| 摘要 |
Technologies related to time based IP address hopping are generally described. In some examples, IP communications may involve IP network nodes including source nodes, which may configure and send IP packets via a network, gateway nodes, which may receive IP packets from the network and may send the IP packets to end point nodes, and end point nodes. The IP network nodes may hop between different IP addresses, which different IP addresses may be identified at least in part using shared time values. |
| 主权项 |
1. An Internet Protocol (IP) communication method for a gateway node adapted to support a Virtual Private Network (VPN), wherein the gateway node serves one or more end point nodes, and wherein the end point nodes comprise end point devices adapted to connect to the VPN, the method comprising:
exchanging, by the gateway node, handshake data with a source node to establish IP address hopping communication with the source node, wherein the handshake data comprises:
time interval data to establish synchronized IP address hopping time intervals;shared secret data that identifies a shared secret, wherein the shared secret is used to identify IP addresses used in IP address hopping communication; anda set of IP addresses supported by the gateway node; identifying, by the gateway node, a first IP address, wherein the first IP address is identified from the set of IP addresses supported by the gateway node, wherein the first IP address is identified using a first shared time value and the shared secret, wherein the first shared time value comprises, or is derived from, a current time at which the first IP address is identified, and wherein the first shared time value and the shared secret are shared between at least the gateway node and the source node; assigning, by the gateway node, the first IP address to an end point node served by the gateway node; sending, by the gateway node, IP packets addressed to the first IP address to the end point node; subsequent to elapse of a synchronized time interval, wherein the synchronized time interval is synchronized with the source node according to the time interval data exchanged in the handshake data, and subsequent to identifying the first IP address, identifying, by the gateway node, a second IP address from the set of IP addresses supported by the gateway node, wherein the second IP address is identified using a second shared time value according to the time interval data exchanged in the handshake data and the shared secret, and wherein the second shared time value comprises, or is derived from, a current time at which the second IP address is identified; assigning, by the gateway node, the second IP address to the end point node served by the gateway node; sending, by the gateway node, IP packets addressed to the second IP address to the end point node; allowing, by the gateway node, elapse of an overlap time interval subsequent to assigning the second IP address to the end point node and prior to discontinuing sending of IP packets addressed to the first IP address to the end point node, wherein during the overlap time interval, the gateway node sends IP packets addressed to both the first IP address and the second IP address to the end point node; subsequent to elapse of the overlap time interval, discontinuing, by the gateway node, sending of IP packets addressed to the first IP address to the end point node; sequentially assigning, by the gateway node, subsequent to assigning the second IP address, up to a number N of sequentially assigned IP addresses to the end point node; adjusting, by the gateway node, at least one time interval between assigning any of the sequentially assigned IP addresses to the end point node; and adjusting, by the gateway node, at least one overlap time interval prior to completing at least one transition between any of the sequentially assigned IP addresses. |
