Methods, apparatus and data structures for preserving address and service level information in a virtual private network
First Claim
1. A method comprising:
- receiving a packet originated by a source system via an ingress port, the packet including a destination layer 3 address and a layer 2 header portion;
retrieving context information from the layer 2 header portion of the packet, the context information corresponding to the ingress port and including a multicast indicator;
determining whether the packet is authorized for use of a multicast resource based on the multicast indicator; and
allowing the packet to be forwarded to the destination layer 3 address when the packet is authorized.
2 Assignments
0 Petitions
Accused Products
Abstract
Supporting virtual private networks by using a new layer 3 address to encapsulate a network-bound packet so that its context information, from which a layer 2 (e.g., MAC) address can be derived, is preserved. If this encapsulation was not done, the layer 2 address would change over each segment of the network. Thus, the encapsulation preserves the concept of group identification, using at least a part of the context, over the entire network and not just at the edge of the network. If a packet is received from the network (to be forwarded to a customer), the layer 3 address that was added in the encapsulation is stripped off. The original layer 3 destination address may be used with a client device addressing table to determine a new context information, and a layer 2 (e.g., MAC) address of a destination client device.
-
Citations
16 Claims
-
1. A method comprising:
- receiving a packet originated by a source system via an ingress port, the packet including a destination layer 3 address and a layer 2 header portion;
retrieving context information from the layer 2 header portion of the packet, the context information corresponding to the ingress port and including a multicast indicator;
determining whether the packet is authorized for use of a multicast resource based on the multicast indicator; and
allowing the packet to be forwarded to the destination layer 3 address when the packet is authorized. - View Dependent Claims (2, 3, 4, 5, 6)
- receiving a packet originated by a source system via an ingress port, the packet including a destination layer 3 address and a layer 2 header portion;
-
7. A method comprising:
- receiving a packet originating from a source system over a first communications link at a first physical port, the packet including a layer 2 header;
determining a logical port associated with the first physical port;
determining context information associated with the logical port, the context information including a unique bit string;replacing at least a portion of the layer 2 header with the context information;
determining a second physical port connected to a second communication link; andtransmitting the packet via the second physical port. - View Dependent Claims (8, 9, 10, 11)
- receiving a packet originating from a source system over a first communications link at a first physical port, the packet including a layer 2 header;
-
12. A system comprising:
- a plurality of first physical port devices;
a plurality of second physical port devices; and
a processing system coupled to the plurality of first physical port devices and the plurality of second physical port devices, the processing system including a first table storing port mapping information associating individual ones of the plurality of first physical port devices to individual ones of a plurality of logical port identifiers, a second table storing logical port information associated with individual ones of the plurality of logical port identifiers, wherein the processing system is configured to determine one of the logical port identifiers associated with a physical port via which a packet originated by a source system is received, modify a level 2 header portion of the packet to include a unique bit string based on the logical port information associated with the determined logical port identifier, and to cause the transmission of the packet via one of the plurality of second physical port devices. - View Dependent Claims (13, 14, 15, 16)
- a plurality of first physical port devices;
Specification