Embodiments of the present invention relate generally to communication technology and, more particularly, relate to a system, method, and apparatus for communicating over an overlay network.
In network communications a single network user device may be separated from a larger network, such as the internet, by a gateway or router that serves a multitude of user devices on a sub-network, each with their own unique identifier or address. When a user initiates a session which could be accessing a web site or an application that accesses the internet, packets are exchanged between the source and the destination which may be identified by and IPv4 or IPv6 address. The gateway through which the user device accesses the larger network may use Network Address Translation (NAT) to transmit the request to the larger network. This NAT is a process by which the requested network address is modified or remapped from the sub-network address space into the larger network address space. The user device address may be masked by this process such that two requests coming from different user devices within the sub-network, after being processed through the NAT may be seen by the requested website or application as requests from the same network address. The network address seen by the requested websites or applications may be that of the routing device. The routing device may have several “public” addresses such that outgoing requests may be seen as originating from one of the plurality of public addresses.
Routing devices using NAT have become popular due to the shortage of addresses available on IPv4 as the application of NAT multiplexes the available addresses resulting in a virtually infinite number of addresses being available. However, there are drawbacks to NAT. As the internet is deployed with NATs and firewalls, applications need to implement NAT traversal techniques and may not be easily reachable from the internet and their peers.
A method and apparatus are provided according to one example embodiment to allow a user device to access services while attached to an overlay network. The method and apparatus of one example embodiment further allows a user device, such as a mobile terminal, to move freely across network access points without interruption in the services.
An example method may include receiving a request for service, allocating an address to the request, configuring at least one rule associated with the request, generating at least one routing table entry from the at least one rule, and providing for transmission of the routing table entry and the address. An address prefix may be associated with the service, in which case the address includes the address prefix. Further, the address prefix may be associated with a unique overlay network. Prior to transmitting the routing table entry, the request for service may require approval. The address may be a static address.
Another example method may include providing for transmission of a request for service, receiving an address and at least one routing table entry in response to the request for service, and updating a routing table with the at least one routing table entry. The at least one routing table entry may further include at least one rule governing the network connection to the service. The example method may further include initiating a session of the service, obtaining the address, obtaining the at least one rule from the routing table, providing for transmission of a request for the session of the service to the address, and providing for transmission of data for the session of the service according to the at least one rule. The address may be a static address.
Having thus described some example embodiments of the invention in general terms, reference will now be made to the accompanying drawings, which are not necessarily drawn to scale, and wherein:
Some example embodiments of the present invention will now be described more fully hereinafter with reference to the accompanying drawings, in which some, but not all embodiments of the invention are shown. Indeed, various embodiments of the invention may be embodied in many different forms and should not be construed as limited to the example embodiments set forth herein; rather, these example embodiments are provided so that this disclosure will satisfy applicable legal requirements. Like reference numerals refer to like elements throughout. As used herein, the terms “data,” “content,” “information” and similar terms may be used interchangeably to refer to data capable of being transmitted, received and/or stored in accordance with embodiments of the present invention.
Additionally, as used herein, the term ‘circuitry’ refers to (a) hardware-only circuit implementations (e.g., implementations in analog circuitry and/or digital circuitry); (b) combinations of circuits and computer program product(s) comprising software and/or firmware instructions stored on one or more computer readable memories that work together to cause an apparatus to perform one or more functions described herein; and (c) circuits, such as, for example, a microprocessor(s) or a portion of a microprocessor(s), that require software or firmware for operation even if the software or firmware is not physically present. This definition of ‘circuitry’ applies to all uses of this term herein, including in any claims. As a further example, as used herein, the term ‘circuitry’ also includes an implementation comprising one or more processors and/or portion(s) thereof and accompanying software and/or firmware. As another example, the term ‘circuitry’ as used herein also includes, for example, a baseband integrated circuit or applications processor integrated circuit for a mobile phone or a similar integrated circuit in a server, a cellular network device, other network device, and/or other computing device.
A session may be supported by a network 30 as shown in
One or more communication terminals such as the user device 10 and the second user device 20 may be in communication with each other via the network 30 and each may include an antenna or antennas for transmitting signals to and for receiving signals from a base site, which could be, for example a base station that is part of one or more cellular or mobile networks or an access point that may be coupled to a data network, such as a local area network (LAN), a metropolitan area network (MAN), and/or a wide area network (WAN), such as the Internet. In turn, other devices (e.g., personal computers, server computers or the like) may be coupled to the user device 10 and the second user device 20 via the network 30. By directly or indirectly connecting the user device 10 and the second user device 20 and other devices to the network 30, the user device 10 and the second user device 20 may be enabled to communicate with the other devices or each other, for example, according to numerous communication protocols including Hypertext Transfer Protocol (HTTP) and/or the like, to thereby carry out various communication or other functions of the user device 10 and the second user device 20, respectively.
