Virtual inline configuration for a network device

US 8,004,973 B2
Filed: 04/25/2006
Issued: 08/23/2011
Est. Priority Date: 04/25/2006
Status: Active Grant

First Claim

Patent Images

1. A method for delivering an incoming packet through a performance enhancing proxy network device to a recipient computing system, the performance enhancing proxy network device coupled in a parallel configuration, the method comprising:

receiving, by a router, a data packet having a first destination IP address as a destination IP address of the data packet, the destination IP address specifying a recipient computing system on a local network;

diverting, by the router via Internet Protocol (IP) layer routing, the data packet to the performance enhancing proxy network device according to the first destination IP address matching a policy based IP routing rule of a set of rules instead of changing the first destination IP address of the data packet to an IP address of the performance enhancing proxy network device, the performance enhancing proxy network device coupled in parallel to the router, the policy based IP routing rule identifying the IP address of the performance enhancing proxy network device;

processing, by the performance enhancing proxy network device, the diverted data packet while preserving the first destination IP address as the destination IP address of the data packet;

transmitting, by the performance enhancing proxy network device, the processed data packet to the router identified by the performance enhancing proxy network device as the router selected from a plurality of routers for originally diverting the data packet to the performance enhancing proxy network device, the processed data packet comprising the first destination IP address specifying the recipient computing device;

receiving, by the router, the processed data packet from the performance enhancing proxy network device, the received processed data packet having the first destination IP address as the destination IP address of the data packet; and

sending, by the router, over the local network, the processed data packet to the recipient computing system identified by the first destination IP address.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A performance enhancing proxy network device is configured to operate in a virtual inline mode, in which selected network traffic is redirected to and through the network device by a router using simple routing policies. In this way, the network device can be coupled to the router in series but can still operate as if it were physically connected inline.

33 Citations

View as Search Results

28 Claims

1. A method for delivering an incoming packet through a performance enhancing proxy network device to a recipient computing system, the performance enhancing proxy network device coupled in a parallel configuration, the method comprising:
- receiving, by a router, a data packet having a first destination IP address as a destination IP address of the data packet, the destination IP address specifying a recipient computing system on a local network;
  
  diverting, by the router via Internet Protocol (IP) layer routing, the data packet to the performance enhancing proxy network device according to the first destination IP address matching a policy based IP routing rule of a set of rules instead of changing the first destination IP address of the data packet to an IP address of the performance enhancing proxy network device, the performance enhancing proxy network device coupled in parallel to the router, the policy based IP routing rule identifying the IP address of the performance enhancing proxy network device;
  
  processing, by the performance enhancing proxy network device, the diverted data packet while preserving the first destination IP address as the destination IP address of the data packet;
  
  transmitting, by the performance enhancing proxy network device, the processed data packet to the router identified by the performance enhancing proxy network device as the router selected from a plurality of routers for originally diverting the data packet to the performance enhancing proxy network device, the processed data packet comprising the first destination IP address specifying the recipient computing device;
  
  receiving, by the router, the processed data packet from the performance enhancing proxy network device, the received processed data packet having the first destination IP address as the destination IP address of the data packet; and
  
  sending, by the router, over the local network, the processed data packet to the recipient computing system identified by the first destination IP address.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising detecting, by a second performance enhancing proxy network device, that the performance enhancing proxy network device has failed;
    - andreceiving, by the second performance enhancing proxy network device instead of the performance enhancing proxy network device, the diverted data packet responsive to the detection, the diverted data packet comprising the first destination IP address specifying the recipient computing system;
      
      processing, by the second performance enhancing proxy network device, the diverted data packet while preserving the first destination IP address as the destination IP address of the data packet; and
      
      transmitting, by the second performance enhancing proxy network device, the processed data packet to the router identified by the second performance enhancing proxy network device as the router selected from a plurality of routers for originally diverting the data packet to the performance enhancing proxy, the processed data packet comprising the first destination IP address specifying the recipient computing device.
  - 3. The method of claim 2, wherein the policy based routing rules are defined at a WAN side of a router.
  - 4. The method of claim 2, wherein the policy based routing rules specify diverting a data packet based at least in part on whether the data packet is a TCP packet.
  - 5. The method of claim 1, further comprising preserving, by the performance enhancing proxy network device, the selection of the router from load balancing applied to the plurality of routers.
  - 6. The method of claim 1, wherein the performance enhancing proxy network device resides outside the local network.

