Method and system for learning network information
First Claim
Patent Images
1. A method for learning network information through a plurality of network devices, the plurality of network devices being configured for Internet Protocol Security (IPsec), the method comprising setting up a security association between the plurality of network devices;
- and providing network information to the plurality of network devices, the network information being based on the security association, the network information comprising a plurality of sub-network routes.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and system for learning network information through a plurality of network devices is provided. The plurality of network devices are configured for IPsec. The method enables negotiation between the network devices to set up a security association and provide network information between the configured network devices. This network information includes a plurality of sub-network routes.
22 Citations
16 Claims
-
1. A method for learning network information through a plurality of network devices, the plurality of network devices being configured for Internet Protocol Security (IPsec), the method comprising
setting up a security association between the plurality of network devices; - and
providing network information to the plurality of network devices, the network information being based on the security association, the network information comprising a plurality of sub-network routes. - View Dependent Claims (2, 3, 4, 5, 6, 7)
- and
-
8. A method for learning network information through a plurality of network devices, the plurality of network devices being configured for Internet Protocol Security (IPsec), the method comprising
setting up a security association between the plurality of network devices; - and
providing network information to the plurality of network devices, the network information being based on the security association, the network information comprising a plurality of sub-network routes, wherein the providing the network information comprises requesting configuration information from a first endpoint of an IPsec tunnel, the request being made by a second endpoint of the IPsec tunnel, wherein the plurality of network devices form endpoints of the IPsec tunnel;
sending configuration information to the first endpoint, the configuration information being sent by the second endpoint;
sending a list of the plurality of sub-network routes to the first endpoint; and
accepting the list of the plurality of sub-network routes, the list being accepted by the first endpoint.
- and
-
9. A system for learning network information through a plurality of network devices, the plurality of network devices being configured for IPsec, the system comprising
a setting module for setting up a security association between the plurality of network devices; - and
a providing module for providing network information, the network information being based on the security association, the network information comprising a plurality of sub-network routes. - View Dependent Claims (10, 11, 12, 13, 14)
- and
-
15. A system for learning network information through a plurality of network devices, the plurality of network devices being configured for IPsec, the system comprising
means for setting up a security association between the plurality of network devices; - and
means for providing network information to the plurality of network devices, the network information being based on the security association, the network information comprising a plurality of sub-network routes.
- and
-
16. An apparatus for learning network information through a plurality of network devices, the plurality of network devices being configured for IPsec, the apparatus comprising
a processing system including a processor coupled to a display and user input device; a machine-readable medium including instructions executable by the processor comprising one or more instructions for setting up a security association between the plurality of network devices; and
one or more instructions for providing network information, the network information being based on the security association, the network information comprising a plurality of sub-network routes.
Specification