System, device, and method for supporting virtual private networks

US 6,614,791 B1
Filed: 05/11/1999
Issued: 09/02/2003
Est. Priority Date: 05/11/1999
Status: Active Grant

First Claim

Patent Images

1. A method for supporting multiple Virtual Private Networks in a Multi-Protocol Over ATM/Next Hop Resolution Protocol (MPOA/NHRP) communication system, the method comprising:

establishing a connection in the communication system;

using in-band signaling to designate the connection for a number of Virtual Private Networks; and

multiplexing packets from the multiple Virtual Private Networks over the connection.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, device, and method for supporting multiple virtual private networks in an MPOA/NHRP communication network involves encoding a Virtual Private Network (VPN) identifier in certain MPOA/NHRP control messages in order to associate those MPOA/NHRP control messages with a particular VPN, and using an in-band signaling technique to add/remove VPNs to/from a connection. Packets from multiple VPNs are multiplexed over the connection. Each packet is associated with a particular VPN. If packets do not inherently include information from which the VPN can be ascertained, then a VPN identifier is encoded in the packet. The VPN identifier may be encoded in the packet via a tagging mechanism, in which each VPN is associated with a unique tag, and a tag is included in each packet. The VPN identifier may alternatively be encoded in the packet by including the VPN identifier in the packet, for example, in a header (such as an LLC/SNAP header) within the packet.

Citations

50 Claims

1. A method for supporting multiple Virtual Private Networks in a Multi-Protocol Over ATM/Next Hop Resolution Protocol (MPOA/NHRP) communication system, the method comprising:
- establishing a connection in the communication system;
  
  using in-band signaling to designate the connection for a number of Virtual Private Networks; and
  
  multiplexing packets from the multiple Virtual Private Networks over the connection.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the act of using in-band signaling to designate the connection for a number of Virtual Private Networks comprises:
3. The method of claim 1, wherein the act of using in-band signaling to designate the connection for a number of Virtual Private Networks comprises:
- using in-band signaling to remove a Virtual Private Network from the connection.
4. The method of claim 1, wherein the act of multiplexing packets from the multiple Virtual Private Networks over the connection comprises:
- encoding a Virtual Private Network identifier in each packet.
5. The method of claim 4, wherein the act of encoding a Virtual Private Network identifier in each packet comprises:
- associating a unique tag with each of the multiple Virtual Private Networks;
  
  determining the Virtual Private Network for a packet; and
  
  including the corresponding tag in the packet.
6. The method of claim 4, wherein the act of encoding a Virtual Private Network identifier in each packet comprises:
- including the Virtual Private Network identifier in the packet.
7. The method of claim 6, wherein the act of including the Virtual Private Network identifier in the packet comprises:
- including the Virtual Private Network identifier in a header within the packet.
8. The method of claim 7, wherein the header comprises a Logical Link Control/SubNetwork Attachment Point (LLC/SNAP) header.

9. An apparatus for supporting multiple Virtual Private Networks in a Multi-Protocol Over ATM/Next Hop Resolution Protocol (MPOA/NHRP) communication system, the apparatus comprising:
- connection establishment logic operably coupled to establish a connection over the MPOA/NHRP communication system;
  
  in-band signaling logic operably coupled to use in-band signals to designate the connection for a number of Virtual Private Networks; and
  
