Dynamic virtual private network (VPN) tunnel quality of service (QoS) treatment

US 20050088977A1
Filed: 12/14/2000
Published: 04/28/2005
Est. Priority Date: 12/14/2000
Status: Abandoned Application

First Claim

Patent Images

1. A method of providing dynamic Quality of Service (QoS) treatment of data traffic within a secure Virtual Private Network (VPN) tunnel, the method comprising the steps of:

a) querying a policy database to obtain QoS information concerning a desired QoS treatment for data traffic within the VPN tunnel;

b) forwarding the QoS information through the VPN tunnel to a VPN gateway at an opposite end of the VPN Tunnel; and

c) attaching a QoS marker based on the QoS information to the data traffic within the VPN tunnel.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Dynamic Quality of Service (QoS) treatment of traffic within a secure Virtual Private Network (VPN) tunnel is provided by attaching a QoS marker to data traffic at an ingress end of the VPN tunnel. The QoS marker is obtained by querying a policy database. The policy database returns QoS information, from which the QoS marker is derived. The policy data base can be queried by a VPN Gateway at an ingress end of the tunnel during tunnel setup, and/or at any time following tunnel setup to obtain updated QoS information. This updated QoS information is then propagated through the VPN tunnel to a VPN gateway at the opposite end of the VPN Tunnel, so that it can be used for egress processing of the tunnel. traffic without renegotiating the Security Association. Consequently, re-establishment of the tunnel is not required in order to change the QoS treatment of tunnel traffic.

Citations

33 Claims

1. A method of providing dynamic Quality of Service (QoS) treatment of data traffic within a secure Virtual Private Network (VPN) tunnel, the method comprising the steps of:
- a) querying a policy database to obtain QoS information concerning a desired QoS treatment for data traffic within the VPN tunnel;
  
  b) forwarding the QoS information through the VPN tunnel to a VPN gateway at an opposite end of the VPN Tunnel; and
  
  c) attaching a QoS marker based on the QoS information to the data traffic within the VPN tunnel.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. A method as claimed in claim 1, wherein the QoS information obtained from the policy database comprises the QoS marker.
  - 3. A method as claimed in claim 1, wherein the QoS information obtained from the policy database comprises Tspec and Rspec parameters indicative of the desired QoS treatment.
  - 4. A method as claimed in claim 3, wherein the step of attaching a QoS marker comprises the steps of:
    - a) mapping the Tspec and Rspec parameters to the QoS marker; and
      
      b) inserting the QoS marker into a predetermined field of a header portion of the data traffic within the VPN tunnel.
  - 5. A method as claimed in claim 4, wherein the QoS marker is a Differentiated Services Code Point (DSCP) value.
  - 6. A method as claimed in claim 1, wherein the step of obtaining an indication of a QoS treatment further comprises the steps of:
    - a) obtaining, from a customer, an indication of a desired QoS treatment;
      
      b) confirming an availability of the desired QoS treatment; and
      
      c) if the desired QoS treatment is available, updating the policy database with information respecting the desired QoS treatment.
  - 7. A method as claimed in claim 6, wherein the step of confirming an availability of the desired QoS treatment comprises any one or more of the steps of:
    - a) determining whether or not the VPN tunnel has sufficient available bandwidth to support the desired QoS; and
      
      b) comparing the desired QoS to a Service Level Agreement (SLA).
  - 8. A method as claimed in claim 1, wherein the step of querying the policy database is performed at a start of the communications session.
  - 9. A method as claimed in claim 8, wherein the step of querying the policy database is performed in response to a session initiation message received from the customer.
  - 10. A method as claimed in claim 1, wherein the step of querying the policy database is performed during the communications session.
  - 11. A method as claimed in claim 10, wherein the step of querying the policy database is performed at predetermined intervals during the communications session.
  - 12. A method as claimed in claim 10, wherein the step of querying the policy database is performed in response to a query request from either one of the customer and a service provider.
  - 13. A method as claimed in claim 10, wherein the step of querying the policy database is performed in response to a change in the information respecting QoS treatment stored in the policy database.
  - 14. A method as claimed in claim 1, further comprising a step of notifying a service provider of the indicated QoS treatment.
  - 15. A method as claimed in claim 14, wherein the step of notifying the service provider is performed at a start of the communications session.
  - 16. A method as claimed in claim 14, wherein the step of notifying the service provider is performed in response to a change in the indicated QoS treatment.

