Handover: A mechanism to improve the reliability and availability of network services for clients behind a network address translator

Fu Hau Hsu, Yan Ling Hwang, Kai Wei Chang, Chia Hao Lee, Chuan Sheng Wang, Chuan Kai Kao, Zhi Yao Zhong

Research output: Contribution to journalArticlepeer-review

Abstract

With the rapid growth of Infrastructure as a Service (IaaS), it becomes more important to increase reliability and availability of a service. In our patent, called Connector in the paper, we allow a server to be live migrated to another physical host with a different Internet Protocol (IP) address; meanwhile, all existing clients still can use their original connections to connect to the new server. However, a client sitting behind a network address translator cannot use Connector directly. In this research, we propose a new mechanism, called Handover, to allow a client sitting behind a network address translator to use Connector. We apply a fake three-way handshake to prevent the redirected traffic from being blocked by a network address translator router. Experimental results show that Handover is effective and the overhead of this changeover process is less than 0.2 s. Furthermore, it may be integrated into a Distributed Denial of Service (DDoS) defense system to guard a host against DDoS attacks.

Original languageEnglish
Pages (from-to)159-169
Number of pages11
JournalComputers and Electrical Engineering
Volume67
DOIs
StatePublished - Apr 2018

Keywords

  • DDoS
  • Live migration
  • NAT
  • Three-way handshake
  • Virtual machine

Fingerprint

Dive into the research topics of 'Handover: A mechanism to improve the reliability and availability of network services for clients behind a network address translator'. Together they form a unique fingerprint.

Cite this