Broadband access for virtual private networks
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-012/18
H04L-012/741
H04L-012/46
H04L-012/931
H04L-029/06
출원번호
US-0604161
(2015-01-23)
등록번호
US-9467373
(2016-10-11)
발명자
/ 주소
Chen, Weijing
Allen, Keith Joseph
출원인 / 주소
Marlow Technologies, LLC
대리인 / 주소
Volpe and Koenig, P.C.
인용정보
피인용 횟수 :
0인용 특허 :
106
초록▼
Communications between a source and a destination include receiving, at an egress edge device from an ingress edge device, an upper layer packet including a virtual private network identification identifying a destination. The upper layer packet is authenticated at the egress edge device using the v
Communications between a source and a destination include receiving, at an egress edge device from an ingress edge device, an upper layer packet including a virtual private network identification identifying a destination. The upper layer packet is authenticated at the egress edge device using the virtual private network identification by comparing the virtual private network identification against an expectation for the upper layer packet. Upon authentication, the upper layer packet is decapsulated into a lower layer packet for the destination.
대표청구항▼
1. A method performed by an ingress interface device, the method comprising: receiving data from a source device;encapsulating the received data into an upper layer packet;adding a virtual private network (VPN) identification, a destination address, and a destination option type to the upper layer p
1. A method performed by an ingress interface device, the method comprising: receiving data from a source device;encapsulating the received data into an upper layer packet;adding a virtual private network (VPN) identification, a destination address, and a destination option type to the upper layer packet, wherein the VPN identification is a unique identification number assigned to the source device for marking the upper layer packet as belonging to a VPN to which the source device and a destination device belong, wherein the destination option type includes a value indicating to discard the upper layer packet on a condition that an egress interface device does not recognize the destination option type; andforwarding the upper layer packet to at least one egress interface device. 2. The method of claim 1, wherein the data is received from the source device over a broadband access link. 3. The method of claim 1, wherein the ingress interface device and egress interface device are associated with a service provider network. 4. The method of claim 1, wherein the encapsulating is in accordance with a service provider network format. 5. The method of claim 1 further comprising determining whether the destination address is mapped to an egress interface device. 6. The method of claim 5, wherein on a condition that the destination address is mapped to an egress interface device, the upper layer packet is encapsulated into a unicast packet, and wherein the upper layer packet is forwarded to the mapped egress interface device. 7. The method of claim 5, wherein on a condition that the destination address is not mapped to an egress interface device, the upper layer packet is encapsulated into a multicast packet, and wherein the upper layer packet is forwarded to multiple egress interface devices. 8. The method of claim 1, wherein the VPN identification comprises at least four bytes. 9. The method of claim 1, wherein the VPN identification includes a VPN hop count. 10. An ingress interface device comprising: a receiver configured to receive data from a source device;at least one processor configured to encapsulate the received data into an upper layer packet;the at least one processor configured to add a virtual private network (VPN) identification, a destination address, and a destination option type to the upper layer packet, wherein the VPN identification is a unique identification number assigned to the source device for marking the upper layer packet as belonging to a VPN to which the source device and a destination device belong, wherein the destination option type includes a value indicating to discard the upper layer packet on a condition that an egress interface device does not recognize the destination option type; anda transmitter configured to forward the upper layer packet to at least one egress interface device. 11. The ingress interface device of claim 10, wherein the data is received from the source device over a broadband access link. 12. The ingress interface device of claim 10, wherein the ingress interface device and egress interface device are associated with a service provider network. 13. The ingress interface device of claim 10, wherein the at least one processor is configured to encapsulate the received data in accordance with a service provider network format. 14. The ingress interface device of claim 10 wherein the at least one processor is configured to determine whether the destination address is mapped to an egress interface device. 15. The ingress interface device of claim 14, wherein on a condition that the destination address is mapped to an egress interface device, the at least one processor is configured to encapsulate the upper layer packet into a unicast packet and the transmitter is configured to forward the upper layer packet to the mapped egress interface device. 16. The ingress interface device of claim 14, wherein on a condition that the destination address is not mapped to an egress interface device, the at least one processor is configured to encapsulate the upper layer packet into a multicast packet and the transmitter is configured to forward the upper layer packet to multiple egress interface devices. 17. The ingress interface device of claim 10, wherein the VPN identification comprises at least four bytes. 18. The ingress interface device of claim 10, wherein the VPN identification includes a VPN hop count. 19. A non-transitory computer-readable storage medium with stored instructions, wherein the stored instructions are executable by a processor of a computer, to perform method steps of: receiving data from a source device;encapsulating the received data into an upper layer packet;adding a virtual private network (VPN) identification, a destination address, and a destination option type to the upper layer packet, wherein the VPN identification is a unique identification number assigned to the source device for marking the upper layer packet as belonging to a VPN to which the source device and a destination device belong, wherein the destination option type includes a value indicating to discard the upper layer packet on a condition that an egress interface device does not recognize the destination option type; andforwarding the upper layer packet to at least one egress interface device.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (106)
Hebb Andrew T., ATM address translation method and apparatus.
