WO2006084957A1 - Communication channel between at least two private networks - Google Patents

Communication channel between at least two private networks Download PDF

Info

Publication number
WO2006084957A1
WO2006084957A1 PCT/FI2006/050062 FI2006050062W WO2006084957A1 WO 2006084957 A1 WO2006084957 A1 WO 2006084957A1 FI 2006050062 W FI2006050062 W FI 2006050062W WO 2006084957 A1 WO2006084957 A1 WO 2006084957A1
Authority
WO
WIPO (PCT)
Prior art keywords
proxy
address
network
private network
private
Prior art date
Application number
PCT/FI2006/050062
Other languages
French (fr)
Inventor
Sami Ehoniemi
Jussi VAINIONPÄÄ
Jari Weckman
Original Assignee
Teliasonera Ab
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Teliasonera Ab filed Critical Teliasonera Ab
Priority to EP06708966A priority Critical patent/EP1849274A4/en
Publication of WO2006084957A1 publication Critical patent/WO2006084957A1/en
Priority to NO20073988A priority patent/NO20073988L/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2521Translation architectures other than single NAT servers
    • H04L61/2528Translation at a proxy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2521Translation architectures other than single NAT servers
    • H04L61/2535Multiple local networks, e.g. resolving potential IP address conflicts

Definitions

  • This invention relates to a method, to a network system and to a proxy for providing a communication channel from a sending terminal in a first private network to at least one receiving terminal in a second private network.
  • IP addresses unique addresses for differentiating various devices connected to the network.
  • the addresses are provided for enabling a communication between the devices over the network. Therefore, all devices connected to the network should have a distinct network address for preventing overlapping of addresses.
  • private networks are provided. These private networks are independent from the general network and therefore devices connected to such may have private addresses that differentiates from other devices in said private network but can overlap with the addresses of devices in another private network. This is possible, because the private networks are separate and not connected to each other.
  • a transformation between the addresses is needed.
  • the transformation can be done by a proxy server that makes, based on a request from a private network client, a request to a general network in client's network and sends, in response to private network client, a response from general network to the request.
  • a transformation is presented in a publication US2002/0087721 A1. In the publication a plurality of private networks are connected to general network despite of possible overlapping of private addresses.
  • Respective private networks possess virtual local area network identification information, whereby when the respective private network is connected with the general network, a duplicate network address- translating device performs a translation between the private address and the general address by utilizing the virtual local area network identification and the private address of the respective private networks in pairs.
  • a method, a system and a proxy are provided.
  • the method is mainly characterized in that the method comprises steps for mapping the first private network address to a first proxy assigned address and mapping the second private network address to a second proxy assigned address, for informing the first proxy assigned address to the receiving terminal and informing the second proxy assigned address to the sending terminal, for receiving an originating application packet from a sending terminal to be communicated to the second proxy assigned address, for transforming said originating packet into a targeting application packet having a second private network address instead of the second proxy assigned address, and for sending the targeting packet to the receiving terminal.
  • the network system is mainly characterized in that the network system comprises first means for mapping the first private network address to a first proxy assigned address and mapping the second private network address to a second proxy assigned address, second means for informing the first proxy assigned address to the receiving terminal and informing the second proxy assigned address to the sending terminal, wherein the sending terminal is capable of sending an originating application packet to the second proxy assigned address, whereby the first means are capable of transforming said originating packet into a targeting application packet having a second private network address instead of the second proxy assigned address, and sending the targeting packet to the receiving terminal.
  • the proxy is mainly characterized in that the proxy is capable of mapping the first private network address to a first proxy assigned address and mapping the second private network address to a second proxy assigned address, informing the first proxy assigned address to the receiving terminal and informing the second proxy assigned address to the sending terminal, receiving an originating application packet from the sending terminal to be communicated to the second proxy assigned address, and transforming said originating packet into a targeting application packet having a second private network address instead of the second proxy assigned address, and sending the targeting packet to the receiving terminal.
  • the current solution enables communication between several networks even with same network addresses, whereby overlapping of network addresses of e.g. private networks is not prohibited.
  • the current solution will help to combine different kind of network environments, and in particular to combine different networks seamlessly from users' point of view.
  • This solution also enables an interworking between several separate and independently build service networks that offer services to end- users.
  • a service network is mobile network (e.g. UMTS, GPRS, CDMA), WLAN (Wireless Local Area Network) hotspot and DSL (Digital Subscriber Line).
  • IMS/SIP IP Multimedia Subsystem/Session Initiation Protocol
  • Figure 1 illustrates an example of a network system
  • Figure 2 illustrates an example of an address processing by the proxy
  • Figures 3a, b illustrate signaling examples of session initiation
  • Figures 4a, b illustrate application packet communication according to one example of the method.
  • address refers to such an address that can be used for reaching a specific terminal or a device in a network.
  • address refers to IP address/port pair information, but other network identifying addresses are possible as well.
  • the idea is to determine into which network a packet belongs and to reestablish the packet in such a manner that the packet can be directed to that network.
  • the determination of the network can base on control plane signaling. The implementation of the procedure is described next.
  • Figure 1 illustrates an example of a network system wherein private networks 110, 120, 130 are connected to a proxy 150.
