公开(公告)号：US09112919B1

公开(公告)日：2015-08-18

申请号：US13459482

申请日：2012-04-30

Applicant: Suresh Kumar Vinapamula Venkata ,  Rajesh Mohan ,  Sarat Kamisetty ,  Reinaldo Penno ,  Sanjay V. Agrawal

Inventor： Suresh Kumar Vinapamula Venkata ,  Rajesh Mohan ,  Sarat Kamisetty ,  Reinaldo Penno ,  Sanjay V. Agrawal

IPC: G06F15/16 ,  G06F15/173 ,  H04L29/12

CPC classification number: H04L67/141 ,  H04L61/25 ,  H04L61/2514 ,  H04L61/2517 ,  H04L61/255 ,  H04L61/256 ,  H04L61/6068 ,  H04L67/142

Abstract: A node is configured to receive, from a second node, a request to establish a session; perform, in response to the request, a network address translation (NAT) operation to establish the session, the NAT operation causing a first port block to be allocated to the session, the first port block including a first set of ports via which traffic, associated with the session, is transported; determine that the set of ports are no longer available for the session; determine whether a quantity of times that the first port block has been allocated to the session is greater than a threshold; and retain the first port block, for the session, when the quantity of times that the first port block has been allocated to the session is not greater than the threshold.

Abstract translation: 节点被配置为从第二节点接收建立会话的请求; 响应于所述请求，执行网络地址转换（NAT）操作以建立所述会话，所述NAT操作使得将第一端口块分配给所述会话，所述第一端口块包括第一组端口，经由所述第一端口， 与会议相关联，运输; 确定该组端口不再可用于会话; 确定第一端口块已经被分配给会话的次数是否大于阈值; 并且当第一个端口块已分配给会话的次数不大于阈值时，保留第一个端口块，用于该会话。

公开(公告)号：US08806033B1

公开(公告)日：2014-08-12

申请号：US13174457

申请日：2011-06-30

Applicant: Suresh Kumar Vinapamula Venkata ,  Rajesh Mohan ,  Sarat Kamisetty ,  Reinaldo Penno ,  Sanjay V. Agrawal

Inventor： Suresh Kumar Vinapamula Venkata ,  Rajesh Mohan ,  Sarat Kamisetty ,  Reinaldo Penno ,  Sanjay V. Agrawal

IPC: G06F15/16

CPC classification number: H04L67/141 ,  H04L45/302 ,  H04L61/25

Abstract: A network device may receive a request from a local device to establish a connection with a another device. The request may include an internal network identifier of the local device. The network device may evaluate a plurality of external network identifiers, associated with the network device based on selected criteria. The network device may also, or alternatively, evaluate the external network identifiers by identifying an external network identifier that is already mapped to, or paired with, the internal network identifier. The network device may select an external network identifier, of the plurality of external network identifiers, based on the evaluation and establish the connection requested by the local device using the internal network identifier and the external network identifier.

Abstract translation: 网络设备可以从本地设备接收建立与另一设备的连接的请求。 该请求可以包括本地设备的内部网络标识符。 网络设备可以基于所选择的标准来评估与网络设备相关联的多个外部网络标识符。 网络设备还可以或者替代地通过识别已经映射到内部网络标识符或与内部网络标识符配对的外部网络标识符来评估外部网络标识符。 网络设备可以基于评估来选择多个外部网络标识符中的外部网络标识符，并且使用内部网络标识符和外部网络标识符建立由本地设备请求的连接。

公开(公告)号：US08498295B1

公开(公告)日：2013-07-30

申请号：US12952908

申请日：2010-11-23

Applicant: Tarun Saxena ,  Reinaldo Penno ,  Satish Raghunath ,  Mayuresh Bakshi ,  Suresh Kumar Vinapamula Venkata ,  Ramakanth Gunuganti

Inventor： Tarun Saxena ,  Reinaldo Penno ,  Satish Raghunath ,  Mayuresh Bakshi ,  Suresh Kumar Vinapamula Venkata ,  Ramakanth Gunuganti

IPC: H04L12/56

CPC classification number: H04L12/56

Abstract: An example network system includes network interfaces, a data repository, a forwarding structure, a service element, and a forwarding element. The forwarding element is configured to receive a first packet having header information via a tunnel over the first network with one of the networking interfaces, pass the first packet to the service element, receive a second packet from the service element, and forward the second packet via the network interfaces to the second network, wherein the first packet conforms to the first network-layer protocol, and wherein the second packet conforms to the second network-layer protocol. The service element is configured to transform the first packet from a format conforming with the first network-layer protocol into the second packet having a format conforming with the second network-layer protocol, and direct the second packet to the forwarding element.

