What technology area does this patent fall under?

Primary CPC classification H04L61/2514. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Jun 29 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Determining source address information for network packets

US11050709B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11050709-B2
Application number	US-201916260012-A
Country	US
Kind code	B2
Filing date	Jan 28, 2019
Priority date	May 30, 2017
Publication date	Jun 29, 2021
Grant date	Jun 29, 2021

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A system is configured to perform operations that include determining an exception event corresponding to a transmission of a plurality of network packets over an electronic network. The electronic network may cause network address translation to be performed on the plurality of network packets. The operations may also include identifying, based on a log of the plurality of network packets, a first network packet associated with the exception event and calculating, based on a payload portion of the first network packet, a packet signature corresponding to the first network packet. The operations may further include determining, based on a comparison between a first data structure and a second data structure using the packet signature, original source address information that corresponds to the first network packet prior to the network address translation being performed on the first network packet.

First claim

Opening claim text (preview).

What is claimed is: 1. A system, comprising: at least two processors; and at least two non-transitory computer-readable mediums having stored thereon instructions that are executable to cause the system to perform operations comprising: prior to a network address translation process occurring on a network packet transmitted from one of a plurality of source devices to one of a plurality of destination devices: capturing first network packet information for the network packet before the network packet passes through a network, wherein the first network packet information includes a network source address of the one of the plurality of source devices; calculating a first identifying packet signature for the network packet based on a payload of the network packet; and storing the first identifying packet signature as part of the first network packet information and separately from the network packet; and subsequent to the network packet being translated to a translated network packet through the network address translation process: determining, at a diagnostic device, that the translated network packet is associated with an exception event; based on the determining, calculating, at the diagnostic device, a second identifying packet signature based on the payload of the translated network packet; determining, by matching the first and second identifying packet signatures, the captured first network packet information; and determining the network source address for the network packet from the captured first network packet information, wherein the network source address is not present in the translated network packet. 2. The system of claim 1 , wherein the network address translation process changes the network source address for the network packet into a different network source address. 3. The system of claim 1 , wherein determining the network source address occurs subsequent to the translated network packet being delivered to the one of the plurality of destination devices. 4. The system of claim 1 , wherein the system further comprises a network address translation device configured to translate the network source address of the network packet into a different network source address. 5. The system of claim 1 , wherein calculating the first identifying packet signature for the network packet comprises determining a hash value corresponding to the network packet based on a payload portion of the network packet. 6. The system of claim 1 , wherein the operations further comprise: generating a structure that includes at least the network source address of the network packet prior to the network translation process and a translated network source address of the network packet subsequent to the network translation process. 7. The system of claim 1 , wherein the network source address of the network packet corresponds to the one of the plurality of source devices where the network packet originated prior to passing through the network. 8. A non-transitory computer-readable medium having stored thereon instructions that are executable by computer devices to cause the computer devices to perform operations comprising: prior to a network address translation process occurring on a network packet of a plurality of network packets from one of a plurality of source devices: capturing first network packet information for the network packet before the network packet passes through a network, the network packet destined to one of a plurality of destination devices, wherein the first network packet information includes a network source address of the one of the plurality of source devices; calculating a first identifying packet signature for the network packet based on a payload of the network packet; and storing the first identifying packet signature as part of the first network packet information for the network packet and separately from the network packet; and subsequent to the network packet being translated to a translated network packet through the network address translation process: determining, at a diagnostic device, that the translated network packet is associated with an exception event; based on the determining, calculating a second identifying packet signature based on the payload of the translated network packet; and matching the first and second identifying packet signatures to determine the captured first network packet information; and determining, the network source address for the network packet from the captured first network information, wherein the network source address is not present in the translated network packet. 9. The non-transitory computer-readable medium of claim 8 , wherein the operations further comprise: sampling the plurality of network packets, including the network packet, from a second plurality of network packets that is greater in quantity than the plurality of network packets, wherein network packet information is not captured by the computer devices for at least some of the second plurality of network packets. 10. The non-transitory computer-readable medium of claim 8 , wherein calculating the first identifying packet signature for the network packet further comprises: deriving a histogram from a payload portion of the network packet; and determining a hash value from the histogram. 11. The non-transitory computer-readable medium of claim 8 , wherein the first network packet information comprises at least one of a Transmission Control Protocol (TCP) source port number or a User Datagram Protocol (UDP) source port number. 12. The non-transitory computer-readable medium of claim 8 , wherein calculating the first identifying packet signature comprises determining a hash value corresponding to the network packet based on the payload of the network packet. 13. A method, comprising: prior to a network address translation process occurring on a network packet of a plurality of network packets from one a plurality of source devices: capturing, at an agent device, first network packet information for the network packet before the network packet passes through a network, wherein the network packet is destined for one of a plurality of destination devices; calculating a first identifying packet signature for the network packet based on a payload of the network packet; and storing the first identifying packet signature in association with the first network packet information for the network packet in a data structure; and subsequent to the network packet being translated to a translated network packet through the network address translation process: determining, at a diagnostic device, that the translated network packet is associated with an exception event; based on the determining, calculating a second identifying packet signature based on the payload of the translated network packet; matching the first and second identifying packet signature to determine the captured first network packet information; and determining a network source address for the network packet from the captured first network packet information, wherein the network source address is not present in the translated network packet. 14. The method of claim 13 , wherein the first network packet information further comprises a source internet protocol (IP) address for the network packet. 15. The method of claim 13 , wherein the first network packet information comprises timestamp information corresponding to a time at which the network packet was transmitted from the one of the plurality of source devices. 16. The method of claim 13 , wherein the first identifying packet s

Assignees

Paypal Inc

Inventors

Boutnaru Shlomi

Classifications

H04L61/2514Primary
between local and global IP addresses · CPC title
H04L61/2557
Translation policies or rules · CPC title
H04W40/32
for defining a routing cluster membership · CPC title
H04L61/25Primary
of the same type · CPC title
H04W40/28
for reactive routing · CPC title

Patent family

Related publications grouped by family.

View patent family 64460156

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11050709B2 cover?: A system is configured to perform operations that include determining an exception event corresponding to a transmission of a plurality of network packets over an electronic network. The electronic network may cause network address translation to be performed on the plurality of network packets. The operations may also include identifying, based on a log of the plurality of network packets, a f…
Who is the assignee on this patent?: Paypal Inc
What technology area does this patent fall under?: Primary CPC classification H04L61/2514. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Jun 29 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).