Patent Application
20070280230
The accompanying figures, where like reference numerals refer to identical or functionally similar elements throughout the separate views and which together with the detailed description below are incorporated in and form part of the specification, serve to further illustrate various embodiments and to explain various principles and advantages all in accordance with the present invention.
Skilled artisans will appreciate that elements in the figures are illustrated for simplicity and clarity and have not necessarily been drawn to scale. For example, the dimensions of some of the elements in the figures may be exaggerated relative to other elements to help to improve understanding of embodiments of the present invention.
Before describing in detail embodiments that are in accordance with the present invention, it should be observed that the embodiments reside primarily in combinations of method steps and apparatus components related to facilitate service discovery across a wide area network. Accordingly, the apparatus components and method steps have been represented where appropriate by conventional symbols in the drawings, showing only those specific details that are pertinent to understanding the embodiments of the present invention so as not to obscure the disclosure with details that will be readily apparent to those of ordinary skill in the art having the benefit of the description herein.
It will be appreciated that embodiments of the invention described herein may be comprised of one or more conventional processors and unique stored program instructions that control the one or more processors to implement, in conjunction with certain non-processor circuits, some, most, or all of the functions of service discovery across a wide area network as described herein. The non-processor circuits may include, but are not limited to, Ethernet transceivers, Internet communications, signal drivers, clock circuits, power source circuits, and user input devices. As such, these functions may be interpreted as steps of a method to perform service discovery across a wide area network. Alternatively, some or all functions could be implemented by a state machine that has no stored program instructions, or in one or more application specific integrated circuits, in which each function or some combinations of certain of the functions are implemented as custom logic. Of course, a combination of the two approaches could be used. Thus, methods and means for these functions have been described herein. Further, it is expected that one of ordinary skill, notwithstanding possibly significant effort and many design choices motivated by, for example, available time, current technology, and economic considerations, when guided by the concepts and principles disclosed herein will be readily capable of generating such software instructions and programs with minimal experimentation.
Embodiments of the invention are now described in detail. Referring to the drawings, like numbers indicate like parts throughout the views. As used in the description herein and throughout the claims, the following terms take the meanings explicitly associated herein, unless the context clearly dictates otherwise: the meaning of “a,” “an,” and “the” includes plural reference, the meaning of “in” includes “in” and “on.” Relational terms such as first and second, top and bottom, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, reference designators shown herein in parenthesis indicate components shown in a figure other than the one in discussion. For example, talking about a device (10) while discussing figure A would refer to an element, 10, shown in figure other than figure A.
The present invention provides a system and method for service discovery across a wide area network such as the Internet. The invention accomplishes the service discovery by transferring multicast communications, such as those generated in plug and play architectures, from one local area network, across a wide area network, to another local area network. A group server, coupled to the wide area network, handles these direct local area network to local area network communications. The group server is visible to all devices in both local area networks.
The devices in the local area networks, being in communication with the group server, form a “virtual group”. The virtual group is ultimately connected through the wide area network, but for applications running in either local area network, the other devices of the virtual group appear to be connected locally. Thus, by being identified and connected with the group server, devices like personal computers, gaming devices, music and multimedia players, and Internet compatible television set-top boxes are able to share files, applications, and content as if they were all connected to a common node or server. Further, multicast discovery protocols, such as Universal Plug and Play and Bonjour, can discover new devices with multicast communications even where the new machines are attached to the virtual group half way around the world.
Turning now to
For example a first networked computer device 102, shown here as a personal computer, having a first address 105, may send a communication to a second computer 103 having a second address 106. Similarly, the first networked computer device 102 may send a communication to a mobile telephone 104 having a third address. Each communication is handled by the local node 101. The local node 101 or router acts as a symphony conductor of sorts by directing communications from one device to the next across the local area network 100. When a device sends a communication to a specifically addressed device that is not communicating on the local area network 100, the local node 101 directs the communication to the wide area network interface 108, which may be a cable modem, DSL modem, or T1 line communication interface.