  • the connection to the proxy 150 can be made by tunnels 113, 123, 133.
  • the proxy 150 may have an access to the IP space of the private networks.
  • the private networks 110, 120, 130 are separate from other private networks and from each others; they have specific network addresses that may overlap with the others.
  • a sending terminal X and a receiving terminal Y are illustrated.
  • the proxy 150 is arranged to form the communication channel between terminal and between private networks and to transmit application packets between them. For doing that, the proxy 150 is capable of handling said packets and determining a correct destination address (e.g. IP address/port pair) and using said destination address for transferring the packets into the correct network address.
  • the terminals X, Y connected to the proxy 150 does not necessarily need to know the addresses of other terminals. Because the communication is handled by the proxy, the terminals X, Y does not need to communicate directly to each other.
  • Packet 1 illustrates an example of a packet originating from the sending terminal (X) in the private network 110 and packet 2 illustrates the same packet targeting the receiving terminal (Y) in the private network 120.
  • the proxy 150 situates between these private networks 110, 120 and it is arranged to transform the originating packet 1 into form of the targeting packet 2.
  • Both packets 1 , 2 are composed of a tunneling packet 1.3, 2.3 inside which an application packet 1.5, 2.5 is encapsulated.
  • Networks 110, 120 having same private network addresses are used as an example.
  • the terminals X, Y have differentiating individual names (referred as "network names") that are more popular (e.g. user can be reached by user@network) because of the network names are easier to use.
  • the proxy 150 may have one or more network addresses, according to which the proxy 150 may communicate with each of the networks 110, 120.
  • the communication channel between the terminals X, Y needs to be formed.
  • the purpose of the channel forming is 1 ) to find out between which networks the communication channel is to be formed; 2) to find out in which private network addresses and ports the terminals desire to receive the packets; 3) and to determine, into which private network addresses and gates the terminals will send the packets.
  • the communication channel can be formed by signaling, for example, as illustrated in examples in figures 3a, 3b.
  • the sending terminal X requests communication with receiving terminal Y having a same private IP address (IP 10.0.0.1 :1234). From figure 3a it can be seen that the invite signaling comprises information about the receiving terminal
  • the invite message is signaled to a routing server (IMS A) of a first network 110, which further signals the invite message to the proxy 150 (having address, e.g. IP: 23.23.23.23).
  • the proxy 150 forms and reserves an internal state, e.g. 23.23.23.23:2000, and implements a mapping (310) between said state and the address of the sending terminal X (10.0.0.1 :1234).
  • Internal state corresponds to a single mapping and to an address in the proxy 150 identifying said mapping.
  • the proxy 150 assigns a new address for the private network in question, which proxy assigned address is stored in the internal state.
  • the proxy stores information about the network 110, whereby state "23.23.23.23:2000" corresponds "10.0.0.1 :1234 in network 110".
  • the proxy 150 transmits the invite message to routing server (IMS B) in network 120.
  • the proxy is capable of transmitting the message to the correct network according to the domain information (@120) of the receiving terminal Y.
  • the invite message comprises also information concerning where the sending terminal X is capable of receiving data. That information is changed from the address of sending terminal (X) to the address assigned by the proxy 150.
  • the routing server (IMS B) further sends the invite message to receiving terminal Y.
  • Figure 3b presents the response situation, wherein the receiving terminal Y at IP address 10.0.0.1 signals a response message wherein its private IP address 10.0.0.1 :1234 is indicated.
  • This response message is transmitted to the proxy 150 that forms and reserves (320) another internal state, e.g. 23.23.23.23:2001 corresponding the address "10.0.0.1 :1234 in network 120".
  • the response message is further transmitted to the routing server IMS A, which signals it to sending terminal X.
  • this response message comprises information about the address assigned by the proxy for network 120, where the receiving terminal Y is capable of receiving data.
  • the proxy 150 selects the internal state addresses in such a manner that the same state or address is not used in more than one communication simultaneously.
  • the assigned address replaces the source network address/port in the signaling.
  • the proxy 150 can store the selected state and information about the location (network 110, network 120) of the terminal (X, Y).
  • Figures 4a, 4b presents the communication of application packets.
  • the sending terminal X may send application data to the receiving terminal Y.
  • the application data is sent as data packets, as illustrates in figure 2.
  • Figures 4a, 4b both illustrate a situation for communicating application data between terminals X, Y.
  • the sending terminal is terminal X and receiving terminal is terminal Y.
  • the sending terminal is terminal Y and the receiving terminal is terminal X. It will be appreciated that in the same session the sending terminal may act also as receiving terminal and vice versa.
  • What is common to figures 4a, 4b is that when sending terminal sends application packet having a destination address, the destination address corresponds the proxy assigned address reserved in the proxy 150.
  • the sending terminal X forms an application packet to destination 23.23.23.23:2001.
  • This packet is send to the proxy 150, which makes a search (410) "who is 23.23.23.23:2001 " to its memory means and an internal table therein.
  • the proxy 150 receives "10.0.0.1 :1234 in network 120".
  • the proxy 150 transforms the originating application packet into targeting packet having the actual private address of receiving terminal Y (destination: 10.0.0.1 :1234).
  • the communication from the receiving terminal to the sending terminal can be done (see figure 4b).
  • the first destination address is 23.23.23.23:2000, which is searched (420) for founding the corresponding address 10.0.0.1 in network 110.
  • the proxy 150 When terminals X and Y have completed the communication, the proxy 150 is informed about the situation by signaling. Because of this, the proxy 150 may remove the internal table for the proxy assigned addresses and the states and the locations of terminals from its storage means. In addition to the aforementioned capabilities the proxy may have other functionalities as well, e.g. for enhancing the pOcedure or controlling the signaling.

