Patent Application
20090205038
Most Internet-connected computers today are behind a network address translator (NAT) or a firewall, or both. It is best to simultaneously use both types of devices since NATs and firewalls provide different types of protection. A particular computer is considered to be “behind” a device when inbound data traffic must pass through the device in order to reach the computer. A computer may thus appear, to other Internet-connected devices, to be behind NATs and firewalls.
Firewalls may be implemented as hardware or software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving a private network pass through a firewall. A firewall typically examines each message and blocks those messages that do not meet certain specified security criteria.
NATs often separate one network from another, or an internal network from an external network such as the Internet. NATs use one set of Internet protocol (IP) addresses for internal data traffic and a second set of IP addresses for external data traffic. A NAT makes all necessary IP address translations from one network to another.
Applications or operating systems running on a computer have various techniques that enable the computer to connect to the Internet if it is behind NATs or firewalls. These techniques are often software-based and therefore require that the computer be actively running in order to maintain connectivity. Often, even though the connection is not being actively used, the computer is kept running so that it can maintain Internet connectivity just in case a connection is initiated to it from a network such as the Internet. This arrangement, however, requires that such a computer needlessly consume energy.
Most NATs and firewalls block inbound data traffic unless a host behind them initiates outbound communication. Furthermore NATs and firewalls expire network mappings unless there is active communication to or from a particular host. As a result once a host is placed in a sleep or hibernation state, the mapping expires and no further communication can be initiated inbound to that host. An inbound data packet that the host (or application running on the host) would have processed or consumed. If host were not behind a NAT, host may have otherwise woken up to process the received packet.
If the host is powered down or put into a sleep or hibernation mode, the state in most NATs or firewalls expire causing any inbound packets hitting the NAT or firewall to be discarded. Thus either the host cannot be put into a sleep mode, or communication with the host inside a NAT or firewall is going to break down.
This Summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. This Summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.
In view of the above, this disclosure describes various exemplary systems, methods, and computer program products for allowing a computer to be placed into a sleep mode while simultaneously maintaining an open inbound connection from the Internet across any number of NATs or firewalls.
In particular, this may be done by configuring a computer's network interface card (NIC) or network card to periodically send out one or more keep-alive packets while the computer is in a sleep state. Keep-alive packets may include control information (e.g. source and destination addresses) and little or no user data. The keep-alive packets and any return packets serve to maintain an inbound path from a network such as the Internet.
In a sleep state, power is maintained to the NIC, and the NIC remains functioning. The NIC responds as programmed during the computer's sleep state. Upon receiving an appropriate inbound communication from the Internet, the NIC wakes the computer or takes other programmed action.
An open inbound connection from the Internet may also be maintained by configuring a NIC to perform certain actions when receiving inbound communications, and by configuring an external host to send keep-alive packets to the NIC through the various NATs and firewalls. In this arrangement, the NIC may take any number of actions or may take no action at all when receiving keep-alive packets. In addition, the NIC is able to wake the host or take other action if a keep-alive packet is not received within a designated time. After a pre-determined threshold amount of time, dependent upon whether an appropriate inbound communication is received via the Internet, the NIC may wake the computer or take other programmed action.
In short, the host is able to delegate certain functions to a NIC or other device or host in order to maintain an inbound connection to itself from a network through NATs and firewalls.
The Detailed Description is set forth and the teachings are described with reference to the accompanying figures. In the figures, the left-most digit(s) of a reference number identifies the figure in which the reference number first appears. The use of the same reference numbers in different figures indicates similar or identical items.
This disclosure is directed to maintaining an inbound communication path to a host behind a plurality of network devices such as network address translators (NATs), firewalls, or similar devices. These network devices are referred to herein as NAT/F devices. As described herein, NAT/F may refer to a NAT or firewall, either singularly or in combinations of various quantities.
Traditionally, when a computer or host is put into a sleep or hibernation mode, there is no mechanism for inbound data packets to reach a host through NATs or firewalls. NATs and firewalls expire any address assignment which does not have active traffic during a certain predetermined period of time. Described herein are embodiments by which an inbound communication path remains open while a host is in a sleep or hibernation mode. One advantage of such arrangement is to allow a host to expend less energy while not in active use.
