Virtual routing for virtual local area networks having overlapping IP addresses
First Claim
1. A method of virtual routing an overlapping IP address for a virtual private network (VPN) device connected to a virtual local area network (VLAN) without affecting Internet protocol (IP) processing within the VPN device, the method comprising:
- receiving on the VPN device, a packet with an overlapping Internet protocol (IP) address from a virtual site, the overlapping IP address having a virtual site tag associated with it;
converting the overlapping IP address into a non-overlapping unique IP address by a virtual network address layer (VNAT) upon reception, so that Internet Protocol (IP) processing within the VPN device is not affected in a demilitarized zone of the VPN device;
performing internet protocol processing within the VPN device on the packet using the non-overlapping unique IP address;
converting the non-overlapping unique IP address back to the overlapping IP address having a virtual local area network tag by a virtual LAN (local area network) aware NAT (Network Address Translaton) layer within the VPN device to provide a mapping function, and wherein the mapping function returns a valid IP address only if the virtual site address tag in question has a local area network tag, which contains a subnet holding the requested IP address; and
forwarding the packet with the overlapping IP address with the virtual local area network tag to at least one local area network (LAN).
1 Assignment
0 Petitions
Accused Products
Abstract
A method of virtual routing an overlapping IP address using a virtual private network (VPN) device connected to a virtual private network (VLAN). The method comprises the step of receiving an overlapping Internet protocol (IP) address from a virtual site, the overlapping IP address having a virtual site address tag (Vsite) associated with a client. The overlapping IP address is converted into a non-overlapping IP address. The non-overlapping IP address is then converted into an overlapping IP address having a virtual local area network (Vlan) tag, wherein the virtual local are network tag (Vlan) is associated with at least one local area network (LAN) within the virtual private network.
78 Citations
10 Claims
-
1. A method of virtual routing an overlapping IP address for a virtual private network (VPN) device connected to a virtual local area network (VLAN) without affecting Internet protocol (IP) processing within the VPN device, the method comprising:
-
receiving on the VPN device, a packet with an overlapping Internet protocol (IP) address from a virtual site, the overlapping IP address having a virtual site tag associated with it; converting the overlapping IP address into a non-overlapping unique IP address by a virtual network address layer (VNAT) upon reception, so that Internet Protocol (IP) processing within the VPN device is not affected in a demilitarized zone of the VPN device; performing internet protocol processing within the VPN device on the packet using the non-overlapping unique IP address; converting the non-overlapping unique IP address back to the overlapping IP address having a virtual local area network tag by a virtual LAN (local area network) aware NAT (Network Address Translaton) layer within the VPN device to provide a mapping function, and wherein the mapping function returns a valid IP address only if the virtual site address tag in question has a local area network tag, which contains a subnet holding the requested IP address; and forwarding the packet with the overlapping IP address with the virtual local area network tag to at least one local area network (LAN). - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system for virtual routing to a virtual private network (VLAN), which is comprised of a plurality of local area networks (LAN), the system comprising:
-
a client; and a virtual private network (VPN) device, the VPN device having a virtual Network Address Translation (VNAT) layer configured to; receive a packet with an overlapping Internet protocol (IP) address from a client, the overlapping IP address having a virtual site address tag associated with it; convert the overlapping IP address into a non-overlapping unique IP address by a virtual network address layer (VNAT) upon reception, so that Internet Protocol (IP) processing within the VPN device is not affected in a demilitarized zone of the VPN device; perform internet processing protocol within the VPN device on the packet using the non-overlapping unique IP address; convert the non-overlapping unique IP address back to the overlapping IP address having a virtual local area network tag by a virtual LAN (local area network) aware NAT (Network Address Translation) layer within the VPN device to provide a mapping function, and wherein the mapping function returns a valid IP address only if the virtual site address tag in question has a local area network tag, which contains a subnet holding the requested IP address, wherein the virtual local area network tag is associated with at least one local area network (LAN); and direct the packet with the overlapping IP address having a virtual local area network tag to at least one local area network. - View Dependent Claims (7, 8, 9, 10)
-
Specification