Abstract

The invention relates to a method, a network system and a proxy for providing a communication channel from a sending terminal (X) in a first private network (110) to at least one receiving terminal (Y) in a second private network (120), each of which private networks is identifiable by a network address. The private network addresses are mapped to a corresponding proxy assigned addresses, which addresses are informed to the terminals. An originating application packet (1) from a sending terminal (X) to be communicated to the second proxy assigned address, is transformed into a targeti ng packet (2) having a second private network address instead of the second proxy assigned address. The targeting packet (2) is sent to the receiving terminal (Y).

Description

COMMUNICATION CHANNEL BETWEEN AT LEAST TWO PRIVATE NETWORKS
Field of the invention
This invention relates to a method, to a network system and to a proxy for providing a communication channel from a sending terminal in a first private network to at least one receiving terminal in a second private network.
Background of the invention
Current general IP network, Internet, utilizes unique addresses (IP addresses) for differentiating various devices connected to the network. The addresses are provided for enabling a communication between the devices over the network. Therefore, all devices connected to the network should have a distinct network address for preventing overlapping of addresses.
In addition to general network, also private networks are provided. These private networks are independent from the general network and therefore devices connected to such may have private addresses that differentiates from other devices in said private network but can overlap with the addresses of devices in another private network. This is possible, because the private networks are separate and not connected to each other.
If private network with plurality of private addresses is connected to the general network a transformation between the addresses is needed. The transformation can be done by a proxy server that makes, based on a request from a private network client, a request to a general network in client's network and sends, in response to private network client, a response from general network to the request. One example of a transformation is presented in a publication US2002/0087721 A1. In the publication a plurality of private networks are connected to general network despite of possible overlapping of private addresses. Respective private networks possess virtual local area network identification information, whereby when the respective private network is connected with the general network, a duplicate network address- translating device performs a translation between the private address and the general address by utilizing the virtual local area network identification and the private address of the respective private networks in pairs.
It can be seen that in the previous method, the attention is paid to transformation of addresses between a general network, such as
Internet, and a private network. However, the aim of enabling a communication between private networks has arisen because of network providers are using private address networks to the providers' end users for enabling the communication between the end users. In many cases, a private network (such as a corporate network) will be spread over different locations and will use a public backbone network for communications between those locations. Therefore, e.g. in a situation where corporations reserve arbitrarily private addresses and then afterwards try to achieve interoperability with some other corporation, the overlapping of network address may most likely be possible. Currently the overlapping can be avoided by denying same network addresses, however in the long run this is not practical.
Therefore, what is needed, is a solution that enables a communication between private networks regardless of the same network address of the private networks. The current invention is targeted to such a need.
Summary of the invention
For enabling a communication between private networks a method, a system and a proxy are provided.
The method is mainly characterized in that the method comprises steps for mapping the first private network address to a first proxy assigned address and mapping the second private network address to a second proxy assigned address, for informing the first proxy assigned address to the receiving terminal and informing the second proxy assigned address to the sending terminal, for receiving an originating application packet from a sending terminal to be communicated to the second proxy assigned address, for transforming said originating packet into a targeting application packet having a second private network address instead of the second proxy assigned address, and for sending the targeting packet to the receiving terminal.
The network system is mainly characterized in that the network system comprises first means for mapping the first private network address to a first proxy assigned address and mapping the second private network address to a second proxy assigned address, second means for informing the first proxy assigned address to the receiving terminal and informing the second proxy assigned address to the sending terminal, wherein the sending terminal is capable of sending an originating application packet to the second proxy assigned address, whereby the first means are capable of transforming said originating packet into a targeting application packet having a second private network address instead of the second proxy assigned address, and sending the targeting packet to the receiving terminal.
The proxy is mainly characterized in that the proxy is capable of mapping the first private network address to a first proxy assigned address and mapping the second private network address to a second proxy assigned address, informing the first proxy assigned address to the receiving terminal and informing the second proxy assigned address to the sending terminal, receiving an originating application packet from the sending terminal to be communicated to the second proxy assigned address, and transforming said originating packet into a targeting application packet having a second private network address instead of the second proxy assigned address, and sending the targeting packet to the receiving terminal.
The current solution enables communication between several networks even with same network addresses, whereby overlapping of network addresses of e.g. private networks is not prohibited. In a long run, the current solution will help to combine different kind of network environments, and in particular to combine different networks seamlessly from users' point of view.
This solution also enables an interworking between several separate and independently build service networks that offer services to end- users. As an example of a service network is mobile network (e.g. UMTS, GPRS, CDMA), WLAN (Wireless Local Area Network) hotspot and DSL (Digital Subscriber Line). An example of new services are IMS/SIP (IP Multimedia Subsystem/Session Initiation Protocol) based services like gaming or Real Time Video Share (Video call).
Brief description of drawings
A better understanding of the invention may be obtained from the following considerations taken in conjunction with the accompanying drawings, wherein
Figure 1 illustrates an example of a network system,
Figure 2 illustrates an example of an address processing by the proxy,
Figures 3a, b illustrate signaling examples of session initiation, and
Figures 4a, b illustrate application packet communication according to one example of the method.
Detailed description of an embodiment of the invention
In the following, an example of one embodiment of the invention is provided. This example is aimed for understanding purposes, and specific terms are used for the sake of clarity. These terms are intended to refer only to the particular structure of the invention selected for an example with reference to the drawings. These terms are not necessarily intended to define or limit the scope of the invention. In the description term "address" refers to such an address that can be used for reaching a specific terminal or a device in a network. In this example "address" refers to IP address/port pair information, but other network identifying addresses are possible as well.
In this solution the idea is to determine into which network a packet belongs and to reestablish the packet in such a manner that the packet can be directed to that network. The determination of the network can base on control plane signaling. The implementation of the procedure is described next.
Figure 1 illustrates an example of a network system wherein private networks 110, 120, 130 are connected to a proxy 150. The connection to the proxy 150 can be made by tunnels 113, 123, 133. By means of the tunnels 113, 123, 133 and a general network 170, such as Internet, the proxy 150 may have an access to the IP space of the private networks. Between tunnels 113, 123, 133 and private networks 110, 120, 130 there are routers 115, 125, 135 which transmit data packets from corresponding private networks 110, 120, 130. The private networks 110, 120, 130 are separate from other private networks and from each others; they have specific network addresses that may overlap with the others. In the figure 1 also a sending terminal X and a receiving terminal Y are illustrated.
The proxy 150 is arranged to form the communication channel between terminal and between private networks and to transmit application packets between them. For doing that, the proxy 150 is capable of handling said packets and determining a correct destination address (e.g. IP address/port pair) and using said destination address for transferring the packets into the correct network address. The terminals X, Y connected to the proxy 150 does not necessarily need to know the addresses of other terminals. Because the communication is handled by the proxy, the terminals X, Y does not need to communicate directly to each other.
At this point the reference is made to figure 2, wherein a simplified example of an address processing by the proxy 150 and a packet (1 , 2) is presented. Packet 1 illustrates an example of a packet originating from the sending terminal (X) in the private network 110 and packet 2 illustrates the same packet targeting the receiving terminal (Y) in the private network 120. The proxy 150 situates between these private networks 110, 120 and it is arranged to transform the originating packet 1 into form of the targeting packet 2. Both packets 1 , 2 are composed of a tunneling packet 1.3, 2.3 inside which an application packet 1.5, 2.5 is encapsulated.
Networks 110, 120 having same private network addresses (e.g. IP addresses) are used as an example. In addition to these same private network addresses, the terminals X, Y have differentiating individual names (referred as "network names") that are more popular (e.g. user can be reached by user@network) because of the network names are easier to use. The proxy 150 may have one or more network addresses, according to which the proxy 150 may communicate with each of the networks 110, 120.
Before the actual packet communication, the communication channel between the terminals X, Y needs to be formed. The purpose of the channel forming is 1 ) to find out between which networks the communication channel is to be formed; 2) to find out in which private network addresses and ports the terminals desire to receive the packets; 3) and to determine, into which private network addresses and gates the terminals will send the packets. The communication channel can be formed by signaling, for example, as illustrated in examples in figures 3a, 3b. In figure 3a the sending terminal X requests communication with receiving terminal Y having a same private IP address (IP 10.0.0.1 :1234). From figure 3a it can be seen that the invite signaling comprises information about the receiving terminal
(Y@120), about the sending (X@1 1 G), as well as the IP address of the sending terminal (10.0.0.1 :1234). The invite message is signaled to a routing server (IMS A) of a first network 110, which further signals the invite message to the proxy 150 (having address, e.g. IP: 23.23.23.23). The proxy 150 forms and reserves an internal state, e.g. 23.23.23.23:2000, and implements a mapping (310) between said state and the address of the sending terminal X (10.0.0.1 :1234). Internal state corresponds to a single mapping and to an address in the proxy 150 identifying said mapping. In other words the proxy 150 assigns a new address for the private network in question, which proxy assigned address is stored in the internal state. In addition the proxy stores information about the network 110, whereby state "23.23.23.23:2000" corresponds "10.0.0.1 :1234 in network 110". After doing this, the proxy 150 transmits the invite message to routing server (IMS B) in network 120. The proxy is capable of transmitting the message to the correct network according to the domain information (@120) of the receiving terminal Y. What should be noticed, is that the invite message comprises also information concerning where the sending terminal X is capable of receiving data. That information is changed from the address of sending terminal (X) to the address assigned by the proxy 150. The routing server (IMS B) further sends the invite message to receiving terminal Y.
Figure 3b presents the response situation, wherein the receiving terminal Y at IP address 10.0.0.1 signals a response message wherein its private IP address 10.0.0.1 :1234 is indicated. This response message is transmitted to the proxy 150 that forms and reserves (320) another internal state, e.g. 23.23.23.23:2001 corresponding the address "10.0.0.1 :1234 in network 120". The response message is further transmitted to the routing server IMS A, which signals it to sending terminal X. Also this response message comprises information about the address assigned by the proxy for network 120, where the receiving terminal Y is capable of receiving data.
The proxy 150 selects the internal state addresses in such a manner that the same state or address is not used in more than one communication simultaneously. The assigned address replaces the source network address/port in the signaling. The proxy 150 can store the selected state and information about the location (network 110, network 120) of the terminal (X, Y).
Figures 4a, 4b presents the communication of application packets. After the communication channel has been formed and specific states have been reserved by the proxy 150, the sending terminal X may send application data to the receiving terminal Y. The application data is sent as data packets, as illustrates in figure 2. Figures 4a, 4b both illustrate a situation for communicating application data between terminals X, Y. In figure 4a the sending terminal is terminal X and receiving terminal is terminal Y. In figure 4b the sending terminal is terminal Y and the receiving terminal is terminal X. It will be appreciated that in the same session the sending terminal may act also as receiving terminal and vice versa. What is common to figures 4a, 4b is that when sending terminal sends application packet having a destination address, the destination address corresponds the proxy assigned address reserved in the proxy 150. As in figure 4a, the sending terminal X forms an application packet to destination 23.23.23.23:2001. This packet is send to the proxy 150, which makes a search (410) "who is 23.23.23.23:2001 " to its memory means and an internal table therein. As a response the proxy 150 receives "10.0.0.1 :1234 in network 120". According to said response the proxy 150 transforms the originating application packet into targeting packet having the actual private address of receiving terminal Y (destination: 10.0.0.1 :1234). In a similar manner the communication from the receiving terminal to the sending terminal can be done (see figure 4b). It will be appreciated that in the situation of figure 4b, the first destination address is 23.23.23.23:2000, which is searched (420) for founding the corresponding address 10.0.0.1 in network 110.
When terminals X and Y have completed the communication, the proxy 150 is informed about the situation by signaling. Because of this, the proxy 150 may remove the internal table for the proxy assigned addresses and the states and the locations of terminals from its storage means. In addition to the aforementioned capabilities the proxy may have other functionalities as well, e.g. for enhancing the pOcedure or controlling the signaling.
It will be clear that variations and modifications of the previous example are possible without departing from the scope of protection of the invention as set forth in the claims.

