Connection trace recording for ultra-large NAT engines
Some embodiments provide a novel method for performing network address translation to share a limited number of external source network addresses among a large number of connections. Instead of allocating an external source network address for an outgoing packet based only on its internal source net...
Gespeichert in:
| Hauptverfasser: | , , , |
|---|---|
| Format: | Patent |
| Sprache: | chi ; eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | Some embodiments provide a novel method for performing network address translation to share a limited number of external source network addresses among a large number of connections. Instead of allocating an external source network address for an outgoing packet based only on its internal source network address, methods of some embodiments allocate an external source network address based on a source network address and a destination network address of the outgoing packet. This allows a limited number of external source network addresses to be reused for different destination network addresses. For example, in some embodiments, the network address assignment scheme of the method allows the same 64K (e.g., 216) external source ports to be used for 64K connections for each destination network address.
一些实施例提供了一种用于执行网络地址翻译以在大量连接之间共享有限数量的外部源网络地址的新颖方法。代替仅仅基于其内部源网络地址为外出分组分配外部源网络地址,一些实施例的方法基于外出分组的源网络地址和目的地网络地址来分配外部源网络地址。这允许将有限数量的外部源网络地址重用于不同的目的地网络地址。例如,在一些实施例中,该方法的网络地址分配方案允许将相同的64K(例如,2^16)个外部源端口用于每个目的地网络地址的64K个连接。 |
|---|