System and method for separating addresses from the delivery scheme in a virtual private network
First Claim
1. A method in a public network having a network infrastructure that is used by a private network over which a plurality of nodes communicate, the private network uses a plurality of delivery schemes to communicate between internal addresses that are suitable for use in communicating among the plurality of nodes in the private network, the method comprising:
- receiving a request from a user to add a new node to the private network, the request comprising an identifier of the private network and an identifier of the user, the new node for running on a device connected to the network infrastructure, the device having a system-level component used for communicating over the private network;
attempting to authenticate the request including the private network identifier and the user identifier;
when the request has been authenticated successfully,generating an address mapping for the new node, the address mapping used for mapping between the internal address and an external address suitable for communicating over the network infrastructure of the public network, wherein the internal address is not associated with the delivery scheme;
configuring, by the system-level component, the new node in a context such that the new node is capable of communicating with the plurality of nodes on the private network; and
sending, by the system-level component, a packet from the new node to a destination one of the plurality of nodes on the private network by accessing the address mapping and adding the external address to the packet and by causing delivery of the packet to the destination node to occur in a secure manner.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems consistent with the present invention establish a virtual network on top of current IP network naming schemes. The virtual network uses a separate layer to create a modification to the IP packet format that is used to separate network behavior from addressing. As a result of the modification to the packet format, any type of delivery method may be assigned to any address or group of addresses. The virtual network also maintains secure communications between nodes, while providing the flexibility of assigning delivery methods independent of the delivery addresses.
147 Citations
7 Claims
-
1. A method in a public network having a network infrastructure that is used by a private network over which a plurality of nodes communicate, the private network uses a plurality of delivery schemes to communicate between internal addresses that are suitable for use in communicating among the plurality of nodes in the private network, the method comprising:
-
receiving a request from a user to add a new node to the private network, the request comprising an identifier of the private network and an identifier of the user, the new node for running on a device connected to the network infrastructure, the device having a system-level component used for communicating over the private network; attempting to authenticate the request including the private network identifier and the user identifier; when the request has been authenticated successfully, generating an address mapping for the new node, the address mapping used for mapping between the internal address and an external address suitable for communicating over the network infrastructure of the public network, wherein the internal address is not associated with the delivery scheme; configuring, by the system-level component, the new node in a context such that the new node is capable of communicating with the plurality of nodes on the private network; and sending, by the system-level component, a packet from the new node to a destination one of the plurality of nodes on the private network by accessing the address mapping and adding the external address to the packet and by causing delivery of the packet to the destination node to occur in a secure manner. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification