Policy based routing system and method for caching and VPN tunneling

US 7,069,336 B2
Filed: 02/01/2002
Issued: 06/27/2006
Est. Priority Date: 02/01/2002
Status: Expired due to Term

First Claim

Patent Images

1. A system for redirecting network traffic to a target route comprising:

a public network regional router for routing data packets according to a gateway routing protocol;

a router interface device dedicated to an enterprise, the router interface device comprising;

an interface for sending and receiving a data packet to and from the public network regional router wherein the public network regional router routes-data packets destined for the enterprise network to the router interface device; and

logic for redirecting the data packet via the target route to a special purpose data packet device, wherein the special purpose data packet device comprises;

communication logic for sending and receiving a data packet to and from the router interface device;

logic for analyzing and modifying the data packet;

logic for inserting policy based management instruction within the public network regional router; and

logic for processing the data packet for one hop delivery wherein the policy based management instruction supersedes the gateway routing protocol.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An enterprise network router interface communicates with a public regional Autonomous System Border Router (ASBR). The ASBR only forwards the enterprise network traffic to the router interface. The router interface redirects data packets to data highly specialized packet processing appliances for parallel processing of VPN and cache application traffic. Policy based routing instructions are imposed on the ASBR for subsequent secure, tunneled transmission. This enterprise routing system and method used within an enterprise imposes routing instructions superseding gateway protocol routing thus allowing VPN and content caching applications to be run efficiently and securely without resort to an enterprise dedicated backbone.

Citations

34 Claims

1. A system for redirecting network traffic to a target route comprising:
- a public network regional router for routing data packets according to a gateway routing protocol;
  
  a router interface device dedicated to an enterprise, the router interface device comprising;
  
  an interface for sending and receiving a data packet to and from the public network regional router wherein the public network regional router routes-data packets destined for the enterprise network to the router interface device; and
  
  logic for redirecting the data packet via the target route to a special purpose data packet device, wherein the special purpose data packet device comprises;
  
  communication logic for sending and receiving a data packet to and from the router interface device;
  
  logic for analyzing and modifying the data packet;
  
  logic for inserting policy based management instruction within the public network regional router; and
  
  logic for processing the data packet for one hop delivery wherein the policy based management instruction supersedes the gateway routing protocol.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system of claim 1 wherein the special purpose data packet device is a cache appliance wherein the cache appliance comprises logic for storing a location of active cache data for the enterprise network allowing accelerated cache retrieval for enterprise network users.
  - 3. The system of claim 2, wherein the cache appliance further comprises logic for accessing the active cache data based on a latest time of storage.
  - 4. The system of claim 2, wherein the cache appliance further comprises logic for accessing the active cache data based on a frequency of use.
  - 5. The system of claim 1 wherein the special purpose data packet device is a VPN device comprising logic for identifying a target enterprise network destination address for the data packet.
  - 6. The system of claim 1 further comprising a second special purpose data packet device wherein the second special purpose data packet device is a VPN device.
  - 7. The system of claim 1 wherein the router interface device is a Layer 4 switch.
  - 8. The system of claim 1 wherein the router interface device further comprises logic for encapsulating the data packet for secure tunneling transmission across the public network.
  - 9. The system of claim 1 wherein the special purpose data packet device further comprises logic for encapsulating the data packet for secure tunneling transmission across the public network.
  - 10. The system of claim 1, wherein the system is redundant so as to further comprise at least one duplicate public network regional router, at least one duplicate router interface device, and at least one duplicate special purpose data packet device.
  - 11. The system of claim 1 wherein the data packet uses a CIDR IP addressing.

12. An enterprise network routing method comprising:
- routing data packets according to a gateway routing protocol across a public network;
  
  forwarding a data packet at a router interface device dedicated to an enterprise, the forwarding comprising;
  
  sending and receiving the data packet to and from the public network via a public network regional router wherein the public network regional router routes data packets destined for the enterprise network to the router interface device;
  
  redirecting the data packet to a special purpose data packet device wherein the special purpose data packet device is adapted for;
  
  sending and receiving the data packet to and from the router interface device;
  
  analyzing and modifying the data packet;
  
  inserting policy based management instruction within the public network regional router; and
  