When plug and play systems like Universal Plug and Play or Bonjour are being used, a networked computer device 102, for example the personal computer, may send a multicast communication to the local node 101. This multicast communication will include computer 102's address and port identifiers. The local node 101 will deliver this communication to each of the other devices, e.g. computer 103, mobile telephone 104, etc. Each device will then respond, thereby allowing networked computer device 102 to determine what devices are connected to the local area network 100. Upon discovery, presuming the proper permissions are in place, networked computer device 102 would be able to share files and applications with other devices on the local area network 100. For example, networked computer device 102 may access a photograph or musical recording stored on a hard drive of computer 103.
The local node 101 may deliver the multicast communication to the wide area network interface 108. However, as multicast communications have a time to live equal to one, the multicast communication will stop at the wide area network interface 108. This is due to the fact that it has passed from the local node 101 to the wide area network interface 108, for a total of two nodes. As the time to live of one has been exceeded, the wide area network interface 108 will not forward the communication to the wide area network 109, thereby preventing overloading the bandwidth of the wide area network 109.
Turning now to
To make matters worse, the girl's local area network 100 is serviced by a first service provider 201, while her father's local area network 200 is serviced by a second service provider 203. Many times, different service providers have different technologies and different addressing protocols, which makes direct communication extremely difficult. It is just this type of problem that the present invention seeks to resolve.
Turning now to
The Interactive Connectivity Establishment is a communication protocol standard drafted by Internet Engineering Task Force for network address translation traversal. Network address translation traversal refers to a solution to the common problem in TCP/IP networking of establishing connections between hosts in private TCP/IP networks that use network address translation devices. Interactive Connectivity Establishment devices, sometimes referred to as “ICE boxes”, often incorporate multiple forms of content into a single unit. For example, an ICE box may allow a user to receive both television and web browsing content.
Each networked computer device 102,202 includes a multicast application 313, an application layer 314, and a network protocol stack 312. The multicast application 313 is a module or application running within the networked computer device 102 that is capable of initiating multicast communications 303. Examples of multicast applications 313 include Universal Plug and Play software modules, Bonjour software modules, and multicast DNS modules. One example of a multicast communication 303 might be a Universal Plug and Play announcement message when one of the devices 102,202 is actuated.
The multicast application 313 is in communication with the network protocol stack 312 by way of the application layer 314. Thus, upon initiation of multicast communications 303, the multicast application 313 delivers the multicast communication 303 to the network protocol stack 312 through the application layer 314.
The network protocol stack 312 is configured to receive the multicast communication 303 and convert the multicast communication into a frame suitable for delivery to a local network gateway interface or local network node 101, such as a local area network router, through a local network interface 321. In one embodiment, the network protocol stack 312 includes at least TCP, UDP and IP protocol elements for converting the multicast communication 303 into frames. The network protocol stack 312 then replicates and routes the multicast communication 303 to both a local network node 101 and to a gateway interface 301.
Each networked computer device 102,202 includes a gateway interface 301,302, which is an application running within the networked computer device 102. Using networked computer device 102 as an example, the gateway interface 301 is configured to receive a multicast communication 303 from network protocol stack 312. The gateway interface 301 generates Ethernet frames and delivers them to a local proxy client 304.
As noted above, under normal operation, the multicast applications 313 running within the networked computer device 102 would send such multicast communications to a local node 101 or router for distribution to other devices, e.g. computer 103, on the local area network 100. Thus, a Universal Plug and Play communication would be delivered to local node 101 and then to other devices on the local area network 100. With the present invention, such communications are also delivered to the gateway interface 301. The gateway interface 301, which is configured to simulate a network interface to the network protocol stack 312 within the networked computer device 102, then delivers this multicast communication 303 to a local proxy client 304, rather than broadcasting it to the local area network 100.