Abstract translation: 示例性网络系统包括网络接口，数据存储库，转发结构，服务元素和转发元件。 所述转发元件被配置为经由所述第一网络上的隧道经由所述网络接口中的一个接收具有头信息的第一分组，将所述第一分组传递到所述服务元件，从所述服务元件接收第二分组，并转发所述第二分组 经由到第二网络的网络接口，其中第一分组符合第一网络层协议，并且其中第二分组符合第二网络层协议。 服务元件被配置为将第一分组从符合第一网络层协议的格式转换成具有与第二网络层协议一致的格式的第二分组，并将第二分组引导到转发元素。

公开(公告)号：US09178846B1

公开(公告)日：2015-11-03

申请号：US13326903

申请日：2011-12-15

Applicant: Sarat Kamisetty ,  Rajesh Mohan ,  Suresh Kumar Vinapamula Venkata ,  Reinaldo Penno

Inventor： Sarat Kamisetty ,  Rajesh Mohan ,  Suresh Kumar Vinapamula Venkata ,  Reinaldo Penno

IPC: H04L29/12

CPC classification number: H04L45/74 ,  H04L45/60 ,  H04L61/10 ,  H04L61/203 ,  H04L61/2514 ,  H04L61/2517 ,  H04L61/255 ,  H04L61/2553 ,  H04L61/2557 ,  H04L61/256 ,  H04L63/02 ,  H04L63/0263

Abstract: A source network address and port translation (NAPT) mechanism is described that reduces or eliminates the need to log any NAT translations. As described herein, a mapping between a subscriber's private address to a public address and port range is determined algorithmically. Given a particular mapping rule, as specified by the service provider, a subscriber is repeatedly and deterministically mapped to the same public network address and a specific port range for that network address. Once the public address and port range for a subscriber are computed, the particular ports for each session for that subscriber are allocated dynamically within the computed NAT port range on per session basis.

Abstract translation: 描述了源网络地址和端口转换（NAPT）机制，减少或消除了对任何NAT转换进行日志记录的需要。 如这里所描述的，用户的专用地址与公共地址和端口范围之间的映射由算法确定。 给定由服务提供商指定的特定映射规则，订户被重复地且确定地映射到该网络地址的相同公共网络地址和特定端口范围。 一旦计算了用户的公共地址和端口范围，该用户的每个会话的特定端口在每个会话基础上在计算的NAT端口范围内动态分配。

公开(公告)号：US08942235B1

公开(公告)日：2015-01-27

申请号：US13350545

申请日：2012-01-13

Applicant: Suresh Kumar Vinapamula Venkata

Inventor： Suresh Kumar Vinapamula Venkata

IPC: H04L12/56 ,  H04L12/28

CPC classification number: H04L45/74 ,  H04L45/60 ,  H04L61/10 ,  H04L61/203 ,  H04L61/2514 ,  H04L61/2517 ,  H04L61/255 ,  H04L61/2553 ,  H04L61/2557 ,  H04L61/256 ,  H04L63/02 ,  H04L63/0263

Abstract: Techniques are described for load-balancing deterministic NAT functions in a mobile gateway or other device in which subscriber sessions are distributed across a plurality of session management cards. Each of the session management cards may host a non-contiguous set of public addresses and a non-contiguous set of private network addresses associated with the subscriber sessions. To facilitate deterministic NAT under such conditions, each of the session management cards locally maps the non-contiguous set of public network addresses to an internal contiguous sequence of identifiers for the public addresses and maps the non-contiguous set of private network addresses to an internal contiguous sequence of identifiers for the private addresses. Each of the session management cards may then perform deterministic NAT on packets based on the contiguous sequence of identifiers for the public addresses and the contiguous sequence of identifiers for the private addresses internal to the session management card.

Abstract translation: 描述了在移动网关或其他设备中负载均衡确定性NAT功能的技术，其中用户会话分布在多个会话管理卡上。 每个会话管理卡可以承载与用户会话相关联的不连续的一组公共地址和非连续的专用网络地址集合。 为了在这种条件下促进确定性NAT，每个会话管理卡将本地公共网络地址的非连续集合映射到公共地址的内部连续标识符序列，并将非连续私有网络地址集合映射到内部 私有地址的连续标识符序列。 然后，每个会话管理卡可以基于用于公共地址的连续标识符序列和会话管理卡内部的专用地址的连续标识符序列来对分组执行确定性NAT。