  processing the data packet for one hop delivery wherein the policy based management instruction supersedes the gateway routing protocol.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The enterprise network routing method of claim 12 wherein the special purpose data packet device operates as a cache appliance, wherein the cache appliance stores a location or active cache data for the enterprise network thereby allowing accelerated cache retrieval or enterprise network users.
  - 14. The enterprise network routing method of claim 13, wherein the cache appliance accesses the active cache data based on a latest time of storage.
  - 15. The enterprise network routing method of claim 13, wherein the cache appliance accesses the active cache data based on a frequency of use.
  - 16. The enterprise network routing method of claim 12 wherein the special purpose data packet device operates as a VPN device and identifies a target enterprise network destination on address for the data packet.
  - 17. The enterprise network routing method of claim 12 wherein the redirecting the data packet to a special purpose device further comprises redirecting the data packet to a cache appliance or a VPN device.
  - 18. The enterprise network routing method of claim 12 wherein the router interface device, at which the forwarding a specific data packet occurs, is a Layer 4 switch.
  - 19. The enterprise network routing method of claim 12 wherein the router interface device encapsulates the data packet for secure tunneling transmission across the public network.
  - 20. The enterprise network routing method of claim 12 wherein the special purpose data packet device encapsulates the data packet for secure tunneling transmission across the public network.
  - 21. The enterprise network routing method of claim 12 wherein the method is practiced via an enterprise network having redundancy provided by a duplicate public network regional router, a duplicate router interface device, and a duplicate special purpose data packet device.
  - 22. The enterprise network routing method of claim 12 further comprising identifying specific data packets using a CIDR IP notation.

23. An enterprise network routing system comprising:
- a public network regional router for routing data packets according to a gateway routing protocol;
  
  a router interface device dedicated to an enterprise, the router interface device comprising;
  
  an interface for sending and receiving a data packet to and from the public network regional router wherein the public network regional router routes data packets destined for the enterprise network to the router interface device;
  
  logic for redirecting the data packet to a special purpose data packet device, wherein the special purpose data packet device comprises;
  
  communication logic for sending and receiving the data packet to and from the router interface device;
  
  logic for analyzing and modifying the data packet;
  
  logic for inserting policy based management instruction within the public network regional router; and
  
  logic for processing the data packet for one hop delivery wherein the policy based management instruction supersedes the gateway routing protocol.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
- - 24. The system of claim 23, wherein the special purpose data packet device is a cache appliance wherein the cache appliance comprises logic for storing a location of active cache data for the enterprise network allowing accelerated cache retrieval for enterprise network users.
  - 25. The system of claim 24, wherein the cache appliance further comprises logic for accessing the active cache data based on a latest time of storage.
  - 26. The system of claim 24, wherein the cache appliance further comprises logic for accessing the active cache data based on a frequency of use.
  - 27. The system of claim 23 wherein the special purpose data packet device is a VPN device comprising logic for identifying a target enterprise network destination address for the data packet.
  - 28. The system of claim 23 further comprising a second special purpose data packet device wherein the second special purpose data packet device is a VPN device.
  - 29. The system of claim 23 wherein the router interface device is a Layer 4 switch.
  - 30. The system of claim 23, wherein the router interface device further comprises logic for encapsulating the data packet for secure tunneling transmission across the public network.
  - 31. The system of claim 23 wherein the special purpose data packet device further comprises logic for encapsulating the data packet for secure tunneling transmission across the public network.
  - 32. The system of claim 23 wherein the system is redundant so as to further comprise at least one duplicate public network regional router, at least one duplicate router interface device, and at least one duplicate special purpose data packet device.
  - 33. The system of claim 23 wherein the data packet uses a CIDR IP addressing.

34. An enterprise network routing system comprising:
- means for routing data packets in a region of a public network according to a gateway routing protocol;
  
  means for interfacing the means for routing, the means for interfacing being dedicated to an enterprise network, the means for interfacing comprising;
  
  means for sending and receiving a data packet to and from the means for routing, wherein the means for routing routes data packets destined for the enterprise network to e means for interfacing;
  
  means for redirecting the data packet to a special purpose data packet device according logic, wherein the special purpose data packet device comprises;
  
  means for sending and receiving the data packet to and from the router interface device;
  
  means for analyzing and modifying the data packet;
  
  means for inserting policy based management instruction within the means for routing; and
  
  means for processing the data packet for one hop delivery wherein the policy based management instruction supersedes the gateway routing protocol.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Time Warner Cable Enterprises LLC (Charter Communications Incorporated)
Original Assignee
Time Warner Cable Inc. (Charter Communications Incorporated)
Inventors
Mangan, John F.
Primary Examiner(s)
Dalencourt, Yves

Application Number

US10/061,696
Publication Number

US 20030149787A1
Time in Patent Office

1,607 Days
Field of Search

709/217, 709/227, 709/230, 709/238, 709/245, 709/249, 370/401
US Class Current

709/238
CPC Class Codes

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 45/00   Routing or path finding of ...

H04L 45/302   Route determination based o...

H04L 63/0227   Filtering policies mail mes...

H04L 63/0272   Virtual private networks

Policy based routing system and method for caching and VPN tunneling

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

34 Claims

Specification

Solutions

Use Cases

Quick Links

Policy based routing system and method for caching and VPN tunneling

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

34 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links