Tools and techniques for directing packets over disparate networks

DC CAFC

US 6,775,235 B2
Filed: 02/07/2003
Issued: 08/10/2004
Est. Priority Date: 12/29/2000
Status: Expired due to Term

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A controller which controls access to multiple independent disparate networks in a parallel network configuration, the disparate networks comprisinig at least one private network and at least one network based on the Internet, the controller comprising:

a sit interface connecting the controller to a site;

at least two network interfaces which send packets toward the disparate networks; and

a packet path selector which selects between network interfaces according to at least;

a destination of the packet, an optional presence of alternate paths to that destination, and at least one specified criterion for selecting between alternate paths when such alternate paths are present;

wherein the controller receives a packet through the site interface and sends the packet through the network interface that was selected by the packet path selector; and

wherein the packet path selector selects between network interfaces according to a security criterion, thereby promoting use of multiple disparate networks to carry different pieces of a given message so that unauthorized interception of packets on fewer than all of the disparate networks used to carry the message will not provide the total content of the message.

View all claims

5 Assignments

Timeline View

Assignment View

Litigations

4 Petitions

Accused Products

Abstract

Methods, configured storage media, and systems are provided for communications using two or more disparate networks in parallel to provide load balancing across network connections, greater reliability, and/or increased security. A controller provides access to two or more disparate networks in parallel, through direct or indirect network interfaces. When one attached network fails, the failure is sensed by the controller and traffic is routed through one or more other disparate networks. When all attached disparate networks are operating, one controller preferably balances the load between them.

Citations

24 Claims

1. A controller which controls access to multiple independent disparate networks in a parallel network configuration, the disparate networks comprisinig at least one private network and at least one network based on the Internet, the controller comprising:
- a sit interface connecting the controller to a site;
  
  at least two network interfaces which send packets toward the disparate networks; and
  
  a packet path selector which selects between network interfaces according to at least;
  
  a destination of the packet, an optional presence of alternate paths to that destination, and at least one specified criterion for selecting between alternate paths when such alternate paths are present;
  
  wherein the controller receives a packet through the site interface and sends the packet through the network interface that was selected by the packet path selector; and
  
  wherein the packet path selector selects between network interfaces according to a security criterion, thereby promoting use of multiple disparate networks to carry different pieces of a given message so that unauthorized interception of packets on fewer than all of the disparate networks used to carry the message will not provide the total content of the message.
- View Dependent Claims (2, 3)
- - 2. The controller of claim 1, wherein the controller sends packets out of sequence over the parallel disparate networks.
  - 3. The controller of claim 2, wherein the controller places an encrypted sequence number in at least some of the packets which are sent out of sequence.

4. A controller which controls access to multiple networks in a parallel network configuration, suitable networks comprising Internet-based networks and private networks from at least one more provider, in combination, the controller comprising:
- a site interface connecting the controller to a site;
  
  at least two network interfaces which send packets toward the networks; and
  
  a packet path selector which selects between network interfaces on a per-packet basis according to at least;
  
  a destination of the packet, an optional presence of alternate paths to that destination, and at least one specified criterion for selecting between alternate paths when such alternate paths are present;
  
  wherein the controller receives a packet through the site inter-face and sends the packet through the network interface that was selected by the packet path selector.

5. A method for combining connections for access to multiple parallel disparate networks, the method comprising the steps of:
- obtaining at least two known location address ranges which have associated networks;
  
  obtaining topology information which specifies associated networks that provide, when working, connectivity between a current location and at least one destination location;
  
  receiving at the current location a packet which identifies a particular destination location by specifying a destination address for the destination location;
  
  determining whether the destination address lies within a known location address range;
  
  selecting a network path from among paths to disparate associated networks, said networks being in parallel at the current location, each of said networks specified in the topology information as capable of providing connectivity between the current location and the destination location;
  
  forwarding the packet on the selected network path.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 6. The method of claim 5, further comprising the step of modifying the packet destination address to lie within a known location address range associated with the selected network before the forwarding step.
  - 7. The method of claim 5, wherein the forwarding step forwards the packet toward the Internet when the packet'"'"'s destination address does not lie within any known location address range.
  - 8. The method of claim 5, wherein the destination address identifies a destination location to which only a single associated network provides connectivity from the current location, and the forwarding step forwards the packet to that single associated network.
  - 9. The method of claim 5, wherein repeated instances of the selecting step make network path selections on a packet-by-packet basis.
  - 10. The method of claim 5, wherein repeated instances of the selecting step make network path selections on a per session basis.
  - 11. The method of claim 5, wherein the selecting step selects the network path at least in part on the basis of a dynamic load-balancing criterion.
  - 12. The method of claim 11, wherein repeated instances of the selecting step select between network paths at least in part on the basis of a dynamic load-balancing criterion which tends to balance line loads by distributing packets between lines.
  - 13. The method of claim 11, wherein repeated instances of the selecting step select between network paths at least in part on the basis of a dynamic load-balancing criterion which tends to balance network loads by distributing packets between disparate networks.
  - 14. The method of claim 5, wherein the selecting step selects the network path at least in part on the basis of a reliability criterion.
  - 15. The method of claim 5, wherein the selecting step selects the network path at least in part on the basis of a security criterion.
  - 16. The method of claim 6, wherein the modifying step modifies a packet destination address which was in a known location address range associated with a private network such that the modified packet destination address lies instead in a known location address range associated with a VPN.
  - 17. The method of claim 6, wherein the modifying step modifies a packet destination address which was in a known location address range associated with a VPN such tat the modified packet destination address lies instead in a known location address range associated with a private network.
  - 18. The method of claim 6, wherein the modifying step modifies a packet destination address corresponding to one of:
    - the Internet, a private network, thereby making the modified packet destination address correspond to the other of;
      
