Auto-discovery of a non-advertised public network address

Abstract

Providing a network address is disclosed. A communication indicating that a first node desires to communicate via a packet data network with a second node configured to provide access to a private resource is received. A non-publicly advertised packet data network address usable to communicate with the second node via the packet data network is provided to the first node.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

Various embodiments of the invention are disclosed in the following detailed description and the accompanying drawings.

FIG. 1 is a block diagram illustrating elements of a typical GSM network.

FIG. 2 is a block diagram illustrating an embodiment of a mobile network with packet data network backhaul.

FIG. 3 is a block diagram illustrating an embodiment of a system 300 for authenticating mobile network provider equipment.

FIG. 4 is a flow chart illustrating an embodiment of a process for establishing a connection with a mobile network element, such as an aggregation gateway, via an IP or other packet data network.

FIG. 5 is a flow chart illustrating an embodiment of a process for mutually authenticating a base transceiver station (BTS) and registration server (RS), from the perspective of the BTS.

FIG. 6 is a flow chart illustrating an embodiment of a process for mutually authenticating a base transceiver station (BTS) and registration server (RS), from the perspective of the RS.

Claims

1. A method of providing a network address, comprising: receiving a communication indicating that a first node desires to communicate via a packet data network with a second node configured to provide access to a private resource; andproviding to the first node a non-publicly advertised packet data network address usable to communicate with the second node via the packet data network.

2. A method as recited in claim 1, wherein the communication is received via the packet data network.

3. A method as recited in claim 1, wherein the communication is received from the first node.

4. A method as recited in claim 1, wherein the first node comprises a portable equipment.

5. A method as recited in claim 1, wherein the first node comprises a mobile telecommunications base transceiver station (BTS).

6. A method as recited in claim 5, wherein the private resource comprises a mobile telecommunications network.

7. A method as recited in claim 5, wherein the private resource comprises a base station controller (BSC).

8. A method as recited in claim 1, wherein the protected resource comprises a private network and the second node comprises a gateway configured to provide access via the packet data network to the private network.

9. A method as recited in claim 8, wherein the private network comprises a network other than a packet data network.

10. A method as recited in claim 8, wherein the private network comprises a core mobile telecommunications network.

11. A method as recited in claim 1, wherein the packet data network comprises an IP network and the non-publicly advertised packet data network address comprises an IP address.

12. A method as recited in claim 1, wherein the second node comprises one of a plurality of access nodes configured to provide access to the private resource; and providing to the first node a non-publicly advertised packet data network address usable to communicate with the second node via the packet data network includes identifying the second node, from among the plurality of access nodes, as a servicing access node for the first node.

13. A method as recited in claim 1, further comprising receiving an indication that the non-publicly advertised packet data network address is no longer usable to access the second node.

14. A method as recited in claim 13, further comprising receiving an indication that a second non-publicly advertised address is usable to access the second node.

15. A method as recited in claim 14, further comprising providing the second non-publicly advertised address to the first node.

16. A method as recited in claim 1, further comprising configuring the first node to send the communication.

17. A method as recited in claim 1, wherein the communication is received at a registration node that is different than the second node.

18. A method as recited in claim 17, wherein the registration node is embodied in a different physical system than the second node.

19. A system for providing a network address, comprising: a communication interface; anda processor coupled to the communication interface and configured to: receive via the communication interface a communication indicating that a first node desires to communicate via a packet data network with a second node configured to provide access to a private resource; andprovide to the first node a non-publicly advertised packet data network address usable to communicate with the second node via the packet data network.

20. A computer program product for providing a network address, the computer program product being embodied in a computer readable medium and comprising computer instructions for: receiving a communication indicating that a first node desires to communicate via a packet data network with a second node configured to provide access to a private resource; andproviding to the first node a non-publicly advertised packet data network address usable to communicate with the second node via the packet data network.

21. A method of discovering a network address, comprising: sending to a registration node, at a public packet data network address, a communication indicating a desire to communicate via a packet data network with an access node configured to provide access to a private resource; andreceiving in response to the communication a non-publicly advertised packet data network address usable to communicate with the second node via the packet data network.

22. A system configured to discover a network address, comprising: a communication interface; anda processor coupled to the communication interface and configured to: send to a registration node, via the communication interface, indicating a desire to communicate via a packet data network with an access node configured to provide access to a private resource; andreceive in response to the communication a non-publicly advertised packet data network address usable to communicate with the second node via the packet data network.