Apparatus and method for forwarding encapsulated data packets on a network having multiple links between nodes
DCFirst Claim
1. A method for transferring packets of data from a source in a private network through the Internet back to a destination in the same private network, comprising the steps of:
- (a) at a first node in a virtual private network (VPN), using a first header portion of a data packet, the first header portion indicating the first node as a source node and a second node in the VPN as a destination node, generating a value associated with the source and destination nodes;
(b) creating a second Internet protocol (IP) header portion for the data packet on a second network including the value associated with the source and destination nodes;
(c) using the second header portion, selecting one of a plurality of possible paths on a second network connected to the VPN for forwarding the packet back to a destination in the same VPN.
3 Assignments
Litigations
1 Petition
Accused Products
Abstract
An apparatus and method for encapsulating and forwarding packets on a network are disclosed. The network can include a first subnetwork such as a virtual private network connected to a larger public network such as the Internet. An encapsulating header is attached to a packet to be transferred across the public network from a source node on the private network to a destination node on the private network, such that the packet can be transferred across the public network. The encapsulating header includes a value which is derived from the private header on the packet used to transfer the packet along the private network. The value is therefore associated with a source/destination pair within the private network. The value can be derived by performing a hash operation on the private network header. After the public network header containing the value derived from the private network header is attached to the packet, it can be forwarded across the public network. A logical operation such as a hash operation can be performed on the public network header to select one of a plurality of possible paths on the public network to forward the packet. As a result, each source/destination pair within the private network will be associated with a path within the public network. Traffic from the private network can therefore be distributed over multiple paths in the public network, thus reducing or eliminating traffic congestion and overload.
13 Citations
21 Claims
-
1. A method for transferring packets of data from a source in a private network through the Internet back to a destination in the same private network, comprising the steps of:
-
(a) at a first node in a virtual private network (VPN), using a first header portion of a data packet, the first header portion indicating the first node as a source node and a second node in the VPN as a destination node, generating a value associated with the source and destination nodes; (b) creating a second Internet protocol (IP) header portion for the data packet on a second network including the value associated with the source and destination nodes; (c) using the second header portion, selecting one of a plurality of possible paths on a second network connected to the VPN for forwarding the packet back to a destination in the same VPN. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for transferring a packet of data from a source in a private network through the Internet back to a destination in the same private network across connected networks, comprising:
-
a first and a second node in a virtual private network (VPN), each node coupled to a second Internet Protocol (IP) network; and a data packet; wherein the first node generates, using a first header portion of the data packet, a value associated with the first node as a source node and the second node as a destination node, creates a second IP header portion for the data packet including the value generated from the first header portion, and using the second IP header portion selects one of a plurality of possible paths through the second IP network for routing the data packet from the source in the VPN through the Internet back to a destination in the same VPN. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
Specification