Electrical computers and digital processing systems: multicomput – Computer network managing
Reexamination Certificate
1998-12-24
2003-08-19
Powell, Mark R. (Department: 2142)
Electrical computers and digital processing systems: multicomput
Computer network managing
C370S352000, C370S397000
Reexamination Certificate
active
06609153
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates in general to communications networks, and more particularly, to the operation of network devices that can operate in multiple virtual networks simultaneously.
2. Description of the Related Art
Network Layering and Protocols
A communication network provides information resources transfer services that transfer information resources among devices attached to the network. Information resources, as the term is used herein, includes any form of information that can be transmitted over a network for use by or with any end station or network device connected to the network. Information resources, for example, may include computer programs, program files, web pages, data, database information, objects, data structures, program icons, graphics video information or audio information.
Computer Networks and Internets
, Douglas E. Comer, Prentice Hall, 1997, provides extensive information about communication networks.
Networks are built from devices or stations called nodes, and the communications channels that interconnect the nodes, called links. A set of nodes and links under one administrative authority is called a network domain. Communication between end stations attached to a network ordinarily is achieved through the use of a set of layered protocols. These protocols are generally described by reference to the Open Systems Interconnection (OSI) computer communications architecture. The standard OSI architecture includes seven layers: application, presentation, session, transport, network, data link and physical. A communication network may employ fewer than the full seven layers. However, the layer
2
and the layer
3
software protocols ordinarily play a prominent role in the transfer of information between interconnected networks and between end stations connected to the networks.
The physical layer is the lowest layer (layer
1
) of the OSI model. There are numerous technologies that can be employed to build networks at layer
2
. Layer
2
networks can be “connection oriented”, meaning that a connection must be established before data can flow between two stations; ATM, Frame Relay, and X.25 are examples of connection oriented layer
2
protocols. Layer
2
networks can also be connection-less, meaning data can be transmitted without establishing any connection in advance; Ethernet and FDDI are two examples of connection-less layer
2
protocols.
In order to provide services useful to end users, the devices in a network must perform higher layer functions to create what are called “virtual networks”. The “Internet” is one example of a very popular and public virtual network. The Internet uses the IP protocol to provide the higher layer (layer
3
) functions required to support operation of the virtual network. There are many other private (virtual) networks that also uses the IP protocol. The term “internet” with a small “i” is used to differentiate between these less well known private internets, and the very popular and public large “I” Internet. There are many other protocols that can be used to construct virtual networks at layer
3
, including IPX, DECnet, AppleTalk, CLNP, etc. There are many other private and public networks using these other layer
3
protocols, either independent of or in conjunction with the IP protocol.
Thus, networks can be built at many different layers. Each layer has its own function and its own type of nodes and links. Higher layer networks are built “on top of” lower layer networks. In other words, nodes at a given layer may use the services of the next lower layer to provide links for communication with peer nodes (i.e. nodes at the same layer on other devices). Routers are examples of nodes in a layer
3
network. Bridges are examples of nodes in layer
2
networks.
Network Domains
A network domain as the term is used herein refers to the set of nodes and links that are subject to the same administrative authority. A single administrative authority may administer several networks in separate domains, or several layers of the same network in a single domain, or any combination. There are actually several possible administrative domains in any large virtual network. The boundaries of a network domain can be defined along the lines dividing layers of the protocol stacks. For instance, the same layer I physical devices and physical connections may have several layer
2
network domains layered onto them. These layer
2
domains, in turn, may have one or more layer
3
domains layered on top of them. A network domain may even transcend the boundaries between layers such that a layer
2
network and a layer
3
network may be part of the same network domain.
The administration of even a single network domain can be quite complex. Virtual networks have administrative authorities associated with them to control their higher layer functions. The cost of administering a network, physical or virtual, can be enormous, and is often the largest cost item in the operations of a network.
When several virtual networks are layered on top of the same layer
2
service or another virtual network, the boundaries between network domains may be somewhat obscure. The boundaries between the domains of the overlaid virtual networks intersect at points where they must share physical or virtual resources. In practice, the administrators of the overlaid virtual networks are very concerned about sharing resources, especially when they are competing commercial entities. Concerns arise about integrity, privacy, and security of data and network control information flowing across the shared resources at the lower layers. The administrators of the underlying networks are called upon to solve complex administrative problems. The costs of administering these networks increases quickly with the number of virtual networks, their size, the complexity and compatibility of their individual policies, and increased demands for security, integrity, and isolation between domains.
Network Devices and Databases
The term network device is used here to refer to the collection of mechanisms (e.g. computer and communications hardware and software) used to implement the functions of a station in a network. A network device contains some capacity to store and operate on information in databases in addition to the ability to transmit and receive information to and from other devices on the network. Examples of network devices include but are not limited to routers, bridges, switches, and devices that perform more than one of these functions (e.g. a device that does both routing and bridging).
A router is an example of a network device that serves as an intermediate station. An intermediate station is a network device that interconnects networks or subnetworks. A typical router comprises a computer that attaches to two or more networks and that provides communication paths and routing functions so that data can be exchanged between end stations attached to different networks. A router can route packets between networks that employ different layer
2
protocols, such as Token Ring, Ethernet or FDDI, for example. Routers use layer
3
protocols to route information resources between interconnected networks. Nothing precludes a network device that operates as an intermediate station from also operating as an end station. An IP router for example typically also operates as an end station.
A router can understand layer
3
addressing information, and may implement one or more routing protocols to determine the routes that information should take. A multiprotocol
10
router runs multiple layer
3
protocols such as IP, IPX or AppleTalk for example. A router also be characterized as being multiprotocol if it runs multiple adaptive routing protocols such as RIP, BGP or OSPF all feediing a single IP layer.
The network device router configuration of
FIG. 1A
depicts what is often referred to in industry as a multi-protocol bridge/router. In this illustrative example, there are separate databases for three layer
2
/
3
Blakely , Sokoloff, Taylor & Zafman LLP
Powell Mark R.
Redback Networks Inc.
Vu Thong
LandOfFree
Domain isolation through virtual network machines does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Domain isolation through virtual network machines, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Domain isolation through virtual network machines will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3124942