In a typical computer host, a NIC is physically inserted into the host's motherboard and has one or more physical ports or antennae exposed to the outside of the host device. The NIC 104 is in communication with a first NAT/F device 106 which is, in turn, in communication with a second NAT/F device 108. The connection continues from the second NAT/F device to the remainder of a network 110 such as the Internet. Those in the art understand that the network 110 may be any subset of a network, a LAN, a WAN or other type of arrangement.
In order for data to travel from a second host 112 to the first host 102, the data must travel across the network 110, through the second NAT/F device 108, through the first NAT/F device 106, and reach the NIC 104. The first host 102 can be considered behind the plurality of NAT/F devices 106, 108 from the point of view of a second host 112 or a third host 114. A second host 112 or third host 114 may be any device that communicates with the first host 102 across the network 110 and NAT/F devices 106, 108.
A packet is normally a formatted block of data carried by a packet mode computer network. A packet usually consists of control information and user data or a payload. Control information is the information that the network needs to deliver the user data. For example, control information comprises source and destination addresses, error detection codes like checksums, and sequencing information. Typically, control information is found in packet headers and trailers, with user data in between.
A keep-alive packet is one or more packets sent to another device on the other side of a plurality of NAT/F devices. Keep-alive packets may be sent even when there is no user data to be sent, or when the pathway is idle or actively transferring packets. Ordinarily, networks do not include a keep-alive mechanism for various reasons such as that it consumes unnecessary bandwidth.
Next, with reference to
The host may be maintained in its sleep or hibernation state or mode indefinitely until a pre-arranged signal, or wake-up packet or packets, is sent to the NIC, or until a user or other event wakes the host. The pre-arranged signal may be one or more wake-up packets or a specific packet, known to those in the art as a magic packet. One such event may be the lack of receiving one or more keep-alive packets within a certain time.
During this hibernation time, the NIC sends or receives keep-alive packets until the wake up event 208. At this time, the host is powered up or woken up from its sleep or hibernation mode, and the NIC is de-configured 210 or re-programmed to behave as it normally would when the host is powered up.
Two alternative methods are now presented to implement the method shown in
With reference to
In one particular embodiment, a NIC receives one or more response packets in response to one or more keep-alive packets. One or more of the response packets match a predetermined signature. Such response is the signal for the host to awake from its sleep or hibernation state.
The inbound network path is maintained to the host and corresponding NIC across a plurality of NAT/F devices by sending outbound keep-alive packets and optionally receiving a response. The NIC is thus capable of receiving inbound data packets.
In one scenario, if the NIC does not receive one or more inbound data packets 310 during a particular time interval, it continues to send one or more keep-alive packets 308 on a periodic basis. Alternatively, if the NIC does not receive one or more inbound data packets 310 during a particular time interval, the NIC wakes the host.
In a variation of this scenario, if the inbound packet or packets match the predetermined signature, then the NIC wakes the host 314, and the host de-configures the NIC 316 so that it no longer sends keep-alive packets to a second or other host. The NIC is returned to normal operation.
In another scenario, if the NIC receives one or more inbound data packets in an allotted time 310, the NIC compares the packet or packets to the predetermined packet signature 312. If the inbound packet or packets do not match the preconfigured signature, the NIC continues to send keep-alive packets 308.
In yet another scenario, if the NIC receives one or more inbound data packets in an allotted time 310, the NIC compares the packet or packets to the predetermined packet signature 312. If the inbound packet or packets match a predetermined packet signature 312, the NIC does nothing. Alternatively, if the inbound packet or packets do not match a predetermined packet signature 312, the NIC wakes the host. If one or more inbound packets are not received within an allotted time 310, the NIC wakes the host.
In other embodiments, the NIC or host may take other or additional actions as configured or programmed when the NIC receives inbound packets matching the predetermined packet signature. The NIC may be programmed to take any action of which it is capable upon receiving an inbound data packet whose content matches a preconfigured signature. For example, the NIC may be programmed to send a keep-alive packet on a certain frequency to a third host, instead of a second host, upon receiving such an inbound data packet.
With reference to
In one embodiment, the second host 112 is also programmed to send keep-alive packets to the first host 102 in a particular manner. For example, the content of, and frequency of sending, the keep-alive packets emanating from the second host are programmed. Any such programming is limited only by the capacity and functionality of the second host 112 or other host that is sending the keep-alive packets to the first host 102.