In example embodiments, either of the user devices may be mobile or fixed communication devices. Thus, for example, the user device 10 and the second user device 20 could be, or be substituted by, any of personal computers (PCs), personal digital assistants (PDAs), wireless telephones, desktop computer, laptop computer, mobile computers, cameras, video recorders, audio/video players, positioning devices, game devices, television devices, radio devices, or various other devices or combinations thereof.
A user device may be configured to send a request access to a service, website, or application in the form of a network address, possibly in IPv4 or IPv6 protocol. The request may be sent through a router to the network. The router may employ a Network Address Translation that masks the user device's network address and re-maps the user device's address via a routing table to an address of the router. In one example embodiment, the address of the user device may be known as a private internet protocol (IP) address while the router address may be known as a public IP address. The service, website, or application receiving the request sees a request from the router address but does not see the address of the user device. Therefore, when the host of the service, website, or application sends information (also referred to as data or data packets), the host may send the information to the router address and the router, in turn, may send the data to the user device based on the routing tables generated at the router. This translation that is required to pass data through the router may add complexity and can slow the speed with which a user accesses the network. Further, if the user device is mobile and is moving between routers employing NAT while sending and receiving data, the complexity of the transition can lead to a disconnection from the requested service. When a mobile user device moves between network access points, the mobility protocol may be implemented by the provider of the service being accessed; therefore the service must follow the mobile user device as it moves between nodes and goes through multiple Network Address Translations.
In mobile applications, a user device may send a request while in the network of a first router employing a first NAT, but then after the connection is established and the user session has begun, the user device may move to the network of a second router. The service must then adapt to the second router address while providing continuous service. When such a transition occurs, established sessions may not survive the transition and the user session may be prematurely terminated. This potential outcome may result in a dissatisfied consumer and loss of revenue for a service provider. In an example embodiment, internet protocol mobility may be implemented by each service provider implementing service level roaming for each service. A problem exists with how to deploy applications and circumvent Network Address Translators, Application Layer Gateways (ALGs) or firewall rules that complicate and can disrupt communication, particularly in mobile applications.
Inter-network and intra-network mobility can be improved using an overlay network, such as mobility enabled IP overlay network. In order to provide further context for some example embodiments of an IP overlay network, a few select examples of an IP overlay network will be described. In an example embodiment, an overlay network may be a network that is built on top of another network. An overlay network may be a network restricted to use by a particular group of users, such as subscribers to said overlay network. An overlay network may provide access to sites and services otherwise not available to users outside of the overlay network. These sites and services may be hosted on a server within the overlay network, or they may be hosted on a third party server that may be accessed through the overlay network. Overlay networks may improve the robustness and availability of network paths between hosts.
An overlay network may be supported by one or more cooperating hosts as illustrated in
In an example embodiment of the IP overlay network described herein and illustrated in
The overlay network 102 may be configured to support services that may be provided by a host of the overlay network or provided by a remote server or other network entity. Some services supported by the overlay network 102 may include a fee arrangement between the overlay provider and the service provider or the originator of the service. A user of the overlay network may subscribe to services that are supported by the overlay network in a variety of ways such as through contracts (i.e., monthly, annual, etc.) and/or pay-per-use services among others. Such services may be in the form of Voice Over Internet Protocol (VOIP), social networking services, global positioning or mapping services, or any other service that may be provided over a network. Some services supported by the overlay network may provide exclusive content for subscribers of the overlay network such as a secure internet mail service or an instant messaging service.
Advantageously, for a service supported by the overlay network 102 the connection speed and reliability of the connection may be increased relative to the provision of the same service over the internet, thereby benefiting both the user and the service provider. The connection speed may be increased due to the overlay network only being available to subscribers, which may allow greater bandwidth to be allocated to each user, whereas a service that is provided by the internet, but not the overlay network, may see a reduction in per user bandwidth when a plurality of users are accessing the service at the same time. The service may also be more reliable as compared to the same service being supported by the internet as the user device may be connected directly to the overlay network which can control and govern the connection. Further details of how the service may be more reliable are detailed below.
