Default internet traffic and transparent passthrough
First Claim
Patent Images
1. A method for routing a packet sent from a user to the Internet, said user connected to a private network, including:
- extracting a source network address from the packet;
using said source network address to retrieve a user profile for the user;
examining said user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet;
routing said packet according to said user profile;
determining if the user has logged on to a gateway;
examining a global flag rather than a user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet if the user has not logged on to the gateway; and
routing said packet according to said global flag rather than according to a user profile if the user has not logged on to the gateway.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for routing packets sent from a user to the internet is provided for systems in which the user is connected to a private network. The method includes: extracting a source network address from the packet; using said source network address to retrieve a user profile for the user; examining said user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet; and routing said packet according to said profile. This allows a user or network provider to choose whether to route packets destined for the Internet directly to the Internet rather than through the private network, thus preventing excessive network traffic on the private network.
-
Citations
28 Claims
-
1. A method for routing a packet sent from a user to the Internet, said user connected to a private network, including:
-
extracting a source network address from the packet;
using said source network address to retrieve a user profile for the user;
examining said user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet;
routing said packet according to said user profile;
determining if the user has logged on to a gateway;
examining a global flag rather than a user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet if the user has not logged on to the gateway; and
routing said packet according to said global flag rather than according to a user profile if the user has not logged on to the gateway.
-
-
2. A method for routing a packet sent from a user to the Internet, the user having a connection to a gateway and said gateway having separate connections to a private network and to the Internet, including:
-
extracting a source network address from the packet;
using said source network address to retrieve a user profile for the user;
examining said user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet;
routing said packet according to said user profile;
determining if the user has logged on the gateway;
examining a global flag rather than a user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet if the user has not logged on to the gateway; and
routing said packet according to said global flag rather than according to a user profile if the user has not logged on to the gateway.
-
-
3. A gateway for routing a packet sent from a user to the Internet, said user connected to a private network, including:
-
a source network address extractor;
one or more user profiles;
a user profile retriever coupled to said source network address extractor and couples to said one or more user profiles;
a user profile examiner coupled to said user profile retriever; and
a router coupled to said user profile examiner, said router further coupled directly to a private network if said user profile corresponding to the user indicates that packets destined for the Internet should pass through said private network, said router further coupled directly to the Internet if said user profile corresponding to the user indicates that packets destined for the Internet should be routed directly to the Internet. - View Dependent Claims (4, 5, 6, 7)
a global flag; and
a global flag examiner coupled to said global flag, said router coupled to said global flag examiner if the user has not logged on to the gateway, said router further coupled directly to a private network if the user has not logged on to the gateway and if said global flag indicates that packets destined for the Internet should pass through said private network, said router further coupled directly to the Internet if the user has not logged on to the gateway and if said global flag indicates that packets destined for the Internet should be routed directly to the Internet.
-
-
7. The gateway of claim 3, wherein said one or more user profiles are retrieved from an authentication server.
-
8. A gateway for routing a packet sent from a user to the Internet, the user having a connection to the gateway and the gateway having separate connections to a private network and to the Internet, including:
-
a source network address extractor;
one or more user profiles;
a user profile retriever coupled to said source network address extractor and coupled to said one or more user profiles;
a user profile examiner coupled to said user profile retriever; and
a router coupled to said user profile examiner, said router further coupled directly to a private network if said user profile corresponding to the user indicates that packets destined for the Internet should pass through said private network, said router further coupled directly to the Internet if said user profile corresponding to the user indicates that packets destined for the Internet should be routed directly to the Internet. - View Dependent Claims (9, 10, 11, 12)
a global flag; and
a global flag examiner coupled to said global flag, said router coupled to said global flag examiner if the user has not logged on to the gateway, said router further coupled directly to a private network if the user has not logged on to the gateway and if said global flag indicates that packets destined for the Internet should pass through said private network, said router further coupled directly to the Internet if the user has not logged on to the gateway and if said global flag indicates that packets destined for the Internet should be routed directly to the Internet.
-
-
12. the gateway of claim 8, wherein said one or more user profiles are retrieved from an authentication server.
-
13. A program storage device readable b a machine, tangibly embodying a program of instructions executable by the machine to perform a method for routing a packet sent from a user to the Internet, the user connected to a private network, said method comprising:
-
extracting a source network address from the packet;
using said source network address to retrieve a user profile for the user;
examining said user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet;
routing said packet according to said user profile;
determining if the user has logged on to a gateway;
examining a global flag rather than a user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet if the user has not logged on the gateway; and
routing said packet according to said global flag rather than according to a user profile if the user has not logged on to the gateway. - View Dependent Claims (14)
-
-
15. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform a method for routing a packet sent from a user to the Internet, the user having a connection to a gateway and the gateway having separate connections to a private network and to the Internet, said method comprising:
-
extracting a source network address from the packet;
using said source network address to retrieve a user profile for the user;
examining said user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet;
routing said packet according to said user profile;
determining if the user has logged on to the gateway;
examining a global flag rather than a user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet if the user has not logged on to the gateway; and
routing said packet according to said global flag rather than according to a user profile if the user has not logged on to the gateway. - View Dependent Claims (16)
-
-
17. An apparatus for routing a packet sent from a user to the Internet, said user connected to a private network, the apparatus comprising:
-
means for extracting a source network address from the packet;
means for using said source network address to retrieve a user profile for the user;
means for examining said user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet;
means for routing said packet according to said user profile;
means for determining if the user has logged on to the apparatus;
means for examining a global flag rather than a user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet if the user has not logged on to the apparatus; and
means for routing said packet according to said global flag rather than according to a user profile if the user has not logged on to the apparatus.
