Handover: A mechanism to improve the reliability and availability of network services for clients behind a network address translator

Abstract

With the rapid growth of Infrastructure as a Service (IaaS), it becomes more important to increase reliability and availability of a service. In our patent, called Connector in the paper, we allow a server to be live migrated to another physical host with a different Internet Protocol (IP) address; meanwhile, all existing clients still can use their original connections to connect to the new server. However, a client sitting behind a network address translator cannot use Connector directly. In this research, we propose a new mechanism, called Handover, to allow a client sitting behind a network address translator to use Connector. We apply a fake three-way handshake to prevent the redirected traffic from being blocked by a network address translator router. Experimental results show that Handover is effective and the overhead of this changeover process is less than 0.2 s. Furthermore, it may be integrated into a Distributed Denial of Service (DDoS) defense system to guard a host against DDoS attacks.