The local proxy client 304 is a user space process that acts as a proxy between the networked computer device 102 and the wide area network 109. The local proxy client 304, which has a unique identifier 305 associated therewith, is configured to encapsulate the multicast communication 303 within an encapsulated unicast communication 306. An example of a unique identifier may be the devices MAC address. In one embodiment, the local proxy client 304 is configured to encapsulate the multicast communication 303 outside both the network protocol stack 312 and the application layer 314. The local proxy client 304 then delivers the encapsulated unicast communication 306 across the wide area network 109 to a group server 308 by way of a network interface 309.
The networked computer device 102 uses the network interface 309 to communicate with the wide area network 109. As such, the local proxy client 304 is in communication with the wide area network 109 by way of the network interface 309. The network interface 309 is configured to establish a secure communication channel 310 with the group server 308 across the wide area network 109. So that the group server 308 knows from which networked computer device the encapsulated unicast communication is being transmitted, in one embodiment the local proxy client 304 is configured to associate the encapsulated unicast communication 306 with the unique identifier 305 prior to delivering the encapsulated unicast communication 306 to the group server 308.
The local proxy client 304, working through the network interface 309, makes a secure transport, or application level, connection with the group server 308. The local proxy client 304 then sends the encapsulated unicast communication 306 as Ethernet frames to the group server 308. Typical examples of communication protocols between the local proxy client 304 and the group server 308 include hypertext transfer protocol (HTTP), secure hypertext transfer protocol (HTTPS), and file transfer protocol (FTP).
Thus to recap, with one embodiment of the present invention, multicast communications 303, which are typically only delivered to a local node 101 with a time to live of one, are in parallel delivered to the gateway interface 301. The gateway interface 301 then delivers the multicast communication 303 to the local proxy client, which encapsulates the multicast communication 303 within an encapsulated unicast communication 306. As such, the local proxy client 304 is configured to simulate a local area network across a wide area network.
The encapsulated unicast communication 306 is then delivered to the group server 308. Prior to delivery of the encapsulated unicast communication 306, the local proxy client 304 is configured to authenticate the networked computer device 102 with the group server 308 and to register the networked computer device 102 with the group server 308. The registration may occur when the networked computer device 102 is initially powered up. The local proxy client 304 may register the networked computer device 102 with the group server 308 by delivering, for example, an Internet protocol address to the group server 308. The authentication, which may occur whenever the local proxy client 304 communicates with the group server 308, may occur by the local proxy client 304 delivering the unique identifier 305 to the group server 308.
The group server 308 has a plurality of user groups stored in a group database 315. The user groups are collections of networked computer devices that have been registered into user groups by their users. Devices are recognized as belonging to a group, in one embodiment, by the unique identifiers, e.g. 305. The group server 308 includes an authentication and registration module 319, which is configured to associate the unique identifier 305 with at least one group, and to write the at least one group to the group database. Thus, the group database 315 has networked computer device addresses stored therein, where the networked computer device addresses correspond to a group associated with the unique identifier 305.
By way of example, networked computer device 102, operating on local area network 100, may be registered in the same user group as networked computer device 202, which operates on local area network 200. This user group is stored by the group server 308 in the group database 315. Since, in this example, the devices 102,202 operate in different domains, the networked computer addresses stored in the group database 315 would belong to at least two domains.
The group server 308 is configured to simulate a local area network across a wide area network by receiving encapsulated unicast communications 306 from one member of the group, and delivering the encapsulated unicast communication 306 to every other member of the user group. The group server includes a communication interface 316 coupled to the wide area network 109, and a communication receiving module 317 that is operable with the communication interface 316. The communication receiving module 317 is configured to receive the encapsulated unicast communication 306 having the unique identifier 305 associated therewith. From this unique identifier 305, the group server 308 may access the group database to determine what other devices belong to the group corresponding to the unique identifier 305.
