Multiplex communications – Pathfinding or routing – Switching a message which includes an address header
Reexamination Certificate
1998-12-30
2002-12-03
Yao, Kwang Bin (Department: 2664)
Multiplex communications
Pathfinding or routing
Switching a message which includes an address header
Reexamination Certificate
active
06490290
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to the field of computer networks. More particularly, the present invention relates to allowing communications between a user and the Internet without passing the communications through a private network.
2. The Background
In recent years, “intranets” have been rising in popularity, especially with large companies. An intranet is an internal network that serves only a specific type of person (such as employees of a corporation, or students at a school). The intranet is usually not accessible to the general public. Intranets have become popular mainly because they allow for much more productive communication between users within the network, even when the users are dispersed over a wide geographic area (such as in multi-national corporations).
FIG. 1
is a block diagram depicting one way to connect to an intranet. Personal computer
10
connects through a link
12
, generally a Point-to-Point Protocol (PPP) link, to an Internet service provider (ISP) or access point (AP)
14
. The ISP or AP
14
then connects through link
16
to the Intranet
18
.
Many entities that maintain intranets, however, have also wanted to offer users access to the Internet as well. There were, however, a limited number of ways that this could be accomplished. The first, and most simple, way would be for the user to first terminate the existing connection between the PC
10
and the ISP or access point
14
. Then the user could log into the Internet. The major drawbacks of this solution are obvious. It does not allow for simultaneous connection to an intranet and the Internet, thus limiting the productivity of the user. Additionally, it requires termination of the link between the PC and the ISP, thus using up valuable time on the user's end, as he has to re-initiate a connection process.
The second way an entity could offer access to the Internet is to have a preconfigured connection from the intranet to the Internet, such that communications between the user and the second intranet or Internet pass through the intranet.
FIG. 2
is a block diagram illustrating a connection to the Internet
62
through an intranet
58
. A user at PC
50
maintains a connection
52
to ISP
54
, which is connected to the intranet
58
. Intranet
58
is then connected through link
60
to the Internet
62
. The drawback of this solution is that the traffic from the user at PC
50
to the Internet
62
passes through the intranet
58
. This increases the traffic traveling through the intranet
58
and poses a security risk to the information sent via the intranet
58
.
A Virtual Private Network (VPN) is a private network configured to communicate with its users over the Internet, utilizing a technique called tunneling as to ensure that the data cannot be read by unauthorized users. Tunneling involves encapsulating a packet of data around a frame or packet of a different protocol for transport. Security protocols such as the IP Security Protocol (IPSEC) may also be utilized in order to further reduce the chances of unauthorized access. Thus, the link between the ISP and the intranet in the examples described above (
16
in
FIG. 1 and 56
in
FIG. 2
) may be virtual private networks.
Even when using a VPN, the same problems arise in directing traffic to and from the Internet when the user is connected to an intranet.
What is needed is a method by which an entity may provide Internet access to its users without encountering the problems that arise in passing Internet traffic through the intranet.
SUMMARY OF THE INVENTION
A method for routing packets sent from a user to the internet is provided for systems in which the user is connected to a private network. The method includes: extracting a source network address from the packet; using said source network address to retrieve a user profile for the user; examining said user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet; and routing said packet according to said profile. This allows a user or network provider to choose whether to route packets destined for the Internet directly to the Internet rather than through the private network, thus preventing excessive network traffic on the private network.
REFERENCES:
patent: 4922486 (1990-05-01), Lidinsky et al.
patent: 5136580 (1992-08-01), Videlock et al.
patent: 5241594 (1993-08-01), Kung
patent: 5274631 (1993-12-01), Bhardwaj
patent: 5280480 (1994-01-01), Pitt et al.
patent: 5423002 (1995-06-01), Hart
patent: 5430715 (1995-07-01), Corbalis et al.
patent: 5555244 (1996-09-01), Gupta et al.
patent: 5570361 (1996-10-01), Norizuki et al.
patent: 5583862 (1996-12-01), Callon
patent: 5592470 (1997-01-01), Rudrapatna et al.
patent: 5594732 (1997-01-01), Bell et al.
patent: 5617417 (1997-04-01), Sathe et al.
patent: 5655077 (1997-08-01), Jones et al.
patent: 5659542 (1997-08-01), Bell et al.
patent: 5671354 (1997-09-01), Ito et al.
patent: 5673265 (1997-09-01), Gupta et al.
