Electrical computers and digital processing systems: multicomput – Computer-to-computer data routing
Reexamination Certificate
1998-11-13
2001-03-20
Maung, Zarni (Department: 2758)
Electrical computers and digital processing systems: multicomput
Computer-to-computer data routing
C709S242000
Reexamination Certificate
active
06205488
ABSTRACT:
FIELD OF THE INVENTION
The invention relates generally to the field of virtual private networks and more particularly, to distribution of private network information over shared network infrastructure in the Multi-Protocol Label Switching domain.
BACKGROUND OF THE INVENTION
With the growing popularity of the Internet and networks in general, there is a trend towards centralized network services and centralized network service providers. To be profitable, however, network service providers need to constantly maintain and if possible enlarge their customer base and their profits. Since leased line services are coming under increased competition, profit margins have been decreasing for these providers. Thus, an increased number of providers are trying to attract small and medium sized businesses by providing centralized network management.
Network providers are offering Virtual Private Networks (VPNs) to interconnect various customer sites that are geographically dispersed. VPNs are of great interest to both providers and to their customers because they offer privacy and cost efficiency through network infrastructure sharing. There has been difficulty providing this service, however, due to address conflicts, security problems, scalability issues and performance problems.
Various VPN models have been proposed with various degrees of security, privacy, scalability, ease of deployment and manageability. Some providers have even attempted to solve these problems using Multi-Protocol Label Switching (MPLS) networks. However the MPLS models proposed still suffer from some of the same problems discussed above (i.e. scalability, etc.).
Accordingly there exists the need for a scalable system which allows the implementation of separate virtual private networks over common infrastructure while providing security and sufficient performance to each network.
The need further exists for such a system which allows for communicating private traffic through a shared network.
It is accordingly an object of the present invention to provide a scalable system which allows the implementation of separate virtual private networks over common infrastructure while providing security and sufficient performance to each network.
It is another object of the invention to provide such a system which employs MPLS.
It is another object of the invention to provide such a system which allows for communication of private traffic through a shared network.
These and other objects of the invention will become apparent to those skilled in the art from the following description thereof.
SUMMARY OF THE INVENTION
It has now been discovered that these and other objects may be accomplished by the present virtual private networks which enable private communications over a shared MPLS network, between at least two private networks. The present invention includes multiple routers in communication with the shared MPLS network and configured to dynamically distribute VPN information across the shared MPLS network. The VPN information distributed by a particular one of the routers includes a VPN identifier assigned to that router. The VPN identifier identifies a VPN which the particular routers is associated with. One of the routers includes a first table, stored therein of label switched paths from that router to the remainder of routers in communication with the shared MPLS network. That router also includes a second table, stored therein, of nested label switched paths from that router to the remainder of routers in communication with the shared MPLS network which share a common VPN identifier.
In an embodiment of the invention, the virtual private network includes router means in communication with the shared MPLS network for routing VPN information across the shared MPLS network. The VPN information includes a VPN identifier assigned to the router means, which identifies a VPN with which the router means is associated. A first table is stored in the router means, and contains a list of all label switched paths across the shared MPLS network. A second table is stored in the router means and contains a list of nested label switched paths from a portion of the router means which is configured to communicate with one of the at least two private networks to another portion of the router means which is configured to communicate with another of the at least two private networks.
In another embodiment, the invention includes a method of configuring virtual private networks over a shared MPLS network. The method includes configuring the shared MPLS network including at least two routers in communication therewith. It further includes determining first information about all label switched paths between a first of the at least two routers and all others of the at least two routers, and storing the first information in the first router. The all others of the at least two routers includes a second router. The method also includes assigning a common VPN identifier to the first and second routers. It includes determining second information about all label switched paths between the second router and all remaining of the at least two routers, and storing the second information in the second router. The first router is a member of the remaining routers. It includes determining third information about all nested label switched paths between the first router and all others of the at least two routers which are assigned the common VPN identifier, and storing the third information in the first router. It also includes determining fourth information about all nested label switched paths between the second router and all remaining routers which are assigned the common VPN identifier, and storing the fourth information in the second router.
The invention will next be described in connection with certain illustrated embodiments; however, it should be clear to those skilled in the art that various modifications, additions and subtractions can be made without departing from the spirit or scope of the claims.
REFERENCES:
patent: 5754543 (1998-05-01), Seid
patent: 5768271 (1998-06-01), Seid et al.
patent: 6079020 (2000-06-01), Liu
patent: 6081524 (2000-06-01), Chase et al.
Casey Liam M.
Cunningham Ian M.
Eros Robert W.
Cobrin & Gittes
Maung Zarni
Nortel Networks Limited
LandOfFree
Internet protocol virtual private network realization using... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Internet protocol virtual private network realization using..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Internet protocol virtual private network realization using... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2446995