Internet protocol virtual private network realization using multi-protocol label switching tunnels
First Claim
1. A virtual private network (VPN) which enables private communications over a shared Multi-Protocol Label Switched (MPLS) network, between at least two private networks, comprising:
- a plurality of routers in communication with the shared MPLS network and configured to dynamically distribute VPN information across the shared MPLS network, wherein said VPN information distributed by a particular one of said plurality of routers includes a VPN identifier assigned to said particular one of said plurality of routers, which identifies a VPN which said particular one of said plurality of routers is associated with;
a first table, stored in one of said plurality of routers, of label switched paths from said one of said plurality of routers to a remainder of said plurality of routers;
a second table, stored in said one of said plurality of routers, of nested label switched paths from said one of said plurality of routers to a remainder of said plurality of routers which share a common VPN identifier.
15 Assignments
0 Petitions
Accused Products
Abstract
A virtual private network enables private communications between two or more private networks over a shared MPLS network. The virtual private network disclosed, includes multiple routers connected to the shared MPLS network and configured to dynamically distribute VPN information across the shared MPLS network. The VPN information distributed by a router includes a VPN identifier assigned to that router, which identifies a VPN with which that router is associated. The router includes a first table which stores a map of the label switched paths from the router in question to all other routers connected to the shared MPLS network. The router also includes a second table which stores a map of label switched paths from the router in question to all other routers connected to the shared MPLS network which share a common VPN identifier.
323 Citations
26 Claims
-
1. A virtual private network (VPN) which enables private communications over a shared Multi-Protocol Label Switched (MPLS) network, between at least two private networks, comprising:
-
a plurality of routers in communication with the shared MPLS network and configured to dynamically distribute VPN information across the shared MPLS network, wherein said VPN information distributed by a particular one of said plurality of routers includes a VPN identifier assigned to said particular one of said plurality of routers, which identifies a VPN which said particular one of said plurality of routers is associated with;
a first table, stored in one of said plurality of routers, of label switched paths from said one of said plurality of routers to a remainder of said plurality of routers;
a second table, stored in said one of said plurality of routers, of nested label switched paths from said one of said plurality of routers to a remainder of said plurality of routers which share a common VPN identifier. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
a third table, stored in another of said plurality of routers, of label switched paths from said another of said plurality of routers to all others of said plurality of routers; and
,a fourth table, stored in said another of said plurality of routers, of nested label switched paths from said another of said plurality of routers to all others of said plurality of routers which share a common VPN identifier.
-
-
3. The virtual private network according to claim 2 wherein said second and fourth tables are formed using a Label Distribution Protocol to determine said nested label switched paths.
-
4. The virtual private network according to claim 2 wherein:
-
said one of said plurality of routers and said other of said plurality of routers are assigned a common VPN identifier;
said second table includes a nested label switch path from said one of said plurality of routers to said another of said plurality of routers; and
said fourth table includes a nested label switch path from said another of said plurality of routers to said one of said plurality of routers.
-
-
5. The virtual private network according to claim 4 further comprising at least one core label switched router coupled between said one and another of said plurality of routers and configured to transport communications between said one and another of said plurality of routers.
-
6. The virtual private network according to claim 2 further comprising:
-
another MPLS network in communication with said shared MPLS network;
another plurality of routers in communication with said another MPLS network and configured to dynamically distribute said VPN information across said another MPLS network, wherein said another plurality of routers includes said another of said plurality of routers;
a fifth table, stored in said another of said plurality of routers, of label switched paths from said another of said plurality of routers to a remainder of said another plurality of routers; and
,a sixth table, stored in said another of said plurality of routers, of nested label switched paths from said another of said plurality of routers to a remainder of said another plurality of routers which share a common VPN identifier.
-
-
7. The virtual private network according to claim 6 further comprising:
-
a seventh table, stored in one of said another plurality of routers, of label switched paths from said one of said another plurality of routers to all others of said another plurality of routers; and
,an eighth table, stored in said one of said another plurality of routers, of nested label switched paths from said one of said another plurality of routers to all others of said another plurality of routers which share a common VPN identifier.
-
-
8. The virtual private network according to claim 7 wherein said sixth and eighth tables are formed using said Label Distribution Protocol to determine said nested label switched paths.
-
9. The virtual private network according to claim 7 wherein:
-
said one of said plurality of routers includes a first private router; and
,said another of said plurality of routers includes a second private router.
-
-
10. The virtual private network according to claim 2 wherein at least one of said plurality of routers is a virtual router.
-
11. A virtual private network (VPN) which enables private communications over a shared Multi-Protocol Label Switched (MPLS) network, between at least two private networks, comprising:
-
router means in communication with the shared MPLS network for routing VPN information across the shared MPLS network, wherein said VPN information includes a VPN identifier assigned to said router means, which identifies a VPN which said router means is associated with;
a first table, stored in said router means, of all label switched paths across the shared MPLS network; and
,a second table, stored in said router means, of nested label switched paths from a portion of said router means which is configured to communicate with one of the at least two private networks to another portion of said router means which is configured to communicate with another of the at least two private networks. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
a third table, stored in said router means, of all label switched paths across the shared MPLS network; and
a fourth table, stored in said router means, of nested label switched paths from said another portion of said router means to said portion of said router means.