patent: 5684950 (1997-11-01), Dare et al.
patent: 5699521 (1997-12-01), Iizuka et al.
patent: 5737526 (1998-04-01), Periasamy et al.
patent: 5740171 (1998-04-01), Mazzola et al.
patent: 5740176 (1998-04-01), Gupta et al.
patent: 5787253 (1998-07-01), McCreery et al.
patent: 5793763 (1998-08-01), Mayes et al.
patent: 5799017 (1998-08-01), Gupta et al.
patent: 5802047 (1998-09-01), Kinoshita
patent: 5802316 (1998-09-01), Ito et al.
patent: 5805595 (1998-09-01), Sharper et al.
patent: 5815665 (1998-09-01), Teper et al.
patent: 5835727 (1998-11-01), Wong et al.
patent: 5838683 (1998-11-01), Corley et al.
patent: 5854901 (1998-12-01), Cole et al.
patent: 5867495 (1999-02-01), Elliott et al.
patent: 5883893 (1999-03-01), Rumer et al.
patent: 5933625 (1999-08-01), Sugiyama
patent: 5944824 (1999-08-01), He
patent: 5959990 (1999-09-01), Frantz et al.
patent: 5991810 (1999-11-01), Shapiro et al.
patent: 5991828 (1999-11-01), Horie et al.
patent: 6009103 (1999-12-01), Woundy
patent: 6011909 (2000-01-01), Newlin et al.
patent: 6011910 (2000-01-01), Chau et al.
patent: 6018770 (2000-01-01), Little et al.
patent: 6021496 (2000-02-01), Dutcher et al.
patent: 6026086 (2000-02-01), Lancelot et al.
patent: 6026441 (2000-02-01), Ronen
patent: 6028848 (2000-02-01), Bhatia et al.
patent: 6029203 (2000-02-01), Bhatia et al.
patent: 6047325 (2000-04-01), Jain et al.
patent: 6047376 (2000-04-01), Hoscoe
patent: 6055236 (2000-04-01), Nessett et al.
patent: 6065049 (2000-05-01), Beser et al.
patent: 6065064 (2000-05-01), Satoh et al.
patent: 6091951 (2000-07-01), Sturniolo et al.
patent: 6092196 (2000-07-01), Reiche
patent: 6098106 (2000-08-01), Philyaw et al.
patent: 6119160 (2000-09-01), Zhang et al.
patent: 6141687 (2000-10-01), Blair
patent: 6157636 (2000-12-01), Voit et al.
patent: 6160808 (2000-12-01), Maurya
patent: 6226678 (2001-05-01), Mattaway et al.
patent: 6269099 (2001-07-01), Borella et al.
patent: 6317594 (2001-11-01), Gossman et al.
patent: 99/53408 (1999-10-01), None
Active Software, Inc. “Active Software's Integration System”, Jul. 24, 1998.
Ascend Communications, Inc., Access Control Product Information, 1997, 4 pages.
Ascend Communications, Inc., “Remote Access Network Security”, Jul. 24, 1998, pp. 1-8.
Droms, R., “Dynamic Host Configuration Protocol”, Buckwell University, Network Working Group, Oct. 1993, pp. 1-35.
NAT and Networks, Sep. 19, 1998, pp. 1-12.
Mecklermedia Corporation, “NAT-PC Webopaedia Definition and Links”, Sep. 19, 1998, 1 page.
“Network Address Translation Information”, Sep. 19, 1998, 2 pages.
Perkins, D., “Requirements for an Internet Standard Point-to-Point Protocol”, Carnegie Mellon University, Network Working Group, Dec. 1993, pp. 1-19.
Simpson, W., “The Point-to-Point Protocol (PPP)”, Daydreamer, Network Working Group, Dec. 1993, pp. 1-53.
Carrel, D. et al., The TACACS+ Protocol, Version 1.78, Cisco Systems, Inc., printed from ftp://ftp-eng.cisco.com/edweber/tac-rfc.1.78.txt on Oct. 23, 2000.
Valencia, et al., “Layer Two Tunneling Protocol ′L2TP”, PPP Working Group
Chu Jie
Dos Santos Maria Alice
Zhang Shujin
Cisco Technology Inc.
Hanish Marc S.
Jones Prenell
Thelen Reid & Priest LLP
Yao Kwang Bin
LandOfFree
Default internet traffic and transparent passthrough does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Default internet traffic and transparent passthrough, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Default internet traffic and transparent passthrough will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2991291