Techniques for replacing point to point protocol with dynamic host configuration protocol

US 20070203999A1
Filed: 02/25/2006
Published: 08/30/2007
Est. Priority Date: 02/24/2006
Status: Active Grant

First Claim

Patent Images

1. A method for providing remote access to a service provider network comprising the step of exchanging a plurality of Dynamic Host Configuration Protocol (DHCP) formatted messages instead of any Point to Point Protocol (PPP) message to provide all PPP functions for accessing a service provider network on provider premises from a customer node on customer premises different from the provider premises.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for providing remote access to a service provider network include exchanging multiple Dynamic Host Configuration Protocol (DHCP) formatted messages instead of any Point to Point Protocol (PPP) message to provide all PPP functions for accessing a service provider network from a customer node. The service provider network is on provider premises and the customer node is on customer premises different from the provider premises. The DHCP format is used to exchange authentication messages, user profile data on Authentication, Authorization and Accounting (AAA) servers, or session keep-alive echo messages, alone or in some combination. When all are message types are combined, these techniques provide a remote access server (RAS) with the capability to perform all functions presently provided by PPP processes. In some combinations, these techniques allow a modified DHCP server to replace a legacy AAA server.

157 Citations

36 Claims

1. A method for providing remote access to a service provider network comprising the step of exchanging a plurality of Dynamic Host Configuration Protocol (DHCP) formatted messages instead of any Point to Point Protocol (PPP) message to provide all PPP functions for accessing a service provider network on provider premises from a customer node on customer premises different from the provider premises.
- View Dependent Claims (2, 3, 4)
- - 2. A method as recited in claim 1, said step of exchanging DHCP formatted messages further comprising the steps of:
    - receiving a DHCP request message from a customer node;
      
      authenticating a user of the customer node including the steps of sending a challenge value in a DHCP formatted challenge message, receiving a response value in a DHCP formatted response message, determining whether the response is correct, and if it is determined that the response is correct, then determining that the user is authentic.
  - 3. A method as recited in claim 2, said step of exchanging DHCP formatted messages further comprising the steps of:
    - receiving mapping data that indicates an association between a plurality of configuration attributes available from an Authentication, Authorization and Accounting (AAA) server for communications between a customer node and a service provider network and a plurality of option types for a Dynamic Host Configuration Protocol (DHCP);
      
      if it is determined that the user is authentic, then sending configuration data to the customer node in a DHCPOFFER message, including causing the DHCPOFFER message to be formed based at least in part on the mapping data.
  - 4. A method as recited in claim 2, said step of exchanging DHCP formatted messages further comprising the step of, if it is determined that the user is authentic, then performing the steps of:
    - determining whether the customer node is connected, including sending a DHCP formatted echo request message, determining whether a corresponding DHCP formatted echo reply message is received within a particular reply time, and if it is determined that a corresponding DHCP formatted echo reply message is not received within the particular reply time, then determining that the customer node is not connected; and
      
      if it is determined that the customer node is not connected, then responding to an end of session state with the user of the customer node.

5. A method for communicating configuration data for user access to a service provider network, comprising the steps of:
- receiving mapping data that indicates an association between a plurality of configuration attributes available from an Authentication, Authorization and Accounting (AAA) server for communicating with a service provider network and a plurality of option types for a Dynamic Host Configuration Protocol (DHCP);
  
  receiving from a customer node a DHCP request message for configuration data for communications between the customer node and the service provider network;
  
  forming an AAA request message based on the DHCP request message and the mapping data; and
  
  sending the AAA request message to the AAA server to obtain values for configuration attributes.
- View Dependent Claims (6, 7, 8, 9, 10)
- - 6. A method as recited in claim 5, further comprising the steps of:
    - in response to sending the AAA request message, receiving an AAA response message that holds data that indicates values for configuration attributes;
      
      forming a DHCPOFFER message based on the AAA response message and the mapping data; and
      
      sending the DHCPOFFER message to the customer node.
  - 7. A method as recited in claim 6, further comprising:
    - determining a value for a particular configuration attribute for a remote access server based on the AAA response; and
      
