System and method for separating addresses from the delivery scheme in a virtual private network
0 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems consistent with the present invention establish a virtual network on top of current IP network naming schemes. The virtual network uses a separate layer to create a modification to the IP packet format that is used to separate network behavior from addressing. As a result of the modification to the packet format, any type of delivery method may be assigned to any address or group of addresses. The virtual network also maintains secure communications between nodes, while providing the flexibility of assigning delivery methods independent of the delivery addresses.
-
Citations
17 Claims
-
1-7. -7. (canceled)
-
8. A computer connected to a public-network infrastructure over which a private network operates, the private network having a plurality of nodes and uses a plurality of delivery schemes, the computer comprising:
-
a memory comprising;
one of the plurality of nodes for communicating over the private network; and
a security layer that receives from the one node communications comprising internal addresses that are suitable for use in communicating within the private network that translates the internal addresses into external addresses that are suitable for use in communicating over the public-network infrastructure, wherein the internal addresses are not associated with the delivery scheme, that encrypts the communications, and that transmits the communications over the public network to destinations of the communications; and
a processor for running the one node and the security layer. - View Dependent Claims (9, 10, 11, 12, 13, 16)
-
-
14. A method in a public network having a network infrastructure that is used by a private network over which a plurality of clients communicate with a plurality of servers each having an external address, the private network uses a plurality of delivery schemes to communicate with the clients and servers, comprising:
-
requesting an internal address from an address server, wherein the internal address corresponds to a set of servers, wherein the address server maps the internal address to an external address for each of the servers, and wherein each internal address is not associated with a delivery scheme; and
permitting the client to communicate with the set of servers on the private network in a secure manner based on a selected delivery scheme. - View Dependent Claims (15, 17)
-
Specification