Virtual network architecture for connectionless LAN backbone
First Claim
1. For a network including a set of local area net-work (LAN) segments, a backbone path, and a plurality of edge devices interconnecting the set of LAN segments with the backbone path, and in which nodes on respective LAN segments in the set are members of logical networks defined in layer three or higher, a method for managing traffic in the network, comprising:
- detecting in response to a medium access control MAC address of a packet received at an edge device, a multi-destination packet originating from a particular LAN segment;
determining the logical network of the multi-destination packet;
translating the multi-destination packet to a plurality of tunneled messages carrying information from the multi-destination packet;
forwarding across the backbone path the plurality of tunneled messages to edge devices;
supplying the multi-destination packet in response to the tunneled messages from the edge devices receiving the directed messages to LAN segments through which nodes authorized to receive multi-destination packets from members of the determined logical network are accessible, except for the particular LAN segment on which the multi-destination packet originated; and
automatically learning members of logical networks in response to multi-destination packets;
wherein the backbone path includes a connectionless network.
5 Assignments
0 Petitions
Accused Products
Abstract
Network traffic management is achieved based on automatically setting up a plurality of virtual networks (VNETs) within a single large virtual LAN. Multicast/broadcast traffic is confined to the VNET of the source, without imposing constraints on layer two addressing within the virtual LAN. VNETs are domains of users of a virtual LAN which include members of logical networks defined at layer three or higher. One method includes transferring a multi-destination packet originating from a particular node in the virtual LAN by tunnelling across a connectionless backbone network to a virtual net server. The virtual net server translates the multi-destination packet to a plurality of tunneled messages identifying nodes authorized to receive multi-destination packets from members of the particular VNET which originated the packet. The tunneled messages are then forwarded from the virtual net server to the authorized nodes.
This way, multi-destination packets, such as advertisement or discovery packets, are confined to a single VNET. By confining the multi-destination packets to a single VNET, unicast packets generated within the virtual LAN are then also naturally confined to that VNET.
-
Citations
22 Claims
-
1. For a network including a set of local area net-work (LAN) segments, a backbone path, and a plurality of edge devices interconnecting the set of LAN segments with the backbone path, and in which nodes on respective LAN segments in the set are members of logical networks defined in layer three or higher, a method for managing traffic in the network, comprising:
-
detecting in response to a medium access control MAC address of a packet received at an edge device, a multi-destination packet originating from a particular LAN segment; determining the logical network of the multi-destination packet; translating the multi-destination packet to a plurality of tunneled messages carrying information from the multi-destination packet; forwarding across the backbone path the plurality of tunneled messages to edge devices; supplying the multi-destination packet in response to the tunneled messages from the edge devices receiving the directed messages to LAN segments through which nodes authorized to receive multi-destination packets from members of the determined logical network are accessible, except for the particular LAN segment on which the multi-destination packet originated; and automatically learning members of logical networks in response to multi-destination packets; wherein the backbone path includes a connectionless network. - View Dependent Claims (2, 3, 4, 5)
-
-
6. For a network including a set of local area network (LAN) segments, a connectionless LAN backbone path, and a plurality of edge devices interconnecting the plurality of LAN segments with the backbone path, and in which nodes on respective LAN segments in the set are members of logical networks defined in layer three or higher, a method for managing traffic in the network, comprising:
-
detecting in an edge device on an originating LAN segment, a multi-destination packet intended for members of a particular logical network, in response to a medium access control MAC address in the multi-destination packet; producing in response to the detected multi-destination packet, a plurality of directed messages for nodes authorized to receive multi-destination packets of the particular logical network; tunneling in the backbone path the plurality of directed messages to edge devices coupled to LAN segments through which the authorized nodes are accessible; supplying the multi-destination packet in response to the directed messages, from the edge devices receiving the directed messages, to LAN segments, other than the originating LAN segment, through which authorized nodes are accessible; in response to detected multi-destination packets, automatically configuring tunnel connections for each logical network to edge devices through which nodes intended to receive multi-destination packets of the logical network are accessible; and associating the plurality of directed messages with configured tunnel connections for the identified logical network. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
-
-
14. For a network including a set of local area network (LAN) segments, a connectionless LAN backbone path, and a plurality of edge devices interconnecting the plurality of LAN segments with the backbone path, and in which nodes on respective LAN segments in the set are members of logical networks defined in layer three or higher, a method for managing traffic in the network, comprising:
-
detecting in a first edge device on an originating LAN segment, a multi-destination packet intended for members of a particular logical network, in response to a medium access control MAC address in the multi-destination packet, the edge device having ports coupled to the originating LAN segment and at least one additional LAN segment in the set; first supplying the detected multi-destination packet out ports of the first edge device, other than the port coupled to the originating LAN segment, through which nodes authorized to receive messages from members of the particular logical network are accessible; encapsulating and forwarding from the first edge device, the multi-destination packet as a single destination packet on the backbone path to a server; producing in the server in response to the detected multi-destination packet, a plurality of directed messages for edge devices on the backbone path; encapsulating and forwarding in respective single destination packets on the backbone path the plurality of directed messages to edge devices coupled to LAN segments through which the authorized nodes are accessible; and second supplying the multi-destination packet in response to the directed messages, from edge devices receiving the directed messages, to LAN segments, other than LAN segments on the first edge device, through which authorized nodes are accessible. - View Dependent Claims (15, 16, 17)
-
-
18. For a network including a set of local area network (LAN) segments, a backbone path, and a plurality of edge devices interconnecting the set of LAN segments with the backbone path, the LAN segments interconnected as a virtual LAN, a server for managing traffic in the network, the server coupled to the backbone path, the server comprising:
-
resources on the server that receive a multidestination packet from an edge device, the multidestination packet having a multidestination address of a layer associated with a LAN; a decoder that determines a logical network of the multidestination packet in response to a network protocol of the multidestination packet, wherein the logical network has membership less than the virtual LAN; modules including modules associated with respective logical networks; and resources that pass the multidestination packet to a module among the modules, the module associated with the logical network, the module tunneling the multidestination packet to an agent on a particular edge device, on which the agent forwards the packet out ports from which members of the logical network can be reached. - View Dependent Claims (19, 20, 21, 22)
-
Specification