      excluding the particular configuration attribute from the DHCPOFFER message.
  - 8. A method as recited in claim 5, wherein the plurality of option types for DHCP includes a new option type specifically included in a DHCP standard to be associated with an AAA configuration attribute for communications between a customer node on customer premises and the provider network on premises different from the customer premises.
  - 9. A method as recited in claim 8, wherein the new option is a DHCPAUTH-Success option associated with a Remote Authentication Dial-In User Service (RADIUS) successful authentication reply message.
  - 10. A method as recited in claim 5, wherein the plurality of option types for DHCP includes a plurality of new option types specifically included in a DHCP standard so that every AAA configuration attribute for communications between a customer node on customer premises and the provider network on premises different from the customer premises is associated with at least one DHCP option type.

11. A method for communicating configuration data for user access to a service provider network, comprising the steps of:
- receiving mapping data that indicates an association between a plurality of configuration attributes available from an Authentication, Authorization and Accounting (AAA) server for communicating with a service provider network and a plurality of option types for a Dynamic Host Configuration Protocol (DHCP);
  
  receiving from a customer node a first DHCP request message for configuration data for communications between the customer node and the service provider network;
  
  sending a second DHCP request message based on the first DHCP request message to a DHCP server to obtain values for DHCP option types;
  
  in response to sending the second DHCP request message, receiving an DHCP response message that holds data that indicates values for a plurality of option types;
  
  determining a value for a particular configuration attribute for a remote access server based on the DHCP response message and the mapping data; and
  
  configuring the remote access server to communicate with the customer node based on the value for the particular configuration attribute.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. A method as recited in claim 11, further comprising:
    - forming a DHCP OFFER message by stripping from the DHCP response message a DHCP option associated with the particular configuration attribute in the mapping data; and
      
      sending the DHCP OFFER message to the customer node.
  - 13. A method as recited in claim 11, wherein the plurality of option types for DHCP includes a new option type specifically included in a DHCP standard to be associated with an AAA configuration attribute for communications between a customer node on customer premises and the provider network on premises different from the customer premises.
  - 14. A method as recited in claim 13, wherein the new option is associated with a Remote Authentication Dial-In User Service (RADIUS) attribute associated with a user profile.
  - 15. A method as recited in claim 12, wherein the DHCP option associated with the particular configuration attribute is a new option type specifically included in a DHCP standard to be associated with an AAA configuration attribute for a remote access server on a boundary between the provider network on provider premises and an access network, wherein the access network is between the remote access server and a customer node on customer premises different from the provider premises.
  - 16. A method as recited in claim 15, wherein the DHCP option associated with the particular configuration attribute is the DHCP option associated with an attribute that depends on a user of the customer node.
  - 17. A method as recited in claim 15, wherein the DHCP option associated with the particular configuration attribute is the DHCP option associated with a Remote Authentication Dial-In User Service (RADIUS) attribute that indicates at least one of a quality of service level and an access control list.

18. An apparatus for communicating configuration data for user access to a service provider network, comprising:
- means for receiving mapping data that indicates an association between a plurality of configuration attributes available from an Authentication, Authorization and Accounting (AAA) server for communicating with a service provider network and a plurality of option types for a Dynamic Host Configuration Protocol (DHCP);
  
  means for receiving from a customer node a DHCP request message for configuration data for communications between the customer node and the service provider network;
  
  means for forming an AAA request message based on the DHCP request message and the mapping data; and
  
  means for sending the AAA request message to the AAA server to obtain values for configuration attributes.

19. An apparatus for communicating configuration data for user access to a service provider network, comprising:
- means for receiving mapping data that indicates an association between a plurality of configuration attributes available from an Authentication, Authorization and Accounting (AAA) server for communicating with a service provider network and a plurality of option types for a Dynamic Host Configuration Protocol (DHCP);
  
  means for receiving from a customer node a DHCP request message for configuration data for communications between the customer node and the service provider network;
  
  means for sending a second DHCP request message based on the first DHCP request message to a DHCP server to obtain values for DHCP option types;
  
  means for receiving an DHCP response message that holds data that indicates values for a plurality of option types in response to sending the second DHCP request message;
  
  means for determining a value for a particular configuration attribute for a remote access server based on the DHCP response message and the mapping data; and
  
  means for configuring the remote access server to communicate with the customer node based on the value for the particular configuration attribute.

