Method and device for tunnel switching
First Claim
Patent Images
1. A method of consolidating control of a tunnel connection from an originating user to a destination without specifically requiring the originating user to provide a destination address comprising the steps of:
- receiving an incoming tunnel connection via L2TP from the originating user;
identifying the destination address according to the originating user and independent of specifically requiring address information from the originating user;
determining whether a switched tunnel connection needs to be made to the destination in accordance with information relating to the originating user; and
intelligently initiating a switched tunnel connection via L2TP for switching traffic from the incoming tunnel connection to the destination over the switched tunnel connection.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and device for providing switched tunnel connections from a user to a destination or a multiple number of destinations. Tunnels are switched from a user to a destination by receiving an incoming tunnel connection from the user and initiating a switched tunnel connection to the destination. Traffic from the incoming tunnel is switched to the destination over the switched tunnel. A disclosed embodiment uses user information to determine the switching of the tunnel to implement security access to a tunnel destination, load balancing among destination resources, and bundling of tunnel sessions to implement high bandwidth transmission.
-
Citations
16 Claims
-
1. A method of consolidating control of a tunnel connection from an originating user to a destination without specifically requiring the originating user to provide a destination address comprising the steps of:
-
receiving an incoming tunnel connection via L2TP from the originating user;
identifying the destination address according to the originating user and independent of specifically requiring address information from the originating user;
determining whether a switched tunnel connection needs to be made to the destination in accordance with information relating to the originating user; and
intelligently initiating a switched tunnel connection via L2TP for switching traffic from the incoming tunnel connection to the destination over the switched tunnel connection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 12, 13, 14, 15, 16)
providing a database of information relating to users originating incoming tunnel connections; and
querying the database to obtain information relating to the users.
-
-
3. The method of claim 2 wherein the step of querying the database comprises verifying the permission of the user to determine whether the user should be switched to the destination.
-
4. The method of claim 3 further comprising the step of denying access to the destination if the user does not have the proper permission to access the destination.
-
5. The method of claim 1 wherein the determining step further comprises translating a destination address to switch the switched tunnel connection to the destination.
-
6. The method of claim 1 further comprising the step of intelligently switching the switched tunnel connection to a destination having a multiple number of access points.
-
7. The method of claim 6 wherein the intelligently switching step is in accordance with a traffic load on the multiple number of access points of the destination.
-
8. The method of claim 6 wherein the intelligently switching step is in accordance with a round robin selection among the multiple number of access points of the destination.
-
9. The method of claim 6 further comprising the steps of:
-
checking whether the user originating the incoming tunnel connection already has switched tunnel connection to the destination; and
using the switched tunnel connection to the destination if the user already has a switched tunnel connection.
-
-
10. The method of claim 1 further comprising a computer readable medium having stored therein instructions for causing a processor to executes the steps of the method.
-
12. The device of claim 10 wherein the switching process intelligently switches the switched tunnel traffic to a destination having a multiple number of tunnel access points to balance the traffic load across the multiple number of tunnel access points.
-
13. The device of claim 12 wherein the switching process switches the switched tunnel traffic to round robin among the multiple number of tunnel access points.
-
14. The device of claim 12 wherein the switching process switches the switched tunnel traffic to one of the multiple number of tunnel access points of the destination according to the traffic load on the multiple number of tunnel access points.
-
15. The device of claim 12 wherein the switching process switches the switched tunnel address according to whether the user already has a tunnel session, wherein if the user already has the tunnel session, the switched tunnel traffic uses the tunnel session.
-
16. The device of claim 10 wherein the dispatch process verifies the permission level of the user before allowing access to the destination.
-
11. A tunnel switch device for establishing a tunnel connection from a user to a destination comprising:
-
a termination process for terminating an incoming tunnel connection, wherein the termination process receives incoming tunnel connections via L2TP;
a dispatch process in communication with the termination process for determining whether a switched tunnel connection needs to be made without specifically requiring a destination address from the user, wherein the dispatch process implements security authentication, thereby reducing the number of security identifiers needed to provide access security to the destination;
an initiation process for initiating a switched tunnel connection for switching incoming tunnel traffic to the destination in accordance with the dispatch process; and
a switching process for intelligently switching via L2TP the incoming tunnel connection to the switched tunnel connection to access the destination in accordance with the dispatch process and information maintained therein.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeHewlett-Packard Development Company, L.P. (HP Inc.)
-
Original Assignee3Com Corporation (HP Inc.)
-
InventorsCalhoun, Patrice R.
-
Primary Examiner(s)Rinehart, Mark H.
-
Assistant Examiner(s)Thompson, Marc D.
-
Application NumberUS09/484,647Time in Patent Office994 DaysField of Search709/203, 709/206, 709/217, 709/218, 709/219, 709/227, 709/223, 709/236, 709/249, 709/200, 709/201, 709/228, 709/229, 709/225, 370/313, 370/285, 370/352, 370/353, 370/355, 370/389, 370/397, 370/399, 370/401, 370/409, 370/465, 370/469, 713/201US Class Current709/227CPC Class CodesH04L 12/2856 Access arrangements, e.g. I...H04L 12/2859 Point-to-point connection b...H04L 12/2874 Processing of data for dist...H04L 12/2898 Subscriber equipments DSL m...H04L 12/4633 Interconnection of networks...H04L 63/0272 Virtual private networksH04L 63/08 for authentication of entit...
