Methods and apparatus for efficient VPN server interface, address allocation, and signaling with a local addressing domain
First Claim
1. A communications method for use in a communications system including first and second addressing domains, a first set of addresses corresponding to the first addressing domain, a second set of addresses corresponding to the second addressing domain, the first addressing domain including a first node, said first node including a plurality of interfaces, said second addressing domain including a second node, a virtual private network (VPN) coupling said first and second nodes, an upstream VPN interface identifier that identifies an interface at said first node through which packets to be communicated over said VPN are forwarded to the second node, the method comprising:
- operating the first node to receive from said second node address delegation information indicating at least one delegated address from said second set of addresses which said first node can assign;
operating the first node, in response to receiving said address delegation information from the second node, to install a forwarding entry, said forwarding entry associating a first node downstream interface with the first node upstream interface identified by said upstream VPN interface identifier; and
operating the first node to receive a first packet including a source address having the value of the delegated address and information associating the source address with the second node, said first node selecting as a function of said information associating the source address with the second node which one of a plurality of forwarding entries to use in determining an upstream VPN interface to be used to forward said received first packet.
3 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to communications systems and, more particularly, to methods and apparatus for efficient address delegation and/or assignment and/or signaling in a virtual communications network, e.g., a network supporting virtual private networks (VPNs) and one or more addressing domains. The methods are well suited for systems such as mobile communications systems, where the number of mobile nodes in each of a plurality of visited domains can change on a relatively rapid time scale, so rendering static address delegation from the home to each visited domain highly inefficient. Address delegation may be undertaken in advance of address assignment requests from a visiting mobile node, or address delegation may be triggered by the address assignment request. Information update messages keep the home domain aware of the assignment status of its delegated addresses and can specifically trigger further delegations so that a number of unassigned delegated addresses is maintained.
82 Citations
33 Claims
-
1. A communications method for use in a communications system including first and second addressing domains, a first set of addresses corresponding to the first addressing domain, a second set of addresses corresponding to the second addressing domain, the first addressing domain including a first node, said first node including a plurality of interfaces, said second addressing domain including a second node, a virtual private network (VPN) coupling said first and second nodes, an upstream VPN interface identifier that identifies an interface at said first node through which packets to be communicated over said VPN are forwarded to the second node, the method comprising:
-
operating the first node to receive from said second node address delegation information indicating at least one delegated address from said second set of addresses which said first node can assign; operating the first node, in response to receiving said address delegation information from the second node, to install a forwarding entry, said forwarding entry associating a first node downstream interface with the first node upstream interface identified by said upstream VPN interface identifier; and operating the first node to receive a first packet including a source address having the value of the delegated address and information associating the source address with the second node, said first node selecting as a function of said information associating the source address with the second node which one of a plurality of forwarding entries to use in determining an upstream VPN interface to be used to forward said received first packet. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A communications system comprising:
-
a first addressing domain and a second addressing domain, a first set of addresses corresponding to the first addressing domain, a second set of addresses corresponding to the second addressing domain, the first addressing domain including a first node, said first node including a plurality of interfaces, said second addressing domain including a second node, a virtual private network (VPN) coupling said first and second nodes, an upstream VPN interface identifier that identifies an interface at said first node through which packets to be communicated over said VPN are forwarded to the second node; wherein the first node includes; means for receiving from said second node address delegation information indicating at least one delegated address from said second set of addresses which said first node can assign; means for, in response to receiving said address delegation information from the second node, installing a forwarding entry, said forwarding entry associating a first node downstream interface with the first node upstream interface identified by said upstream VPN interface identifier; means for receiving a first packet including a source address having the value of the delegated address and information associating the source address with the second node; and means for selecting as a function of said information associating the source address with the second node which one of a plurality of forwarding entries to use in determining anupstream VPN interface to be used to forward said received first packet.
-
-
29. A computer readable medium embodying machine executable instructions for controlling a communications device to implement a method in a communication system, the communication system including first and second addressing domains, a first set of addresses corresponding to the first addressing domain, a second set of addresses corresponding to the second addressing domain, the first addressing domain including a first node, said first node including a plurality of interfaces, said second addressing domain including a second node, a Virtual Private Network coupling said first and second nodes, an upstream virtual private network (VPN) interface identifier that identifies an interface at said first node through which packets to be communicated over said VPN are forwarded to the second node, the method comprising:
-
operating the first node to receive from said second node address delegation information indicating at least one delegated address from said second set of addresses which said first node can assign; operating the first node, in response to receiving said address delegation information from the second node, to install a forwarding entry, said forwarding entry associating a first node downstream interface with the first node upstream interface identified by said upstream VPN interface identifier; and operating the first node to receive a first packet including a source address having the value of the delegated address and information associating the source address with the second node, said first node selecting as a function of said information associating the source address with the second node which one of a plurality of forwarding entries to use in determining an upstream VPN interface to be used to forward said received first packet. - View Dependent Claims (30, 31)
-
-
32. A processor configured to control a communications device to implement a method in a communication system, the communication system including first and second addressing domains, a first set of addresses corresponding to the first addressing domain, a second set of addresses corresponding to the second addressing domain, the first addressing domain including a first node, said first node including a plurality of interfaces, said second addressing domain including a second node, a virtual private network (VPN) coupling said first and second nodes, an upstream VPN interface identifier that identifies an interface at said first node through which packets to be communicated over said VPN are forwarded to the second node, the method comprising:
-
operating the first node to receive from said second node address delegation information indicating at least one delegated address from said second set of addresses which said first node can assign; operating the first node, in response to receiving said address delegation information from the second node, to install a forwarding entry, said forwarding entry associating a first node downstream interface with the first node upstream interface identified by said upstream VPN interface identifier; and operating the first node to receive a first packet including a source address having the value of the delegated address and information associating the source address with the second node, said first node selecting as a function of said information associating the source address with the second node which one of a plurality of forwarding entries to use in determining an upstream VPN interface to be used to forward said received first packet.
-
-
33. A first node for use in a communications system including a first addressing domain and a second addressing domain, a first set of addresses corresponding to the first addressing domain, a second set of addresses corresponding to the second addressing domain, the first addressing domain including said first node, said first node including a plurality of interfaces, said second addressing domain including a second node, a virtual private network coupling said first and second nodes, an upstream Virtual Private Network (VPN) interface identifier that identifies an interface at said first node through which packets to be communicated over said VPN are forwarded to the second node, the first node comprising:
-
an address delegation module for processing address delegation information received from said second node, address delegation information indicating at least one delegated address from said second set of addresses which said first node can assign; a management module for managing a forwarding entry, said forwarding entry associating a first node downstream interface with the first node upstream interface identified by said upstream VPN interface identifier; an input interface for receiving a first packet including a source address having the value of the delegated address and information associating the source address with the second node; and a forwarding module for selecting as a function of said information associating the source address with the second node which one of a plurality of forwarding entries to use in determining an upstream VPN interface to be used to forward said received first packet.
-
Specification