POINT-TO-MULTI-POINT/NON-BROADCASTING MULTI-ACCESS VPN TUNNELS

US 20120137358A1
Filed: 02/09/2012
Published: 05/31/2012
Est. Priority Date: 11/16/2004
Status: Abandoned Application

First Claim

Patent Images

1-41. -41. (canceled)

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system establishes a virtual private network (VPN) tunnel to a destination and determines a next hop for the VPN tunnel. The system inserts the next hop, and an address associated with the destination, into an entry of a first table. The system inserts the next hop, and a tunnel identifier corresponding to the established VPN tunnel, into an entry of a second table. The system associates one or more security parameters, used to encrypt traffic sent via the VPN tunnel, with the tunnel identifier.

Citations

61 Claims

1-41. -41. (canceled)

42. A method, performed by a network device, the method comprising:
- receiving, at the network device, a data unit;
  
  retrieving a next hop identifier associated with a device along a path toward a destination of the data unit;
  
  identifying a tunnel identifier using the retrieved next hop identifier; and
  
  forwarding, by the network device, the data unit via a tunnel corresponding to the tunnel identifier.
- View Dependent Claims (43, 44, 45, 46, 47, 48)
- - 43. The method of claim 42, where forwarding the data unit via the tunnel comprises:
    - encrypting the data unit; and
      
      forwarding the encrypted data unit via the tunnel.
  - 44. The method of claim 43, where encrypting the data unit includes encrypting the data unit using security parameters associated with the retrieved tunnel identifier.
  - 45. The method of claim 42, where retrieving the next hop identifier includes performing a lookup in a memory to retrieve the next hop identifier.
  - 46. The method of claim 42, where the tunnel includes a virtual private network (VPN) tunnel.
  - 47. The method of claim 42, where identifying the tunnel identifier includes:
    - performing a lookup in a memory, using the retrieved next hop identifier, to identify the tunnel identifier.
  - 48. The method of claim 42, where the data unit includes information indicating a plurality of destination networks and where retrieving the next hop identifier includes:
    - retrieving a plurality of next hop identifiers, each next hop identifier associated with a device along a path toward a destination network of the plurality of destination networks.

49. A device comprising:
- one or more processors to;
  
  receive a data unit;
  
  retrieve a next hop identifier associated with a device along a path toward a destination of the data unit;
  
  identify a tunnel identifier using the retrieved next hop identifier; and
  
  forward the data unit via a tunnel corresponding to the tunnel identifier.
- View Dependent Claims (50, 51, 52, 53, 54, 55)
- - 50. The device of claim 49, where, when forwarding the data unit via the tunnel, the one or more processors are further to:
    - encrypt the data unit; and
      
      forward the encrypted data unit via the tunnel.
  - 51. The device of claim 50, where, when encrypting the data unit, the one or more processors are further to:
    - encrypt the data unit using security parameters associated with the retrieved tunnel identifier.
  - 52. The device of claim 49, where, when retrieving the next hop identifier, the one or more processors are further to:
    - perform a lookup in a memory to retrieve the next hop identifier.
  - 53. The device of claim 49, where the tunnel includes a virtual private network (VPN) tunnel.
  - 54. The device of claim 49, where, when identifying the tunnel identifier, the one or more processors are further to:
    - perform a lookup in a memory, using the retrieved next hop identifier, to identify the tunnel identifier.
  - 55. The device of claim 49, where the data unit includes information indicating a plurality of destination networks and where, when retrieving the next hop identifier, the one or more processors are further to:
    - retrieve a plurality of next hop identifiers, each next hop identifier associated with a device along a path toward a destination network of the plurality of destination networks.

56. A device comprising:
- one or more processors to;
  
  establish a tunnel to a destination;
  
  insert a tunnel identifier corresponding to the established tunnel into a memory; and
  
  associate one or more security parameters, used to encrypt traffic sent via the tunnel, with the tunnel identifier.
- View Dependent Claims (57, 58, 59, 60, 61)
- - 57. The device of claim 56, where, when establishing the tunnel, the one or more processors are further to:
    - transmit a message from the device in a path along the tunnel informing another device, at an end of the tunnel, of an address of the device.
  - 58. The device of claim 56, where the tunnel includes a virtual private network (VPN) tunnel.
  - 59. The device of claim 56, where the one or more processors are further to:
    - determine that the tunnel has been broken; and
      
      mark an entry of the memory, corresponding to the broken tunnel, as disabled.
  - 60. The device of claim 59, where the one or more processors are further to:
    - determine that the broken tunnel has been established; and
      
      mark the entry of the memory, corresponding to the re-established tunnel, as enabled.
  - 61. The device of claim 59, where, when marking the entry of the memory as disabled, the one or more processors are further to:
    - set a disabled flag associated with the entry.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Juniper Networks Incorporated
Original Assignee
Juniper Networks Incorporated
Inventors
LIU, Changming, CHENG, Yonghui, SHIEH, Choung-Yaw

Application Number

US13/369,735
Publication Number

US 20120137358A1
Time in Patent Office

Days
Field of Search
US Class Current

726/15
CPC Class Codes

H04L 12/4633   Interconnection of networks...

H04L 45/00   Routing or path finding of ...

H04L 63/0272   Virtual private networks

H04L 63/20   for managing network securi...

H04L 9/40   Network security protocols

POINT-TO-MULTI-POINT/NON-BROADCASTING MULTI-ACCESS VPN TUNNELS

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

61 Claims

Specification

Solutions

Use Cases

Quick Links

POINT-TO-MULTI-POINT/NON-BROADCASTING MULTI-ACCESS VPN TUNNELS

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

61 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links