Distributed virtual system to support managed, network-based services
First Claim
1. A method comprising:
- providing a virtual router (VR)-based switch configured for operation at an Internet point-of-presence (POP) of a service provider, the VR-based switch having a plurality of processing elements;
providing a network operating system (NOS) on each of the plurality of processing elements;
segmenting resources of the VR-based switch between at least a first subscriber of the service provider and a second subscriber of the service provider by;
associating a first plurality of VRs with the first subscriber;
associating a second plurality of VRs with the second subscriber;
mapping the first plurality of VRs onto a first set of one or more of the plurality of processing elements;
mapping the second plurality of VRs onto a second set of one or more of the plurality of processing elements;
wherein a shared processing element of the plurality of processing elements is part of the first set of one or more of the plurality of processing elements and the shared processing element is part of the second set of one or more of the plurality of processing elements;
configuring a first set of customized services including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and network address translation (NAT) to be provided by the VR-based switch on behalf of the first subscriber by allocating a first service object group within the first plurality of VRs, the first service object group including a service object corresponding to each service of the first set of customized services and wherein each service object of the first service object group can be dynamically distributed by the NOS to customized processors of the first set of one or more of the plurality of processing elements to achieve desired computational support; and
configuring a second set of customized services including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and NAT to be provided by the VR-based switch on behalf of the second subscriber by allocating a second service object group within the second plurality of VRs, the second service object group including a service object corresponding to each service of the second set of customized services and wherein each service object of the second service object group can be dynamically distributed by the NOS to customized processors of the second set of one or more of the plurality of processing elements to achieve desired computational support.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for allocating network resources are provided. According to one embodiment, a VR-based switch is configured for operation at a POP of a service provider. A NOS is provided on each processing element of the switch. Resources of the switch are segmented among multiple subscribers by associating sets of VRs with a first and second subscriber, mapping the sets of VRs onto sets of the processing elements, and configuring a first and second set of customized services, each including two or more of firewalling, virtual private networking, encryption, traffic shaping, routing and NAT, to be provided by the switch on behalf of the first and second subscribers, respectively, by allocating first and second service object groups within sets of VRs. Each service object can be dynamically distributed by the NOS to customized processors of the first or second set of processing elements to achieve desired computational support.
-
Citations
20 Claims
-
1. A method comprising:
-
providing a virtual router (VR)-based switch configured for operation at an Internet point-of-presence (POP) of a service provider, the VR-based switch having a plurality of processing elements; providing a network operating system (NOS) on each of the plurality of processing elements; segmenting resources of the VR-based switch between at least a first subscriber of the service provider and a second subscriber of the service provider by; associating a first plurality of VRs with the first subscriber; associating a second plurality of VRs with the second subscriber; mapping the first plurality of VRs onto a first set of one or more of the plurality of processing elements; mapping the second plurality of VRs onto a second set of one or more of the plurality of processing elements; wherein a shared processing element of the plurality of processing elements is part of the first set of one or more of the plurality of processing elements and the shared processing element is part of the second set of one or more of the plurality of processing elements; configuring a first set of customized services including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and network address translation (NAT) to be provided by the VR-based switch on behalf of the first subscriber by allocating a first service object group within the first plurality of VRs, the first service object group including a service object corresponding to each service of the first set of customized services and wherein each service object of the first service object group can be dynamically distributed by the NOS to customized processors of the first set of one or more of the plurality of processing elements to achieve desired computational support; and configuring a second set of customized services including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and NAT to be provided by the VR-based switch on behalf of the second subscriber by allocating a second service object group within the second plurality of VRs, the second service object group including a service object corresponding to each service of the second set of customized services and wherein each service object of the second service object group can be dynamically distributed by the NOS to customized processors of the second set of one or more of the plurality of processing elements to achieve desired computational support. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method comprising:
-