-
-
13. The virtual private network according to claim 12 wherein said second and fourth tables are formed using a Label Distribution Protocol to determine said nested label switched paths.
-
14. The virtual private network according to claim 12 wherein said router means comprises:
a first router, a second router and at least one core label switched router in communication with said first and second routers and configured to transport communications therebetween.
-
15. The virtual private network according to claim 14 further comprising:
-
another MPLS network in communication with said shared MPLS network;
second router means in communication with said another MPLS network for distributing said VPN information across said another MPLS network, wherein said second router means includes said second router and a third router;
a fifth table, stored in said second router, of all label switched paths across said another MPLS network; and
,a sixth table, stored in said second router of nested label switched paths from said second router to said third router.
-
-
16. The virtual private network according to claim 15 further comprising:
-
a seventh table, stored in said third router, of all label switched paths from said third router across said another MPLS network;
an eighth table, stored in said third router, of nested label switched paths from said third router to said second router.
-
-
17. The virtual private network according to claim 16 wherein said sixth and eighth tables are formed using a Label Distribution Protocol to determine said nested label switched paths.
-
18. The virtual private network according to claim 11 wherein said router means includes at least one virtual router.
-
19. A method of configuring virtual private networks over a shared MPLS network comprising:
-
configuring a shared MPLS network including at least two routers in communication therewith;
determining first information about all label switched paths between a first of said at least two routers and all others of said at least two routers, wherein said all others of said at least two routers includes a second router;
storing said first information in said first router;
assigning a common VPN identifier to said first and second routers;
determining second information about all label switched paths between said second router and all remaining of said at least two routers, wherein said first router is a member of said all remaining of said at least two routers;
storing said second information in said second router;
determining third information about all nested label switched paths between said first router and all others of said at least two routers which are assigned said common VPN identifier;
storing said third information in said first router;
determining fourth information about all nested label switched paths between said second router and all remaining of said at least two routers which are assigned said common VPN identifier;
storing said fourth information in said second router. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
partitioning said MPLS network into a plurality of network areas;
wherein said at least two routers are in communication with one of said areas;
wherein a plurality of routers are in communication with another of said plurality of network areas;
wherein at least two of said network areas are in communication through said second router;
determining fifth information about all label switched paths between said second router and all others of said plurality of routers, wherein said all others of said plurality of routers includes a third router;
storing said fifth information in said second router;
assigning said common VPN identifier to said third router;
determining sixth information about all nested label switched paths between said second router and all others of said plurality of routers which are assigned said common VPN identifier;
storing said sixth information in said second router;
communicating said sixth information from said second router to said first router;
storing said sixth information in said first router.
-
-
22. The method of configuring virtual private networks according to claim 21 further comprising:
-
determining seventh information about all label switched paths between said third router and all remaining of said plurality of routers, wherein said all others of said plurality of routers includes said second router;
storing said seventh information in said third router;
determining eighth information about all nested label switched paths between said third router and all remaining of said plurality of routers which are assigned said common VPN identifier;
storing said eighth information in said third router.
-
-
23. The method of configuring virtual private networks according to claim 22 wherein said determining said sixth and eighth information is performed using a Label Distribution Protocol.
-
24. The method of configuring virtual private networks in accordance with claim 22 further comprising:
-
creating a link between a first private network router and said first router;
creating a link between a second private network router and said third router;
transmitting an IP packet from said first private network router to said second private network router including;
transmitting said IP packet from said first private network router to said first router across said link therebetween;
said first router pushing a label from said third information onto said IP packet when said first router receives said IP packet;
after pushing a label from said second information onto said IP packet, pushing a label from said first information onto said IP packet; and
forwarding said labeled IP packet to said second router;
said second router replacing said label from said second information with a label from said sixth information; and
,forwarding said IP packet towards said third router.
-
-
25. The method of configuring virtual private networks in accordance with claim 24 further comprising:
-
at least one core label switched router coupled between said first and second routers which replaces said label from said second information with a different label; and
,wherein the second router replaces the different label with said label from said sixth information.
-
-
26. The method of configuring virtual private networks in accordance with claim 19 further comprising:
-
creating a link between a first private network router and said first router;
creating a link between a second private network router and said second router;
transmitting an IP packet from said first private network router to said second private network router including;
transmitting said IP packet from said first private network router to said first router across said link therebetween;
said first router pushing a label from said third information onto said IP packet when said first router receives said IP packet;
after pushing a label from said third information onto said IP packet, pushing a label from said first information onto said IP packet; and
forwarding said labeled IP packet.
-
Specification