Technique for using OER with an ECT solution for multi-homed spoke-to-spoke sites

US 7,801,030 B1
Filed: 09/16/2005
Issued: 09/21/2010
Est. Priority Date: 09/16/2005
Status: Expired due to Fees

First Claim

Patent Images

1. A method for dynamically creating and utilizing a plurality of multi-homed Virtual Private Network (VPN) tunnels from a client node of a spoke network to a peer client node of a peer spoke network in a computer network, the method comprising:

establishing one or more spoke-to-hub tunnels from the client node to an enterprise network;

dynamically establishing a plurality of spoke-to-spoke tunnels from the client node to the peer client node;

for each of a plurality of reachable address prefixes, designating a first of the plurality of spoke-to-spoke tunnels as a primary spoke-to-spoke tunnel for a respective prefix;

for each of the plurality of reachable address prefixes, designating remaining tunnels of the plurality of spoke-to-spoke tunnels as secondary spoke-to-spoke tunnels for the respective prefix;

monitoring quality of the plurality of spoke-to-spoke tunnels for the plurality of prefixes; and

dynamically re-designating one of the secondary spoke-to-spoke tunnels as the primary spoke-to-spoke tunnel for a particular prefix of the plurality of prefixes based on the quality of the plurality of spoke-to-spoke tunnels for the particular prefix.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A technique dynamically creates and utilizes a plurality of multi-homed Virtual Private Network (VPN) tunnels from a client node of one spoke network to a client node of another spoke network in a computer network. According to the technique, a VPN client node, e.g., a “spoke,” creates at least one VPN tunnel with an enterprise network, e.g., a “hub.” Once the spoke-to-hub tunnel is established, the spoke may dynamically create a plurality of VPN tunnels with a peer spoke network, e.g., a “peer spoke.” The spoke designates (e.g., for a prefix) one of the tunnels as a primary tunnel and the other tunnels as secondary tunnels, and monitors the quality (e.g., loss, delay, reachability, etc.) of all of the dynamic tunnels, such as, e.g., by an Optimized Edge Routing (OER) process. The spoke may then dynamically re-designate any one of the secondary tunnels as the primary tunnel for a prefix based on the quality of the tunnels to the peer spoke. Notably, the spoke may also dynamically load balance traffic to the peer spoke among the primary and secondary tunnels based on the quality of those tunnels.

92 Citations

View as Search Results

21 Claims

1. A method for dynamically creating and utilizing a plurality of multi-homed Virtual Private Network (VPN) tunnels from a client node of a spoke network to a peer client node of a peer spoke network in a computer network, the method comprising:
- establishing one or more spoke-to-hub tunnels from the client node to an enterprise network;
  
  dynamically establishing a plurality of spoke-to-spoke tunnels from the client node to the peer client node;
  
  for each of a plurality of reachable address prefixes, designating a first of the plurality of spoke-to-spoke tunnels as a primary spoke-to-spoke tunnel for a respective prefix;
  
  for each of the plurality of reachable address prefixes, designating remaining tunnels of the plurality of spoke-to-spoke tunnels as secondary spoke-to-spoke tunnels for the respective prefix;
  
  monitoring quality of the plurality of spoke-to-spoke tunnels for the plurality of prefixes; and
  
  dynamically re-designating one of the secondary spoke-to-spoke tunnels as the primary spoke-to-spoke tunnel for a particular prefix of the plurality of prefixes based on the quality of the plurality of spoke-to-spoke tunnels for the particular prefix.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method as in claim 1, further comprising:
    - load balancing traffic carried from the client node to the peer spoke network across the plurality of spoke-to-spoke tunnels based on the quality of the plurality of spoke-to-spoke tunnels.
  - 3. The method as in claim 1, wherein the spoke-to-spoke tunnels are multi-homed to the peer spoke network through separate Internet service providers (ISPs).
  - 4. The method as in claim 1, wherein the VPN is configured as an enterprise class teleworker (ECT) solution VPN.
  - 5. The method as in claim 1, further comprising:
    - dynamically re-designating one of the secondary spoke-to-spoke tunnels as the primary spoke-to-spoke tunnel for the particular prefix based on the quality of the plurality of spoke-to-spoke tunnels for the particular prefix in response to the primary spoke-to-spoke tunnel having a quality worse than one of the secondary spoke-to-spoke tunnels for the particular prefix by a configurable amount.
  - 6. The method as in claim 1, wherein the client node is a spoke router in a spoke network.
  - 7. The method as in claim 1, wherein the peer client node is a peer spoke router in a peer spoke network.

