Virtual private network
First Claim
1. A packet-based network for providing virtual private networks, each virtual private network carrying traffic associated with a particular customer of the packet-based network, the traffic including packets for transmission via the packet-based network, the packet-based network comprising:
- a plurality of network elements, each being interconnected to at least one other network element by a physical path;
a plurality of customer premises equipment, each being interconnected to a network element by a physical path;
at least one virtual path, each being a logical connection between two virtual path terminators;
at least one virtual circuit, each being a logical connection established between two virtual circuit terminators, wherein packets are transmitted by said virtual circuits between the virtual circuit terminators;
wherein the virtual private network includes a collection of packet-based network resources including respective network elements, customer premises equipment, virtual paths and corresponding virtual circuits, the collection of packet-based network resources making up the virtual private network providing a level of service to the traffic associated with the particular customer of the packet-based network which is independent of all other traffic on the packet-based network which is outside of the virtual private network'"'"'s logical domain; and
identification means contained in the packets of a respective customer having a virtual private network for identifying the respective virtual circuits and virtual paths used by the virtual private network to which the packets are associated.
4 Assignments
0 Petitions
Accused Products
Abstract
In a packet switching (packet-based) network, such as a frame relay (FR) network, which includes network resources made up of networked elements and customer premises equipment interconnected by one or more physical paths, a Virtual Private Network (VPN) is built above the underlying packet-based network and includes selected portions of the packet-based network resources. The VPN is a collection of logical nodes and virtual paths (VPs) and includes one or more virtual circuits (VCs), each VC being a logical connection between VC terminators including network elements and customer premises equipment. Segments of the VCs are carried by VPs, each VP being a logical connection established between two VP terminators which are located in either network elements or customer premises equipment. One or more VPs are multiplexed on a physical path (PP). Each VP is allocated a positive guaranteed bandwidth (VP-CIR), and each VC on a VP is also allocated a bandwidth (VC-CIR) greater than or equal to zero. Packets of information to be transmitted over a VC are provided with a unique address field to thereby identify the VCs and VPs associated with the VPN over which the packet of information will travel. Congestion control of the network is provided such that congestion control and management are carried out on a per VPN basis, and congestion outside of a VPN'"'"'s logical domain does not affect the performance of the VPN.
-
Citations
27 Claims
-
1. A packet-based network for providing virtual private networks, each virtual private network carrying traffic associated with a particular customer of the packet-based network, the traffic including packets for transmission via the packet-based network, the packet-based network comprising:
-
a plurality of network elements, each being interconnected to at least one other network element by a physical path; a plurality of customer premises equipment, each being interconnected to a network element by a physical path; at least one virtual path, each being a logical connection between two virtual path terminators; at least one virtual circuit, each being a logical connection established between two virtual circuit terminators, wherein packets are transmitted by said virtual circuits between the virtual circuit terminators; wherein the virtual private network includes a collection of packet-based network resources including respective network elements, customer premises equipment, virtual paths and corresponding virtual circuits, the collection of packet-based network resources making up the virtual private network providing a level of service to the traffic associated with the particular customer of the packet-based network which is independent of all other traffic on the packet-based network which is outside of the virtual private network'"'"'s logical domain; and identification means contained in the packets of a respective customer having a virtual private network for identifying the respective virtual circuits and virtual paths used by the virtual private network to which the packets are associated. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A packet-based network for providing virtual private networks, each virtual private network carrying traffic associated with a particular customer of the packet-based network, the traffic including packets for transmission via the packet-based network, the packet-based network comprising:
-
a plurality of network elements, each being interconnected to at least one other network element by a physical path; a plurality of customer premises equipment, each being interconnected to a network element by a physical path; at least one virtual path, each being a logical connection between two virtual path terminators; at least one virtual circuit, each being a logical connection established between two virtual circuit terminators, wherein packets are transmitted by said virtual circuits between the virtual circuit terminators; wherein the virtual private network includes a collection of packet-based network resources including respective network elements, customer premises equipment, virtual paths and corresponding virtual circuits; identification means contained in the packets of a respective customer having a virtual private network for identifying the respective virtual circuits and virtual paths used by the virtual private network to which the packets are associated; and wherein each virtual path on a physical path of the network is allocated a respective positive guaranteed bandwidth, and wherein when congestion occurs on a physical path, only a virtual path using bandwidth greater than the respective positive guaranteed bandwidth is required to reduce submission rate of packets onto the network. - View Dependent Claims (10, 11)
-
-
12. A packet-based network for providing virtual private networks, each virtual private network carrying traffic associated with a particular customer of the packet-based network, the traffic including packets for transmission via the packet-based network, the packet-based network comprising:
-