A delivery module 318, operable with the communication interface 316, is configured to deliver the encapsulated unicast communication 306 to a networked computer device 202 in the group. The delivery module 318 replicates the encapsulated unicast communication 306 and delivers the encapsulated unicast communication 306 to each of the plurality of networked computer devices belonging to the group. Thus, when a networked computer device has a networked computer device address associated with the group, it will receive a copy of the encapsulated unicast communication 306. Since persistent authentication may be cumbersome and may consume bandwidth, in one embodiment, the group server 308 may use a session initiation protocol to signal to a networked computer device that a communication delivery is eminent.
Continuing with the example where networked computer device 102 and networked computer device 202 are in the same group, the group server will deliver the encapsulated unicast communication 306 to networked computer device 202. The local proxy client 304, capable of transmitting encapsulated unicast communications 306 as noted above, it is also used to receive such communications. For example, assuming that the local proxy client 304 of networked computer device 102 transmits an encapsulated unicast communication 306, the local proxy client 311 of networked computer device 202 is configured to receive the encapsulated unicast communication 306 from the group server 308. The local proxy client 311 then de-encapsulates the encapsulated unicast communication 306 as a de-encapsulated multicast communication 320. The local proxy client 311 then delivers the de-encapsulated multicast communication 320 to the gateway interface 302.
Upon receipt of a de-encapsulated multicast communication 320 from the local proxy client 311, the gateway interface 302 is configured to determine an application address associated with the de-encapsulated multicast communication 320. For example, where the de-encapsulated multicast communication 320 is a search message for video content, the application address may be associated with video software modules operating within the networked computer device 202. The gateway interface 302 then delivers the de-encapsulated multicast communication 320 to the appropriate application address.
Turning now to
In
This “multicast communication across a wide area network” is accomplished, as discussed in
The gateway interface of each device (301,302) operates as a special type of network interface. It is seen by the operating system as a normal, local area network, Ethernet device. However, as described above, instead of forwarding the Ethernet frames to a hardware local node 101, the gateway interface (301,302) forwards the received Ethernet frames to the local proxy client (304,311), which is a user space process.
The local proxy client (304,311) then forwards the Ethernet frames comprising the encapsulated unicast communication to the group server 308, which forwards them to the other networked computer devices within the group. Those other networked computer devices, networked computer devices 202,204 in the exemplary embodiment of
Turning now to
From the perspective of each networked computer device 102,202, the group server 308 is a server hosted by a trusted entity. Both networked computer devices 102,202 are able to access the group server 308 by way of a wide area network. One exemplary means of access is using a secure protocol, such as the secure hypertext transfer protocol.
Where each networked computer device 102,202 is behind a network access translation device, a network access translation mechanism, such as the Interactive Connectivity Establishment standard, may be employed. The network access translation mechanism allows the group server 308 to initiate communication with either networked computer device 102 or networked computer device 202.
When each networked computer device 102,202 powers up, the local proxy clients 304,311 registers 503,504 the respective locations or addresses of the networked computer devices 102,202. For example, the local proxy clients 304,311 may deliver the respective Internet protocol addresses to the group server 308. During an authentication process, the local proxy clients 102,202 deliver client information, which may include the unique identification and MAC address, to the group server 308.
Multicast applications 313,502 operating within the networked computer devices 102,202 are capable of generating multicast communications. Examples of some multicast applications include Universal Plug and Play or multicast DNS. At 505,506 the multicast applications 313,502 “listen” to communications on multicast channels within their respective local area networks 100,200. At 507, multicast application 313 initiates a multicast communication, which may for example be a search message. At 508, the search message is delivered to the local area network 100. Concurrently, at 509 the search message is replicated for the gateway interface 301. In one embodiment, network protocol stack 312 may include a filter so that it can only replicate application-level packets from local discovery service protocol elements.