8. A system for dynamically utilizing a plurality of multi-homed Virtual Private Network (VPN) spoke-to-spoke tunnels, the system comprising:
- an enterprise network;
  
  a spoke network;
  
  a peer spoke network;
  
  a client node in the spoke network; and
  
  a spoke router between the client node and the peer spoke network, the spoke router havingA) an enterprise class teleworker (ECT) solution process adapted to i) establish one or more spoke-to-hub tunnels from the client node to the enterprise network, ii) dynamically establish a plurality of spoke-to-spoke tunnels from the client node to the peer client node, iii) for each of a plurality of reachable address prefixes, designate a first of the plurality of spoke-to-spoke tunnels as a primary spoke-to-spoke tunnel for a respective prefix, iv) for each of the plurality of reachable address prefixes, designate remaining tunnels of the plurality of spoke-to-spoke tunnels as secondary spoke-to-spoke tunnels for the respective prefix; and
  
  B) an optimized edge routing (OER) process adapted to i) monitor quality of the plurality of spoke-to-spoke tunnels for the plurality of prefixes, and ii) dynamically re-designate one of the secondary spoke-to-spoke tunnels as the primary spoke-to-spoke tunnel for a particular prefix of the plurality of prefixes based on the quality of the plurality of spoke-to-spoke tunnels for the particular prefix.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The system as in claim 8, wherein the OER process is further configured to load balance traffic carried from the client node to the peer spoke network across the plurality of spoke-to-spoke tunnels based on the quality of the plurality of spoke-to-spoke tunnels.
  - 10. The system as in claim 8, wherein the ECT process is further configured to dynamically notify the OER process of the dynamically established plurality of spoke-to-spoke tunnels.
  - 11. The system as in claim 8, further comprising:
    - a peer client node in the peer spoke network to receive traffic from the plurality of spoke-to-spoke tunnels.
  - 12. The system as in claim 11, wherein the peer client node is a peer spoke router.

13. A node for use with dynamically creating and utilizing a plurality of multi-homed Virtual Private Network (VPN) tunnels from a client node of a spoke network to a peer client node of a peer spoke network in a computer network, the node comprising:
- one or more network interfaces to communicate with the client node and the peer client node;
  
  a processor coupled to the one or more network interfaces and adapted to execute software processes; and
  
  a memory adapted to storeA) an enterprise class teleworker (ECT) solution process executable by the processor, the ECT solution process configured to i) establish one or more spoke-to-hub tunnels from the client node to the enterprise network, ii) dynamically establish a plurality of spoke-to-spoke tunnels from the client node to the peer client node, iii) for each of a plurality of reachable address prefixes, designate a first of the plurality of spoke-to-spoke tunnels as a primary spoke-to-spoke tunnel for a respective prefix, iv) for each of the plurality of reachable address prefixes, designate remaining tunnels of the plurality of spoke-to-spoke tunnels as secondary spoke-to-spoke tunnels for the respective prefix; and
  
  B) an optimized edge routing (OER) process executable by the processor, the OER process configured to i) monitor quality of the plurality of spoke-to-spoke tunnels for the plurality of prefixes, and ii) dynamically re-designate one of the secondary spoke-to-spoke tunnels as the primary spoke-to-spoke tunnel for a particular prefix of the plurality of prefixes based on the quality of the plurality of spoke-to-spoke tunnels for the particular prefix.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The node as in claim 13, wherein the OER process is further configured to load balance traffic carried from the client node to the peer spoke network across the plurality of spoke-to-spoke tunnels based on the quality of the plurality of spoke-to-spoke tunnels.
  - 15. The node as in claim 13, wherein the ECT process is further configured to dynamically notify the OER process of the dynamically established plurality of spoke-to-spoke tunnels.
  - 16. The node as in claim 13, wherein the node is a spoke router.
  - 17. The node as in claim 13, wherein the peer client node is a peer spoke router.

