The present invention relates to methods and apparatus for processing data within a computer network. More specifically, this invention relates to performing network address translation on data.
In a network, devices on the network are provided network addresses, which are used to identify the different devices, when devices communicate between each other. IP protocol version 4 (IPv4) is a protocol used to provide addresses for public and private networks. A private network, such as an enterprise system, may be connected to a public network, such as the Internet. Such private networks may have more devices than available Internet IPv4 addresses allocated to the private network. In such a situation, a network address translator (NAT) may be connected between the private network and the Internet. The NAT may dynamically assign IPv4 addresses, so that the number of devices using the Internet at one time is limited to the available number of IPv4 addresses allocated to the private network. In the alternative, the NAT may use port address translation, where port numbers are used to further identify different devices with the same address.
IPv4 uses a 32-bit address. Even with these various multiplexing methods to allow multiple devices for each Internet IPv4 address, the number of devices that are desired to be connected to the Internet will exceed the limits of a 32-bit address. IPv6 is a protocol that is designed to replace IPv4. IPv6 provides for a 128-bit address to overcome address depletion and other problems caused by IPv4. Because a large number of devices and routers using IPv4 are in existence, IPv6 should replace IPv4 gradually, instead of instantaneously. As a result, networks using IPv6 need to be able to communicate with networks using IPv4 for a long period of time.
FIG. 1 is a schematic illustration of a system 100 that allows a network address translator (NAT) 106 to provide network address translations between a private IPv4 network with a plurality of IPv4 users 101, 102, 103 and a public network 104, such as an Internet, which is connected to a plurality of web servers 105, using the IPv4 protocol. The NAT 106 is able to provide a plurality of users Internet access, using a small number of IPv4 addresses. In this example, a single IPv4 address of 128.1.1.1 is assigned to the NAT 106. The NAT 106 may assign the plurality of users 101, 102, 103 private network addresses. For example, a user A 101 may be assigned a private network address of 10.1.1.1, a user B 102 may be assigned a private network address of 10.1.1.2, and a user C 103 may be assigned a private network address of 10.1.1.3. In this example, the web server 105 has a public address of 130.1.1.10. In this example, since the NAT 106 has a single Internet public address, the NAT 106 uses port address translation (PAT) to multiplex the single address by port number. In IPv4, the port number is 16 bits, providing 65,536 port numbers. Generally, port numbers 0-1024 are reserved for defined standard Internet uses. Therefore, the NAT 106 may use user definable ports 1025-65,535 for port address translation.
If user A 101 sends a packet to the web server 105, the packet sent from user A 101 to the NAT 106 may have the following protocol, source address, source port, destination address, and destination port numbers.
ProtocolSASPDADPTCP10.1.1.110,000130.1.1.1080
The NAT 106 uses a lookup table such as Table 1 to translate the packet source and destination address and ports.
TABLE 1PrivatePublicProtocolSASPDADPSASPDADPTCP10.1.1.110,000130.1.1.1080128.1.1.110,000130.1.1.1080
As a result, the packet's destination and source address and ports are translated to:
SASPDADP128.1.1.110,000130.1.1.1080Then the packet is sent from the NAT 106 to the web server 105 at the destination address.
The web server 105 may then send a packet back to user A 101 in reply. The packet sent from the web server 105 to the NAT 106 may have address and port designations as follows:
ProtocolSASPDADPTCP130.1.1.1080128.1.1.110,000
Using Table 1, the NAT 106 translates the destination and source address and port of the packet to:
SASPDADP130.1.1.108010.1.1.110,000
FIG. 2 is a schematic illustration of a system 200 that allows a network address translator-protocol translator (NAT-PT) 206 to provide network address and protocol translations between an IPv6 network with a plurality of IPv6 users 201, 202, 203 and a public network 204, such as an Internet, which is connected to a plurality of web servers 205, using the IPv4 protocol. The NAT-PT 206 is able to provide a protocol translation to a plurality of IPv6 users, using a small number of IPv4 addresses. In this example, a single IPv4 address of 128.1.1.1 is assigned to the NAT-PT 206 host. The plurality of users 201, 202, 203 may be assigned public IPv6 addresses. For example, a user A 201 may be assigned an IPv6 network address of 3000::1, a user B 202 may be assigned an IPv6 network address of 3000::2, and a user C 203 may be assigned an IPv6 network address of 3000::3. In this example, the web server 205 has a public IPv4 address of 130.1.1.10. In this example, since the NAT-PT 206 has a single Internet public address, the NAT-PT 206 uses port address translation (PAT) to multiplex the single address by port number.
If user A 201 sends an IPv6 packet to the web server 205, the packet sent from user A 201 to the NAT-PT 206 may have the following protocol, source address, source port, destination address, and destination port numbers:
ProtocolSASPDADPTCP3000::120,0005000::1080Although the web server 205 has an IPv4 address of 130.1.1.10, the NAT-PT 206 assigns an IPv6 address of 5000::10 to it, so that user A 201 may address the web server 205 in an IPv6 format. This IPv6 address assignment to the web server could be due to prior configuration on the NAT-PT device, statistically or through a dynamic binding.
The NAT-PT 206 uses a lookup table such as Table 2 to translate the packet source and destination address and ports.
TABLE 2ProtocolSASPDADPIPv6TCP3000::120,0005000::1080IPv4TCP128.1.1.120,000130.1.1.1080
As a result, the packet's destination and source address and ports are translated to:
SASPDADP128.1.1.120,000130.1.1.1080Then the IPv4 packet is sent from the NAT-PT 206 to the web server 205 at the destination address.
The web server 205 may then send a packet back to user A 201 in reply. The IPv4 packet sent from the web server 205 to the NAT-PT 206 may have protocol, address and port designations as follows:
ProtocolSASPDADPTCP130.1.1.1080128.1.1.110,000
Using Table 2, the NAT-PT 206 translates the destination and source address and port of the packet to:
SASPDADP5000::10803000::120,000
Therefore, the prior art NAT with PAT is able to connect a plurality of IPv4 users to the Internet and the prior art NAT-PT with PAT is able to connect a plurality of IPv6 users to IPv4 web servers on the Internet.