Policy based quality of service and encryption over MPLS networks
First Claim
Patent Images
1. A method comprising:
- receiving, at a network device, one or more label switched path (LSP) labels that define one or more quality of service paths through a first network, the one or more LSP labels being received from a second network, the first network being an untrusted network and the second network being a trusted network;
receiving, by the network device, data from the second network,the received data to be transmitted through the first network, andthe received data including information identifying a particular quality of service;
receiving, by the network device and from another network device in the first network, information indicating a connection, associated with the received data, to be established based on the particular quality of service;
encrypting, by the network device, the received data after receiving the information indicating the connection to be established;
identifying, by the network device, a particular LSP label, of the one or more LSP labels, to apply to the encrypted data,identifying the particular LSP label including mapping the information identifying the particular quality of service to quality of service information associated with the particular LSP label;
applying, by the network device, the identified particular LSP label to the encrypted data; and
transmitting, by the network device, the encrypted data with the applied particular LSP label through the first network.
2 Assignments
0 Petitions
Accused Products
Abstract
A network device may store a plurality of LSP labels each associated with a network policy and desired quality of service, wherein each LSP label defines a path through a multi-protocol label switching (MPLS) network. Upon receiving a request to transmit data in accordance with a network policy and desired quality of service, the network device may transmit an appropriate LSP label for transmission through the MPLS network.
226 Citations
18 Claims
-
1. A method comprising:
-
receiving, at a network device, one or more label switched path (LSP) labels that define one or more quality of service paths through a first network, the one or more LSP labels being received from a second network, the first network being an untrusted network and the second network being a trusted network; receiving, by the network device, data from the second network, the received data to be transmitted through the first network, and the received data including information identifying a particular quality of service; receiving, by the network device and from another network device in the first network, information indicating a connection, associated with the received data, to be established based on the particular quality of service; encrypting, by the network device, the received data after receiving the information indicating the connection to be established; identifying, by the network device, a particular LSP label, of the one or more LSP labels, to apply to the encrypted data, identifying the particular LSP label including mapping the information identifying the particular quality of service to quality of service information associated with the particular LSP label; applying, by the network device, the identified particular LSP label to the encrypted data; and transmitting, by the network device, the encrypted data with the applied particular LSP label through the first network. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A network device comprising:
-
a memory to; store a plurality of label switched path (LSP) labels and quality of service information, each LSP label, of the stored plurality of LSP labels, defining a path, through a first network, that is associated with a particular quality of service, each LSP label, of the stored plurality of LSP labels, being associated with corresponding quality of service information of the stored quality of service information, and the first network corresponding to an untrusted network; and logic, implemented at least partially in hardware, to; receive data from a second network to be transmitted through the first network, the data including a request for a quality of service, and the second network being different than the first network; receive, from another network device associated with the first network, information indicating a connection, associated with the data, to be established based on the quality of service of the request; encrypt the data received from the second network after receiving the information indicating the connection to be established; map the quality of service, of the request, to particular quality of service information of the stored quality of service information; select a particular LSP label, of the plurality of LSP labels, that is associated with the particular quality of service information; apply the selected particular LSP label to the encrypted data; and transmit the encrypted and LSP labeled data through the first network via a path identified by the applied particular LSP label. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A method comprising:
-
transmitting, by a network device and to a server that is associated with a particular network, a request for a label switched path (LSP) label that defines a path through a multi-protocol label switching (MPLS) network, the path being associated with a particular quality of service, the MPLS network being an untrusted network, and the particular network being different than the MPLS network; receiving, by the network device and from the server, the LSP label via the particular network; receiving, by the network device, data from the particular network, the data to be transmitted, via the MPLS network, based on a quality of service that corresponds to the particular quality of service; receiving, by the network device and from another network device associated with the MPLS network, information indicating a connection, associated with the data, to be established based on the quality of service; encrypting, by the network device, the data after receiving the information indicating the connection to be established; identifying, by the network device, the LSP label based on the quality of service; applying, by the network device, the LSP label to the encrypted data; and transmitting, by the network device, the encrypted data with the applied LSP label via the path through the MPLS network. - View Dependent Claims (12, 13, 14)
-
-
15. A non-transitory computer-readable medium comprising:
one or more instructions which, when executed by at least one processor of a network device, cause the at least one processor to; store a plurality of label switched path (LSP) labels and quality of service information, each LSP label, of the stored plurality of LSP labels, defining a path, through a first network, that is associated with a particular quality of service, and each LSP label, of the stored plurality of LSP labels, being associated with corresponding quality of service information of the stored quality of service information, the first network corresponding to an untrusted network; receive data, from a second network, that is to be transmitted through the first network, the data including a request for a quality of service, and the second network being different than the first network; receive, from another network device in the first network, information indicating a connection, associated with the data, to be established based on the quality of service; encrypt the data received from the second network after receiving the information indicating the connection to be established; map the quality of service, of the request, to particular quality of service information of the stored quality of service information; select a particular LSP label, of the plurality of LSP labels, that is associated with the particular quality of service information; encapsulate the encrypted data using the selected particular LSP label; and transmit the encapsulated data through the first network via a path identified by the particular LSP label. - View Dependent Claims (16, 17, 18)
Specification