As noted above, an overlay network may be configured as illustrated in the example embodiment of
The service subscription and control entity 108 may be in communication with the virtual storefront through which a user signs up for a service and/or pays for a service. The service subscription and control entity 108 may retain the user information such that there may be a record of authorized subscribers and the status of their subscriptions or accounts. This record of authorized subscribers may be maintained as a table that includes network addresses for each subscribed user device. When a service request is received at the service subscription and control entity 108, the home agent 104 provides the service subscription and control entity 108 with a fixed address, such as a fixed IP address, and the service subscription and control entity 108 appends a prefix to the fixed address that may be associated with the service requested. The result of the fixed address and the appended prefix may be a service-specific address that may be provided to the user device 110. The service subscription and control entity 108 may configure a routing table update to be sent to the user device 110 by the home agent 104 together with the address. The routing table update and address that may be provided to the user device 110 may enable the user device 110 to connect directly to the requested service by navigating to the service-specific address. The software of the user device may be configured to reference the routing table before each service request such that future requests for the service by the user device 110 may reference the routing table and send the request directly to the service-specific address resulting in a faster, more reliable connection to the service.
The policy enforcement entity 106 may be configured to assign and maintain rules for the subscribed users to send information packets to internal and/or external locations relative to the overlay network 102. The policy enforcement entity 106 may maintain rules that govern the information transfer between the overlay network 102 and the user devices 110. The policy enforcement entity 106 may receive a request from the service subscription and control entity 108 regarding a requested service and the policy enforcement entity 106 may provide to the service subscription and control entity 108 a set of rules to be incorporated into the routing table update that may be sent to the user device 110. The rules included in a routing table update may ensure that the user device 110 operates properly when in a session with the service associated with the routing table entry. The policy enforcement module 106 may further maintain an access control list that serves as a firewall for the overlay network or for service providers.
The user device may maintain a routing table with rules that apply to each service-specific address for services to which the user device may be subscribed. When a user directs the user device to access a particular service, the user device may use the routing table to determine the rules associated with a particular service-specific address to use to access the requested service. Navigating to the service-specific address may permit faster communications and easier accessibility, while also operating on an overlay network that may not be subject to the same inefficiencies as the internet, such as firewalls and NATs.
The overlay network may be established by a host device, such as a server, as described above. The host device may be embodied in various manners, but in one example embodiment it may be embodied as shown in
Further, the memory device 42 may be configured to store information, data, applications, computer-readable program code instructions, or the like for enabling the processor 40 and the example host device to carry out various functions in accordance with example embodiments of the present invention described herein. For example, the memory device 42 could be configured to buffer input data for processing by the processor 40. Additionally, or alternatively, the memory device 42 may be configured to store instructions for execution by the processor 40.
The communication interface 44 may be any device or means embodied in either hardware, a computer program product, or a combination of hardware and a computer program product that may be configured to receive and/or transmit data from/to a network and/or any other device or module in communication with the example apparatus. Processor 40 may also be configured to facilitate communications via the communications interface by, for example, controlling hardware included within the communications interface 44. In this regard, the communication interface 44 may include, for example, one or more antennas, a transmitter, a receiver, a transceiver and/or supporting hardware, including a processor for enabling communications with network 30. Via the communication interface 44 and the network 30, the example host device may communicate with various other network entities in a device-to-device fashion and/or via indirect communications via a base station, access point, server, gateway, router, or the like.
The communications interface 44 may be configured to provide for communications in accordance with any wired or wireless communication standard. The communications interface 44 may be configured to support communications in multiple antenna environments, such as multiple input multiple output (MIMO) environments. Further, the communications interface 44 may be configured to support orthogonal frequency division multiplexed (OFDM) signaling. In some example embodiments, the communications interface 44 may be configured to communicate in accordance with various techniques, such as, second-generation (2G) wireless communication protocols IS-136 (time division multiple access (TDMA)), GSM (global system for mobile communication), IS-95 (code division multiple access (CDMA)), third-generation (3G) wireless communication protocols, such as Universal Mobile Telecommunications System (UMTS), CDMA2000, wideband CDMA (WCDMA) and time division-synchronous CDMA (TD-SCDMA), 3.9 generation (3.9G) wireless communication protocols, such as Evolved Universal Terrestrial Radio Access Network (E-UTRAN), with fourth-generation (4G) wireless communication protocols, international mobile telecommunications advanced (IMT-Advanced) protocols, Long Term Evolution (LTE) protocols including LTE-advanced, or the like. Further, communications interface 44 may be configured to provide for communications in accordance with techniques such as, for example, radio frequency (RF), infrared (IrDA) or any of a number of different wireless networking techniques, including WLAN techniques such as IEEE 802.11 (e.g., 802.11a, 802.11b, 802.11g, 802.11n, etc.), wireless local area network (WLAN) protocols, world interoperability for microwave access (WiMAX) techniques such as IEEE 802.16, and/or wireless Personal Area Network (WPAN) techniques such as IEEE 802.15, BlueTooth (BT), low power versions of BT, ultra wideband (UWB), Wibree, Zigbee and/or the like. The communications interface 44 may also be configured to support communications at the network layer, possibly via Internet Protocol (IP).
