1. Field of the Invention
The present invention relates generally to computer networking, and more particularly to an apparatus and method for providing a globally routable bypass IP address to a host computer located on a private network. The system makes use of a router integrated Network Address Translation (NAT) service.
2. Description of Related Art
While high-speed Internet connections to large businesses have been in existence for quite some time, high speed Internet connections to homes and small businesses have only recently become more commonplace. Technologies such as Dial-up analog modems, ISDN (Integrated Services Digital Network), Cable modems, Satellite, and DSL (Digital Subscriber Line), are all competing for market share. The two technologies at the forefront, DSL and Cable (collectively known as broadband), offer much faster Internet access than dial-up modems, for a cost substantially lower than ISDN.
Cable modems, enable one to hook up a PC to a local cable television line and receive data at about 1.5 Mbps. This data rate far exceeds that of both 56 Kbps analog modems, and the 128 Kbps of ISDN. The actual bandwidth for Internet service over a cable TV line is up to 27 Mbps for receiving data, and up to about 2.5 Mbps of bandwidth for transmitting data. However, since the local provider may not be connected to the Internet on a line faster than a T-1 at 1.5 Mpbs, a more likely data rate will be closer to 1.5 Mpbs. Cable, however, suffers the drawback that it is carried on existing cable television lines, which not all homes, and especially not all small businesses are equipped with. Furthermore, available bandwidth is shared with other cable users in the same geographic area.
DSL, on the other hand, is 20 times faster than satellite connections, 60 times faster than ISDN, and 250 times faster than 33.6 Kbps analog modems. xDSL (hereafter “DSL”) refers to different variations of DSL, such as ADSL (Asymmetric Digital Subscriber Line), HDSL (High bit-rate Digital Subscriber Line), and RADSL (Rate Adaptive Digital Subscriber Line). Assuming that the location of one's home or business is close enough to a telephone company central office that offers DSL service, one can receive data at rates up to 6.1 megabits (millions of bits) per second. More typically, individual connections will provide from 1.544 Mbps to 512 Kbps downstream and about 128 Kbps upstream. Best of all, those bits are transmitted via the same copper wire one uses for telephone calls, but without the complex setup of ISDN. DSL does this by taking advantage of unused frequencies that exist on standard telephone lines. An added advantage is that the original POTS (plain-old telephone service) frequencies remain free to handle voice traffic over the same copper wires. Yet another advantage is that one does not share the line with others in the same geographical area. Within a few years, DSL is expected to replace ISDN in many areas and to compete with the cable modem in bringing multimedia to homes and small businesses around the world.
As consumers becomes more technically advanced, they place ever increasing technical demands on their broadband Internet connections. For example, consumers may want to connect multiple computers on a Local Area Network (LAN) to the Internet, or may require running a Web server through their broadband connection.
FIG. 1 is a block diagram of an existing system 100 for connecting multiple computers (hereafter “hosts”) 102 through a broadband modem 104 and an Internet Service Provider (ISP) 106, to the Internet 108. This system 100 uses a Network Address Translation (NAT) service, which is typically found on a NAT device 110, such as those provided by LINKSYS. NAT is used to translate Internet Protocol addresses (hereafter “IP addresses”) between distinct networks. Typically, NAT translates IP addresses between a private network 118, such as a home LAN, and a public network 120, such as the Internet. For example, a NAT service maps private IP addresses to one or more public IP addresses outgoing packets being transmitted from the private network to the public network, and unmaps the public IP addresses on incoming packets being transmitted from the public network to the private network, back into private IP addresses. Generally, public IP addresses are globally routable IP addresses associated with the Internet, such as 216.115.108.33.
NAT, therefore, allows multiple computing devices on a LAN to connect to the Internet, while sharing only a few public IP addresses. This conserves the number of global public IP addresses, which are typically bought or leased by the consumer or his ISP.
NAT also helps ensure security since each outgoing or incoming request must go through a translation process that offers the opportunity to qualify or authenticate the request or match it to a previous request. Furthermore, NAT can be statically defined or it can be set up to dynamically translate from, and to, a pool of IP addresses. A description of NAT, in general terms, can be found in RFC 1631, which is incorporated herein by reference.
An example of a NAT table 200 is shown in FIG. 2. Various private IP addresses 204, such as 20.20.20.1–20.20.20.4, are assigned to hosts connected to the private network. One or more public IP addresses 202 are provided, such as 207.05.07.05. Requests sent from any host out to the Internet are assigned a high source Transmission Control Protocol (TCP) port number, i.e. from 1024 to 65536, where a TCP port is the way a client program specifies a particular server program on a computer in a network. Typically, the request contains a header including its Private IP address 204; the address of the Web server 116 (FIG. 1) where it is being sent, such as <WWW.YAHOO.COM> (or it's associated IP address); the destination TCP port 206 that the Web server is listening on, typically 80; and the source TCP port number 208, typically a random number from 1024 to 65536.
If only one host is connected to the Internet, there is generally no problem. The NAT service simply edits the header to indicate that the request is coming from the public IP address 202, and sends the request out to the Internet. Problems may, however, occur when more than one host is connected to the private network. Although unlikely, two hosts might use the identical source TCP port number 208, such as 50202. This makes receiving a response to the request impossible, as the NAT service cannot ascertain which of the two hosts to send the response to, as they both have the same source TCP port number 208. To alleviate this problem, the NAT service assigns random, yet distinct, new TCP source port numbers 210 to each host, which it places in the request header. Therefore, a response returning from a Web server 116 (FIG. 1) is accurately sent to the host, having the newly assigned port number, that requested the response.
When the NAT device translates incoming data packets from the public network, it translates the public IP address 202 to the private IP address 204 associated with the TCP port of the host that requested the packet. Some network protocols embed the IP address in the data section of the packet where a NAT product cannot easily translate it. This breaks several common network protocols and requires the user to implement technically complex, application specific, workarounds.
The above described system works fine for outbound routing of data packets and for return packets responding to an outbound request. The system does not however work for inbound data packets directed at, for example, a Web server on a private network. A number of complex software and hardware solutions exist to solve this problem. However, no consumer configurable, or self configurable, system exists for setting up a Web server on a private network. applications such as streaming media.
Moreover, by having a NAT device connected between a host, acting as a Web server, and the modem, necessitates assigning a public IP address to the NAT device. This wastes precious public IP addresses.
Therefore, a need exists for a easily configurable system for setting up a Web server on a private network.