System and method to provide multiple private networks using MPLS
First Claim
1. A system to provide multiple private networks, comprising:
- a Multi-Protocol Label Switching (MPLS) interface configured to receive a plurality of Virtual Circuit (VC) data streams from a packet switched network;
a plurality of physically separate local area network (LAN) ports configured to communicate data to LAN ports; and
a switching process between the MPLS interface and the LAN ports, the switching process being configured to create bindings, wherein each binding binds an individual VC data stream from the MPLS interface to each of the respective LAN ports so as to communicate data packets between the MPLS interface and the bound LAN ports, the data packets being assigned to an individual LAN port based on the VC data stream binding, wherein an Ethernet frame format of each data packet includes an Ethernet Media Access Control (MAC) address, wherein the bindings are created independent of the Ethernet frame format MAC address and leave the Ethernet frame format unaltered, such that prior to encapsulation at the MPLS interface of a data packet being transmitted from a specific LAN port to the packet switched network via a specific binding and after de-encapsulation at the MPLS interface of a data packet being transmitted from the packet switched network to the specific LAN port via the specific binding, the specific binding hides the MAC address of the Ethernet frame format of the data packet through that binding from other LAN ports;
wherein the bindings between the MPLS interface and the LAN ports provide network security by hiding the MAC addresses such that a security breach using a duplicate MAC address on a LAN port does not affect operation of other LAN ports.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method are supplied to provide multiple private networks. The system can include an Multi-Protocol Label Switching (MPLS) interface configured to receive a plurality of data stream types from a packet switched network. A plurality of local area network ports can be configured to communicate data to local area networks. A switching process can be provided between the MPLS interface and the local area network ports. The switching process can be configured to map individual data stream types from the MPLS interface to each of the respective local area network ports. In addition, the switching process can communicate packets between the MPLS interface and the mapped local area network ports.
43 Citations
24 Claims
-
1. A system to provide multiple private networks, comprising:
-
a Multi-Protocol Label Switching (MPLS) interface configured to receive a plurality of Virtual Circuit (VC) data streams from a packet switched network; a plurality of physically separate local area network (LAN) ports configured to communicate data to LAN ports; and a switching process between the MPLS interface and the LAN ports, the switching process being configured to create bindings, wherein each binding binds an individual VC data stream from the MPLS interface to each of the respective LAN ports so as to communicate data packets between the MPLS interface and the bound LAN ports, the data packets being assigned to an individual LAN port based on the VC data stream binding, wherein an Ethernet frame format of each data packet includes an Ethernet Media Access Control (MAC) address, wherein the bindings are created independent of the Ethernet frame format MAC address and leave the Ethernet frame format unaltered, such that prior to encapsulation at the MPLS interface of a data packet being transmitted from a specific LAN port to the packet switched network via a specific binding and after de-encapsulation at the MPLS interface of a data packet being transmitted from the packet switched network to the specific LAN port via the specific binding, the specific binding hides the MAC address of the Ethernet frame format of the data packet through that binding from other LAN ports; wherein the bindings between the MPLS interface and the LAN ports provide network security by hiding the MAC addresses such that a security breach using a duplicate MAC address on a LAN port does not affect operation of other LAN ports. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method for interfacing with a network, comprising:
-
receiving a plurality of data streams via one of a plurality of Virtual Circuit (VCs) in an MPLS interface using a packet switched network; binding each data stream from a VC to a physically separate LAN port; communicating data packets in each separate data stream from each VC through to the respectively bound LAN port when data packets are received from the MPLS interface, wherein an Ethernet frame format of each data packet includes an Ethernet Media Access Control (MAC) address, wherein the bindings are created independent of the Ethernet frame format MAC address and leave the Ethernet frame format unaltered, such that prior to encapsulation at the MPLS interface of a data packet being transmitted from a specific LAN port to the packet switched network via a specific binding and after de-encapsulation at the MPLS interface of a data packet being transmitted from the packet switched network to the specific LAN port via the specific binding, the specific binding hides the MAC address of the Ethernet frame format of the data packet through that binding from other LAN ports; and wherein the bindings between the MPLS interface and the physically separate LAN ports provide network security by hiding the MAC addresses such that a security breach using a duplicate MAC address on a LAN port cannot affect operation of other LAN ports. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A system for interfacing between networks, comprising:
-
an MPLS interface configured to receive a plurality of data streams via one of a plurality of Virtual Circuit (VCs) over a packet switched network; a plurality of physically separate Ethernet ports configured to communicate data to a LAN, wherein each LAN is differentiated by the physical LAN port;
a switching process in communication with the MPLS interface and the Ethernet ports, the switching process being configured to bind each of the VCs to each of the separate Ethernet ports and to forward data packets between the MPLS interface and bound Ethernet ports, wherein an Ethernet frame format of each data packet includes an Ethernet Media Access Control (MAC) address, wherein the bindings are created independent of the Ethernet frame format MAC address and leave the Ethernet frame format unaltered, such that prior to encapsulation at the MPLS interface of a data packet being transmitted from a specific LAN port to the packet switched network via a specific binding and after de-encapsulation at the MPLS interface of a data packet being transmitted from the packet switched network to the specific LAN port via the specific binding, the specific binding hides the MAC address of the Ethernet frame format of the data packet through that binding from other LAN ports; andwherein the bindings between the VCs and the Ethernet ports provide network security by hiding the MAC addresses such that a security breach using a duplicate MAC address on an Ethernet port cannot affect operation of other Ethernet ports. - View Dependent Claims (22, 23, 24)
-
Specification