Claims

CLAIMS:
1. A method for providing a communication channel from a sending terminal (X) in a first private network (110) to at least one receiving terminal (Y) in a second private network (120), each of which private networks is identifiable by a network address, characterized in that the method comprises steps for
- mapping the first private network address to a first proxy assigned address and mapping the second private network address to a second proxy assigned address,
- informing the first proxy assigned address to the receiving terminal (Y) and informing the second proxy assigned address to the sending terminal (X), - receiving an originating application packet (1 ) from a sending terminal (X) to be communicated to the second proxy assigned address,
- transforming said originating application packet (1 ) into a targeting application packet (2) having a second private network address instead of the second proxy assigned address, and
- sending the targeting application packet (2) to the receiving terminal (Y).
2. The method according to claim 1 , characterized in that the mapping is carried out within a session initiation signalling.
3. The method according to claim 1 , characterized in that the originating packet (1 ) is transformed into the targeting packet (2) after a corresponding private network address for the second proxy assigned address is found.
4. The method according to claim 1 , characterized in that the communication channel is formed by a proxy (150).
5. A network system comprising at least a first private network (110) having at least a sending terminal (X), and a second private network (120) having at least a receiving terminal (Y), each of which private networks is identifiable by a network address, characterized in that the network system comprises
- first means for mapping the first private network address to a first proxy assigned address and mapping the second private network address to a second proxy assigned address, - second means for informing the first proxy assigned address to the receiving terminal (Y) and informing the second proxy assigned address to the sending terminal (X), wherein
- the sending terminal (X) is capable of sending an originating application (1 ) packet to the second proxy assigned address, whereby
- the first means are capable of transforming said originating application packet (1 ) into a targeting application (2) packet having a second private network address instead of the second proxy assigned address, and sending the targeting application packet (2) to the receiving terminal (Y).
6. The system according to claim 5, characterized by a proxy (150) into which said first and second means is arranged.
7. The system according to claim 5 or 6, characterized in that the first means (150) are capable of searching a corresponding private network address for the second proxy assigned address and after found, transforming the originating application packet
(1) into the targeting application packet (2).
8. The network system according to claim 7, characterized in that the private networks (110, 120) are tunnelled to said proxy (150).
9. The network system according to any of the preceding claims 5 — 8, characterized in that the network addresses are IP addresses.
10. A proxy (150) for providing a communication channel from a sending terminal (X) in a first private network (110) to a receiving terminal (Y) in a second private network (120), each of which private networks is identifiable by a network address, characterized in that the proxy (150) is capable of - mapping the first private network address to a first proxy assigned address and mapping the second private network address to a second proxy assigned address,
- informing the first proxy assigned address to the receiving terminal (Y) and informing the second proxy assigned address to the sending terminal (X),
- receiving an originating application packet (1 ) from the sending terminal (X) to be communicated to the second proxy assigned address, and - transforming said originating application packet (1 ) into a targeting application packet (2) having a second private network address instead of the second proxy assigned address, and sending the targeting packet (2) to the receiving terminal (Y).
11. The proxy (150) according to claim 10, characterized in that said proxy (150) comprises tunnels (113, 123) to the private networks (110, 120).
12. The proxy (150) according to claim 10 or 11 , characterized in that said proxy (150) is capable of searching a corresponding private network address to the second proxy assigned address, and when found, transforming the originating application packet (1 ) into the targeting application packet (2).
13. The proxy (150) according to any of the preceding claims
10 — 12, characterized in that the network addresses are IP addresses.
PCT/FI2006/050062 2005-02-14 2006-02-13 Communication channel between at least two private networks WO2006084957A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP06708966A EP1849274A4 (en) 2005-02-14 2006-02-13 Communication channel between at least two private networks
NO20073988A NO20073988L (en) 2005-02-14 2007-08-01 Communication channel between at least two private networks

