Policy based routing system and method for caching and VPN tunneling
First Claim
1. An enterprise network routing system comprising:
- a public network regional router for routing data packets according to a gateway routing protocol;
a router interface device dedicated to an enterprise, the router interface device comprising;
an interface for sending and receiving a data packet to and from the public network regional router wherein the public network regional router routes data packets destined for the enterprise network to the router interface device; and
logic for redirecting a data packet to a special purpose data packet device.
7 Assignments
0 Petitions
Accused Products
Abstract
An enterprise network router interface communicates with a public regional Autonomous System Border Router (ASBR). The ASBR only forwards the enterprise network traffic to the router interface. The router interface redirects data packets to data highly specialized packet processing appliances for parallel processing of VPN and cache application traffic. Policy based routing instructions are imposed on the ASBR for subsequent secure, tunneled transmission. This enterprise routing system and method used within an enterprise imposes routing instructions superceding gateway protocol routing thus allowing VPN and content caching applications to be run efficiently and securely without resort to an enterprise dedicated backbone.
-
Citations
21 Claims
-
1. An enterprise network routing system comprising:
-
a public network regional router for routing data packets according to a gateway routing protocol;
a router interface device dedicated to an enterprise, the router interface device comprising;
an interface for sending and receiving a data packet to and from the public network regional router wherein the public network regional router routes data packets destined for the enterprise network to the router interface device; and
logic for redirecting a data packet to a special purpose data packet device.
-
-
2. The enterprise network routing system of claim [c1] wherein the special purpose data packet device comprises:
-
communication logic for sending and receiving a data packet to and from the router interface device;
logic for analyzing and modifying the data packet; and
logic for inserting policy based management instruction within the public network regional router; and
logic for processing the data packet for one hop delivery wherein the policy based management instruction supercedes the gateway routing protocol.
-
-
3. The enterprise network routing system of claim [c2] wherein the special purpose data packet device is a cache appliance wherein the cache appliance comprises logic for storing a location of active cache data for the enterprise network allowing accelerated cache retrieval for enterprise network users.
-
4. The enterprise network routing system of claim [c2] wherein the special purpose data packet device is a VPN device comprising logic for identifying a target enterprise network destination address for the data packet.
-
5. The enterprise network routing system of claim [c2] further comprising a second special purpose data packet device wherein the second special purpose data packet device is a VPN device.
-
6. The enterprise network routing system of claim [c2] wherein the router interface device is a Layer 4 switch.
-
7. The enterprise network routing system of claim [c2] wherein the router interface device further comprises logic for encapsulating the data packet for secure tunneling transmission across the public network.
-
8. The enterprise network routing system of claim [c2] wherein the special purpose data packet device further comprises logic for encapsulating the data packet for secure tunneling transmission across the public network.
-
9. The enterprise network routing system of claim [c2] wherein the system is redundant so as to further comprise at least one duplicate public network regional router, at least one duplicate router interface device, and at least one duplicate special purpose data packet device.
-
10. The enterprise network routing system of claim [c2] wherein the data packet uses a CIDR IP addressing.
-
11. An enterprise network routing method comprising:
-
routing data packets according to a gateway routing protocol across a public network;
forwarding a specific data packet at a router interface device dedicated to an enterprise, the forwarding comprising;
sending and receiving a data packet to and from the public network via a public network regional router wherein the public network regional router routes data packets destined for the enterprise network to the router interface device;
redirecting a data packet to a special purpose data packet device wherein the special purpose data packet device comprises;
sending and receiving a data packet to and from the router interface device;
analyzing and modifying the data packet; and
inserting policy based management instruction within the public network regional router; and
processing the data packet for one hop delivery wherein the policy based management instruction supercedes the gateway routing protocol.
-
-
12. The enterprise network routing method of claim [c10] wherein the special purpose data packet device operates as a cache appliance, wherein the cache appliance stores a location for active cache data for the enterprise network thereby allowing accelerated cache retrieval for enterprise network users.
-
13. The enterprise network routing method of claim [c10] wherein the special purpose data packet device operates as a VPN device and identifies a target enterprise network destination address for the data packet.
-
14. The enterprise network routing method of claim [c10] wherein the redirecting a data packet to a special purpose device further comprises redirecting a data packet to a cache appliance or a VPN device.
-
15. The enterprise network routing method of claim [c10] wherein the router interface device, at which the forwarding a specific data packet occurs, is a Layer 4 switch.
-
16. The enterprise network routing method of claim [c10] wherein the router interface device encapsulates the data packet for secure tunneling transmission across the public network.
-
17. The enterprise network routing method of claim [c10] wherein the special purpose data packet device encapsulates the data packet for secure tunneling transmission across the public network.
-
18. The enterprise network routing method of claim [c10] wherein the method is practiced via an enterprise network having redundancy provided by a duplicate public network regional router, a duplicate router interface device, and a duplicate special purpose data packet device.
-
19. The enterprise network routing method of claim [c10] further comprising identifying specific data packets using a CIDR IP notation.
-
20. An enterprise network routing system comprising:
-
a public network regional router for routing data packets according to a gateway routing protocol;
a router interface device dedicated to an enterprise, the router interface device comprising;
an interface for sending and receiving a data packet to and from the public network regional router wherein the public network regional router routes data packets destined for the enterprise network to the router interface device;
logic for redirecting a data packet to a special purpose data packet device, wherein the special purpose data packet device comprises;
communication logic for sending and receiving a data packet to and from the router interface device;
logic for analyzing and modifying the data packet; and
logic for inserting policy based management instruction within the public network regional router; and
logic for processing the data packet for one hop delivery wherein the policy based management instruction supercedes the gateway routing protocol.
-
-
21. An enterprise network routing system comprising:
-
means for routing data packets in a region of a public network according to a gateway routing protocol;
means for interfacing the means for routing, the means for interfacing being dedicated to an enterprise network, the means for interfacing comprising;
means for sending and receiving a data packet to and from the means for routing, wherein the means for routing routes data packets destined for the enterprise network to the means for interfacing;
means for redirecting a data packet to a special purpose data packet device according to logic, wherein the special purpose data packet device comprises;
means for sending and receiving a data packet to and from the router interface device;
means for analyzing and modifying the data packet;
means for inserting policy based management instruction within the means for routing; and
means for processing the data packet for one hop delivery wherein the policy based management instruction supercedes the gateway routing protocol.
-
Specification