a plurality of network elements, each being interconnected to at least one other network element by a physical path; a plurality of customer premises equipment, each being interconnected to a network element by a physical path; at least one virtual path, each being a logical connection between two virtual path terminators; at least one virtual circuit, each being a logical connection established between two virtual circuit terminators, wherein packets are transmitted by said virtual circuits between the virtual circuit terminators; wherein the virtual private network includes a collection of packet-based network resources including respective network elements, customer premises equipment, virtual paths and corresponding virtual circuits; identification means contained in the packets of a respective customer having a virtual private network for identifying the respective virtual circuits and virtual paths used by the virtual private network to which the packets are associated; and means for establishing a virtual path within the packet-based network locally at each network element traversed by the virtual path, said means for establishing a virtual path including; means for identifying an outgoing physical path from a network element with available bandwidth to support a guaranteed bandwidth of the virtual path and able to support a number of virtual circuits carried by the virtual path; means for reserving resources on the physical paths, the reserved resources being indicative of the virtual path bandwidth and number of virtual circuits carried by the virtual path; and means for updating a connection table in the network element by mapping incoming virtual circuits and virtual paths to respective outgoing virtual circuits and virtual paths. - View Dependent Claims (13, 14)
-
-
15. A packet-based network for providing virtual private networks, each virtual private network carrying traffic associated with a particular customer of the packet-based network, the traffic including packets for transmission via the packet-based network, the packet-based network comprising:
-
a plurality of network elements, each being interconnected to at least one other network element by a physical path; a plurality of customer premises equipment, each being interconnected to a network element by a physical path; at least one virtual path, each being a logical connection between two virtual path terminators; at least one virtual circuit, each being a logical connection established between two virtual circuit terminators, wherein packets are transmitted by said virtual circuits between the virtual circuit terminators; wherein the virtual private network includes a collection of packet-based network resources including respective network elements, customer premises equipment, virtual paths and corresponding virtual circuits; identification means contained in the packets of a respective customer having a virtual private network for identifying the respective virtual circuits and virtual paths used by the virtual private network to which the packets are associated, and a physical service access point for each respective physical path which multiplexes all packets to be transmitted on the respective physical path, the physical service access point including a physical path queue which is served at a physical path rate, the physical path queue being shared by all virtual paths multiplexed on to the respective physical path. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
-
-
23. A packet-based network for providing virtual private networks, each virtual private network carrying traffic associated with a particular customer of the packet-based network, the traffic including packets for transmission via the packet-based network, the packet-based network comprising:
-
a plurality of network elements, each being interconnected to at least one other network element by a physical path; a plurality of customer premises equipment, each being interconnected to a network element by a physical path; at least one virtual path, each being a logical connection between two virtual path terminators; at least one virtual circuit, each being a logical connection established between two virtual circuit terminators, wherein packets are transmitted by said virtual circuits between the virtual circuit terminators; wherein the virtual private network includes a collection of Racket-based network resources including respective network elements, customer premises equipment, virtual paths and corresponding virtual circuits; identification means contained in the packets of a respective customer having a virtual private network for identifying the respective virtual circuits and virtual paths used by the virtual private network to which the packets are associated; and wherein a pseudo virtual path is provided on each physical path to carry traffic not associated with a virtual private network. - View Dependent Claims (24, 25, 26)
-
-
27. A packet-based network for providing virtual private networks, each virtual private network carrying traffic associated with a particular customer of the packet-based network, the traffic including packets for transmission via the packet-based network, the packet-based network comprising:
-
a plurality of network elements, each being interconnected to at least one other network element by a physical path; a plurality of customer premises equipment, each being interconnected to a network element by a physical path; at least one virtual path, each being a logical connection between two virtual path terminators; at least one virtual circuit, each being a logical connection established between two virtual circuit terminators, wherein packets are transmitted by said virtual circuits between the virtual circuit terminators; wherein the virtual private network includes a collection of packet-based network resources including respective network elements, customer premises equipment, virtual paths and corresponding virtual circuits, identification means contained in the packets of a respective customer having a virtual private network for identifying the respective virtual circuits and virtual paths used by the virtual private network to which the packets are associated; a general network control center (GNCC) for controlling the packet-based network; at least one virtual private network control center (VNCC), each respective VNCC being associated with a corresponding virtual private network; and mediation means located between the GNCC and each respective VNCC for enabling communications therebetween; wherein for communication from the GNCC to the respective VNCC said mediation means filters messages received from the packet-based network to ensure that GNCC messages are properly formatted for the respective VNCC and passes to the respective VNCC only those messages which pertain to traffic of the corresponding virtual private network; and wherein for communication from the respective VNCC to the GNCC said mediation means screens VNCC messages to ensure the VNCC messages are properly formatted for the GNCC and to ensure that the VNCC messages are restricted to the packet-based network resources assigned to the corresponding virtual private network.
-
Specification