System and method to provide multiple private networks using MPLS

US 7,843,944 B2
Filed: 07/28/2008
Issued: 11/30/2010
Est. Priority Date: 12/27/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A system to provide multiple private networks, comprising:

a Multi-Protocol Label Switching (MPLS) interface configured to receive a plurality of Virtual Circuit (VC) data streams from a packet switched network;

a plurality of physically separate local area network (LAN) ports configured to communicate data to LAN ports; and

a switching process between the MPLS interface and the LAN ports, the switching process being configured to create bindings, wherein each binding binds an individual VC data stream from the MPLS interface to each of the respective LAN ports so as to communicate data packets between the MPLS interface and the bound LAN ports, the data packets being assigned to an individual LAN port based on the VC data stream binding, wherein an Ethernet frame format of each data packet includes an Ethernet Media Access Control (MAC) address, wherein the bindings are created independent of the Ethernet frame format MAC address and leave the Ethernet frame format unaltered, such that prior to encapsulation at the MPLS interface of a data packet being transmitted from a specific LAN port to the packet switched network via a specific binding and after de-encapsulation at the MPLS interface of a data packet being transmitted from the packet switched network to the specific LAN port via the specific binding, the specific binding hides the MAC address of the Ethernet frame format of the data packet through that binding from other LAN ports;

wherein the bindings between the MPLS interface and the LAN ports provide network security by hiding the MAC addresses such that a security breach using a duplicate MAC address on a LAN port does not affect operation of other LAN ports.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method are supplied to provide multiple private networks. The system can include an Multi-Protocol Label Switching (MPLS) interface configured to receive a plurality of data stream types from a packet switched network. A plurality of local area network ports can be configured to communicate data to local area networks. A switching process can be provided between the MPLS interface and the local area network ports. The switching process can be configured to map individual data stream types from the MPLS interface to each of the respective local area network ports. In addition, the switching process can communicate packets between the MPLS interface and the mapped local area network ports.

43 Citations

View as Search Results

24 Claims

1. A system to provide multiple private networks, comprising:
- a Multi-Protocol Label Switching (MPLS) interface configured to receive a plurality of Virtual Circuit (VC) data streams from a packet switched network;
  
  a plurality of physically separate local area network (LAN) ports configured to communicate data to LAN ports; and
  
  a switching process between the MPLS interface and the LAN ports, the switching process being configured to create bindings, wherein each binding binds an individual VC data stream from the MPLS interface to each of the respective LAN ports so as to communicate data packets between the MPLS interface and the bound LAN ports, the data packets being assigned to an individual LAN port based on the VC data stream binding, wherein an Ethernet frame format of each data packet includes an Ethernet Media Access Control (MAC) address, wherein the bindings are created independent of the Ethernet frame format MAC address and leave the Ethernet frame format unaltered, such that prior to encapsulation at the MPLS interface of a data packet being transmitted from a specific LAN port to the packet switched network via a specific binding and after de-encapsulation at the MPLS interface of a data packet being transmitted from the packet switched network to the specific LAN port via the specific binding, the specific binding hides the MAC address of the Ethernet frame format of the data packet through that binding from other LAN ports;
  
  wherein the bindings between the MPLS interface and the LAN ports provide network security by hiding the MAC addresses such that a security breach using a duplicate MAC address on a LAN port does not affect operation of other LAN ports.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. A system as in claim 1, wherein each LAN port is a physically separate Ethernet port.
  - 3. A system as in claim 1, wherein the individual data stream that is bound to a single physically separate LAN port is a using a VC label.
  - 4. A system as in claim 1, wherein the individual data stream is bound to a physically separate LAN port by desired Quality of Service (QoS) and each LAN port is physically separate from and disconnected from all other LAN ports.
  - 5. A system as in claim 1, further comprising a user space control process configured to control settings for bound LAN ports and switching paths used by the bound LAN ports.
  - 6. A system as in claim 5, further comprising a remote management interface in communication with the user space control process.
  - 7. A system as in claim 6, wherein the remote management interface includes a Simple Network Management Protocol (SNMP) interface and a web interface.
  - 8. A system as in claim 1, wherein the MPLS interface further comprises a plurality of VCs through which packets are received from a Wide Area Network (WAN) network.
  - 9. A system as in claim 1, wherein the switching process registers each LAN by port number and communicates through an operating system to each LAN.
  - 10. A system as in claim 1, wherein the LANs are Ethernet networks having no tags, headers, layers, or fields between an Ethernet header and an IP header.
  - 11. A system as in claim 1, wherein the packet switched network is MPLS.
  - 12. A system as in claim 1, wherein the switching process maps individual VC'"'"'s to separate physical LAN ports using Encapsulation Methods for Transport of Ethernet over MPLS (EoMPLS).
  - 13. A system as in claim 1, wherein the LAN ports are virtual network interface devices.
  - 14. A system as in claim 13, wherein the virtual network interfaces devices are wireless LAN ports.

