inline security (500) and an in-network box 400 provides LAN services. However, 3 boxes are too expensive and too complicated for home/SOHO users. Further, most home users would be unwilling to deal with multiple service providers.
It would be advantageous if an inline device existed that would provide the security of the conventional inline arrangement of router and modem, while selectively permitting remote clients connected via a WAN to bypass the router in accessing the LAN.