20. An apparatus for providing remote access to a service provider network, comprising:
- a network interface that is coupled to a network for communicating one or more packet flows therewith;
  
  one or more processors;
  
  a computer readable medium; and
  
  one or more sequences of instructions stored on the computer readable medium, which, when executed by the one or more processors, causes the one or more processors to carry out the step of exchanging a plurality of Dynamic Host Configuration Protocol (DHCP) formatted messages instead of any Point to Point Protocol (PPP) message to provide all PPP functions for accessing a service provider network on provider premises from a customer node on customer premises different from the provider premises.
- View Dependent Claims (21, 22, 23)
- - 21. An apparatus as recited in claim 20, said step of exchanging DHCP formatted messages further comprising the steps of:
    - receiving a DHCP request message from a customer node;
      
      authenticating a user of the customer node including the steps of sending a challenge value in a DHCP formatted challenge message, receiving a response value in a DHCP formatted response message, determining whether the response is correct, and if it is determined that the response is correct, then determining that the user is authentic.
  - 22. An apparatus as recited in claim 21, said step of exchanging DHCP formatted messages further comprising the steps of:
    - receiving mapping data that indicates an association between a plurality of configuration attributes available from an Authentication, Authorization and Accounting (AAA) server for communications between a customer node and a service provider network and a plurality of option types for a Dynamic Host Configuration Protocol (DHCP);
      
      if it is determined that the user is authentic, then sending configuration data to the customer node in a DHCPOFFER message, including causing the DHCPOFFER message to be formed based at least in part on the mapping data.
  - 23. An apparatus as recited in claim 21, said step of exchanging DHCP formatted messages further comprising the step of, if it is determined that the user is authentic, then performing the steps of:
    - determining whether the customer node is connected, including sending a DHCP formatted echo request message, determining whether a corresponding DHCP formatted echo reply message is received within a particular reply time, and if it is determined that a corresponding DHCP formatted echo reply message is not received within the particular reply time, then determining that the customer node is not connected; and
      
      if it is determined that the customer node is not connected, then responding to an end of session state with the user of the customer node.

24. An apparatus for communicating configuration data for access to a service provider network, comprising:
- a network interface that is coupled to a network for communicating one or more packet flows therewith;
  
  one or more processors;
  
  a computer readable medium; and
  
  one or more sequences of instructions stored on the computer readable medium, which, when executed by the one or more processors, causes the one or more processors to carry out the steps of;
  
  receiving mapping data that indicates an association between a plurality of configuration attributes available from an Authentication, Authorization and Accounting (AAA) server for communicating with a service provider network and a plurality of option types for a Dynamic Host Configuration Protocol (DHCP);
  
  receiving from a customer node a first DHCP request message for configuration data for communications between the customer node and the service provider network;
  
  forming an AAA request message based on the DHCP request message and the mapping data; and
  
  sending the AAA request message to the AAA server to obtain values for configuration attributes.
- View Dependent Claims (25, 26, 27, 28, 29)
- - 25. An apparatus as recited in claim 24, wherein execution of the one or more sequences of instructions further causes the one or more processors to carry out the steps of:
    - in response to sending the AAA request message, receiving an AAA response message that holds data that indicates values for configuration attributes;
      
      forming a DHCPOFFER message based on the AAA response message and the mapping data; and
      
      sending the DHCPOFFER message to the customer node.
  - 26. An apparatus as recited in claim 25, wherein execution of the one or more sequences of instructions further causes the one or more processors to carry out the steps of:
    - determining a value for a particular configuration attribute for a remote access server based on the AAA response; and
      