The first host is then placed in its sleep or hibernation mode 406. The second or other host sends keep-alive packets to the first host 408 in order to maintain an inbound network path to the first host. In one embodiment, the NIC of the first host determines if it receives one or more keep-alive packets within a certain time interval 410. If the NIC does not receive a keep-alive packet, the first host is awakened from its sleep or hibernation mode 414.
If the NIC does receive a keep-alive packet, the NIC determines if the packet or packets match a preconfigured signature 412. If the match is positive, the NIC does nothing or takes another pre-programmed action. If there is no match, the first host is awakened from its sleep or hibernation mode 414. If the first host is awakened, the NIC is do-configured 416 so that it is no longer programmed to expect inbound keep-alive packets from a second or other host.
The various components and functionality described herein are implemented with a number of individual devices, hosts or computers.
Generally, various different general purpose or special purpose computing system configurations can be used. Examples of well known computing systems, environments, or configurations that may be suitable for use of keeping an inbound path to a host include, but are not limited to, personal computers, server computers, hand-held or laptop devices, multiprocessor systems, microprocessor-based systems, set top boxes, programmable consumer electronics, network PCs, network-ready devices, minicomputers, mainframe computers, distributed computing environments that include any of the above systems or devices, and the like.
The functionality of the computers is embodied in many eases by computer-executable instructions, such as software components, that are executed by the computers. Generally, software components include routines, programs, objects, components, data structures, and so on, that perform particular tasks or implement particular abstract data types. Tasks might also be performed by remote processing devices that are linked through a communications network. In a distributed computing environment, software components may be located in both local and remote computer storage media as previously described in relation to
The instructions or software components are stored at different times in the various computer-readable media that are either part of the computer or that can be read by the computer. Programs are typically distributed, for example, on CD-ROMs, DVD, flash drives, or some form of communication media. From there, they are installed or loaded into the secondary memory of a computer. At execution, they are loaded at least partially into the computer's primary electronic memory.
For purposes of illustration, programs and other executable program components such as the operating system are illustrated herein as discrete blocks, although it is recognized that such programs and components reside at various times in different storage components of the computer, and are executed by the data processor(s) of the computer
With reference to
A computer 502 typically includes a variety of computer-readable media. Computer-readable media can be any available media that can be accessed by a computer 502 and includes both volatile and nonvolatile media, removable and non-removable media. By way of example, and not limitation, computer-readable media may comprise computer storage media and communication media.
Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer-readable instructions, data structures, program modules, or other data. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital video discs (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by a computer 502.
The system memory 506 includes computer storage media in the form of volatile or nonvolatile memory such as read only memory (ROM) 510 and random access memory (RAM) 512. A basic input/output system 514 (BIOS), containing the basic routines that help to transfer information between elements within the computer 502, such as during start-up, is typically stored in ROM 510. The BIOS typically has an option to enable a wake on LAN option.
RAM 512 may contain data and software components that are typically accessible by a processing unit 504 when a computer is operating normally, not in a sleep or hibernation mode. By way of example, and not limitation,
The computer 502 may also include other removable/non-removable, volatile/nonvolatile computer storage media (not shown). Such computer storage media provide storage of computer-readable instructions, data structures, software components, and other data for the computer 502.
A user may enter commands and information into the computer 502 through input devices 536. Input devices are often connected to the computer 504 through an input output (I/O) interface 542 that is coupled to the system bus, but may be connected by other interface and bus structures, such as a parallel port, game port, or a universal serial bus (USB).
The computer operates in a networked environment using logical connections to one or more remote computers, such as a remote device 550. The remote device 550 may be the same as or different from the host 102 of
When used in a LAN networking environment, the computer 502 is connected to the LAN 552 through a NIC 556. When used in a networking environment, the computer 502 may include a modem 558 or other means for establishing communications. The modem 558, which may be internal or external, may be connected to the system bus 508 via the I/O interface 542, or other appropriate mechanism. In a networked environment, program modules depicted relative to the computer 502, or portions thereof, may be stored in the remote device 550. By way of example, and not limitation,
The subject matter described above can be implemented in hardware, or software, or in both hardware and software. Although the subject matter has been described in language specific to structural features or methodological acts, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to the specific features or acts described above. Rather, the specific features and acts are disclosed as exemplary forms of implementing the claimed subject matter. For example, the methodological acts need not be performed in the order or combinations described herein, and may be performed in any combination of one or more acts.
