US 7,478,169 B2
Accessing data processing systems behind a NAT enabled network
Dwip N. Banerjee, Austin, Tex. (US); Vinit Jain, Austin, Tex. (US); and Vasu Vallabhaneni, Austin, Tex. (US)
Assigned to International Business Machines Corporation, Armonk, N.Y. (US)
Filed on Oct. 16, 2003, as Appl. No. 10/687,266.
Prior Publication US 2005/0086373 A1, Apr. 21, 2005
Int. Cl. G06F 15/16 (2006.01); G06F 9/00 (2006.01)
U.S. Cl. 709—245  [726/12] 3 Claims
OG exemplary drawing
 
1. A method for accessing a data processing system behind a network address translation (NAT) enabled network, comprising:
responsive to detecting a user request from a client system to establish a connection with a domain name, wherein said domain name identifies a NAT data processing system located behind said NAT enabled network, sending said request for said domain name to a local domain name service (DNS) server;
responsive to said local DNS server returning a fail response indicating no authoritative address for said domain name, identifying an IP address for a NAT device associated with said requested domain name from a configuration file for a host client domain for said client system;
sending a DNS query of said domain name to said NAT device at said IP address for said NAT device;
automatically routing said query through said NAT device to a second DNS server that stores a plurality of private addresses for a plurality of systems located behind said NAT enabled network and source routing address for said NAT device;
responsive to receiving said query for said address of said NAT data processing system at said DNS server, returning from said DNS server to said client system said plurality of private addresses comprising a private address for said NAT data processing system and additional separate private addresses of a plurality of parallel data processing systems providing a same service as said NAT data processing system located behind said NAT enabled network and said source routing address for said NAT device;
sending packets, from said client system to said NAT data processing system at a particular address associated with said NAT data processing system from among said plurality of private addresses with loose source routing enabled through said NAT device at said source routing address, such that said NAT data processing system behind said NAT enabled network is directly accessed by said client system from outside said NAT enabled network; and
responsive to said client system receiving a fail signal from an attempt to send packets to said NAT data processing system, sending packets from said client system to a next data processing system from among said plurality of parallel data processing systems at one of said plurality of private addresses with loose source routing enabled through said NAT device at said source routing address.