Multiplex communications – Communication techniques for information carried in plural... – Address transmitted
Reexamination Certificate
1998-04-24
2001-02-27
Ngo, Ricky (Department: 2731)
Multiplex communications
Communication techniques for information carried in plural...
Address transmitted
C370S401000, C709S227000, C709S238000, C709S245000
Reexamination Certificate
active
06195366
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to a network in which a plurality of proxy servers, each server constituting a fire wall, are disposed in communication paths between a client computer and a server computer, and in particular, to a communication system in which a connectionless communication using specifications of port numbers are carried out between the client and server computers.
2. Description of the Related Art
In a communication network employing a transmission control protocol/Internet protocol (TCP/IP), there has been proposed a communication system in which proxy servers functioning as firewalls are provided on a communication route such that communications are relayed through a transport layer which identifies a service in accordance with a port number and a communication address. The communications in the transport layer are primarily classified into communications respectively using the transmission control protocol (TPC) and a user datagram protocol (UDP).
In the connection-oriented communication, the port number of a transmission destination and that of a transmission destination at a communication starting point are assumed to be fixed. Therefore, each communication facility can easily acquire information necessary to establish a relay or transit route.
However, In the connectionless communication, the port number of a transmission destination and that of a transmission destination at a communication starting point are assumed to be indefinite. Consequently, it is difficult for each communication facility to obtain information necessary to establish a transit route.
Heretofore, Socks Protocol Version 5 proposed by RFC1928 has been known as a function to support a connectionless communication between client and server computers in an environment using firewalls. SOCKS Protocol Version 5 is a protocol prepared for a system including proxy servers relaying communications on firewalls and communication libraries for including the proxy servers. This protocol stipulates mutual authentication between a proxy server and a communication library in a client computer and sequences and packet formats for an instruction to establish connection to the proxy server of client computer and notification of results of instruction.
To conduct a connectionless communication, it is required for the client computer, server computer, and proxy server to mutually exchange port numbers thereof used in the communication. The protocol of Socks Version 5 assumes that a server computer can notify a port number thereof to be used for communication to a client computer through a predetermined operation. Moreover, a port used by the client computer can be reported to the server computer by a proxy server communicating with the server computer. Under this condition, Socks Protocol Version 5 provides a communication procedure to notify the port used by the server computer from the client computer to the proxy server and a procedure to report two ports used by the proxy server respectively for the client and server computers from the proxy server to the client computer.
For example, in a case in which only one proxy server forming a firewall is disposed on a communication route between client and server computers, port numbers are exchanged therebetween through a sequence shown in FIG.
16
A. First, the server computer reports port number P4 for communication with the proxy server to the client computer. The client computer then passes P4 to the proxy server. The proxy server returns to the client computer port number P2 for communication with the client computer and port number P3 for communication with the server computer. Finally, the client computer notifies port number P3 to the server computer.
However, in the conventional sequence of Socks Version 5, the port number exchange cannot be appropriately accomplished when a plurality of proxy servers are arranged to configure firewalls on the communication route.
In a situation in which two proxy servers
1
and
2
exist on the route, the exchange operation is conducted, for example, as shown in FIG.
16
B and as follows. A server computer first notifies port number P6 for communication with a proxy server
2
to a client computer. Thereafter, port number P6 is sequentially reported to the proxy servers
1
and
2
. In accordance with the notification, the proxy server
1
sends two port numbers P2 and P3 for its communication to the client computer. Similarly, the proxy server
2
sends two port numbers P4 and P5 to the proxy server
1
. However, information notified from the proxy server
2
is interrupted by a firewall function of the proxy server
1
. Reported to the server computer is port number P3, not the port number (P5) necessary for the connectionless communication.
SUMMARY OF THE INVENTION
It is therefore an object of the present invention to provide a network communication system in which port numbers can be exchanged in a connectionless communication even when a communication between computers is relayed by a plurality of proxy servers respectively configuring firewalls.
To achieve the object above in accordance with the present invention, there is provided a method of conducting a connectionless communication in a network communication system including a client computer, a server computer, and a plurality of proxy server computers being disposed on a transmission path between the client and server computers and forming firewalls in which each computer carries out communication with specification of a communication address thereof and a port number dynamically assigned by the computer. The method comprises step (a) that the server computer transmits own communication address and own port number to the client computer, step (b) that the client computer transmits own communication address and own port number as well as the received communication address and port number of the server computer to a first adjacent proxy server computer, step (c) that the N-th proxy server computer (N≧1) transmits own communication address and own server side port number and the received communication address and port number of the serve computer to an (N+1)-th proxy server computer adjacent thereto on the server computer side, step (d) that step (c) is repeatedly executed while incrementally increasing N until the (N+1)-th proxy server becomes a terminal proxy server computer, step (e) that the terminal proxy server computer transmits own communication address and own client side port number as well as own communication address and own server side port number to an N-th proxy serve computer adjacent thereto on the client side, step (f) that the N-th proxy serve computer transmits own communication address and own client side port number as well as a communication address and a server side port number of the terminal proxy server computer to an (N−1)-th proxy serve computer adjacent thereto on the client side for N≧2 or the client computer for N
1
, step (g) that step (f) is repeatedly executed while conducting decrement of N until N becomes one, step (h) that the client computer transmits the communication address and the server side port number of the terminal proxy server computer to the server computer, and step (i) that a connectionless communication is commenced after all computers acquire computer addresses and associated port numbers of adjacent computers thereof.
REFERENCES:
patent: 5845267 (1998-12-01), Ronen
patent: 6006258 (1999-12-01), Kalajan
patent: 6006268 (1999-12-01), Coile et al.
Fujiyama Tatsuya
Katoh Eri
Kayashima Makoto
Terada Masato
Antonelli Terry Stout & Kraus LLP
Hitachi , Ltd.
Ngo Ricky
LandOfFree
Network communication system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Network communication system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Network communication system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2605535