Dynamic, user-configurable virtual private network
First Claim
1. A non-transitory processor-readable medium storing code to be executed by a processor, the code comprising code representing instructions to:
- receive, from an origin, packets identifying a destination;
define a first virtual private network (VPN) that defines first data path from the origin to the destination at a first time, the first VPN including a first plurality of logical switches including a first egress switch;
send each packet identifying the destination that is received from the origin during a first time period to the destination via the first data path;
define a second VPN that defines a second data path from the origin to the destination at a second time, the second VPN including a second plurality of logical switches including a second egress switch, the second egress switch being different from the first egress switch; and
send each packet identifying the destination that is received from the origin during a second time period to the destination via the second data path, each packet that is received from the origin during the first time period and each packet that is received from the origin during the second time period being portions of a continuous stream of data, a transition from the first VPN to the second VPN occurring without disrupting the continuous stream of data between the origin and the destination between the first time period and the second time period, the first time period and the second time period being mutually exclusive.
5 Assignments
0 Petitions
Accused Products
Abstract
Some embodiments described herein relate managing communications between an origin and a destination using end-user and/or administrator configurable virtual private network(s) (VPN(s)). A first VPN that defines a first data path between an origin and a destination can be defined at a first time. A second VPN that defines a second, different data path between the origin and the destination can defined at a second time. Each packet sent across the first VPN and each packet sent across the second VPN can follow the same data path for that VPN, such each packet can be sent across the first VPN or the second VPN in the order it was received, and the transition between the first VPN and the second VPN can be “seamless,” and communications between the origin and the destination are not disrupted between the first time period and the second time period.
-
Citations
26 Claims
-
1. A non-transitory processor-readable medium storing code to be executed by a processor, the code comprising code representing instructions to:
-
receive, from an origin, packets identifying a destination; define a first virtual private network (VPN) that defines first data path from the origin to the destination at a first time, the first VPN including a first plurality of logical switches including a first egress switch; send each packet identifying the destination that is received from the origin during a first time period to the destination via the first data path; define a second VPN that defines a second data path from the origin to the destination at a second time, the second VPN including a second plurality of logical switches including a second egress switch, the second egress switch being different from the first egress switch; and send each packet identifying the destination that is received from the origin during a second time period to the destination via the second data path, each packet that is received from the origin during the first time period and each packet that is received from the origin during the second time period being portions of a continuous stream of data, a transition from the first VPN to the second VPN occurring without disrupting the continuous stream of data between the origin and the destination between the first time period and the second time period, the first time period and the second time period being mutually exclusive. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An access server, comprising a processor and a memory, the access server configured to:
-
receive, during a first time period, a first plurality of packets from an origin, each packet from the first plurality of packets identifying a destination; define a first virtual private network (VPN) from the access server to a first egress node, the first VPN including a plurality of logical switches, the first VPN traversing a commercial cloud, an administrator of the access server not being an administrator of physical hardware of the commercial cloud; send each packet from the first plurality of packets to the first egress node via the first VPN in an order received such that the first plurality of packets arrive at the first egress node sequentially; receive, during a second time period that immediately follows the first time period, a second plurality of packets from the origin, each packet from the second plurality of packets identifying the destination; define a second VPN from the access server to a second egress node, the second egress node being different from the first egress node; and send each packet from the second plurality of packets to the second egress node via the second VPN, the first plurality of packets and the second plurality of packets being portions of a continuous stream of data, a transition from the first VPN to the second VPN occurring without disrupting the continuous stream of data. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory processor-readable medium storing code to be executed by a processor of an access server, the code comprising code representing instructions to:
-
receive a first plurality of packets relating to streaming media from an origin during a first time period, the first plurality of packets identifying a destination; define, at a first time, a first route from the access server to a first egress node, the first route including a first plurality of logical switches, the first route traversing a commercial cloud, an administrator of the access server not being an administrator of physical hardware of the commercial cloud; send each packet from the first plurality of packets to the first egress node via the first route in an order received such that the first plurality of packets arrive at the first egress node sequentially; receive a second plurality of packets relating to streaming media from the origin during a second time period, the second plurality of packets identifying the destination, the first time period transitioning to the second time period while the origin is streaming media to the destination; define a second route from the origin to a second egress node at a second time, the second route including a second plurality of logical switches, the second egress node being different from the first egress node; and send each packet from the second plurality of packets via the second route without interrupting the streaming media during the transition from the first time period to the second time period, the first time period and the second time period being mutually exclusive. - View Dependent Claims (21, 22, 23, 24, 25, 26)
-
Specification