Masuda Michio,JPX ; Nishihara Motoo,JPX ; Ogawa Makoto,JPX, ATM connectionless communication system having session supervising and connection supervising functions.
Bennett Toby D. ; Davis Donald J. ; Harris Jonathan C. ; Miller Ian D., Apparatus and method for constructing data for transmission within a reliable communication protocol by performing portions of the protocol suite concurrently.
Edward James Ellesson ; Roch Andre Guerin ; Sanjay Damodar Kamat ; Arvind Krishna ; Rajendran Rajan ; Dinesh Chandra Verma, Architecture for supporting service level agreements in an IP network.
Thubert,Pascal; Molteni,Marco; Wetterwald,Patrick; Troan,Ole, Arrangement for traversing an IPv4 network by IPv6 mobile nodes via a mobility anchor point.
Fan, Jason C.; Jogalekar, Prasad P.; Bannai, Vinay K., Automatic reconfiguration of short addresses for devices in a network due to change in network topology.
Takashima, Kenya; Nakamichi, Koji; Watanabe, Naotoshi; Soumiya, Toshio; Ezaki, Yutaka; Murata, Kazunori, Boundary device for performing a connection control at a boundary between two communications networks.
Kshirsagar Madhukar M. ; La Porta Thomas F. ; Shur David H. ; Veeraraghavan Malathi ; Woodworth Clark, Communications system for transmission of datagram packets over connection-oriented networks.
Pi-Yu Chung ; Om P. Damani ; Yennun Huang ; Chandra M. Kintala ; Yi-Min Wang, Hosting a network service on a cluster of servers using a single-address image.
Kenichi Nagami JP; Junko Ami JP; Yasuhiro Katsube JP; Takeshi Saito JP; Hiroshi Esaki JP, IP over ATM system using control messages to set up cut-through paths or bypass pipes in routers.
Kujoory Ali Mohammad ; Saad Samir S. ; Shur David Hilton ; Tewani Kamlesh T. ; Yee James Kwong, Management of ATM virtual circuits with resources reservation protocol.
Chang Tian-Pong P. (Holmdel NJ) Civanlar Seyhan (Middletown Township ; Monmouth County NJ) Saksena Vikram R. (Freehold NJ), Method and apparatus for interconnecting LANs.
Cox Norman Eugene ; Christensen Kenneth J. ; Ervin Jim P. ; Matlack ; Jr. Richard Colbert, Method and system for distributing network routing functions to local area network stations.
Nessett Danny M. ; Grabelsky David ; Borella Michael S. ; Sidhu Ikhlaq S., Method and system for locating network services with distributed network address translation.
Wurch,Donald L.; Le,Liem Q.; Becker,Carey B.; Qaddoura,Emad A.; Coffin,Russ C., Method and system for switching between two network access technologies without interrupting active network applications.
Beser, Nurettin B.; Borella, Michael, Method for encapsulating and transmitting a message includes private and forwarding network addresses with payload to an end of a tunneling association.
DeSimone Antonio ; Golan Joseph ; Kuthyar Ashok K. ; Parent Bryant Richard ; Ramamurthy Ram S. ; Shur David Hilton, Method for managing multicast addresses for transmitting and receiving multimedia conferencing information on an internet protocol (IP) network implemented over an ATM network.
Karapetkov Stefan,DEX ; Fromm Ingrid,DEX ; Petri Bernhard,DEX, Method for the transmission of information packets between emulated LANs using address resolution.
Lamberton, Marc; Mouque, Eric; Kermarec, François, Method of providing a virtual private network service through a shared network, and provider edge device for such network.
Baum,Robert T.; Voit,Eric A., Methods, apparatus and data structures for preserving address and service level information in a virtual private network.
Nagami Kenichi,JPX ; Ami Junko,JPX ; Katsube Yasuhiro,JPX ; Saito Takeshi,JPX ; Esaki Hiroshi,JPX, Network interconnection apparatus, network node apparatus, and packet transfer method for high speed, large capacity in.
Goldsmith Amy M. (Los Gatos CA) Goldsmith David B. (Los Gatos CA) Pettus Christopher E. (San Francisco CA), Object-oriented remote procedure call networking system.
Richard Adriano ; Poornima Lalwaney ; Yong Ho Son, Packet processing relay agent to provide link layer forwarding in one-way cable/wireless/satellite modems.
Bhattacharya, Partha P.; Kamat, Sanjay D.; Rajan, Rajendran R.; Sarkar, Saswati, Search tree for policy based packet classification in communication networks.
Morishige,Takehiro; Inouchi,Hidenori; Takeda,Yukiko; Tanaka,Koji, System using mobile proxy for intercepting mobile IP message and performing protocol translation to support multiple communication protocols between mobile networks.
Caronni, Germano; Gupta, Amit; Kumar, Sandeep; Markson, Tom R.; Schuba, Christoph L.; Scott, Glenn C., Truly anonymous communications using supernets, with the provision of topology hiding.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.