17. A VPN gateway adapted to provide dynamic QoS treatment of data traffic within a secure VPN tunnel, the gateway comprising:
- a) means for querying a policy database to obtain Qos information concerning a desired Qos treatment for data traffic within the VPN tunnel;
  
  b) means for forwarding the QoS information through the VPN tunnel to a VPN gateway at an opposite end of the VPN Tunnel; and
  
  c) means for attaching a QoS marker based on the QoS information to the data traffic within the VPN tunnel.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
- - 18. A VPN gateway as claimed in claim 17, wherein the QoS information obtained from the policy database comprises the QoS marker.
  - 19. A VPN gateway as claimed in claim 17, wherein the QoS information obtained from the policy database comprises Tspec and Rspec parameters indicative of the desired QoS treatment.
  - 20. A VPN gateway as claimed in claim 19, wherein the means for attaching a QoS marker comprises:
    - a) means for mapping the Tspec and Rspec parameters to the QoS marker; and
      
      b) means for inserting the QoS marker into a predetermined field of a header portion of the data traffic within the VPN tunnel.
  - 21. A VPN gateway as claimed in claim 20, wherein the QoS marker is a Differentiated Services Code Point (DSCP) value.
  - 22. A VPN gateway as claimed in claim 17, further comprising means for receiving a QoS request message indicative of the desired QoS treatment.
  - 23. A VPN gateway as claimed in claim 17, wherein the means for forwarding the QoS information through the VPN tunnel comprises:
    - a) a policy update message adapted to convey the QoS information through the VPN tunnel; and
      
      b) means for inserting the QoS information into a payload portion of the policy update message.
  - 24. A VPN gateway as claimed in claim 23, wherein the policy update message is an ISAKMP/IKE message having a predetermined unique “
    - Next Payload”
      
      type.
  - 25. A VPN gateway as claimed in claim 17, wherein the policy database is queried at a start of the communications session.
  - 26. A VPN gateway as claimed in claim 25, wherein the means for querying the policy database is responsive to a session initiation message received from the customer.
  - 27. A VPN gateway as claimed in claim 17, wherein the policy database is queried during the communications session.
  - 28. A VPN gateway as claimed in claim 27, wherein the policy database is queried at predetermined intervals during the communications session.
  - 29. A VPN gateway as claimed in claim 27, wherein the means for querying the policy database is responsive to a query request from either one of the customer and a service provider.
  - 30. A VPN gateway as claimed in claim 27, wherein the means for querying the policy database is responsive to a change in the information respecting QoS treatment stored in the policy database.
  - 31. A VPN gateway as claimed in claim 17, further comprising means for notifying a service provider of the indicated QoS treatment.
  - 32. A VPN gateway as claimed in claim 31, wherein the means for notifying the service provider is adapted to send a notification message to the service provider at a start of the communications session.
  - 33. A VPN gateway as claimed in claim 31, wherein the means for notifying the service provider is adapted to send a notification message to the service provider in response to a change in the indicated QoS treatment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nortel Networks Limited (Nortel Networks Corporation)
Original Assignee
Nortel Networks Limited (Nortel Networks Corporation)
Inventors
Roch, Stephane S., Algie, Glenn G.

Application Number

US09/735,939
Publication Number

US 20050088977A1
Time in Patent Office

Days
Field of Search
US Class Current

370/254
CPC Class Codes

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 2212/00   Encapsulation of packets

H04L 47/10   Flow control; Congestion co...

H04L 47/20   Traffic policing

H04L 47/2408   for supporting different se...

H04L 47/31   by tagging of packets, e.g....

H04L 63/0272   Virtual private networks

H04L 63/102   Entity profiles

Dynamic virtual private network (VPN) tunnel quality of service (QoS) treatment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Dynamic virtual private network (VPN) tunnel quality of service (QoS) treatment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links