Method and system for virtual private network administration channels
First Claim
Patent Images
1. A method for communicating on a network between a first data processing system having a single network interface card (NIC) and a second data processing system having a single NIC, the method comprising the computer-implemented steps of:
- transmitting data packets on the network from the first data processing system to the second data processing system on a first channel in a virtual private network (VPN) using a primary network address; and
transmitting administrative packets, which are related to the operation of the first channel, on the network from the first data processing system to the second data processing system on a second channel in the VPN using an alias network address, the second channel being capable of transmitting the administrative packets concurrently with the first channel transmitting the data packets, wherein each data processing system transmits data packets and administrative packets using its single NIC which supports multiple network addresses simultaneously.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and system for dual channel network connections where one channel can be used for normal data transmission and the second channel can be used for administration tasks such as correcting error on the data channel or running diagnostics. A first data processing system and a second data processing system communicate on a physical network by transmitting data packets on the network using a virtual private network (VPN). Data packets are transmitted through a first VPN channel. Administrative packets are transmitted through a second VPN channel independently of the first VPN channel. The data packets may be transmitted using Internet Protocol (IP), and a portion of the network may include the Internet. The data VPN channel and the administrative VPN channel share a single network interface card, hence only a single network interface card (NIC) is required for each data processing system.
113 Citations
23 Claims
-
1. A method for communicating on a network between a first data processing system having a single network interface card (NIC) and a second data processing system having a single NIC, the method comprising the computer-implemented steps of:
-
transmitting data packets on the network from the first data processing system to the second data processing system on a first channel in a virtual private network (VPN) using a primary network address; and
transmitting administrative packets, which are related to the operation of the first channel, on the network from the first data processing system to the second data processing system on a second channel in the VPN using an alias network address, the second channel being capable of transmitting the administrative packets concurrently with the first channel transmitting the data packets, wherein each data processing system transmits data packets and administrative packets using its single NIC which supports multiple network addresses simultaneously. - View Dependent Claims (2, 3, 4, 5, 6)
transmitting data packets through a first VPN channel between the first data processing system and the second data processing system, wherein a first end of the first VPN channel is terminated by the first data processing system using a first network address and a second end of the first VPN channel is terminated by the second data processing system using a second network address;
transmitting administrative packets through a second VPN channel between the first data processing system and the second data processing system, wherein a first end of the second VPN channel is terminated by the first data processing system using a third network address and a second end of the second VPN channel is terminated by the second data processing system using a fourth network address.
-
-
4. The method of claim 3 wherein the first network address and the second network address are primary IP addresses, and wherein the second network address and the third network address are alias IP addresses.
-
5. The method of claim 1 wherein the network comprises the Internet.
-
6. The method of claim 1 wherein the administrative VPN channel is used to perform one of the following actions:
- correct data channel errors, run diagnostics, or perform other administrative tasks independent of whether the data channel has become inoperative.
-
7. A method for communicating on a network, the method comprising the computer-implemented steps of:
-
configuring a data virtual private network (VPN) channel using a primary IP address; and
configuring an administrative VPN channel using an alias IP address, wherein the data VPN channel and the administrative VPN channel share a single network interface card. - View Dependent Claims (8, 9, 10, 11, 12, 13)
transmitting data packets on the network using the data VPN channel; and
transmitting administrative packets on the network using the administrative VPN channel.
-
-
9. The method of claim 7 wherein the network comprises the Internet.
-
10. The method of claim 7 wherein the primary IP address and one or more alias IP addresses are configured through an execution of a script.
-
11. The method of claim 7 wherein the primary IP address and one or more alias IP addresses are selectable through a graphical user interface.
-
12. The method of claim 7 wherein the data VPN channel and the administrative VPN channel operate independently.
-
13. The method of claim 7 wherein the administrative VPN channel is used to perform one of the following actions:
- correct data channel errors, run diagnostics, or perform other administrative tasks independent of whether the data channel has become inoperative.
-
14. A data processing system for communicating on a network, the data processing system comprising:
-
first configuring means for configuring a data virtual private network (VPN) channel using a primary IP address; and
second configuring means for configuring an administrative VPN channel using an alias IP address, wherein the data VPN channel and the administrative VPN channel share a single network interface card. - View Dependent Claims (15, 16, 17, 18, 19, 20)
first transmitting means for transmitting data packets on the network using the data VPN channel; and
second transmitting means for transmitting administrative packets on the network using the administrative VPN channel.
-
-
16. The data processing system of claim 14 wherein the network comprises the Internet.
-
17. The data processing system of claim 14 wherein the primary IP address and one or more alias IP addresses are configurable through the execution of a script.
-
18. The data processing system of claim 14 wherein the primary IP address and one or more alias IP addresses are selectable through a graphical user interface.
-
19. The data processing system of claim 14 wherein the data VPN channel and the administrative VPN channel on the virtual private network operate independently.
-
20. The data processing system of claim 14 wherein the administrative VPN channel is used to perform one of the following actions:
- correct data channel errors, run diagnostics, or perform other administrative tasks independent of whether the data channel has become inoperative.
-
21. A computer program product on a computer-readable medium for use in a data processing system for communicating on a network, the computer program product comprising:
-
instructions for configuring a data virtual private network (VPN) channel using a primary IP address; and
instructions for configuring an administrative VPN channel using an alias IP address, wherein the data VPN channel and the administrative VPN channel share a single network interface card. - View Dependent Claims (22, 23)
instructions for transmitting data packets on the network using the data VPN channel; and
instructions for transmitting administrative packets on the network using the administrative VPN channel.
-
-
23. The computer program product of claim 21 wherein the network comprises the Internet.
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeCisco Technology, Inc. (Cisco Systems, Inc.)
-
Original AssigneeInternational Business Machines Corporation
-
InventorsUnniksrishnan, Ramachandran, Mullen, Shawn Patrick, Genty, Denise Marie
-
Primary Examiner(s)Marcelo, Melvin
-
Assistant Examiner(s)Ferris, Derrick W.
-
Application NumberUS09/389,443Time in Patent Office1,461 DaysField of Search709/200, 709/249, 709/250, 713/150, 713/151, 713/153, 713/160, 713/162, 713/201, 370/351, 370/352, 370/395.1, 370/395.5, 370/395.52, 370/409, 370/464, 370/475US Class Current370/464CPC Class CodesH04L 12/4641 Virtual LANs, VLANs, e.g. v...
