Methods and apparatus to distribute policy information
First Claim
1. In a first node of a physical network supporting multiple virtual network connections, a method to dynamically modify configuration data supporting virtual networks, the method comprising:
- receiving i) destination network address information associated with at least one host computer, and ii) a corresponding gateway identifier of a gateway in the physical network, the gateway being an ingress edge node of the physical network through which the at least one host computer communicates;
generating a notification message including the destination network address information and the corresponding gateway identifier; and
transmitting the notification message to a second node of the physical network enabling the second node to create a mapping between the at least one host computer and a virtual network connection between the second node and the first node on which to forward data messages from the second node through the gateway to the at least one host computer based on identifying, as specified by the mapping, that the data messages having the destination network address information are to be mapped to and sent over the virtual network connection to the at least one host computer through the gateway as specified by the corresponding gateway identifier.
1 Assignment
0 Petitions
Accused Products
Abstract
A first node generates and transmits a notification message including routing policy attributes such as network address information and a corresponding gateway identifier. The gateway identifier identifies a gateway in a physical network through which future generated data messages shall be forwarded to at least one host computer (e.g., any computer having an associated network address) as indicated by the network address information. A second node receiving the notification message utilizes the routing policy attributes to dynamically update its database identifying how to forward data packets. In this way, nodes (e.g., CE routers) of a network can be dynamically configured to support routing of messages based on the network address information and gateway identifier disseminated along with the notification message.
404 Citations
54 Claims
-
1. In a first node of a physical network supporting multiple virtual network connections, a method to dynamically modify configuration data supporting virtual networks, the method comprising:
-
receiving i) destination network address information associated with at least one host computer, and ii) a corresponding gateway identifier of a gateway in the physical network, the gateway being an ingress edge node of the physical network through which the at least one host computer communicates; generating a notification message including the destination network address information and the corresponding gateway identifier; and transmitting the notification message to a second node of the physical network enabling the second node to create a mapping between the at least one host computer and a virtual network connection between the second node and the first node on which to forward data messages from the second node through the gateway to the at least one host computer based on identifying, as specified by the mapping, that the data messages having the destination network address information are to be mapped to and sent over the virtual network connection to the at least one host computer through the gateway as specified by the corresponding gateway identifier. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer system at a first node of a physical network that at least partially supports a virtual network connection, the computer system comprising:
-
a processor; a memory unit that stores instructions associated with an application executed by the processor; a communication interface that supports communication with other nodes of the physical network; and an interconnect coupling the processor, the memory unit, and the communication interface, enabling the computer system to execute the application and perform operations of; receiving i) destination network address information associated with at least one host computer, and ii) a corresponding gateway identifier of a gateway in the physical network; generating a notification message including the destination network address information and the corresponding gateway identifier; and transmitting the notification message including the destination network address information and the corresponding gateway identifier to a second node of the physical network enabling the second node to establish a virtual network connection between the second node and the first node on which to forward data messages to the at least one host computer based on the corresponding gateway identifier. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. In a receiving node of a physical network supporting multiple virtual network connections, a method to dynamically modify configuration data associated with at least one of the multiple virtual network connections, the method comprising:
-
receiving a notification message from a sending node of the physical network, the notification message including destination network address information and a corresponding gateway identifier of a gateway of the physical network; based on contents of the notification message, modifying a map at the receiving node to include the destination network address information, the corresponding gateway identifier, and configuration data identifying at least part of a virtual network connection between the receiving node and the sending node on which to forward data messages through the gateway to a destination node as specified by the destination network address information; and upon forwarding data messages through the receiving node, utilizing the map to identify on which virtual network to forward the data messages from the receiving node through the gateway to the destination node based on the destination network address information associated with the destination node to which the data messages are directed. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A computer system at a receiving node of a physical network that at least partially supports a virtual network connection, the computer system comprising:
-
a processor; a memory unit that stores instructions associated with an application executed by the processor; a communication interface that supports communication with other nodes of the physical network; and an interconnect coupling the processor, the memory unit, and the communication interface, enabling the computer system to execute the application and perform operations of; receiving a notification message from a sending node of the physical network, the notification message including destination network address information of a destination node and a corresponding gateway identifier of a gateway of the physical network; based on contents of the notification message, modifying a map at the receiving node to include the destination network address information, the corresponding gateway identifier, and configuration data identifying at least part of a virtual network connection between the receiving node and the sending node on which to forward data messages through the gateway to the destination node as specified by the destination network address information; and utilizing the map to identify on which of multiple virtual network connections to forward the data messages from the receiving node through the gateway to the destination node based on the destination network address information associated with the destination node to which the data messages are directed to support forwarding of data messages through the receiving node. - View Dependent Claims (40, 41, 42, 43, 44, 45, 46, 47, 49, 50, 51)
-
-
48. A computer program product including a computer-readable medium having instructions stored thereon for processing data information, such that the instructions, when carried out by a processing device, enable the processing device to perform the steps of:
-
receiving i) destination network address information associated with at least one host computer, and ii) a corresponding gateway identifier of a gateway in the physical network; generating a notification message including the destination network address information and the corresponding gateway identifier; and transmitting the notification message to a second node of the physical network enabling the second node to establish a virtual network connection between the second node and the first node on which to forward data messages to the at least one host computer based on a mapping association, at the second node, between the destination network address information and the corresponding gateway identifier.
-
-
52. A computer program product including a computer-readable medium having instructions stored thereon for processing data information, such that the instructions, when carried out by a processing device, enable the processing device to perform the steps of:
-
receiving a notification message from a sending node of the physical network, the notification message including destination network address information and a corresponding gateway identifier of a gateway of the physical network; based on contents of the notification message, modifying a map at the receiving node to include the destination network address information, the corresponding gateway identifier, and configuration data identifying at least part of a virtual network connection between the receiving node and the sending node on which to forward data messages through the gateway to a destination node as specified by the destination network address information; and utilizing the map to identify on which virtual network to forward the data messages through the gateway to the destination node based on the destination network address information associated with the destination node to which the data messages are directed to support forwarding of data messages through the receiving node.
-
-
53. A computer system at a receiving node of a physical network that at least partially supports a virtual network connection, the computer system comprising:
-
means for receiving a notification message from a sending node of the physical network, the notification message including destination network address information and a corresponding gateway identifier of a gateway of the physical network; and means for modifying a map at the receiving node to include the destination network address information, the corresponding gateway identifier, and configuration data identifying at least part of a virtual network connection between the receiving node and the sending node on which to forward data messages through the gateway to a destination node as specified by the destination network address information; and means for utilizing the map to identify on which virtual network to forward the data messages from the receiving node through the gateway to the destination node based on the destination network address information associated with the destination node to which the data messages are directed to support forwarding of data messages through the receiving node.
-
-
54. In a physical network supporting virtual private network connections terminating at customer edge routers coupled to a service provider network, a method comprising:
-
at a first customer edge router; receiving a range of destination network addresses associated with host computers coupled to the first customer edge router; in addition to receiving the range of destination network addresses, receiving a security gateway identifier associated with a second customer edge router of the service provider network; generating and transmitting a notification message including the range of destination network addresses and the security gateway identifier to the second customer edge router; and at the second customer edge router; receiving the notification message; based on contents of the notification message, generating a map to include the range of destination network addresses and a corresponding virtual private network connection between the second customer edge router and first customer edge router; and prior to forwarding data messages through the second customer edge router to a computer having a destination network address in the range of destination network addresses, utilizing the map to identify on which virtual private network to forward the data messages.
-
Specification