Claims
- 1. In a network supporting transactions between clients and servers, wherein a client is a host that requests a transaction and a server is a host that issues responses responsive to client requests and wherein packets between a client and a server travel over a network path comprising one or more hops, a method of probing for proxies on a network path comprising:
receiving, at a first probe node, a first packet from a target client directed at a target server; modifying the first packet to signal presence of the first probe node in the network path, thus forming a modified first packet; forwarding the modified first packet toward the target server; monitoring, at the first probe node, packets for the target client apparently from the target server to detect packets containing return signals, wherein a return signal is a signal from a proxy that detects the signal in the modified first packet and is an indication that the proxy detected the signal as being a proxy probing signal; recording a successful probe if a responsive return signal is received corresponding to a signal sent from the first probe node; updating a proxy mapping table with results of a successful probe; and following a current connection, using proxy mapping from the proxy mapping table in a later connection.
- 2. The method of claim 1, wherein the network path traverses a wide area network.
- 3. The method of claim 1, wherein the first probe node is a hardware network device having at least two network ports.
- 4. The method of claim 1, wherein the first probe node is implemented in software.
- 5. The method of claim 1, wherein modifying the first packet comprises adding an optional field to the first packet.
- 6. The method of claim 1, wherein the return signal is an added optional field in a return packet.
- 7. The method of claim 1, further comprising executing actions dependent on detection results.
- 8. The method of claim 1, wherein a layer-2 relay is integrated with the first probe node.
- 9. The method of claim 1, wherein an interceptor module is integrated with a network stack to handle communications between the proxy that sent the return signal and a proxy at the first probe node.
- 10. The method of claim 1, further comprising:
using detection in a multi-agent transport-level proxy.
- 11. The method of claim 1, further comprising:
following a successful probe, intercepting client-server communications; instantiating a connection between the proxy that sent the return signal, being a server-side proxy, and a client-side proxy at the first probe node; terminating client connections at the client-side proxy; terminating server connections at the server-side proxy; and transforming client-server traffic according to a protocol conversion.
- 12. The method of claim 11, wherein the protocol conversion is a segment cloning conversion.
- 13. The method of claim 11, further comprising:
at the client-side proxy, converting addresses in received packets using NAT to allow the target client to operate as if a client to client-side proxy connection is a client-server connection; and at the server-side proxy, converting addresses in received packets using NAT to allow the target server to operate as if a server-side proxy to server connection is a client-server connection.
- 14. The method of claim 13, further comprising:
at the client-side proxy, transforming packets received from a client direction according to a first protocol transformation; at the client-side proxy, transforming packets received from a server direction according to a second protocol transformation; at the server-side proxy, transforming packets received from the server direction according to a first inverse protocol transformation, wherein the first protocol transformation and the first inverse protocol transformation together transform data, if at all, consistent with a first protocol; at the server-side proxy, transforming packets received from the client direction according to a second inverse protocol transformation, wherein the second protocol transformation and the second inverse protocol transformation together transform data, if at all, consistent with a second protocol.
- 15. The method of claim 1, further comprising using the proxy mapping table to transform and untransform data using segment cloning.
- 16. In a network supporting transactions, a transaction being one or more messages wherein the transaction is initiated by a client and a transaction response is provided by a server, and the network further supporting proxies that are interposable in a network path between at least one client and at least one server, wherein a pair of proxies can modify a packet stream between a client and a server such that packet data from the server to the client is transformed at the server-side proxy and untransformed at the client-side proxy, a method for a discovering proxy to transparently discover its position in a proxy pair, if any, the method comprising:
when receiving a first packet of a first transaction from a client at the discovering proxy, determining whether a proxy signal is present in the first packet; if the proxy signal is not present in the first packet, storing an indication that the discovering proxy is a client-side proxy for the first transaction; if the proxy signal is not present in the first packet, forwarding a modified first packet toward the server, wherein the modified first packet contains a proxy signal signaling that the discovering proxy is the client-side proxy for the first transaction; if the proxy signal is present in the first packet when received by the discovering proxy, evaluating the proxy symbol to determine the client-side proxy for the first transaction from the first packet, thereby discovering at least one proxy pair between that client-side proxy and the discovering proxy; updating a proxy mapping table with discover proxy pairs; and using the proxy mapping table in subsequent transactions.