At step 510, the replicated packets of the search message are converted to Ethernet frames, which are in turn sent to the local proxy client 304. The local proxy client 304 establishes a secure transport connection to the group server 308 and delivers the Ethernet frames 511 to the group server 308 at 511. The Ethernet frames delivered by the local proxy client 304 are actually encapsulated Ethernet frames. They are encapsulated as an encapsulated unicast communication.
From the group database (315) the group server 308 knows all member networked computer devices within a particular group. When the group server 308 receives the encapsulated Ethernet frames, it replicates the encapsulated Ethernet frames and sends them to all networked computer devices within the group. As shown in
Upon receipt of the encapsulated Ethernet frames, the receiving local proxy client 311 takes the Ethernet frames out of the IP packet and sends the Ethernet frames to the gateway interface 302 at 513. The gateway interface 302 generates network protocol packets out of the Ethernet frames and sends the packets to the network protocol stack 501 at 514. Where the packets include a local service discovery protocol element, such as a search command for instance, the network protocol stack 501 may contain some of local service discovery protocol elements. As such, the network protocol stack 501 not only sends the search command to the multicast application 502 at 515, but may also multicast the packets to the local area network 200 at 516 such that other networked computer devices operating within local area network 200 may likewise be discovered.
Where the local proxy server 311 corresponds to the relevant networked computer device that multicast application 313 is seeking, multicast application 502 will send unicast response messages with destination addresses to the multicast application 313. Address translation may be included, as there is a remote possibility that the two networked computer devices 102,202 may have the same address, despite belonging to two different local area networks 100,200.
The unicast response messages are delivered to the network protocol stack 501 at 517, where it is translated into packets. The packets are delivered to the gateway interface 302 at 518, where the gateway interface 302 generates Ethernet frames and sends them to the local proxy client 311 at 519. The local proxy client 311 encapsulates the Ethernet frames and sends the encapsulated Ethernet frames to the group server at 520 by secure transport. The encapsulated Ethernet frames are then delivered to local proxy client 304 at 521, where they ultimately arrive at multicast application 313.
Turning now to
The method of
Within the gateway interface 301, a multicast communication is received at step 601. As noted above, this multicast communication may come from a multicast application operating within the networked computer device 102. Upon receipt of this multicast communication, the gateway interface 301 delivers the multicast communication to the local proxy client 304. Also as noted above, in one embodiment, the local proxy client 304 includes unique identifier indicia, such as a MAC address, associated therewith.
Within the local proxy client 304, upon receipt of the multicast communication from the gateway interface 301, the multicast communication is encapsulated within an encapsulated unicast communication at step 603. As the encapsulated unicast communication is to be delivered to a group server (308), the local proxy client 304 may also associate the encapsulated unicast communication with the unique identifier indicia at step 604. The local proxy client 304 then delivers the encapsulated unicast communication to the group server (308) that is in communication with the wide area network (109) at step 605.
Turning now to
Within the gateway interface 302, at step 704, an application address of the de-encapsulated communication is determined. At step 705, the gateway interface 302 delivers the de-encapsulated communication to an application address within the networked computer device 202. The application address may be, for example, a memory address for a software application currently in operation.
Turning now to
At step 801, within the local proxy client 304, the local proxy client 304 authenticates the networked computer device 102 with a group server (308). This authentication may occur upon actuation of the networked computer device 102. Further, the group server (308) and the networked computer device 102 may both be in communication with a wide area network (109). At step 802, the local proxy client 304 may establish a secure communication channel with the group server (308).
In the foregoing specification, specific embodiments of the present invention have been described. However, one of ordinary skill in the art appreciates that various modifications and changes can be made without departing from the scope of the present invention as set forth in the claims below. Thus, while preferred embodiments of the invention have been illustrated and described, it is clear that the invention is not so limited. Numerous modifications, changes, variations, substitutions, and equivalents will occur to those skilled in the art without departing from the spirit and scope of the present invention as defined by the following claims. Accordingly, the specification and figures are to be regarded in an illustrative rather than a restrictive sense, and all such modifications are intended to be included within the scope of present invention.
