최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0611987 (2015-02-02) |
등록번호 | US-9525620 (2016-12-20) |
발명자 / 주소 |
|
출원인 / 주소 |
|
인용정보 | 피인용 횟수 : 0 인용 특허 : 926 |
A wide area network using the internet as a backbone utilizing specially selected ISX/ISP providers whose routers route packets of said wide area network along private tunnels through the internet comprised of high bandwidth, low hop-count data paths. Firewalls are provided at each end of each priva
A wide area network using the internet as a backbone utilizing specially selected ISX/ISP providers whose routers route packets of said wide area network along private tunnels through the internet comprised of high bandwidth, low hop-count data paths. Firewalls are provided at each end of each private tunnel which recognize IP packets addressed to devices at the other end of the tunnel and encapsulate these packets in other IP packets which have a header which includes as the destination address, the IP address of the untrusted side of the firewall at the other end of the tunnel. The payload sections of these packets are the original IP packets and are encrypted and decrypted at both ends of the private tunnel using the same encryption algorithm using the same key or keys.
1. A method of routing packets, implemented on at least one computer, the method comprising: receiving inbound traffic and sorting the inbound traffic into first and second groups dependent on whether a destination address of the inbound traffic matches a destination associated with a predetermined
1. A method of routing packets, implemented on at least one computer, the method comprising: receiving inbound traffic and sorting the inbound traffic into first and second groups dependent on whether a destination address of the inbound traffic matches a destination associated with a predetermined private tunnel;routing the first group of traffic over at least one first route reserved for the predetermined private tunnel; androuting the second group of traffic over at least one second route;wherein the at least one second route is to be exclusive to the at least one first route and the predetermined private tunnel. 2. The method of claim 1, wherein sorting the inbound traffic comprises examining header information of said packets, comparing a network destination address from said header information with a predetermined destination address, and associating said packets with the second group of traffic when the network destination address of said packets does not match the predetermined destination address. 3. The method of claim 1, wherein sorting the inbound traffic comprises examining header information of said packets, comparing a destination address from said header information with a predetermined destination address, and automatically associating said packets with the first group of traffic when the destination address and a source of said packets match a predetermined source-destination address pair. 4. The method of claim 1, wherein said method is embodied as a method of routing the inbound traffic within a predefined network, and wherein routing the first group of traffic further comprises: in response to identification of packets as corresponding to the first group, encapsulating said packets identified as corresponding to the first group and adding a mnemonic label to said packets identified as corresponding to the first group;using a first routing table for packets having the mnemonic label and a second routing table exclusive to the first routing table for packets not having the mnemonic label. 5. The method of claim 4, wherein the at least one computer is associated with a first endpoint of the predetermined network, and wherein the mnemonic label corresponds to the at least one first route, the at least one first route connecting said first endpoint with a second endpoint of the predetermined network. 6. The method of claim 1, wherein the at least one computer is associated with a first endpoint of a predetermined network associated with the private tunnel, wherein the method further comprises adding a mnemonic label to the first group of traffic, the mnemonic label corresponding to the at least one first route, and using the mnemonic label to route the first group of traffic to a second endpoint of the predetermined network. 7. The method of claim 6, wherein routing the first group of traffic further comprises encrypting the first group of traffic using an encryption key corresponding to decryption key known a priori to the second endpoint of the predetermined network. 8. The method of claim 1, wherein the method further comprises storing a first routing table and at least one second routing table for use in routing said packets, wherein routes identified by the first routing table and routes identified by the at least one second routing table represent to mutually-exclusive connections, wherein routing the first group of traffic over the at least one first route reserved for the predetermined private tunnel comprises exclusively using the first routing table to route the first group of traffic, and wherein routing the second group of traffic over the at least one second route comprises routing the second group of traffic over the at least one second route exclusively using the at least one second routing table to route the second group of traffic. 9. The method of claim 1, wherein routing the first group of traffic further comprises encrypting the first group of traffic. 10. The method of claim 9, wherein routing the second group of traffic further comprises not encrypting the second group of traffic. 11. The method of claim 1, wherein receiving said packets includes using a channel service unit to receive said packets via a dedicated connection that links the at least one computer to a network associated with a predetermined client. 12. The method of claim 1, wherein the predetermined private tunnel corresponds to a predetermined virtual private network (VPN), wherein the method further comprises storing in memory local to the at least one computer VPN configuration information including at least a mnemonic label, an IP address, an encryption key, an encryption type, an encryption password, and a gateway IP address of a VPN destination, and wherein routing the first group of traffic comprises using the VPN configuration information to route the first group of traffic. 13. The method of claim 1, wherein the method further comprises applying a mnemonic label to packets associated with the first group of traffic, the mnemonic label corresponding to one or more routes that run between one or more participating private tunnel destinations connecting the at least one computer with a network far end destination, and wherein routing the first group of traffic comprises routing the first group of traffic exclusively via the one or more participating private tunnel destinations. 