providing a virtual router (VR)-based switch within a service provider network, the VR-based switch having a plurality of processing elements; providing a network operating system (NOS) on each of the plurality of processing elements; segmenting resources of the VR-based switch between at least a first subscriber of the service provider and a second subscriber of the service provider by; associating a first VR with the first subscriber; associating a second VR with the second subscriber; mapping the first VR onto a first set of two or more of the plurality of processing elements; mapping the second VR onto a second set of two or more of the plurality of processing elements; wherein the first set of two or more of the plurality of processing elements and the second set of two or more of the plurality of processing elements have at least one processing element of the plurality of processing elements in common; configuring a first set of customized services including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and network address translation (NAT) to be provided by the VR-based switch on behalf of the first subscriber by allocating a first service object group within the first VR, the first service object group including a service object corresponding to each service of the first set of customized services and wherein each service object of the first service object group can be dynamically distributed by the NOS among processors associated with the first set of two or more of the plurality of processing elements to achieve desired computational support; and configuring a second set of customized services including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and NAT to be provided by the VR-based switch on behalf of the second subscriber by allocating a second service object group within the second VR, the second service object group including a service object corresponding to each service of the second set of customized services and wherein each service object of the second service object group can be dynamically distributed by the NOS among processors associated with the second set of two or more of the plurality of processing elements to achieve desired computational support. - View Dependent Claims (9, 10, 11)
-
-
12. A method comprising:
-
providing a virtual router (VR)-based switch configured for operation at an Internet point-of-presence (POP) of a service provider, the VR-based switch having a plurality of processing elements and including a first server blade and a second server blade and each of the plurality of processing elements are associated with the first server blade or the second server blade; providing a network operating system (NOS) on each of the plurality of processing elements; segmenting resources of the VR-based switch between at least a first subscriber of the service provider and a second subscriber of the service provider by; associating a first plurality of VRs with the first subscriber; associating a second plurality of VRs with the second subscriber; mapping the first plurality of VRs onto a first set of one or more of the plurality of processing elements, wherein a VR of the first plurality of VRs terminates links on both the first server blade and the second server blade; mapping the second plurality of VRs onto a second set of one or more of the plurality of processing elements; configuring a first set of customized services including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and network address translation (NAT) to be provided by the VR-based switch on behalf of the first subscriber by allocating a first service object group within the first plurality of VRs, the first service object group including a service object corresponding to each service of the first set of customized services and wherein each service object of the first service object group can be dynamically distributed by the NOS to customized processors of the first set of one or more of the plurality of processing elements to achieve desired computational support; configuring a second set of customized services including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and NAT to be provided by the VR-based switch on behalf of the second subscriber by allocating a second service object group within the second plurality of VRs, the second service object group including a service object corresponding to each service of the second set of customized services and wherein each service object of the second service object group can be dynamically distributed by the NOS to customized processors of the second set of one or more of the plurality of processing elements to achieve desired computational support; and forwarding agents associated with the VR maintaining a replicated forwarding information base. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A method comprising:
-
providing a virtual router (VR)-based switch within a service provider network, the VR-based switch having a plurality of processing elements and including a first server blade and a second server blade and each of the plurality of processing elements are associated with the first server blade or the second server blade; providing a network operating system (NOS) on each of the plurality of processing elements; segmenting resources of the VR-based switch between at least a first subscriber of the service provider and a second subscriber of the service provider by; associating a first VR with the first subscriber; associating a second VR with the second subscriber; mapping the first VR onto a first set of two or more of the plurality of processing elements, wherein the first VR terminates links on both the first server blade and the second server blade; mapping the second VR onto a second set of two or more of the plurality of processing elements; configuring a first set of customized services including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and network address translation (NAT) to be provided by the VR-based switch on behalf of the first subscriber by allocating a first service object group within the first VR, the first service object group including a service object corresponding to each service of the first set of customized services and wherein each service object of the first service object group can be dynamically distributed by the NOS among processors associated with the first set of two or more of the plurality of processing elements to achieve desired computational support; configuring a second set of customized services including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and NAT to be provided by the VR-based switch on behalf of the second subscriber by allocating a second service object group within the second VR, the second service object group including a service object corresponding to each service of the second set of customized services and wherein each service object of the second service object group can be dynamically distributed by the NOS among processors associated with the second set of two or more of the plurality of processing elements to achieve desired computational support; and forwarding agents associated with the first VR maintaining a replicated forwarding information base. - View Dependent Claims (19, 20)
-
Specification