System and method for IP network address translation using selective masquerade

Assignee

• International Business Machines Corporation · US

Inventors

• Edward B. Boden · Vestal, US
• Wesley A. Brzozowski · Endicott, US
• Franklin A. Gruber · Vestal, US
• Donald A. Palermo · Johnson City, US
• Michael D. Williams · Gardiner, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L61/2557
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

An address management system and method. ADDRESS statements and HIDE rule statements are processed to generate a file of masquerade rules for associating subsets of internal addresses among a plurality of public addresses. Responsive to these masquerade rules, network address translation is performed for incoming and outgoing IP datagrams. IP Network Address Translation (NAT) and IP Filtering functions provide firewall-type capability to a gateway system, such as the IBM AS/400 system. A customer's system administrator specifies specific NAT and Filtering rules (via the AS/400 Operational Navigator GUI). A type of NAT, called masquerade NAT, defines a many-to-one mapping in such a way as to allow the ‘many’ to specify subsets of IP addresses. This allows traffic separation, which improves throughput to and from external networks (e.g. the Internet), and also improves flexibility in IP address management.