      the Internet, a private network.

19. A method for combining connections for access to parallel networks, the method comprising the steps of:
- sending a packet to a site interface of a controller, the controller comprising the site interface which receives packets, at least two network interfaces to parallel networks, and a packet path selector which selects between the network interfaces on a per-session basis to promote load-balancing; and
  
  forwarding the packet-through the network interface selected byte packet path selector;
  
  wherein the step of sending a packet to the controller site interface is repeated as multiple packets are sent, and the controller sends different packets of a given message to different parallel networks.

20. A method for combining connections for access to parallel networks, the method comprising the steps of:
- receiving at a first controller a packet which has a first site IP address as source address and a second site IP address as destination address;
  
  modifying the packet to have an IP address of the first controller as the source address and an IP address of a second controller as the destination address; and
  
  forwarding the modified packet along a selected path toward the second site.

21. A method for combining connections for access to parallel networks, the method comprising the steps of:
- receiving at a first controller a packet which has a first VPN IP address as source address and a second VPN IF address as destination address;
  
  modifying the packet to have an IP address of the first controller as the source address and an IP address of a second controller as the destination address; and
  
  forwarding to modified packet along a selected path toward the second VPN.

22. A computer storage medium having a configuration that represents data and instructions which will cause performance of a method for combining connections for access to multiple parallel disparate networks, the method comprising the steps of:
- obtaining at least two known location address ranges which have associated networks;
  
  obtaining topology information which specifies associated networks that provide, when working, connectivity between a current location and at least one destination location;
  
  receiving at the current location a packet which identifies a particular destination location by specifying a destination address for the destination location;
  
  determining whether the destination address lies within a known location address range;
  
  selecting a network path from among paths to disparate associated networks, said networks being in parallel at the current location, each of said networks specified in the topology information as capable of providing connectivity between the current location and the destination location;
  
  modifying the packet destination address to lie within a known location address range associated with the selected network if it does not already do so; and
  
  forwarding the packet on the selected network path.
- View Dependent Claims (23, 24)
- - 23. The configured storage medium of claim 22, wherein the selecting step selects the network path at least in part on the basis of a dynamic load-balancing criterion.
  - 24. The configured storage medium of claim 22, wherein repeated instances of the selecting step make network path selections on a packet-by-packet basis.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
ShareWave, Inc. (Cirrus Logic Incorporated), Fatpipe Networks Private Ltd.
Original Assignee
Ragula Systems Incorporated
Inventors
Datta, Sanchaita, Bhaskar, Ragula
Primary Examiner(s)
MARCELO, MELVIN C

Application Number

US10/361,837
Publication Number

US 20030147408A1
Time in Patent Office

550 Days
Field of Search

370/252, 370/352, 370/230, 370/235, 370/238
US Class Current

370/238
CPC Class Codes

H04L 12/2854   Wide area networks, e.g. pu...

H04L 12/2856   Access arrangements, e.g. I...

H04L 12/2859   Point-to-point connection b...

H04L 12/2898   Subscriber equipments DSL m...

H04L 12/5692   Selection among different n...

H04L 43/0811   by checking connectivity

H04L 45/04   Interdomain routing, e.g. h...

H04L 45/22   Alternate routing

H04L 45/24   Multipath

H04L 45/28   using route fault recovery

H04L 47/125   by balancing the load, e.g....

H04L 63/0272   Virtual private networks

H04L 63/10   for controlling access to d...

H04L 63/1466   Active attacks involving in...

H04L 63/18   using different networks or...

H04L 67/1001   for accessing one among a p...

H04L 67/10015   Access to distributed or re...

H04L 69/16   Implementation or adaptatio...

Tools and techniques for directing packets over disparate networks

First Claim

5 Assignments

Litigations

4 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Tools and techniques for directing packets over disparate networks

First Claim

5 Assignments

Subscription Required

Subscription Required

Litigations

4 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links