      excluding the particular configuration attribute from the DHCPOFFER message.
  - 27. An apparatus as recited in claim 24, wherein the plurality of option types for DHCP includes a new option type specifically included in a DHCP standard to be associated with an AAA configuration attribute for communications between a customer node on customer premises and the provider network on premises different from the customer premises.
  - 28. An apparatus as recited in claim 27, wherein the new option is a DHCPAUTH-Success option associated with a Remote Authentication Dial-In User Service (RADIUS) successful authentication reply message.
  - 29. An apparatus as recited in claim 24, wherein the plurality of option types for DHCP includes a plurality of new option types specifically included in a DHCP standard so that every AAA configuration attribute for communications between a customer node on customer premises and the provider network on premises different from the customer premises is associated with at least one DHCP option type.

30. An apparatus for communicating configuration data for access to a service provider network, comprising:
- a network interface that is coupled to a network for communicating one or more packet flows therewith;
  
  one or more processors;
  
  a computer readable medium; and
  
  one or more sequences of instructions stored on the computer readable medium, which, when executed by the one or more processors, causes the one or more processors to carry out the steps of;
  
  receiving mapping data that indicates an association between a plurality of configuration attributes available from an Authentication, Authorization and Accounting (AAA) server for communicating with a service provider network and a plurality of option types for a Dynamic Host Configuration Protocol (DHCP);
  
  receiving from a customer node a first DHCP request message for configuration data for communications between the customer node and the service provider network;
  
  sending a second DHCP request message based on the first DHCP request message to a DHCP server to obtain values for DHCP option types;
  
  in response to sending the second DHCP request message, receiving an DHCP response message that holds data that indicates values for a plurality of option types;
  
  determining a value for a particular configuration attribute for a remote access server based on the DHCP response message and the mapping data; and
  
  configuring the remote access server to communicate with the customer node based on the value for the particular configuration attribute.
- View Dependent Claims (31, 32, 33, 34, 35, 36)
- - 31. An apparatus as recited in claim 30, wherein execution of the one or more sequences of instructions further causes the one or more processors to carry out the steps of:
    - forming a DHCPOFFER message by stripping from the DHCP response message a DHCP option associated with the particular configuration attribute in the mapping data; and
      
      sending the DHCPOFFER message to the customer node.
  - 32. An apparatus as recited in claim 30, wherein the plurality of option types for DHCP includes a new option type specifically included in a DHCP standard to be associated with an AAA configuration attribute for communications between a customer node on customer premises and the provider network on premises different from the customer premises.
  - 33. An apparatus as recited in claim 32, wherein the new option is associated with a Remote Authentication Dial-In User Service (RADIUS) attribute associated with a user profile.
  - 34. An apparatus as recited in claim 31, wherein the DHCP option associated with the particular configuration attribute is a new option type specifically included in a DHCP standard to be associated with an AAA configuration attribute for a remote access server on a boundary between the provider network on provider premises and an access network, wherein the access network is between the remote access server and a customer node on customer premises different from the provider premises.
  - 35. An apparatus as recited in claim 34, wherein the DHCP option associated with the particular configuration attribute is the DHCP option associated with an attribute that depends on a user of the customer node.
  - 36. An apparatus as recited in claim 34, wherein the DHCP option associated with the particular configuration attribute is the DHCP option associated with a Remote Authentication Dial-In User Service (RADIUS) attribute that indicates at least one of a quality of service level and an access control list.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Dec, Wojciech, Droms, Ralph, Pruss, Richard, Townsley, William, Mammoliti, Vincent

Granted Patent

US 7,853,708 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/207
CPC Class Codes

H04L 61/5014   using dynamic host configur...

H04L 61/59   using proxies for addressing

H04L 63/08   for authentication of entit...

H04L 63/0892   by using authentication-aut...

Techniques for replacing point to point protocol with dynamic host configuration protocol

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

157 Citations

36 Claims

Specification

Use Cases

Quick Links

Others

Techniques for replacing point to point protocol with dynamic host configuration protocol

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

157 Citations

36 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others