- 17. The method of claim 16, further comprising:
when receiving at the discovering proxy a first response packet of the first transaction from a server in response to the modified first packet, determining whether a return proxy signal is present in the first response packet; if the return proxy signal is not present in the first response packet, storing an indication that the discovering proxy is a server-side proxy for the first transaction; if the return proxy signal is not present in the first response packet, forwarding a modified first response packet toward the client, wherein the modified first response packet contains a proxy signal signaling that the discovering proxy is the server-side proxy for the first transaction; and if the return proxy signal is present in the first response packet when received by the discovering proxy, evaluating the proxy symbol to determine the server-side proxy for the first transaction from the first response packet, thereby discovering at least one proxy pair between that client-side proxy and the server-side proxy.
- 18. The method of claim 16, wherein receiving packet from client is direct receipt.
- 19. The method of claim 16, wherein receiving packet from client is indirect receipt via two or more hops.
- 20. The method of claim 16, further comprising intercepting the first transaction to interpose a protocol transformation between the client-side proxy and a server-side proxy.
- 21. The method of claim 16, wherein the pair of proxies can modify a packet stream between the client and the server such that packet data from the client to the server is transformed at the client-side proxy of the proxy pair and untransformed at the server-side proxy of proxy pair.
- 22. The method of claim 16, further comprising using the proxy pair to transform and untransform data using segment cloning.
- 23. A connection deflector for use a network supporting transactions, a transaction being one or more messages wherein the transaction is initiated by a client and a transaction response is provided by a server, and the network further supporting proxies that are interposable in a network path between at least one client and at least one server, the connection deflector comprising:
a network address translation table; and an intercept module that monitors packets at least for a connection setup packet from a client to a server and, when a connection setup packet is encountered, adds entries to the network address translation table to cause client-server flow to be directed towards a proxy.
- 24. The connection deflector of claim 23, further comprising logic to append message options in monitored connection setup packets to signal a server addresses to the proxy.
- 25. A proxy pair comprising a client-side proxy and a server-side proxy, for use a network supporting transactions, a transaction being one or more messages wherein the transaction is initiated by a client and a transaction response is provided by a server, and the network further supporting proxies that are interposable in a network path between at least one client and at least one server, the proxy pair comprising:
a transparent client-side proxy including logic to modify packet source addresses such that packets received from the server and transformed at the transparent client-side proxy are transmitted to the client with source addresses indicating the server as the source instead of the transparent client-side proxy; and a transparent server-side proxy including logic to modify packet source addresses such that packets received from the client and transformed at the transparent server-side proxy are transmitted to the server with source addresses indicating the client as the source instead of the transparent server-side proxy.
CROSS-REFERENCES TO RELATED APPLICATIONS
[0001] This application claims priority from co-pending U.S. Provisional Patent Application No. 60/462,990 entitled “Transport-Level Network Accelerator” filed Apr. 14, 2003 and is incorporated by reference herein for all purposes.
[0002] The present disclosure is related to the following commonly assigned co-pending U.S. Patent Applications:
[0003] U.S. patent application Ser. No. 10/285,315 entitled “Transaction Accelerator for Client-Server Communication Systems” (hereinafter “McCanne I”) filed on Oct. 30, 2002 is incorporated by reference herein for all purposes.
[0004] U.S. patent application Ser. No. 10/285,330 entitled “Content-Based Segmentation Scheme for Data Compression in Storage and Transmission Including Hierarchical Segment Representation” (hereinafter “McCanne II”) filed on Oct. 30, 2002 is incorporated by reference herein for all purposes.
[0005] U.S. Patent Application Serial No. ______ entitled “Transport-Level Client-Server Accelerator” (hereinafter “McCanne III”) filed concurrently herewith is incorporated by reference herein for all purposes.
Provisional Applications (1)
|
Number |
Date |
Country |
|
60462990 |
Apr 2003 |
US |