System and method to monitor and determine if an active IPSec tunnel has become disabled
First Claim
1. A system for monitoring the status of an active secure tunnel between a pair of network elements in a communications network, comprising:
- a first network element for originating and transmitting a test message to a second network element using the secure tunnel in response to the receipt of an active tunnel monitor command;
a second network element for receiving the test message and transmitting a response back to the first network element using the secure tunnel; and
an active tunnel monitoring logic module in the first network element for accumulating a number of times that the second network element failed to return a response to each test message during a predetermined time interval and comparing the accumulated failures with a threshold value to determine if the active secure tunnel has become disabled.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for monitoring the status of an active secure tunnel between a pair of network elements in a communications network. The first network element originates and transmits an Internet Protocol Security (IPSec) test message to a second network element using a first unidirectional secure tunnel in response to the receipt of an active tunnel monitor command. The second network element receives the IPSec test message and transmits a response back to the first network element using a second unidirectional secure tunnel. The number of times that second network element failed to return a response to an IPSec test message is accumulated during a predetermined time interval and then compared with a threshold value to determine if the active secure tunnel has become disabled.
199 Citations
33 Claims
-
1. A system for monitoring the status of an active secure tunnel between a pair of network elements in a communications network, comprising:
-
a first network element for originating and transmitting a test message to a second network element using the secure tunnel in response to the receipt of an active tunnel monitor command;
a second network element for receiving the test message and transmitting a response back to the first network element using the secure tunnel; and
an active tunnel monitoring logic module in the first network element for accumulating a number of times that the second network element failed to return a response to each test message during a predetermined time interval and comparing the accumulated failures with a threshold value to determine if the active secure tunnel has become disabled. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for monitoring the status of an active secure tunnel between a pair of network elements in a communications network, comprising the acts of:
-
originating and transmitting a test message from a first network element to a second network element using the secure tunnel in response to an active tunnel monitor command;
receiving the test message at a second network element and transmitting a response back to the first network element using the secure tunnel;
accumulating a number of times that the second network element failed to return a response to each test message during a predetermined time interval; and
comparing the accumulated failures with a threshold value to determine if the active secure tunnel has become disabled. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A computer readable medium containing a computer program product for monitoring the status of an active secure tunnel between a pair of network elements in a communications network, the computer program product comprising:
-
program instructions that originate and transmit a test message to a paired network element using the secure tunnel in response to the receipt of an active tunnel monitor command;
program instructions that receive a test message and transmit a response back to a paired network element using the secure tunnel;
program instructions that accumulate a number of times that the paired network element failed to return a response to each test message during a predetermined time interval; and
program instructions that compare the accumulated failures with a threshold value to determine if the active secure tunnel has become disabled. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification