Electrical computers and digital processing systems: multicomput – Computer network managing – Computer network monitoring
Reexamination Certificate
1998-12-15
2002-10-29
Etienne, Ario (Department: 2155)
Electrical computers and digital processing systems: multicomput
Computer network managing
Computer network monitoring
C709S227000
Reexamination Certificate
active
06473798
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Technical Field
The present invention relates in general to data communication and in particular to data communication over a virtual private network (VPN) within a public network such as the Internet. Still more particularly, the present invention relates to a method and system for testing characteristics, such as connectivity and responsiveness, of a Layer
2
tunnel in a VPN.
2. Description of the Related Art
Over the past several years, there has been explosive growth in the Internet, which is a decentralized collection of interconnected networks and gateways that utilize the TCP/IP (Transmission Control Protocol/Internet Protocol) protocol suite to communicate. These networks include governmental, educational, commercial, and other networks, which include numerous servers, routers, and other network devices that store information and route data packets between end stations. The Internet is a public network, meaning that access to the Internet is unregulated and is available to anyone with an Internet Service Provider (ISP) dial-up account or dedicated line. Because of the absence of access regulation and inconsistent security enforcement across its constituent networks, data communication over the Internet is vulnerable to interception, redirection, and other forms of tampering.
In order to provide an enhanced level of security for communication conducted over the Internet (or other public network), Virtual Private Networks (VPNs) were developed. A VPN is a set of devices that communicate over a public network utilizing a common encryption scheme that protects communication between the devices from being easily intercepted or otherwise tampered with. Thus, a VPN advantageously permits authenticated users belonging to the VPN to communicate over the public network as if they had a dedicated line.
Often the ultimate end stations for which communication over a VPN within the Internet is to be established belong to networks (e.g., local area networks (LANs)) that do not utilize the TCP/IP protocol suite, but instead utilize other network and transport protocols such as the SPX/IPX (Sequenced Packet exchange/lnternetwork Packet eXchange) protocol employed by Novell NetWare or the NetBIOS protocol developed by International Business Machines (IBM) Corporation of Armonk, New York. As a result, if VPNs are to be supported for such end stations, some mechanism is required to transport the data packets built utilizing these non-IP protocols over the IP protocol networks comprising the Internet. This mechanism is known in the art as tunneling.
Tunneling simply means that a data packet from a first protocol (e.g., a non-IP protocol) is encapsulated in a data packet of a second protocol (e.g., the IP protocol) in order to transport the data packet over a network utilizing the second protocol. VPNs support four types of tunnels: (1) an IPSec tunnel implemented at Layer
3
and defined by the Internet Engineering Task Force (IETF) IPSec standard; (2) a Layer
2
Tunneling Protocol (L
2
TP) tunnel implemented at Layer
2
and defined by IETF Standards Track Internet draft; (3) a Layer-
2
Forwarding (L
2
F) tunnel that is commercially used by Cisco Systems and defined by Informational RFC
2341
; and (4) a Point-to-Point Tunneling Protocol (PPTP) tunnel that is implemented at Layer
2
, utilized by products of Microsoft Corporation of Redmond, Washington, and defined by the PPTP Informational Internet draft. All of the above-listed standards are incorporated herein by reference. Of these standards, the L
2
TP, L
2
F, and PPTP are all similar in that they are all Layer
2
tunnels that utilize the Point-to-Point Protocol (PPP) defined by RFC
1661
.
A variety of network problems may arise that can prevent the proper establishment and/or operation of a Layer
2
tunnel. The present invention recognizes that network administrators currently have no tools to test the connectivity and responsiveness of Layer
2
tunnels and therefore experience difficulty in diagnosing and correcting such problems. The present invention addresses the shortcomings in the art as described below.
SUMMARY OF THE INVENTION
The present invention provides a method and system for testing a Layer
2
tunnel in a data communication network including a network device and a network manager. According to the method of the present invention, a test invocation is received from the network manager at the network device. In response to receipt of the test invocation at the network device, a Layer
2
tunnel within the data communication network is tested, and a result of the test is reported to the network manager. The tests that may be conducted include a connectivity test to determine if a Layer
2
tunnel can be established and a responsiveness test to determine the propagation time of a Layer
2
tunnel. Advantageously, both compulsory and voluntary Layer-
2
tunnels can be tested, thereby enabling all Layer
2
protocols (e.g., L
2
TP, L
2
F, and PPTP) to be supported.
All objects, features, and advantages of the present invention will become apparent in the following detailed written description.
REFERENCES:
patent: 4055808 (1977-10-01), Holsinger et al.
patent: 4750175 (1988-06-01), Brenneman et al.
patent: 5220641 (1993-06-01), Shima et al.
patent: 5381515 (1995-01-01), Platt et al.
patent: 5563875 (1996-10-01), Hefel et al.
patent: 5666467 (1997-09-01), Colak
patent: 5668800 (1997-09-01), Stevenson
patent: 5982753 (1999-11-01), Pendleton et al.
patent: 6094437 (2000-07-01), Loehndorf, Jr. et al.
patent: 6160871 (2000-12-01), DuRee et al.
patent: 6282678 (2001-08-01), Snay et al.
patent: 2317308 (1998-03-01), None
patent: 98-070566 (1998-03-01), None
patent: WO 98/02821 (1998-01-01), None
IBM Networking, “The Layer 2 Tunneling Protocol (L2TP) in an IBM Virtual Private Network (VPN)”, 5 pgs.
Hsieh J. et al., Experimental Study of Extended HIPPI Connections over ATM Networks, Proceedings IEEE INFOCOM '96. (Cat. No. 96CB35887), San Francisco, CA, USA, 24-28, Mar. 1996, Vol. 3, pp. 1261-1268.
Alden, K. F. and Wobber, E. P., The AltaVista Tunnel: using the Internet to extend corporate networks, Digital Technical Journal, 1997, vol. 9, No. 2, pp. 5-16.
Malkin, G. S., Dial-in virtual private networks using layer 3 tunneling, Proceedings 22nd Annual Conference on Local Computer Networks, 1997, (Cat. No. 97TB100179), pp. 555-561.
Hsieh, J. et al., HIPPI over ATM Networks, Extending Connections for Distributed Computing, IEEE, Distributed Computing, Oct.-Dec. 1997, pp. 40-53.
Grosser, Jr. Donald Bruce
Miller Gregg William
Temoshenko Leo
Cesari and McKenna LLP
Etienne Ario
Johnston A. Sidney
LandOfFree
Method and system for testing a layer-2 tunnel in a data... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for testing a layer-2 tunnel in a data..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for testing a layer-2 tunnel in a data... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2996502