Multiplex communications – Data flow congestion prevention or control – Control of data admission to the network
Reexamination Certificate
2005-04-11
2010-02-02
Rao, Seema S (Department: 2416)
Multiplex communications
Data flow congestion prevention or control
Control of data admission to the network
C370S395540, C709S219000
Reexamination Certificate
active
07656795
ABSTRACT:
Preventing duplicate sources on a protocol connection that uses network addresses, protocols and port numbers to identify source applications that are served by a NAPT. If an arriving packet encapsulates an encrypted packet and has passed through an NAPT en route to the destination host, the encapsulated packet is decrypted to obtain an original source port number and original packet protocol from the decrypted packet. A source port mapping table (SPMT) is searched for an association between the NAPT source address, the original source port, and the original packet protocol associated with the NAPT source address and port number. If an incorrect association is found, the packet is rejected as representing an illegal duplicate source; that is, a second packet from a different host served by a NAPT that is USING the same SOURCE port and protocol.
REFERENCES:
patent: 6615357 (2003-09-01), Boden et al.
patent: 2003/0043740 (2003-03-01), March et al.
patent: 2003/0233452 (2003-12-01), Maufer et al.
patent: 2004/0071149 (2004-04-01), Kim et al.
patent: 2004/0088537 (2004-05-01), Swander et al.
patent: 2004/0143758 (2004-07-01), Swander et al.
patent: 2005/0166206 (2005-07-01), Parson
Sternberg, M. et al, “IPsec NAT-Traversal draft-stenberg-spec-nat-traversal-02.txt” IETF Standard-Working-Draft, Internet Engineering Task Force, IETF, CH, No. 2, 28, Feb. 2001.
Pouseele, S., “How to Pass IPSec traffic through ISA Server,” http://www.isaserver.org/pages/article—p.asp?id=1072, last update Mar. 26, 2005.
Huttunen, A, “UDP Encapsulated of IPSec ESP Packets,” Network Working Group, RFC 3948, The Internet Society, Jan. 2005, pp. 1-15.
“IPsec-Network Address Translation (NAT) Compatibility Requirements”, Request for Comments: 3715, Category: Informational, B. Aboba, et al, Microsoft, Mar. 2004. pp. 1-17.
“Dynamic Host Configuration Protocol (DHCPv4) Configuration of IPsec Tunnel Mode”, Request for Comments: 3456, Category: Standards Track, B. Patel, Intel Corp; B. Aboba, Microsoft; S. Kelly, Airespace: V. Gupta, Sun Microsystems, Inc. Jan. 2003. pp. 1-17.
“UDP Encapsulation of IPsec ESP Packets”, Request for Comments: 3948, Category: Standards Track, A. Huttunen, F-Secure Corp.; B. Swander, Microsoft; V. Volpe, Cisco Systems; L DiBurro, Nortel Networks, M. Stenberg, Jan. 2005. Pages 1-15.
“Negotiation of NAT-Traversal in the IKE”, Request for Comments: 3947, Category: Standards Track, T. Klvinen, SafeNet; B. Swander, Microsoft; A. Huttunen, F-Secure Corporation; V. Volpe, Cisco Systems; Jan. 2005, pp. 1-15.
“User Datagram Protocol”, RFC 768, J. Postel, ISI, Aug. 28, 1980, pp. 1-3.
Traditional IP Network Address Translator (Traditional NAT), Request for Comments: 3022, Obsoletes: 1631, Category: Informational, P. Srisuresh, Jasmine Networks; K. Egevang, Intel Corporation, Jan. 2001.
“Security Architecture for the Internet Protocol”, Request for Comments: 2401, Obsoletes: 1825, Category: Standards Track, S. Kent, BBN Corp.: R. Atkinson@Home Network, Nov. 1998.
IP Encapsulating Security Payload (ESP), Request for Comments: 2406, Obsoletes: 1827, Category: Standards Track, S. Kent, BBN Corp; R.Atkinson@home Network, Nov. 1998.
Jakubik Patricia A.
Overby, Jr. Linwood Hugh
Porter Joyce Anne
Wierbowski David John
Chan Sai-Ming
Hoffman Warnick
International Business Machines - Corporation
Rao Seema S
LandOfFree
Preventing duplicate sources from clients served by a... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Preventing duplicate sources from clients served by a..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Preventing duplicate sources from clients served by a... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4167114