Multiplex communications – Pathfinding or routing – Switching a message which includes an address header
Reexamination Certificate
1998-11-13
2002-12-10
Kizou, Hassan (Department: 2662)
Multiplex communications
Pathfinding or routing
Switching a message which includes an address header
C370S466000
Reexamination Certificate
active
06493349
ABSTRACT:
FIELD OF THE INVENTION
The invention relates generally to the field of virtual private networks and more particularly, to partitioning shared network infrastructure into multiple distinct virtual private network areas.
BACKGROUND OF THE INVENTION
With the growing popularity of the Internet and networks in general, there is a trend towards centralized network services and centralized network Service Providers (providers). To be profitable, however, providers need to constantly maintain and if possible enlarge their customer base and their profits. Since leased line services are coming under increased competition, profit margins have been decreasing for these providers. Thus, an increased number of providers are trying to attract small and medium sized businesses by providing centralized network management. In accordance with this goal, they are offering Virtual Private Networks (VPNs) to interconnect various customer sites (private networks) which are geographically dispersed. One such service is an Internet Protocol (IP) VPN which interconnects geographically dispersed private IP networks over the provider's shared network facilities.
The general goal of an IP VPN is to offer privacy and performance on par with leased line interconnectivity while realizing substantial deployment efficiencies due to the shared network infrastructure. The term “provider” includes the public carrier, network operator or Internet Provider (“ISP”), or consortiums thereof, who operate the shared network infrastructure and offer the IP VPN service. The shared network structure will also be referred to as the base network of the VPN. VPNs are of great interest to both providers and to their customers because they offer privacy and cost efficiency through network infrastructure sharing. There has been difficulty providing this service, however, due to address conflicts, security problems, scalability issues and performance problems.
Others have attempted to offer this service over a single instance of a shared network, however, a single instance of a shared network is not suitably scalable. Most networks do not have the ability to handle very large numbers of VPNs due to the amount of traffic and links required.
Accordingly there exists the need for a system which provides a scalable VPN infrastructure.
There also exists the need for a system which allows an IP VPN Provider to partition the shared network based upon implementation choices.
There exists the need for a system which enables various Providers to jointly provide IP VPN service over various subnetworks.
It is accordingly an object of the present invention to provide a system which provides a scalable VPN infrastructure.
It is another object of the invention to provide a system which allows an IP VPN Provider to partition the shared network based upon implementation choices.
It is still another object of the invention to provide a system which enables various Providers to jointly provide IP VPN service over various subnetworks.
These and other objects of the invention will become apparent to those skilled in the art from the following description thereof.
SUMMARY OF THE INVENTION
It has now been discovered that these and other objects may be accomplished by the present virtual private network infrastructure which enables private communications over a shared network, between at least two geographically separate private networks. The present invention includes a shared network partitioned into at least two distinct areas. It includes a first router connected to a first area and configured to distribute first router VPN information across the first area. The first router VPN information includes a VPN identifier which is assigned to the first router. The system also includes a second router connected between the first area and a second area which is configured to distribute second router VPN information across the first area. The second router VPN information includes a VPN identifier which is assigned to the second router. The VPN identifier assigned to the first router is the same as the VPN identifier assigned to the second router.
In an embodiment of the invention, the virtual private network infrastructure includes a shared network partitioned into at least two distinct areas. It includes first router means connected to a first area for dynamically distributing first router means VPN information across the first area and second router means connected between the first area and a second area for dynamically distributing second router means VPN information across the first and second areas. The first and second router means VPN information includes a VPN identifier which is assigned to said first and second router means respectively. The VPN identifier assigned to the first router means is the same as the VPN identifier assigned to the second router means.
In another embodiment, the invention includes a method of configuring a virtual private network infrastructure which enables private network communications over a shared network. The method includes partitioning a shared network into two or more areas. It also includes connecting a virtual router between at least two of the areas and assigning at least one VPN identifier to the virtual router. The method includes creating a link between a first private network router and a first shared network router, such that the first shared network router is connected to a first area. It also includes assigning the same VPN identifier assigned to the virtual router to the first shared network router; and communicating the VPN identifier between the first shared network router and the virtual router.
The invention will next be described in connection with certain illustrated embodiments; however, it should be clear to those skilled in the art that various modifications, additions and subtractions can be made without departing from the spirit or scope of the claims.
REFERENCES:
patent: 5768271 (1998-06-01), Seid et al.
patent: 5825772 (1998-10-01), Dobbins et al.
patent: 5959990 (1999-09-01), Frantz et al.
patent: 5999536 (1999-12-01), Kawafuji
patent: 6047330 (2000-04-01), Stracke, Jr.
patent: 6079020 (2000-06-01), Liu
patent: 6205488 (2001-03-01), Casey et al.
A Minh
Gibbons Del Deo Dolan Griffinger & Vecchione
Kizou Hassan
Nortel Networks Limited
LandOfFree
Extended internet protocol virtual private network... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Extended internet protocol virtual private network..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Extended internet protocol virtual private network... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2934306