Providing transparent virtual private network connectivity across intermediate networks

US 7,848,310 B1
Filed: 08/28/2008
Issued: 12/07/2010
Est. Priority Date: 01/30/2004
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, with a device located within a network intermediate to first and second customer networks of a virtual private network, a first routing message that advertises routing information specifying original routing attributes used within the first customer network, wherein the original routing attributes comprise routing attributes defined by a routing protocol, and wherein the first message advertises routing information using the original routing attributes and an autonomous system (AS) number used within the first customer network;

defining an attribute set data type for the routing protocol to store the original routing attributes used within the first customer network;

outputting, with the device located in the intermediate network, a second routing message that advertises routing information that includes both;

(i) a first attribute set that specifies routing attributes used within the intermediate network, and (ii) a second attribute set in accordance with the attribute set data type that specifies the original routing attributes used within the first customer network, wherein the second routing message includes a second attribute set that further specifies the AS number used within the first customer network in accordance with the attribute set data type;

comparing the AS number of the first customer network with an AS number used within the second customer network; and

selectively utilizing the original routing attributes used within the first customer network instead of the routing attributes used within the intermediate network when communicating the routing information to the second customer network based on the comparison.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A routing protocol, such as the Border Gateway Protocol (BGP), is extended in a manner that allows the protocol to opaquely carry routing attributes associated with an origin of a routing advertisement, e.g., a customer network of associated with a virtual private network (VPN). These attributes are carried within routing communications using a separate attribute set, and are automatically utilized when delivering the routing advertisement to other customer networks associated with the VPN. As a result, the customer networks are isolated from the routing attributes used within an intermediate network coupling the customer networks.

30 Citations

View as Search Results

24 Claims

1. A method comprising:
- receiving, with a device located within a network intermediate to first and second customer networks of a virtual private network, a first routing message that advertises routing information specifying original routing attributes used within the first customer network, wherein the original routing attributes comprise routing attributes defined by a routing protocol, and wherein the first message advertises routing information using the original routing attributes and an autonomous system (AS) number used within the first customer network;
  
  defining an attribute set data type for the routing protocol to store the original routing attributes used within the first customer network;
  
  outputting, with the device located in the intermediate network, a second routing message that advertises routing information that includes both;
  
  (i) a first attribute set that specifies routing attributes used within the intermediate network, and (ii) a second attribute set in accordance with the attribute set data type that specifies the original routing attributes used within the first customer network, wherein the second routing message includes a second attribute set that further specifies the AS number used within the first customer network in accordance with the attribute set data type;
  
  comparing the AS number of the first customer network with an AS number used within the second customer network; and
  
  selectively utilizing the original routing attributes used within the first customer network instead of the routing attributes used within the intermediate network when communicating the routing information to the second customer network based on the comparison.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein communicating routing information further comprises communicating the routing information from the intermediate network to the second customer network using the original routing attributes used within the first customer network.
  - 3. The method of claim 1, wherein defining the attribute set data type comprises defining the attribute set data type to allow a variable number of routing attributes to be specified.
  - 4. The method of claim 1, wherein defining the attribute set data type comprises defining the attribute set data type to store an autonomous system (AS) number used within the origin of the routing information.
  - 5. The method of claim 1, wherein selectively utilizing the original routing attributes comprises:
    - utilizing the original routing attributes used within the first customer network instead of routing attributes used within the intermediate network when the AS number used within the first customer network matches the AS number used within the second customer network; and
      
      discarding at least a portion of the original routing attributes used within the first customer network when the AS number used within the first customer network does not match the AS number used within the second customer network.
  - 6. The method of claim 1, further comprising:
    - determining whether the routing information originated from an interior routing protocol or an exterior routing protocol,wherein outputting the second routing message includes outputting a second routing message to communicate the routing information from the intermediate network to the second customer network using the original routing attributes used within the first customer network in place of the routing attributes used within the intermediate network when the routing information originated from an interior routing protocol.
  - 7. The method of claim 6, wherein outputting the second routing message includes:
    - discarding at least a portion of the original routing attributes used within the first customer network; and
      
      outputting the second routing message to communicate the routing information from the intermediate network to the second customer network using routing attributes used within the intermediate network when the routing information originated from an exterior routing protocol.
  - 8. The method of claim 1, wherein the routing protocol comprises the Border Gateway Protocol (BGP), and defining the attribute set data type comprises defining an attribute set data type as an optional transitive BGP path attribute.
  - 9. The method of claim 1, wherein defining the attribute set data type comprises defining an attribute set data type as opaque data that is carried through the intermediate network and only processed by routers that support the defined attribute set data type.
  - 10. The method of claim 1, further comprising communicating the routing information from the intermediate network to the second customer network using the original routing attributes associated with the first customer network instead of the routing attributes associated with the intermediate network.
  - 11. The method of claim 1, further comprising forwarding the second routing message to the intermediate network.
  - 12. The method of claim 11, further comprising:
    - restoring the original routing attributes used within the first customer network in place of the routing attributes used within the intermediate network to generate a third communication that advertises the routing information; and
      
      forwarding the third communication from the intermediate network to the second customer network using the restored attributes used within the first customer network.