-
-
18. An apparatus for routing a packet sent from a user to the Internet, the user having a connection to the apparatus and the apparatus having separate connection to a private network and to the Internet, the apparatus comprising:
-
means for extracting a source network address from the packet;
means for using said source network address to retrieve a user profile for the user;
means for examining said user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet;
means for routing said packet according to said user profile;
means for determining if the user has logged on to the apparatus;
means for examining a global flag rather than a user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet if the user has not logged on to the apparatus; and
means for routing said packet according to said global flag rather than according to a user profile if the user has not logged on the apparatus.
-
-
19. An apparatus for routing a packet sent from a user to the Internet, said user connected to a private network, the apparatus comprising:
-
means for extracting a source network address;
means for storing one or more user profiles;
means for retrieving a user profile, said user profile retrieving means coupled to said source network extracting means and coupled to said one or more user profile storing means;
means for examining a user profile coupled to said user profile retrieving means; and
means for routing coupled to said user profile examining means, said means for routing further coupled directly to a private network if said user profile corresponding to the user indicates that packets destined for the Internet should pass through said private network, said router further coupled directly to the Internet if said user profile corresponding to the user indicates that packets destined for the Internet should be routed directly to the Internet. - View Dependent Claims (20, 21, 22, 23)
means for storing a global flag value; and
means for examining said stored global flag value, said means for routing coupled to said global flag examining means if the user has not logged on to the apparatus, said means for routing further coupled directly to a private network if the user has not logged on to the apparatus and if said global flag value indicates that packets destined for the Internet should pass through said private network, said means for routing further coupled directly to the Internet if the user has not logged on to the apparatus and if said global flag value indicates that packets destined for the Internet should be routed directly to the Internet.
-
-
23. The apparatus of claim 19, wherein said one or more user profiles are retrieved from an authentication server.
-
24. An apparatus for routing a packet sent from a user to the Internet, the user having a connection to the apparatus and the apparatus having separate connections to a private network and to the Internet, the apparatus comprising:
-
means for extracting a source network address;
means for storing one or more user profiles;
means for retrieving a user profile coupled to said source network address extracting means and coupled to said one or more user profile storing means;
means for examining a user profile coupled to said user profile retrieving means; and
means for routing coupled to said user profile examining means, said routing means further coupled directly to a private network if said user profile corresponding to the user indicates that packets destined for the Internet should pass through said private network, said routing means further coupled directly to the Internet if said profile corresponding to the user indicates that packets destined for the Internet should be routed directly to the Internet. - View Dependent Claims (25, 26, 27, 28)
means for storing a global flag value;
means for examining a global flag value coupled to said global flag value storing means, said routing means coupled to said global flag examining means if the user has not logged on to the apparatus, said routing means further coupled directly to a private network if the user has not logged on to the apparatus and if said global flag storing means indicates that packets destined for the Internet should pass through said private network, said routing means further coupled directly to the Internet if the user has not logged on to the apparatus and is said global flag storing means indicates that packets destined for the Internet should be routed directly to the Internet.
-
-
28. The apparatus of claim 24, wherein said one or more user profiles are retrieved from an authentication server.
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeCisco Technology, Inc. (Cisco Systems, Inc.)
-
Original AssigneeCisco Technology, Inc. (Cisco Systems, Inc.)
-
InventorsChu, Jie, Dos Santos, Maria Alice, Zhang, Shujin
-
Primary Examiner(s)Yao, Kwang Bin
-
Assistant Examiner(s)JONES, PRENELL P
-
Application NumberUS09/223,243Time in Patent Office1,434 DaysField of Search370/401, 370/352, 370/389-395, 370/471, 370/230, 370/257, 379/90.01, 379/93.07, 379/115.01, 379/88.17, 705/9, 705/8, 707/9, 709/245-250, 709/223-230, 713/200, 713/188US Class Current370/401CPC Class CodesH04L 45/00 Routing or path finding of ...H04L 45/308 Route determination based o...H04L 47/10 Flow control; Congestion co...H04L 47/20 Traffic policingH04L 69/16 Implementation or adaptatio...H04L 69/161 Implementation details of T...H04L 69/165 Combined use of TCP and UDP...H04L 69/169 Special adaptations of TCP,...