7. A method for sending an outgoing packet through a performance enhancing proxy network device to a destination computing system, the performance enhancing proxy network device coupled in a parallel configuration, the method comprising:
- receiving, by a router, a data packet having a first destination IP address as a destination IP address of the data packet, the destination IP address specifying a remote destination computing system over a network;
  
  diverting, by the router via Internet Protocol (IP) layer routing, the data packet to the performance enhancing proxy network device according to the first destination IP address matching a policy based IP routing rule of a set of rules instead of changing the first destination IP address of the data packet to an IP address of the performance enhancing proxy network device, the performance enhancing proxy network device coupled in parallel to the router, the policy based IP routing rule identifying the IP address of the performance enhancing proxy network device;
  
  processing, by the performance enhancing proxy network device, the diverted data packet while preserving the first destination IP address as the destination IP address of the data packet;
  
  transmitting, by the performance enhancing proxy network device, the processed data packet to the router identified by the performance enhancing proxy network device as the router selected from a plurality of routers for originally diverting the data packet to the performance enhancing proxy network device, the processed data packet comprising the first destination IP address specifying the recipient computing device;
  
  receiving, by the router, the processed data packet from the performance enhancing proxy network device, the received processed data packet having the first destination IP address as the destination IP address of the data packet; and
  
  sending, by the router, over the network the processed data packet to the destination computing system identified by the first destination IP address.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, further comprising detecting, by a second performance enhancing proxy network device, that the performance enhancing proxy network device has failed;
    - andreceiving, by the second performance enhancing proxy network device instead of the performance enhancing proxy network device, the diverted data packet responsive to the detection, the diverted data packet comprising the first destination IP address specifying the recipient computing system;
      
      processing, by the second performance enhancing proxy network device, the diverted data packet while preserving the first destination IP address as the destination IP address of the data packet; and
      
      transmitting, by the second performance enhancing proxy network device, the processed data packet to the router identified by the second performance enhancing proxy network device as the router selected from a plurality of routers for originally diverting the data packet to the performance enhancing proxy, the processed data packet comprising the first destination IP address specifying the recipient computing device.
  - 9. The method of claim 8, wherein the policy based routing rules are defined at a LAN side of a router.
  - 10. The method of claim 8, wherein the policy based routing rules specify diverting a data packet based at least in part on whether the data packet is a TCP packet.
  - 11. The method of claim 7, further comprising preserving, by the performance enhancing proxy network device, the selection of the router from load balancing applied to the plurality of routers.
  - 12. The method of claim 7, wherein the performance enhancing proxy network device resides outside the network.

13. A method for handling incoming and outgoing data packets in one or more routers, the method comprising:
- receiving, by a router, an incoming data packet from a wide area network (WAN), the incoming data packet having a first destination IP address as a destination IP address of the incoming data packet, the first destination IP address specifying a computing system on a local area network;
  
  receiving, by the router, an outgoing data packet from the local area network (LAN), the outgoing data packet having a second destination IP address as a destination IP address of the outgoing data packet, the second IP address specifying a computing system over the wide area network;
  
  diverting, by the router via Internet Protocol (IP) layer routing, the incoming data packet and the outgoing data packet to a network device according to matching IP addresses of incoming data packets and outgoing data packets to one or more police based IP routing rules of a set of rules while preserving the first destination IP address as the destination IP address of the incoming data packet and the second destination IP address as the destination IP address of the outgoing data packet, the network device coupled in parallel to the router, the one or more policy based IP routing rules identifying the IP address of the network device;
  
  processing, by the network device, the diverted data packets while preserving the first destination IP address as the destination IP address of the incoming data packet and the second destination IP address as the destination IP address of the outgoing data packet;
  
  transmitting, by the network device, the processed data packet to the router identified by the network device as the router selected from a plurality of routers for originally diverting the data packet to the network device, the processed incoming data packet having the first destination IP address as the destination IP address of the incoming data packet and the processed outgoing data packet having the second destination IP address as the destination IP address of the outgoing data packet;
  
  receiving, by the router, the processed incoming data packet having the first destination IP address as the destination IP address of the incoming data packet and the processed outgoing data packet having the second destination IP address as the destination IP address of the outgoing data packet; and
  
  delivering, by the router, the processed incoming data packet to the computing system on the local area network identified by the first destination IP address and the processed outgoing data packet to the computing system over the wide area network identified by the second destination IP address.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The method of claim 13, further comprising compressing the diverted data packets by the performance enhancing proxy network device.
  - 15. The method of claim 14, wherein the first and second sets of policy based routing rules are configured to divert only TCP data packets.
  - 16. The method of claim 14, wherein the first and second sets of policy based routing rules are configured to divert only data packets having a source or destination IP address within a predetermined range.
  - 17. The method of claim 13, further comprising preserving, by the performance enhancing proxy network device, the selection of the router from load balancing applied to the plurality of routers.
  - 18. The method of claim 13, wherein receiving and diverting the incoming and outgoing data packets comprises a first router receiving and diverting the incoming data packet and a second router receiving and diverting the outgoing data packet, the first and second routers from a plurality of routers.
  - 19. The method of claim 18, wherein each diverted data packet is received by the same router that originally diverted the data packet to the network device.