13. A non-transitory computer-readable storage medium comprising instructions for causing a programmable processor to:
- receive, with a device located within a network intermediate to first and second customer networks of a virtual private network, a first routing message that advertises routing information specifying original routing attributes used within the first customer network, wherein the original routing attributes comprise routing attributes defined by a routing protocol;
  
  define an attribute set data type for the routing protocol to store the original routing attributes used within the first customer network;
  
  determine whether the routing information originated from an interior routing protocol or an exterior routing protocol; and
  
  output, with the device located in the intermediate network, a second routing message that advertises routing information that includes both;
  
  (i) a first attribute set that specifies routing attributes used within the intermediate network, and (ii) a second attribute set in accordance with the attribute set data type that specifies the original routing attributes used within the first customer network,wherein the second routing message communicates the routing information from the intermediate network to the second customer network using the original routing attributes used within the first customer network in place of the routing attributes used within the intermediate network when the routing information originated from an interior routing protocol.
- View Dependent Claims (14)
- - 14. The non-transitory computer-readable storage medium of claim 13, wherein the instructions cause the processor to format the second attribute set as opaque data.

15. A non-transitory computer-readable storage medium comprising instructions for causing a programmable processor to:
- receive a routing communication that advertises routing information from an intermediate network that couples a first customer network and a second customer network, wherein the routing communication advertises routing information that includes both;
  
  (i) a first attribute set that specifies routing attributes used within the intermediate network, and (ii) a second attribute set in accordance with an attribute set data type that specifies original routing attributes used within the first customer network and an autonomous system (AS) number used within the first customer network;
  
  advertise the routing information from the intermediate network to the second customer network using the original routing attributes associated with the first customer network, wherein the routing attributes comprise routing attributes defined by a routing protocol, wherein the routing information is advertised to the second customer network in a format consistent with an interior routing protocol using the original routing attributes used within the first customer network when the AS number used within the first customer network matches an AS number used within the second customer network, and wherein the routing information is advertised to the second customer network in a format consistent with an exterior routing protocol when the AS number used within the first customer network does not match the AS number used within the second customer network.
- View Dependent Claims (16)
- - 16. The non-transitory computer-readable storage medium of claim 15, wherein the second attribute set of the routing communication specifies the original routing attributes associated with the first customer network as opaque data.

17. A network system comprising:
- a virtual private network that includes a first customer network and a second customer network;
  
  an intermediate network that couples the first customer network to the second customer network, wherein the intermediate network includes;
  
  a first network device comprising;
  
  a control unit to generate a message that includes routing information received from the first customer network, wherein the control unit formats the message to advertise the routing information using;
  
  (i) a first attribute set, and (ii) a second attribute set that specifies original routing attributes used within the first customer network, and wherein the original routing attributes comprise routing attributes defined by a routing protocol; and
  
  an interface card to communicate the message to the intermediate network that couples the first customer network to the second customer network; and
  
  a second network device that restores the original routing attributes used within the first customer network in place of the routing attributes used within the intermediate network to generate a communication that advertises the routing information and forwards the communication from the intermediate network to the second customer network using the restored attributes used within the first customer network.
- View Dependent Claims (18)
- - 18. The network system of claim 17, wherein the control unit formats the second attribute set to specify the original routing attributes used within the customer network as opaque data.

19. A method comprising:
- defining, with a first device located within a network intermediate to first and second customer networks of a virtual private network, an attribute set data type for a routing protocol to store original routing attributes used within the first customer network;
  
  receiving, with the first device located in the intermediate network, a routing message from a second device also located in the intermediate network, wherein the routing message advertises routing information that includes both;
  
  (i) a first attribute set that specifies routing attributes used within the intermediate network, and (ii) a second attribute set in accordance with the attribute set data type that specifies original routing attributes used within the first customer network, wherein the routing message includes a second attribute set that further specifies the AS number used within the first customer network in accordance with the attribute set data type;
  
  comparing, with the first device, the AS number of the first customer network with an AS number used within the second customer network; and
  
  selectively utilizing, with the first device, the original routing attributes used within the first customer network instead of the routing attributes used within the intermediate network when communicating the routing information to the second customer network based on the comparison.
- View Dependent Claims (20)
- - 20. The method of claim 19, wherein selectively utilizing the original routing attributes comprises:
    - utilizing the original routing attributes used within the first customer network instead of routing attributes used within the intermediate network when the AS number used within the first customer network matches the AS number used within the second customer network; and
      
      discarding at least a portion of the original routing attributes used within the first customer network when the AS number used within the first customer network does not match the AS number used within the second customer network.

