Distributed virtual system to support managed, network-based services
First Claim
1. A method comprising:
- providing a virtual router (VR)-based switch configured for operation at an Internet point-of-presence (POP) of a service provider, the VR-based switch having a plurality of processing elements;
segmenting, by a network operating system (NOS) operable within the VR-based switch, resources of the VR-based switch between at least a first subscriber of the service provider and a second subscriber of the service provider by;
associating a first plurality of VRs with the first subscriber;
associating a second plurality of VRs with the second subscriber;
mapping the first plurality of VRs onto a first set of one or more of the plurality of processing elements; and
mapping the second plurality of VRs onto a second set of one or more of the plurality of processing elements;
configuring, by the NOS, a first set of customized services including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and network address translation (NAT) to be provided by the VR-based switch on behalf of the first subscriber by allocating a first service object group within the first plurality of VRs, the first service object group including a service object corresponding to each service of the first set of customized services and wherein each service object of the first service object group can be dynamically distributed by the NOS to customized processors of the first set of one or more of the plurality of processing elements to achieve desired computational supportconfiguring, by the NOS, a second set of customized services including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and NAT to be provided by the VR-based switch on behalf of the second subscriber by allocating a second service object group within the second plurality of VRs, the second service object group including a service object corresponding to each service of the second set of customized services and wherein each service object of the second service object group can be dynamically distributed by the NOS to customized processors of the second set of one or more of the plurality of processing elements to achieve desired computational support; and
wherein the NOS is implemented in one or more processors and one or more computer-readable storage media of one or more of the plurality of processing elements, the one or more computer-readable storage media having instructions tangibly embodied therein representing the NOS that are executable by the one or more processors.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems are provided for allocating network resources of a distributed virtual system to support managed, network-based services. According to one embodiment, a VR-based switch having multiple processing elements is configured for operation at an Internet POP. An NOS is provided on each of the processing elements. Resources of the VR-based switch are segmented between a first and second subscriber by mapping VRs assigned to the first and second subscriber onto appropriate processing elements. Then, a first and second set of customized services are configured, each including two or more of firewalling, virtual private networking, encryption, traffic shaping, routing and network address translation (NAT), to be provided by the VR-based switch. Customized services are configured by allocating appropriate service object groups to the VRs, which can be dynamically distributed by the NOS to customized processors of the processing elements to achieve desired computational support.
-
Citations
19 Claims
-
1. A method comprising:
-
providing a virtual router (VR)-based switch configured for operation at an Internet point-of-presence (POP) of a service provider, the VR-based switch having a plurality of processing elements; segmenting, by a network operating system (NOS) operable within the VR-based switch, resources of the VR-based switch between at least a first subscriber of the service provider and a second subscriber of the service provider by; associating a first plurality of VRs with the first subscriber; associating a second plurality of VRs with the second subscriber; mapping the first plurality of VRs onto a first set of one or more of the plurality of processing elements; and mapping the second plurality of VRs onto a second set of one or more of the plurality of processing elements; configuring, by the NOS, a first set of customized services including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and network address translation (NAT) to be provided by the VR-based switch on behalf of the first subscriber by allocating a first service object group within the first plurality of VRs, the first service object group including a service object corresponding to each service of the first set of customized services and wherein each service object of the first service object group can be dynamically distributed by the NOS to customized processors of the first set of one or more of the plurality of processing elements to achieve desired computational support configuring, by the NOS, a second set of customized services including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and NAT to be provided by the VR-based switch on behalf of the second subscriber by allocating a second service object group within the second plurality of VRs, the second service object group including a service object corresponding to each service of the second set of customized services and wherein each service object of the second service object group can be dynamically distributed by the NOS to customized processors of the second set of one or more of the plurality of processing elements to achieve desired computational support; and wherein the NOS is implemented in one or more processors and one or more computer-readable storage media of one or more of the plurality of processing elements, the one or more computer-readable storage media having instructions tangibly embodied therein representing the NOS that are executable by the one or more processors. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A virtual router (VR)-based switch comprising:
-
a storage device having stored therein one or more routines of a network operating system (NOS) operable to create discrete customized services for subscribers of a service provider by providing the subscribers with different configurations of service object groups; one or more processors coupled to the storage device and operable to execute the one or more routines; a plurality of processing elements coupled to the storage device and the one or more processors, where resources of the VR-based switch are segmented between at least a first subscriber of the service provider and a second subscriber of the service provider by; instantiating a plurality of VRs within the VR-based switch; associating a first set of VRs of the plurality of VRs with the first subscriber; associating a second set of VRs of the plurality of VRs with the second subscriber; mapping the first set of VRs onto a first set of one or more of the plurality of processing elements; and mapping the second set of VRs onto a second set of one or more of the plurality of processing elements; a first set of customized services, including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and network address translation (NAT), is configured to be provided by the VR-based switch on behalf of the first subscriber by creating a first service object group within the first set of VRs, the first service object group including a service object corresponding to each service of the first set of customized services and wherein each service object of the first service object group can be dynamically distributed by the NOS to customized processors of the first set of one or more of the plurality of processing elements to achieve desired computational support; and a second set of customized services, including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and NAT, is configured to be provided by the VR-based switch on behalf of the second subscriber by creating a second service object group within the second set of VRs, the second service object group including a service object corresponding to each service of the second set of customized services and wherein each service object of the second service object group can be dynamically distributed by the NOS to customized processors of the second set of one or more of the plurality of processing elements to achieve desired computational support. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-readable storage medium readable by one or more processing elements of a plurality of processing elements of a virtual router (VR)-based switch, the computer-readable storage medium tangibly embodying a set of instructions executable by one or more processors of the plurality of processing elements to perform method steps for creating discrete customized services for subscribers of a service provider by providing the subscribers with different configurations of service object groups, the method steps comprising:
-
segmenting resources of the VR-based switch between at least a first subscriber of the service provider and a second subscriber of the service provider by; instantiating a plurality of VRs within the VR-based switch; associating a first set of VRs of the plurality of VRs with the first subscriber; associating a second set of VRs of the plurality of VRs with the second subscriber; mapping the first set of VRs onto a first set of one or more of the plurality of processing elements; and mapping the second set of VRs onto a second set of one or more of the plurality of processing elements; configuring a first set of customized services, including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and network address translation (NAT), to be provided by the VR-based switch on behalf of the first subscriber by allocating a first service object group within the first set of VRs, the first service object group including a service object corresponding to each service of the first set of customized services and wherein each service object of the first service object group can be dynamically distributed to customized processors of the first set of one or more of the plurality of processing elements to achieve desired computational support; and configuring a second set of customized services, including a plurality of firewalling, virtual private networking, encryption, traffic shaping, routing and NAT, to be provided by the VR-based switch on behalf of the second subscriber by allocating a second service object group within the second set of VRs, the second service object group including a service object corresponding to each service of the second set of customized services and wherein each service object of the second service object group can be dynamically distributed to customized processors of the second set of one or more of the plurality of processing elements to achieve desired computational support. - View Dependent Claims (16, 17, 18, 19)
-
Specification