Broadband access for virtual private networks
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-012/28
H04L-012/46
출원번호
US-0951867
(2013-07-26)
등록번호
US-8942240
(2015-01-27)
발명자
/ 주소
Chen, Weijing
Allen, Keith Joseph
출원인 / 주소
Marlow Technologies, LLC
대리인 / 주소
Volpe and Koenig, P.C.
인용정보
피인용 횟수 :
0인용 특허 :
97
초록▼
Communications between a source and a destination include receiving, at an egress edge device from an ingress edge device, an upper layer packet including a virtual private network identification identifying a destination. The upper layer packet is authenticated at the egress edge device using the v
Communications between a source and a destination include receiving, at an egress edge device from an ingress edge device, an upper layer packet including a virtual private network identification identifying a destination. The upper layer packet is authenticated at the egress edge device using the virtual private network identification by comparing the virtual private network identification against an expectation for the upper layer packet. Upon authentication, the upper layer packet is decapsulated into a lower layer packet for the destination.
대표청구항▼
1. A method for communicating between a source and a destination, comprising: receiving, at an egress edge device from an ingress edge device, an upper layer packet including a virtual private network identification identifying a destination, the virtual private network identification having been ad
1. A method for communicating between a source and a destination, comprising: receiving, at an egress edge device from an ingress edge device, an upper layer packet including a virtual private network identification identifying a destination, the virtual private network identification having been added to a header of the upper layer packet by the ingress edge device;authenticating the upper layer packet at the egress edge device using the virtual private network identification by comparing the virtual private network identification against an expectation for the upper layer packet; andupon authentication, decapsulating the upper layer packet into a lower layer packet for the destination,wherein the virtual private network identification is a unique identification number assigned to the source for marking the upper layer packet as belonging to a virtual private network to which the source and the destination belong, the virtual private network identification comprising at least four bytes. 2. The method according to claim 1, wherein the egress edge device and ingress edge device are on edges of a service provider internet protocol network. 3. The method according to claim 1, wherein the virtual private network identification distinguishes upper layer packets originated by the source from other upper layer packets not from the source. 4. The method according to claim 1, wherein the upper layer packet is received at multicast addresses including an address of the egress edge device. 5. The method according to claim 2, wherein the upper layer packet is received at the egress edge device but not at other egress edge devices of the service provider internet protocol network when the destination is mapped specifically to the egress edge device. 6. The method according to claim 1, wherein the upper layer packet comprises data received in turn from the source. 7. The method according to claim 1, wherein the egress edge device provides an interface for an ethernet local area network. 8. The method according to claim 1, wherein the authenticating the upper layer packet using the virtual private network identification comprises verifying a secured network identifier corresponding to a secured network to which the source and the destination belong, andwherein the upper layer packet is discarded when the secured network identifier is not verified. 9. The method according to claim 1, wherein the destination accesses the egress edge device, to which the upper layer packet is delivered, via a broadband access link. 10. The method according to claim 1, wherein the destination accesses the egress edge device, to which the upper layer packet is delivered, via a digital subscriber line. 11. The method according to claim 10, wherein the egress edge device comprises a digital subscriber line access multiplexer. 12. The method according to claim 9, wherein the egress edge device provides an interface to an internet protocol local area network. 13. The method according to claim 9, wherein the egress edge device comprises an interworking function device. 14. The method according to claim 1, wherein the upper layer packet is received in a unicast. 15. The method according to claim 2, wherein the service provider internet protocol network comprises gateways, andwherein each of the gateways comprises a plurality of line interfaces. 16. The method according to claim 15, wherein the destination corresponds to one of the plurality of line interfaces. 17. The method according to claim 15, wherein the destination corresponds to more than one of the plurality of line interfaces. 18. A system for communicating between a source and a destination, comprises: a receiver at an egress edge device that receives from an ingress edge device, an upper layer packet including a virtual private network identification identifying a destination, the virtual private network identification having been added to a header of the upper layer packet by the ingress edge device; anda decapsulator at the egress edge device that authenticates the upper layer packet using the virtual private network identification by comparing the virtual private network identification against an expectation for the upper layer packet and, upon authentication, decapsulates the upper layer packet into a lower layer packet for the destination,wherein the virtual private network identification is a unique identification number assigned to the source for marking the upper layer packet as belonging to a virtual private network to which the source and the destination belong, the virtual private network identification comprising at least four bytes. 19. A non-transitory computer readable medium comprising a set of instructions for communicating between a source and a destination, the set of instructions, when executed by a processor of an egress edge device, causing the egress edge device to perform acts of: receiving an upper layer packet including a virtual private network identification identifying a destination, the virtual private network identification having been added to a header of the upper layer packet by an ingress edge device;authenticating the upper layer packet using the virtual private network identification by comparing the virtual private network identification against an expectation for the upper layer packet; andupon authentication, decapsulating the upper layer packet into a lower layer packet for the destination,wherein the virtual private network identification is a unique identification number assigned to the source for marking the upper layer packet as belonging to a virtual private network to which the source and the destination belong, the virtual private network identification comprising at least four bytes.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (97)
Hebb Andrew T., ATM address translation method and apparatus.