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FI20055064A FI118316B (en) 2005-02-14 2005-02-14 Communication channel between at least two private networks
FI20055064 2005-02-14

Publications (1)

Publication Number Publication Date
WO2006084957A1 true WO2006084957A1 (en) 2006-08-17

Family

ID=34224274

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FI2006/050062 WO2006084957A1 (en) 2005-02-14 2006-02-13 Communication channel between at least two private networks

Country Status (4)

Country Link
EP (1) EP1849274A4 (en)
FI (1) FI118316B (en)
NO (1) NO20073988L (en)
WO (1) WO2006084957A1 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009062504A1 (en) * 2007-11-13 2009-05-22 Tnm Farmguard Aps Secure communication between a client and devices on different private local networks using the same subnet addresses
US9183028B1 (en) * 2010-09-30 2015-11-10 Amazon Technologies, Inc. Managing virtual computing nodes
US20160072764A1 (en) * 2014-09-10 2016-03-10 T-Mobile Usa, Inc. Dynamic double network address translator
US9959132B2 (en) 2010-09-30 2018-05-01 Amazon Technologies, Inc. Managing virtual computing nodes using isolation and migration techniques
US10445124B2 (en) 2010-09-30 2019-10-15 Amazon Technologies, Inc. Managing virtual computing nodes using isolation and migration techniques
CN113098991A (en) * 2021-03-29 2021-07-09 北京金山云网络技术有限公司 Message processing method and device, private line access gateway and public cloud system
US11455181B1 (en) * 2014-09-19 2022-09-27 Amazon Technologies, Inc. Cross-network connector appliances

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6038233A (en) * 1996-07-04 2000-03-14 Hitachi, Ltd. Translator for IP networks, network system using the translator, and IP network coupling method therefor
US20020010799A1 (en) * 2000-04-04 2002-01-24 Makoto Kubota Communication data relay system and method of controlling connectability between domains
US6434627B1 (en) * 1999-03-15 2002-08-13 Cisco Technology, Inc. IP network for accomodating mobile users with incompatible network addressing
US6493765B1 (en) * 1999-03-23 2002-12-10 Nortel Networks Limited Domain name resolution in a network having multiple overlapping address domains
US6629137B1 (en) * 2000-04-26 2003-09-30 Telefonaktiebolaget L.M. Ericsson Network interface devices methods system and computer program products for connecting networks using different address domains through address translation
US20040024879A1 (en) * 2002-07-30 2004-02-05 Dingman Christopher P. Method and apparatus for supporting communications between a computing device within a network and an external computing device
WO2005048106A2 (en) * 2003-11-11 2005-05-26 Net6, Inc. Virtual private network with pseudo server

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7272650B2 (en) * 2001-04-17 2007-09-18 Intel Corporation Communication protocols operable through network address translation (NAT) type devices

