METHODS, APPARATUS AND DATA STRUCTURES FOR SEGMENTING CUSTOMERS USING AT LEAST A PORTION OF A LAYER 2 ADDRESS HEADER OR BITS IN THE PLACE OF A LAYER 2 ADDRESS HEADER

US 20090225675A1
Filed: 12/31/2008
Published: 09/10/2009
Est. Priority Date: 08/31/2000
Status: Active Grant

First Claim

Patent Images

1. A method for provisioning services to packets sourced from a number of client customer devices, the method comprising:

a) accepting a packet sourced from one of a number of client customer devices, wherein the packet has had at least a part of a layer 2 header, generated by the source client customer device, replaced with a unique bit string that is independent of any contents of the packet;

b) determining whether or not the packet is entitled to access a particular service using at least a portion of the unique bit string; and

c) if it is determined that the packet is entitled to access the particular service, then routing the packet, otherwise denying the packet access to the particular service.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Limiting or controlling access to various services thereby performing a firewall function. An access router may permit or deny a packet based on at least a portion of a unique bit string (or context information) which replaced layer 2 header information (e.g., the layer 2 (e.g., MAC) address). Further, a particular quality of service may be indicated by at least a part of the unique bit string (or context information). The service provided to a group of customers, that group of customers being defined by at least a portion of the unique bit string (or context information), may be monitored. Multicast groups may be supported by checking at least a part of the unique bit string (or context information) to determine whether or not a customer associated with that port is permitted to join the multicast group.

168 Citations

View as Search Results

17 Claims

1. A method for provisioning services to packets sourced from a number of client customer devices, the method comprising:
- a) accepting a packet sourced from one of a number of client customer devices, wherein the packet has had at least a part of a layer 2 header, generated by the source client customer device, replaced with a unique bit string that is independent of any contents of the packet;
  
  b) determining whether or not the packet is entitled to access a particular service using at least a portion of the unique bit string; and
  
  c) if it is determined that the packet is entitled to access the particular service, then routing the packet, otherwise denying the packet access to the particular service.
- View Dependent Claims (2, 3, 10, 14, 15)
- - 2. The method of claim 1 wherein at least a portion of the unique bit string represents one of a number of logical interfaces.
  - 3. The method of claim 1 wherein at least a portion of the unique bit string corresponds to a virtual private network-organizational universal identifier.
  - 10. The method of claim 1 wherein at least a portion of the unique bit string represents a logical port identifier including a geographic location identifier and a physical unit identifier.
  - 14. The method of claim 1 wherein the step of determining whether or not the packet is entitled to access a particular service using at least a portion of the unique bit string is a separate determination from determining whether or not the packet can be forwarded.
  - 15. The method of claim 1 wherein the packet is routed only if it is determined that the packet is entitled to access the particular service.

4. A method for providing various quality of service levels to packets sourced from a number of client customer devices, the method comprising:
- a) accepting a packet sourced from one or a number of client customer devices, wherein the packet has had at least a part of a layer 2 header, generated by the source client customer device, replaced with a unique bit string that is independent of any contents of the packet;
  
  b) determining a service level to which the packet is entitled using the unique bit string; and
  
  c) forwarding the packet to a particular one of a plurality of queues associated with the service level determined.
- View Dependent Claims (5, 6, 11, 16, 17)
- - 5. The method of claim 4 wherein at least a portion of the unique bit string represents one of a number of logical interfaces.
  - 6. The method of claim 4 wherein at least a portion of the unique bit string corresponds to a virtual private network-organizational universal identifier.
  - 11. The method of claim 4 wherein at least a portion of the unique bit string represents a logical port identifier including a geographic location identifier and a physical unit identifier.
  - 16. The method of claim 4 wherein the service level is a quality of service level.
  - 17. The method of claim 4 wherein the service level is a quality of service level represented by a plurality of bits.

7. A method for monitoring packets sourced from a group of client customer devices defining a subset of client customer devices, each of the packets having at least a part of a layer 2 header, generated by the source client customer device, replaced with a unique bit string, the method comprising:
- a) determining whether or not the packet belongs to the group of client customer devices using at least a portion of the unique bit string; and
  
  b) if it is determined that the packet does belong to the group of client customer devices, theni) copying the packet to generate a duplicate packet, andii) forwarding the duplicate packet to a monitoring facility, wherein the monitoring facility monitors at least one of (A) service provided to a group of customers, and (B) security.
- View Dependent Claims (8, 9, 12, 13)
- - 8. The method of claim 7 wherein at least a portion of the unique bit string represents one of a number of logical interfaces.
  - 9. The method of claim 7 wherein at least a portion of the unique bit string corresponds to a virtual private network-organizational universal identifier.
  - 12. The method of claim 7 wherein the unique bit string is independent of a layer 2 destination address.
  - 13. The method of claim 7 wherein at least a portion of the unique bit string represents a logical port identifier including a geographic location identifier and a physical unit identifier.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Verizon Communications Inc.
Inventors
BAUM, Robert T., VOIT, Eric A.

Granted Patent

US 8,264,987 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/252
CPC Class Codes

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 2463/102   applying security measure f...

H04L 61/00   Network arrangements, proto...

H04L 61/35   involving non-standard use ...

H04L 63/0272   Virtual private networks

H04L 63/101   Access control lists [ACL]

H04L 63/104   Grouping of entities

H04L 69/22   Parsing or analysis of headers

METHODS, APPARATUS AND DATA STRUCTURES FOR SEGMENTING CUSTOMERS USING AT LEAST A PORTION OF A LAYER 2 ADDRESS HEADER OR BITS IN THE PLACE OF A LAYER 2 ADDRESS HEADER

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

168 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

METHODS, APPARATUS AND DATA STRUCTURES FOR SEGMENTING CUSTOMERS USING AT LEAST A PORTION OF A LAYER 2 ADDRESS HEADER OR BITS IN THE PLACE OF A LAYER 2 ADDRESS HEADER

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

168 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links