  multiplexing logic operably coupled to multiplex packets from the number of Virtual Private Networks over the connection.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 10. The apparatus of claim 9, wherein the in-band signaling logic is operably coupled to send an in-band signal including a Virtual Private Network identifier identifying a Virtual Private Network to be added to the connection.
  - 11. The apparatus of claim 9, wherein the in-band signaling logic is operably coupled to send an in-band signal including a Virtual Private Network identifier identifying a Virtual Private Network to be removed from the connection.
  - 12. The apparatus of claim 9, wherein the multiplexing logic is operably coupled to encode a Virtual Private Network identifier in each packet.
  - 13. The apparatus of claim 12, further comprising a database mapping each Virtual Private Network to a unique tag corresponding to the Virtual Private Network.
  - 14. The apparatus of claim 13, wherein the multiplexing logic is operably coupled to receive a packet associated with a Virtual Private Network, retrieve the tag corresponding to the Virtual Private Network from the database, and insert the tag into the packet.
  - 15. The apparatus of claim 12, wherein the multiplexing logic is operably coupled to include the Virtual Private Network identifier in each packet.
  - 16. The apparatus of claim 15, wherein the multiplexing logic is operably coupled to include the Virtual Private Network identifier in a header within each packet.
  - 17. The apparatus of claim 16, wherein the header comprises a Logical Link Control/SubNetwork Attachment Point (LLC/SNAP) header.
  - 18. The apparatus of claim 9, wherein the in-band signaling logic is operably coupled to receive an in-band signal including a Virtual Private Network identifier identifying a Virtual Private Network to be added to the connection.
  - 19. The apparatus of claim 9, wherein the in-band signaling logic is operably coupled to receive an in-band signal including a Virtual Private Network identifier identifying a Virtual Private Network to be removed from the connection.
  - 20. The apparatus of claim 9, wherein the multiplexing logic is operably coupled to receive the packets over the connection and determine a Virtual Private Network for each packet.
  - 21. The apparatus of claim 20, wherein the multiplexing logic is operably coupled to determine the Virtual Private Network for each packet based upon inherent information within each packet.
  - 22. The apparatus of claim 20, wherein the multiplexing logic is operably coupled to determine the Virtual Private Network for each packet based upon a Virtual Private Network identifier encoded in each packet.
  - 23. The apparatus of claim 22, further comprising a database mapping each of a plurality of tags to a corresponding Virtual Private Network identifier.
  - 24. The apparatus of claim 23, wherein each packet includes a tag, and wherein the multiplexing logic is operably coupled to retrieve the Virtual Private Network identifier from the database based upon the tag.
  - 25. The apparatus of claim 22, wherein each packet includes a Virtual Private Network identifier, and wherein the multiplexing logic is operably coupled to extract the Virtual Private Network identifier from the packet.
  - 26. The apparatus of claim 25, wherein the Virtual Private Network identifier is included in a header within each packet.
  - 27. The apparatus of claim 26, wherein the header comprises a Logical Link Control/SubNetwork Attachment Point (LLC/SNAP) header.

28. A computer program product comprising a computer readable medium having embodied therein a computer program for supporting multiple Virtual Private Networks in a Multi-Protocol Over ATM/Next Hop Resolution Protocol (MPOA/NHRP) communication system, the computer program comprising:
- connection establishment logic programmed to establish a connection over the MPOA/NHRP communication system;
  
  in-band signaling logic programmed to use in-band signals to designate the connection for a number of Virtual Private Networks; and
  