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6038233A (en) * 1996-07-04 2000-03-14 Hitachi, Ltd. Translator for IP networks, network system using the translator, and IP network coupling method therefor
US6434627B1 (en) * 1999-03-15 2002-08-13 Cisco Technology, Inc. IP network for accomodating mobile users with incompatible network addressing
US6493765B1 (en) * 1999-03-23 2002-12-10 Nortel Networks Limited Domain name resolution in a network having multiple overlapping address domains
US20020010799A1 (en) * 2000-04-04 2002-01-24 Makoto Kubota Communication data relay system and method of controlling connectability between domains
US6629137B1 (en) * 2000-04-26 2003-09-30 Telefonaktiebolaget L.M. Ericsson Network interface devices methods system and computer program products for connecting networks using different address domains through address translation
US20040024879A1 (en) * 2002-07-30 2004-02-05 Dingman Christopher P. Method and apparatus for supporting communications between a computing device within a network and an external computing device
WO2005048106A2 (en) * 2003-11-11 2005-05-26 Net6, Inc. Virtual private network with pseudo server

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP1849274A4 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009062504A1 (en) * 2007-11-13 2009-05-22 Tnm Farmguard Aps Secure communication between a client and devices on different private local networks using the same subnet addresses
US9183028B1 (en) * 2010-09-30 2015-11-10 Amazon Technologies, Inc. Managing virtual computing nodes
US9959132B2 (en) 2010-09-30 2018-05-01 Amazon Technologies, Inc. Managing virtual computing nodes using isolation and migration techniques
US9979694B2 (en) 2010-09-30 2018-05-22 Amazon Technologies, Inc. Managing communications between virtual computing nodes in a substrate network
US10445124B2 (en) 2010-09-30 2019-10-15 Amazon Technologies, Inc. Managing virtual computing nodes using isolation and migration techniques
US20160072764A1 (en) * 2014-09-10 2016-03-10 T-Mobile Usa, Inc. Dynamic double network address translator
US11455181B1 (en) * 2014-09-19 2022-09-27 Amazon Technologies, Inc. Cross-network connector appliances
CN113098991A (en) * 2021-03-29 2021-07-09 北京金山云网络技术有限公司 Message processing method and device, private line access gateway and public cloud system
CN113098991B (en) * 2021-03-29 2022-11-04 北京金山云网络技术有限公司 Message processing method and device, private line access gateway and public cloud system

Also Published As

Publication number Publication date
FI20055064A (en) 2006-08-15
FI118316B (en) 2007-09-28
EP1849274A1 (en) 2007-10-31
FI20055064A0 (en) 2005-02-14
EP1849274A4 (en) 2010-07-07
NO20073988L (en) 2007-09-14

Similar Documents

Publication Publication Date Title
US10079803B2 (en) Peer-to-peer connection establishment using TURN
TWI437863B (en) Peer-to-peer mobility management in heterogeneous ipv4 networks
ES2377488T3 (en) Combination of devices that have local addresses and devices that have wide area network (WAN) addresses in a single network
US8914486B2 (en) Method, system and device for implementing identity identifier and location separation
WO2007033363A2 (en) System and method for providing packet connectivity between heterogeneous networks
US20060056420A1 (en) Communication apparatus selecting a source address
JP4511603B2 (en) Configuration for providing peer-to-peer communication in public land mobile networks
EP3720100A1 (en) Service request processing method and device
CN101212393B (en) Medium independent switching message transmission method, system, and device
CN102075420B (en) Location identifier and host identifier separation-based system and mobility management method thereof
US8724630B2 (en) Method and system for implementing network intercommunication
CA2533875A1 (en) Mobility in a multi-access communication network
WO2006084957A1 (en) Communication channel between at least two private networks
WO2011032481A1 (en) Communication method, method for forwarding data message during the communication process and communication node thereof
CN102215160A (en) Data communication system and method
KR101381701B1 (en) Data message processing method, system and access service node
CN102035813A (en) End-to-end call realizing method, end-to-end call terminal and system
JP2013504956A (en) Method, system and communication terminal for realizing mutual communication between new network and Internet
TW200840282A (en) Systems and methods for transporting data across an air interface using reduced address headers
Albuquerque et al. Global information grid (GIG) edge network interface architecture
Pierrel et al. A policy system for simultaneous multiaccess with host identity protocol
US20070091875A1 (en) Method and System For Device Mobility Using Application Label Switching In A Mobile Communication Network
WO2011124121A1 (en) Inter-network data communication system and method
TWI248282B (en) Telecommunication system and method for routing data of an IP-based PBX extension to a host
CN102957618A (en) Server, system and method for communication based on server in identity position separation network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
DPE2 Request for preliminary examination filed before expiration of 19th month from priority date (pct application filed from 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2006708966

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE

WWP Wipo information: published in national office

Ref document number: 2006708966

Country of ref document: EP