18. An apparatus for dynamically creating and utilizing a plurality of multi-homed Virtual Private Network (VPN) tunnels from a client node of a spoke network to a peer client node of a peer spoke network in a computer network, the apparatus comprising:
- means for establishing one or more spoke-to-hub tunnels from the client node to an enterprise network;
  
  means for dynamically establishing a plurality of spoke-to-spoke tunnels from the client node to the peer client node;
  
  means for designating a first of the plurality of spoke-to-spoke tunnels as a primary spoke-to-spoke tunnel for each of a plurality of reachable address prefixes;
  
  means for designating remaining tunnels of the plurality of spoke-to-spoke tunnels as secondary spoke-to-spoke tunnels for each of the plurality of reachable address prefixes;
  
  means for monitoring quality of the plurality of spoke-to-spoke tunnels for the plurality of prefixes; and
  
  means for dynamically re-designating one of the secondary spoke-to-spoke tunnels as the primary spoke-to-spoke tunnel for a particular prefix of the plurality of prefixes based on the quality of the plurality of spoke-to-spoke tunnels for the particular prefix.
- View Dependent Claims (19)
- - 19. The apparatus as in claim 18, further comprising:
    - means for load balancing traffic carried from the client node to the peer spoke network across the plurality of spoke-to-spoke tunnels based on the quality of the plurality of spoke-to-spoke tunnels.

20. A non-transitory computer readable storage medium storing executable program instructions for dynamically creating and utilizing a plurality of multi-homed Virtual Private Network (VPN) tunnels from a client node of a spoke network to a peer client node of a peer spoke network in a computer network, the executable program instructions comprising program instructions for:
- establishing one or more spoke-to-hub tunnels from the client node to an enterprise network;
  
  dynamically establishing a plurality of spoke-to-spoke tunnels from the client node to the peer client node;
  
  for each of a plurality of reachable address prefixes, designating a first of the plurality of spoke-to-spoke tunnels as a primary spoke-to-spoke tunnel for a respective prefix;
  
  for each of the plurality of reachable address prefixes, designating remaining tunnels of the plurality of spoke-to-spoke tunnels as secondary spoke-to-spoke tunnels for the respective prefix;
  
  monitoring quality of the plurality of spoke-to-spoke tunnels for the plurality of prefixes; and
  
  dynamically re-designating one of the secondary spoke-to-spoke tunnels as the primary spoke-to-spoke tunnel for a particular prefix of the plurality of prefixes based on the quality of the plurality of spoke-to-spoke tunnels for the particular prefix.
- View Dependent Claims (21)
- - 21. The non-transitory computer readable storage medium as in claim 20, the executable program instructions further comprising program instructions for:
    - load balancing traffic carried from the client node to the peer spoke network across the plurality of spoke-to-spoke tunnels based on the quality of the plurality of spoke-to-spoke tunnels.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Aggarwal, Gautam, Shah, Pritam, Blair, Dana, Thrivikramannair, Ajith
Primary Examiner(s)
Vu; Huy D
Assistant Examiner(s)
Chery; Dady

Application Number

US11/229,422
Time in Patent Office

1,831 Days
Field of Search

370/225, 370/228, 370/238, 370/248, 370/230, 370/235, 370/237, 370/236, 370/229, 370/395.2, 370/227, 370/395.52, 370/465
US Class Current

370/228
CPC Class Codes

H04L 12/44   Star or tree networks

H04L 12/4633   Interconnection of networks...

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 2212/00   Encapsulation of packets

H04L 45/04   Interdomain routing, e.g. h...

H04L 45/121   by minimising delays

H04L 45/124   using a combination of metrics

H04L 45/22   Alternate routing

H04L 45/243   using M+N parallel active p...

H04L 47/125   by balancing the load, e.g....

H04L 63/0272   Virtual private networks

Technique for using OER with an ECT solution for multi-homed spoke-to-spoke sites

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

92 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Technique for using OER with an ECT solution for multi-homed spoke-to-spoke sites

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

92 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links