As shown in
Although described above in the context of the host device, a user device or other source may also be embodied by an example apparatus of the type depicted in
An example embodiment of an overlay network in accordance with one example embodiment is presented by
Accordingly, blocks of the flowcharts support combinations of means for performing the specified functions, combinations of steps for performing the specified functions and program instruction means for performing the specified functions. It will also be understood that one or more blocks of the flowchart, and combinations of blocks in the flowcharts, can be implemented by special purpose hardware-based computer systems which perform the specified functions, or combinations of special purpose hardware and computer instructions. The function of each operation of the flowcharts described herein may be performed by a processor bringing about the operation or transformation set forth in the flow chart operations.
An example embodiment of an overlay network will be described herein with reference to the diagram of
Another example embodiment may entail a dynamically assigned address. An address may remain static during a session with a particular device even through movement throughout the overlay network; however, when a connection is terminated, or when a device is restarted, the next request from the device for the service may be assigned a different address from the overlay network.
Additionally, in some example embodiments, the request for a service may come from a first entity or device, and the address and routing table entry may be sent to a second entity or device. Such an embodiment may allow a user of a first device to request a service for a second user device or allow a service provider to request that a service subscription be sent to a user device.
In another example embodiment of the overlay network illustrated in
The flowchart of
A service-specific overlay may be created for any or all of the services available on the overlay network. An example embodiment of the application of service-specific overlays is illustrated in the flowchart of
An advantage to each service having a service-specific overlay may be that the user devices operating on that service-specific overlay may be unimpeded by devices using the internet, but not the same service. This may be beneficial in peer-to-peer applications such as games or VOIP among other services. Several services may use the same service-specific overlay in some cases as they may be related or traffic for each service on the service-specific overlay may be at low enough levels to allow multiple services to be hosted by the same overlay network.
Further advantages to the overlay network may include more robust connections enhancing the mobility of user devices. When a user device is connected to a service via the overlay network, the user device may be connected through a service-specific address that may be static and does not change when the user device changes network access points. Further, communication from the service may be directed through the overlay network directly to the user device rather than through a router employing NAT. Such direct communication and the stability of IP addresses enhances the reliability of the service sessions and provides a more robust connection to the overlay network that may be less likely to be disconnected prematurely since there are no changing addresses for the services to routinely update.
An embodiment of an implementation of the overlay network is illustrated in
As shown in
In another example embodiment, an apparatus, such as shown in
In another example embodiment, an apparatus may be provided that includes at least one processor 40 and at least one memory 42 including computer program code. The at least one memory and the computer program code of this example embodiment are configured to, with the at least one processor, cause the apparatus to receive a request for a new service subscription, configure a service-specific IP address for the subscribed user device, configure rules for the subscribed user device, and forward the rules and service-specific IP address to a user device.
In yet another example embodiment, a computer program product comprising a computer-readable storage medium, e.g., memory device 42, having computer-readable program instructions stored therein. The computer-readable program instructions of this example embodiment may include program instructions to receive a request for a new service subscription. The computer-readable program instructions may also include program instructions to configure a service-specific IP address for the subscribed user device and to configure rules for the subscribed user device. Further, the computer-readable program instructions may include program instructions to forward the rules and service-specific IP address to the subscribed user device.
Many modifications and other embodiments of the inventions set forth herein will come to mind to one skilled in the art to which these inventions pertain having the benefit of the teachings presented in the foregoing descriptions and the associated drawings. Therefore, it is to be understood that the inventions are not to be limited to the specific embodiments disclosed and that modifications and other embodiments are intended to be included within the scope of the appended claims. Moreover, although the foregoing descriptions and the associated drawings describe example embodiments in the context of certain example combinations of elements and/or functions, it should be appreciated that different combinations of elements and/or functions may be provided by alternative embodiments without departing from the scope of the appended claims. In this regard, for example, different combinations of elements and/or functions than those explicitly described above are also contemplated as may be set forth in some of the appended claims. Although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.