14. An apparatus, comprising: circuitry to receive inbound traffic;circuitry to sort the inbound traffic into first and second groups dependent on whether a destination address of the inbound traffic matches a destination associated with a predetermined private tunnel;circuitry to route the first group of traffic over at least one first route reserved for the predetermined private tunnel; andcircuitry to route the second group of traffic over at least one second route;wherein the at least one second route is to be exclusive to the at least one first route and the predetermined private tunnel. 15. The apparatus of claim 14, wherein the circuitry to sort the inbound traffic comprises circuitry to extract a network destination address from header information of said packets, circuitry to compare the network destination address from said header information with a predetermined destination address, and circuitry to associate said packets with the second group of traffic when the network destination address of said packets does not match the predetermined destination address. 16. The apparatus of claim 15, wherein the circuitry to associate comprises at least one processor and instructions stored on non-transitory machine readable media, said instructions when executed to cause the at least one processor to associate said packets with the second group of traffic when the network destination address of said packets does not match the predetermined destination address. 17. The apparatus of claim 14, wherein the circuitry to sort the inbound traffic comprises circuitry to extract a network destination address from header information said packets, circuitry to compare the network destination address with a predetermined destination address, and circuitry to automatically associate said packets with the first group of traffic when the destination address and a source of said packets match a predetermined source-destination address pair. 18. The apparatus of claim 14, wherein said apparatus is adapted to route the inbound traffic within a predefined network, and wherein the circuitry to route the first group of traffic further comprises: circuitry to, in response to identification of packets as corresponding to the first group, encapsulate said packets identified as corresponding to the first group and add a mnemonic label to said packets identified as corresponding to the first group;circuitry to use a first routing table for packets having the mnemonic label and a second routing table exclusive to the first routing table for packets not having the mnemonic label. 19. The apparatus of claim 18, wherein the at least one computer is associated with a first endpoint of the predetermined network, and wherein the mnemonic label corresponds to the at least one first route, the at least one first route connecting said first endpoint with a second endpoint of the predetermined network. 20. The apparatus of claim 14, wherein the at least one computer is associated with a first endpoint of a predetermined network associated with the private tunnel, wherein the apparatus further comprises circuitry to add a mnemonic label to the first group of traffic, the mnemonic label corresponding to the at least one first route, and wherein the circuitry to route the first group of traffic is to use the mnemonic label to route the first group of traffic to a second endpoint of the predetermined network. 21. The apparatus of claim 20, wherein the circuitry to route the first group of traffic is to further encrypt the first group of traffic using an encryption key corresponding to decryption key known a priori to the second endpoint of the predetermined network. 22. The apparatus of claim 14, wherein the apparatus further comprises circuitry to store a first routing table and at least one second routing table for use in routing said packets, wherein routes identified by the first routing table and routes identified by the at least one second routing table represent to mutually-exclusive connections, wherein the circuitry to route the first group of traffic over the at least one first route reserved for the predetermined private tunnel is to exclusively use the first routing table to route the first group of traffic, and wherein the circuitry to route the second group of traffic over the at least one second route is to exclusive use the at least one second routing table to route the second group of traffic. 23. The apparatus of claim 14, wherein the circuitry to route the first group of traffic further comprises circuitry to encrypt the first group of traffic. 24. The apparatus of claim 22, wherein said apparatus is not to encrypt the second group of traffic. 25. The apparatus of claim 14, wherein said circuitry to receive said packets comprises a channel service unit to receive said packets via a dedicated connection that links the at least one computer to a network associated with a predetermined client. 26. The apparatus of claim 14, wherein the predetermined private tunnel corresponds to a predetermined virtual private network (VPN), wherein the apparatus further comprises local memory to store the at least one computer VPN configuration information including at least a mnemonic label, an IP address, an encryption key, an encryption type, an encryption password, and a gateway IP address of a VPN destination, and wherein the circuitry to route the first group of traffic comprises circuitry to utilize the VPN configuration information to route the first group of traffic. 27. An apparatus comprising instructions stored on non-transitory machine-readable media, the instructions when executed to cause at least one processor of a computer to: receive inbound traffic and sort the inbound traffic into first and second groups dependent on whether a destination address of the inbound traffic matches a destination associated with a predetermined private tunnel;route the first group of traffic over at least one first route reserved for the predetermined private tunnel; androute the second group of traffic over at least one second route;wherein the at least one second route is to be exclusive to the at least one first route and the predetermined private tunnel. 28. An apparatus, comprising: means for receiving inbound traffic and for sorting the inbound traffic into first and second groups dependent on whether a destination address of the inbound traffic matches a destination associated with a predetermined private tunnel;means for routing the first group of traffic over at least one first route reserved for the predetermined private tunnel; andmeans for routing the second group of traffic over at least one second route;wherein the at least one second route is to be exclusive to the at least one first route and the predetermined private tunnel.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.