Masuda Michio,JPX ; Nishihara Motoo,JPX ; Ogawa Makoto,JPX, ATM connectionless communication system having session supervising and connection supervising functions.
Bennett Toby D. ; Davis Donald J. ; Harris Jonathan C. ; Miller Ian D., Apparatus and method for constructing data for transmission within a reliable communication protocol by performing portions of the protocol suite concurrently.
Edward James Ellesson ; Roch Andre Guerin ; Sanjay Damodar Kamat ; Arvind Krishna ; Rajendran Rajan ; Dinesh Chandra Verma, Architecture for supporting service level agreements in an IP network.
Thubert,Pascal; Molteni,Marco; Wetterwald,Patrick; Troan,Ole, Arrangement for traversing an IPv4 network by IPv6 mobile nodes via a mobility anchor point.
Fan, Jason C.; Jogalekar, Prasad P.; Bannai, Vinay K., Automatic reconfiguration of short addresses for devices in a network due to change in network topology.
Takashima, Kenya; Nakamichi, Koji; Watanabe, Naotoshi; Soumiya, Toshio; Ezaki, Yutaka; Murata, Kazunori, Boundary device for performing a connection control at a boundary between two communications networks.
Kshirsagar Madhukar M. ; La Porta Thomas F. ; Shur David H. ; Veeraraghavan Malathi ; Woodworth Clark, Communications system for transmission of datagram packets over connection-oriented networks.
Pi-Yu Chung ; Om P. Damani ; Yennun Huang ; Chandra M. Kintala ; Yi-Min Wang, Hosting a network service on a cluster of servers using a single-address image.
Kenichi Nagami JP; Junko Ami JP; Yasuhiro Katsube JP; Takeshi Saito JP; Hiroshi Esaki JP, IP over ATM system using control messages to set up cut-through paths or bypass pipes in routers.
Kujoory Ali Mohammad ; Saad Samir S. ; Shur David Hilton ; Tewani Kamlesh T. ; Yee James Kwong, Management of ATM virtual circuits with resources reservation protocol.
Chang Tian-Pong P. (Holmdel NJ) Civanlar Seyhan (Middletown Township ; Monmouth County NJ) Saksena Vikram R. (Freehold NJ), Method and apparatus for interconnecting LANs.
Cox Norman Eugene ; Christensen Kenneth J. ; Ervin Jim P. ; Matlack ; Jr. Richard Colbert, Method and system for distributing network routing functions to local area network stations.
Nessett Danny M. ; Grabelsky David ; Borella Michael S. ; Sidhu Ikhlaq S., Method and system for locating network services with distributed network address translation.
Wurch,Donald L.; Le,Liem Q.; Becker,Carey B.; Qaddoura,Emad A.; Coffin,Russ C., Method and system for switching between two network access technologies without interrupting active network applications.
Beser, Nurettin B.; Borella, Michael, Method for encapsulating and transmitting a message includes private and forwarding network addresses with payload to an end of a tunneling association.
DeSimone Antonio ; Golan Joseph ; Kuthyar Ashok K. ; Parent Bryant Richard ; Ramamurthy Ram S. ; Shur David Hilton, Method for managing multicast addresses for transmitting and receiving multimedia conferencing information on an internet protocol (IP) network implemented over an ATM network.
Karapetkov Stefan,DEX ; Fromm Ingrid,DEX ; Petri Bernhard,DEX, Method for the transmission of information packets between emulated LANs using address resolution.
Baum,Robert T.; Voit,Eric A., Methods, apparatus and data structures for preserving address and service level information in a virtual private network.
Nagami Kenichi,JPX ; Ami Junko,JPX ; Katsube Yasuhiro,JPX ; Saito Takeshi,JPX ; Esaki Hiroshi,JPX, Network interconnection apparatus, network node apparatus, and packet transfer method for high speed, large capacity in.
Goldsmith Amy M. (Los Gatos CA) Goldsmith David B. (Los Gatos CA) Pettus Christopher E. (San Francisco CA), Object-oriented remote procedure call networking system.
Richard Adriano ; Poornima Lalwaney ; Yong Ho Son, Packet processing relay agent to provide link layer forwarding in one-way cable/wireless/satellite modems.
Morishige,Takehiro; Inouchi,Hidenori; Takeda,Yukiko; Tanaka,Koji, System using mobile proxy for intercepting mobile IP message and performing protocol translation to support multiple communication protocols between mobile networks.
Caronni, Germano; Gupta, Amit; Kumar, Sandeep; Markson, Tom R.; Schuba, Christoph L.; Scott, Glenn C., Truly anonymous communications using supernets, with the provision of topology hiding.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.