Multiplex communications – Pathfinding or routing – Switching a message which includes an address header
Reexamination Certificate
2000-03-07
2003-10-21
Vanderpuye, Kenneth (Department: 2732)
Multiplex communications
Pathfinding or routing
Switching a message which includes an address header
C370S395100, C370S401000
Reexamination Certificate
active
06636516
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates generally to virtual private networks on the Internet, and more specifically to a virtual private network established through an ATM (asynchronous transfer mode) network that is in turn configured as part of the Internet.
2. Description of the Related Art
The virtual private network (VPN) is one that interconnects a number of local area networks through a public switched packet network such as the Internet for transferring IP (internet protocol) packets between IP nodes identified by IP addresses assigned uniquely within the VPN. Such a virtual private network is described in “Building and Managing Virtual Private Networks”, Chapter 7, FIG. 7.8, Dave Kosiur, Wiley Computer Publishing.
The known virtual private network uses a VPN router as shown in FIG.
1
. The VPN router has a VPN packet transfer unit
102
, a tunneling unit
104
and an internet packet transfer unit
106
, all of which are provided between a private network interface
101
associated with its own local area network and a public network interface
108
through which the router accesses the Internet. Both packet transfer units
102
and
106
are respectively associated with routing tables
103
and
107
to search for information necessary for routing an VPN packet to appropriate destination based on destination IP address contained in the packet. Tunneling unit
104
is associated with an address translation table
105
for appending an IP header to a VPN packet received from the VPN packet transfer unit
102
to formulate an IP packet for transmission to the internet via the internet packet transfer unit
106
. When the tunneling unit
104
receives an IP packet from the Internet via the internet packet transfer unit
106
, it removes an IP header from the packet and forward the remaining VPN packet to the associated LAN via the VPN packet transfer unit
102
.
On the other hand, a need may exist to guarantee quality of service (QoS) on the virtual private network. That may not be a problem for a VPN if it is based on a single internet service provider that runs its own network and can segregate its customers' traffic from other Internet traffic. However, if a VPN is based on multiple internet service providers, the QoS parameters used in one internet service provider may also be used in other internet service providers. In such VPNs, it is impossible to uniquely identify the quality of service for each VPN packet to guarantee its performance.
A virtual connection established between source and destination IP addresses in an ATM (asynchronous transfer mode) network may be a solution to guaranteeing quality of service on a VPN. “NBMA Next Hop Resolution Protocol (NHRP)”, J. Luciani et al, RFC2332, IETF, April 1998 describes a system that automatically establishes a virtual channel connection as a router-short cut route over an ATM network in a non-broadcast multiple access mode. In this system, a destination ATM address is obtained by consulting an IP routing table to formulate an address resolution request packet. The packet is then forwarded to the Internet and an address resolution reply packet that contains the destination ATM address is received from the Internet. The received destination ATM address is then mapped to an IP address in a virtual connection table. However, routers on the Internet are not provided with a routing table for use with virtual private networks. Therefore, the current automatic VCC setup system is incapable of establishing QoS guaranteed virtual connections.
SUMMARY OF THE INVENTION
It is therefore an object of the present invention to provide a virtual private network in which virtual connections are automatically established through the Internet for different quality of services.
According to the present invention, there is provided a router for building a virtual private network (VPN) through an ATM (asynchronous transfer mode) network configured as part of a public switched packet network. The router comprises a connection setup table having a plurality of entries, each entry including a pair of internet protocol (IP) addresses respectively identifying source and destination nodes of the virtual private network, a quality-of-service parameter, an ATM address field, and a virtual connection (VC) field. Control circuitry is provided for (a) receiving a VPN packet and detecting a corresponding entry in the table that contains IP addresses of the packet and making a search through the corresponding table entry for contents of the ATM address field and the VC field thereof, (b) appending an IP header to the VPN packet, if the ATM address field contains no data, to formulate an address resolution request packet and forwarding the packet to the public switched packet network, (c) receiving an address resolution reply packet therefrom and storing a destination ATM address contained in the reply packet into the ATM address field, and (d) if the ATM address field contains a destination ATM address and the VC field contains no data, establishing a virtual connection to the destination ATM address according to the quality-of-service parameter of the corresponding table entry and storing a connection identifier identifying the established virtual connection in the VC field, and if the VC field contains a connection identifier, forwarding the VPN packet over an established virtual connection identified by the connection identifier.
The control circuitry is further arranged to append an IP header to the VPN packet to formulate an IP packet if the corresponding entry is not detected in the table and forward the IP packet to the public switched packet network.
Preferably, each entry of the connection setup table includes an on/off field, and a time table is provided having a plurality of entries respectively corresponding to the entries of the connection setup table for mapping time schedule data. Triggering circuitry is provided for monitoring the time schedule data of each entry of the time table and storing an indication in the on/off field of each entry of the connection setup table according to the monitored data of the corresponding entry of the time table. The control circuitry is arranged to enable or disable contents of each entry of the connection setup table depending on the indication stored in the on/off field of the entry.
REFERENCES:
patent: 5623605 (1997-04-01), Keshav et al.
patent: 6092113 (2000-07-01), Maeshima et al.
patent: 6351465 (2002-02-01), Han
patent: 9-34816 (1997-02-01), None
patent: 10-70566 (1998-03-01), None
patent: 10-247916 (1998-09-01), None
Luciani et al.; “NBMA Next Hop Resolution Protocol (NHRP)”; RFC2332; IETF; Apr. 1998; 10 sheets.
Dave Koisur, “Building and managing virtual private networks”, Wiley Computer Publishing, chapter 7, fig. 7.8.
Foley & Lardner
NEC Corporation
Vanderpuye Kenneth
LandOfFree
QOS-based virtual private network using ATM-based internet... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with QOS-based virtual private network using ATM-based internet..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and QOS-based virtual private network using ATM-based internet... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3144304