21. A method comprising:
- receiving, with a device located within a network intermediate to first and second customer networks of a virtual private network, a first routing message that advertises routing information specifying original routing attributes used within the first customer network, wherein the original routing attributes comprise routing attributes defined by a routing protocol;
  
  defining an attribute set data type for the routing protocol to store the original routing attributes used within the first customer network;
  
  determining whether the routing information originated from an interior routing protocol or an exterior routing protocol;
  
  outputting, with the device located in the intermediate network, a second routing message that advertises routing information that includes both;
  
  (i) a first attribute set that specifies routing attributes used within the intermediate network, and (ii) a second attribute set in accordance with the attribute set data type that specifies the original routing attributes used within the first customer network,wherein outputting the second routing message includes outputting a second routing message to communicate the routing information from the intermediate network to the second customer network using the original routing attributes used within the first customer network in place of the routing attributes used within the intermediate network when the routing information originated from an interior routing protocol.

22. A method comprising:
- receiving, with a device located within a network intermediate to first and second customer networks of a virtual private network, a first routing message that advertises routing information specifying original routing attributes used within the first customer network, wherein the original routing attributes comprise routing attributes defined by a routing protocol;
  
  defining an attribute set data type for the routing protocol to store the original routing attributes used within the first customer network; and
  
  outputting, with the device located in the intermediate network, a second routing message that advertises routing information that includes both;
  
  (i) a first attribute set that specifies routing attributes used within the intermediate network, and (ii) a second attribute set in accordance with the attribute set data type that specifies the original routing attributes used within the first customer network;
  
  restoring the original routing attributes used within the first customer network in place of the routing attributes used within the intermediate network to generate a third communication that advertises the routing information; and
  
  forwarding the third communication from the intermediate network to the second customer network using the restored attributes used within the first customer network.

23. A device located within a network intermediate to first and second customer networks of a virtual private network, the device comprising:
- a control unit that defines an attribute set data type for a routing protocol to store original routing attributes used within the first customer network; and
  
  an interface card that receives a routing message from another device also located in the intermediate network, wherein the routing message advertises routing information that includes both;
  
  (i) a first attribute set that specifies routing attributes used within the intermediate network, and (ii) a second attribute set in accordance with the attribute set data type that specifies original routing attributes used within the first customer network, wherein the routing message includes a second attribute set that further specifies the AS number used within the first customer network in accordance with the attribute set data type,wherein the control unit compares the AS number of the first customer network with an AS number used within the second customer network and selectively utilizes the original routing attributes used within the first customer network instead of the routing attributes used within the intermediate network when communicating the routing information to the second customer network based on the comparison.

24. A device located within a network intermediate to first and second customer networks of a virtual private network, the device comprising:
- an interface card that receives a first routing message that advertises routing information specifying original routing attributes used within the first customer network, wherein the original routing attributes comprise routing attributes defined by a routing protocol; and
  
  a control unit that defines an attribute set data type for the routing protocol to store the original routing attributes used within the first customer network, determine whether the routing information originated from an interior routing protocol or an exterior routing protocol and output a second routing message that advertises routing information that includes both;
  
  (i) a first attribute set that specifies routing attributes used within the intermediate network, and (ii) a second attribute set in accordance with the attribute set data type that specifies the original routing attributes used within the first customer network,wherein the control unit outputs the second routing message to communicate the routing information from the intermediate network to the second customer network using the original routing attributes used within the first customer network in place of the routing attributes used within the intermediate network when the routing information originated from an interior routing protocol.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Juniper Networks Incorporated
Original Assignee
Juniper Networks Incorporated
Inventors
Marques, Pedro R.
Primary Examiner(s)
Rao; Seema S
Assistant Examiner(s)
Murphy; Rhonda

Application Number

US12/200,603
Time in Patent Office

831 Days
Field of Search

None
US Class Current

370/351
CPC Class Codes

H04L 12/4675   Dynamic sharing of VLAN inf...

H04L 45/00   Routing or path finding of ...

H04L 45/04   Interdomain routing, e.g. h...

H04L 45/60   Router architectures

Providing transparent virtual private network connectivity across intermediate networks

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

30 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Providing transparent virtual private network connectivity across intermediate networks

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links