  multiplexing logic programmed to multiplex packets from the number of Virtual Private Networks over the connection.
- View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
- - 29. The computer program product of claim 28, wherein the in-band signaling logic is programmed to send an in-band signal including a Virtual Private Network identifier identifying a Virtual Private Network to be added to the connection.
  - 30. The computer program product of claim 28, wherein the in-band signaling logic is programmed to send an in-band signal including a Virtual Private Network identifier identifying a Virtual Private Network to be removed from the connection.
  - 31. The computer program product of claim 28, wherein the multiplexing logic is programmed to encode a Virtual Private Network identifier in each packet.
  - 32. The computer program product of claim 31, wherein the multiplexing logic is operably coupled to a database mapping each Virtual Private Network to a unique tag corresponding to the Virtual Private Network.
  - 33. The computer program product of claim 32, wherein the multiplexing logic is programmed to receive a packet associated with a Virtual Private Network, retrieve the tag corresponding to the Virtual Private Network from the database, and insert the tag into the packet.
  - 34. The computer program product of claim 31, wherein the multiplexing logic is programmed to include the Virtual Private Network identifier in each packet.
  - 35. The computer program product of claim 34, wherein the multiplexing logic is programmed to include the Virtual Private Network identifier in a header within each packet.
  - 36. The computer program product of claim 35, wherein the header comprises a Logical Link Control/SubNetwork Attachment Point (LLC/SNAP) header.
  - 37. The computer program product of claim 28, wherein the in-band signaling logic is programmed to receive an in-band signal including a Virtual Private Network identifier identifying a Virtual Private Network to be added to the connection.
  - 38. The computer program product of claim 28, wherein the in-band signaling logic is programmed to receive an in-band signal including a Virtual Private Network identifier identifying a Virtual Private Network to be removed from the connection.
  - 39. The computer program product of claim 28, wherein the multiplexing logic is programmed to receive the packets over the connection and determine a Virtual Private Network for each packet.
  - 40. The computer program product of claim 39, wherein the multiplexing logic is programmed to determine the Virtual Private Network for each packet based upon inherent information within each packet.
  - 41. The computer program product of claim 39, wherein the multiplexing logic is programmed to determine the Virtual Private Network for each packet based upon a Virtual Private Network identifier encoded in each packet.
  - 42. The computer program product of claim 41, wherein the multiplexing logic is operably coupled to a database mapping each of a plurality of tags to a corresponding Virtual Private Network identifier.
  - 43. The computer program product of claim 42, wherein each packet includes a tag, and wherein the multiplexing logic is programmed to retrieve the Virtual Private Network identifier from the database based upon the tag.
  - 44. The computer program product of claim 41, wherein each packet includes a Virtual Private Network identifier, and wherein the multiplexing logic is programmed to extract the Virtual Private Network identifier from the packet.
  - 45. The computer program product of claim 44, wherein the Virtual Private Network identifier is included in a header within each packet.
  - 46. The computer program product of claim 35, wherein the header comprises a Logical Link Control/SubNetwork Attachment Point (LLC/SNAP) header.

47. A communication system for supporting multiple Virtual Private Networks, the communication system comprising an ingress Multi-Protocol Over ATM (MPOA) client in communication with an egress MPOA client over a Multi-Protocol Over ATM/Next Hop Resolution Protocol (MPOA/NHRP) network, wherein the ingress MPOA client establishes a connection to the egress MPOA client over the MPOA/NHRP network, sends in-band messages to the egress MPOA client over the connection in order to designate the connection for a number of Virtual Private Networks, and multiplexes packets from the number of Virtual Private Networks over the connection.

48. A method for supporting multiple Virtual Private Networks using the Next Hop Resolution Protocol (NHRP), the method comprising:
- determining a Virtual Private Network for each NHRP message;
  
  encoding a Virtual Private Network identifier in each NHRP message;
  
  wherein the act of encoding the Virtual Private Network identifier in each NHRP message comprises;
  
  associating each Virtual Private Network with a unique tag; and
  
  including in each packet the unique tag corresponding to the Virtual Private Network.
- View Dependent Claims (49, 50)
- - 49. The method of claim 48, wherein the act of encoding the Virtual Private Network identifier in each NHRP message comprises including the Virtual Private Network identifier in a header within each packet.
  - 50. The method of claim 49, wherein the header is a Logical Link Control/SubNetwork Attachment Point (LLC/SNAP) header.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RPX Clearinghouse LLC (RPX Corporation)
Original Assignee
Nortel Networks Limited (Nortel Networks Corporation)
Inventors
Squire, Matthew, Luciani, James V.
Primary Examiner(s)
HSU, ALPUS

Application Number

US09/309,530
Time in Patent Office

1,575 Days
Field of Search

370/389, 370/392, 370/395.1, 370/395.5, 370/395.51, 370/395.53, 370/395.54, 370/400, 370/401, 370/409, 370/410, 370/522, 709/201, 709/203, 709/230, 709/238, 709/245, 709/249, 709/218, 709/224
US Class Current

370/395.53
CPC Class Codes

H04L 12/4608 LAN interconnection over AT...

H04L 12/4645 Details on frame tagging ro...

System, device, and method for supporting virtual private networks

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

Citations

50 Claims

Specification

Solutions

Use Cases

Quick Links

System, device, and method for supporting virtual private networks

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

50 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links