20. A network system for handling incoming and outgoing packets, the system comprising:
- a local area network coupled to one or more local computing systems;
  
  a wide area network;
  
  a router providing a communication interface between the local area network and the wide area network, receiving data packets having a first destination IP address as a destination IP address of the data packets, the first destination IP address specifying a computing system over a network and diverting, via Internet Protocol (IP) layer routing, outgoing data packets from the local area network and incoming data packets from the wide area network to the performance enhancing proxy network device in accordance with matching IP addresses of incoming data packets and outgoing data packets to one or more policy based IP routing rules of a set of rules instead of changing the first destination IP address as the destination IP address of the data packets, the one or more policy based IP routing rules identifying the IP address of the network device;
  
  a performance enhancing proxy network device coupled in parallel to the router, the performance enhancing proxy network device receiving data packets diverted from the router, processing the diverted data packets while preserving the first destination IP address as the destination IP address of the processed data packets, and transmitting the processed outgoing data packets and incoming data packets to the router identified by the network device as the router selected from a plurality of routers for originally diverting the data packet to the network device, the processed incoming data packet having the first destination IP address as the destination IP address of the incoming data packet and the processed outgoing data packet having the second destination IP address as the destination IP address of the outgoing data packet;
  
  wherein the router receives the processed data packets having the first destination IP address as the destination IP address of the processed data packets and sends the processed data packets received from the performance enhancing proxy network device to the computing system identified by the first destination IP address.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28)
- - 21. The system of claim 20, wherein diverting the incoming and outgoing data packets further comprises retaining the first destination IP address of each of the incoming and outgoing data packets.
  - 22. The system of claim 20, wherein the set of rules for diverting the incoming and outgoing data packets diverts only TCP data packets.
  - 23. The system of claim 20, wherein the set of rules for diverting the incoming and outgoing data packets diverts only data packets having a source or destination address within a predetermined range.
  - 24. The system of claim 20, further comprising a plurality of routers providing a communication interface between the local area network and the wide area network, each router including a set of rules for diverting the incoming and outgoing data packets from the local area network and the wide area network to the performance enhancing proxy network device.
  - 25. The system of claim 24, wherein the performance enhancing proxy network device is configured to return each diverted data packet to the router that originally diverted the data packet.
  - 26. The system of claim 20, further comprising a plurality of performance enhancing proxy network devices each connected to the local area network and the wide area network via one of the plurality of routers.
  - 27. The system of claim 26, further comprisinga second performance enhancing proxy network device detecting that the performance enhancing proxy network device has failed;
    - receiving, instead of the performance enhancing proxy network device, the diverted data packet responsive to the detection, processing the diverted data packet while preserving the first destination IP address as the destination IP address of the data packet, and transmitting the processed data packet to the router identified by the second performance enhancing proxy network device as the router selected from a plurality of routers for originally diverting the data packet to the performance enhancing proxy, the processed data packet comprising the first destination IP address specifying the recipient computing device, the diverted data packet comprising the first destination IP address specifying the recipient computing system.
  - 28. The system of claim 27, wherein the performance enhancing proxy network device preserves the selection of the router from load balancing applied to the plurality of routers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citrix Systems, Inc. (Cloud Software Group)
Original Assignee
Citrix Systems, Inc. (Cloud Software Group)
Inventors
Budhani, Haseeb, Sutter, Paul G.
Primary Examiner(s)
CHO, HONG SOL

Application Number

US11/380,004
Publication Number

US 20070248090A1
Time in Patent Office

1,946 Days
Field of Search

370/230, 370/252, 370/254, 370/351, 370/389, 370/392, 370/400, 370/401
US Class Current

370/230
CPC Class Codes

H04L 12/56 Packet switching systems

H04L 67/563 Data redirection of data ne...

Virtual inline configuration for a network device

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

33 Citations

28 Claims

Specification

Use Cases

Quick Links

Others

Virtual inline configuration for a network device

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

28 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others