15. A method for interfacing with a network, comprising:
- receiving a plurality of data streams via one of a plurality of Virtual Circuit (VCs) in an MPLS interface using a packet switched network;
  
  binding each data stream from a VC to a physically separate LAN port;
  
  communicating data packets in each separate data stream from each VC through to the respectively bound LAN port when data packets are received from the MPLS interface, wherein an Ethernet frame format of each data packet includes an Ethernet Media Access Control (MAC) address, wherein the bindings are created independent of the Ethernet frame format MAC address and leave the Ethernet frame format unaltered, such that prior to encapsulation at the MPLS interface of a data packet being transmitted from a specific LAN port to the packet switched network via a specific binding and after de-encapsulation at the MPLS interface of a data packet being transmitted from the packet switched network to the specific LAN port via the specific binding, the specific binding hides the MAC address of the Ethernet frame format of the data packet through that binding from other LAN ports; and
  
  wherein the bindings between the MPLS interface and the physically separate LAN ports provide network security by hiding the MAC addresses such that a security breach using a duplicate MAC address on a LAN port cannot affect operation of other LAN ports.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. A method as in claim 15, wherein the step of communicating data packets further comprises a step of transmitting each data stream through bound Ethernet ports.
  - 17. A method as in claim 15, wherein mapping binding each data stream to a physically separate LAN further comprises a step of binding each VC data stream to a physical Ethernet Port using EoMPLS.
  - 18. A method as in claim 15, further comprising a step of switching data packets from the MPLS interface to separately mapped Ethernet ports using a switching process.
  - 19. A method as in claim 18, further comprising a step of controlling the switching process via a user space control process configured to control switching process settings.
  - 20. A system as in claim 19, further comprising a step of receiving user input via a remote management interface in communication with the user space control process.

21. A system for interfacing between networks, comprising:
- an MPLS interface configured to receive a plurality of data streams via one of a plurality of Virtual Circuit (VCs) over a packet switched network;
  
  a plurality of physically separate Ethernet ports configured to communicate data to a LAN, wherein each LAN is differentiated by the physical LAN port;
  
  a switching process in communication with the MPLS interface and the Ethernet ports, the switching process being configured to bind each of the VCs to each of the separate Ethernet ports and to forward data packets between the MPLS interface and bound Ethernet ports, wherein an Ethernet frame format of each data packet includes an Ethernet Media Access Control (MAC) address, wherein the bindings are created independent of the Ethernet frame format MAC address and leave the Ethernet frame format unaltered, such that prior to encapsulation at the MPLS interface of a data packet being transmitted from a specific LAN port to the packet switched network via a specific binding and after de-encapsulation at the MPLS interface of a data packet being transmitted from the packet switched network to the specific LAN port via the specific binding, the specific binding hides the MAC address of the Ethernet frame format of the data packet through that binding from other LAN ports; and
  
  wherein the bindings between the VCs and the Ethernet ports provide network security by hiding the MAC addresses such that a security breach using a duplicate MAC address on an Ethernet port cannot affect operation of other Ethernet ports.
- View Dependent Claims (22, 23, 24)
- - 22. A system as in claim 21, wherein the switching process binds individual VCs to individual Ethernet ports using only EoMPLS.
  - 23. A system as in claim 21, further comprising a user space control process configured to control settings and input for the switching process.
  - 24. A system as in claim 23, further comprising a remote management interface in communication with the user space control process.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Entry Point LLC
Original Assignee
Entry Point LLC
Inventors
Peterson, C. Robert, Herbert, Thomas F.
Primary Examiner(s)
Ngo; Ricky
Assistant Examiner(s)
HAN, CLEMENCE S

Application Number

US12/181,257
Publication Number

US 20080310424A1
Time in Patent Office

855 Days
Field of Search

None
US Class Current

370/395.5
CPC Class Codes

H04L 12/462 LAN interconnection over a ...

H04L 12/66 Arrangements for connecting...

System and method to provide multiple private networks using MPLS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

43 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

System and method to provide multiple private networks using MPLS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

43 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links