Policy based quality of service and encryption over MPLS networks

US 8,279,864 B2
Filed: 11/10/2006
Issued: 10/02/2012
Est. Priority Date: 11/10/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a network device, one or more label switched path (LSP) labels that define one or more quality of service paths through a first network, the one or more LSP labels being received from a second network, the first network being an untrusted network and the second network being a trusted network;

receiving, by the network device, data from the second network,the received data to be transmitted through the first network, andthe received data including information identifying a particular quality of service;

receiving, by the network device and from another network device in the first network, information indicating a connection, associated with the received data, to be established based on the particular quality of service;

encrypting, by the network device, the received data after receiving the information indicating the connection to be established;

identifying, by the network device, a particular LSP label, of the one or more LSP labels, to apply to the encrypted data,identifying the particular LSP label including mapping the information identifying the particular quality of service to quality of service information associated with the particular LSP label;

applying, by the network device, the identified particular LSP label to the encrypted data; and

transmitting, by the network device, the encrypted data with the applied particular LSP label through the first network.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network device may store a plurality of LSP labels each associated with a network policy and desired quality of service, wherein each LSP label defines a path through a multi-protocol label switching (MPLS) network. Upon receiving a request to transmit data in accordance with a network policy and desired quality of service, the network device may transmit an appropriate LSP label for transmission through the MPLS network.

226 Citations

18 Claims

1. A method comprising:
- receiving, at a network device, one or more label switched path (LSP) labels that define one or more quality of service paths through a first network, the one or more LSP labels being received from a second network, the first network being an untrusted network and the second network being a trusted network;
  
  receiving, by the network device, data from the second network,the received data to be transmitted through the first network, andthe received data including information identifying a particular quality of service;
  
  receiving, by the network device and from another network device in the first network, information indicating a connection, associated with the received data, to be established based on the particular quality of service;
  
  encrypting, by the network device, the received data after receiving the information indicating the connection to be established;
  
  identifying, by the network device, a particular LSP label, of the one or more LSP labels, to apply to the encrypted data,identifying the particular LSP label including mapping the information identifying the particular quality of service to quality of service information associated with the particular LSP label;
  
  applying, by the network device, the identified particular LSP label to the encrypted data; and
  
  transmitting, by the network device, the encrypted data with the applied particular LSP label through the first network.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, where receiving the one or more LSP labels includes:
    - receiving the one or more LSP labels from a server in the second network.
  - 3. The method of claim 1, further comprising:
    - storing the one or more LSP labels in a memory that stores a plurality of LSP labels, quality of service information, and network policy information,where each of the plurality of LSP labels is associated with at least one of;
      
      particular quality of service information of the stored quality of service information, orparticular network policy information of the stored network policy information.
  - 4. The method of claim 1, further comprising:
    - identifying an output port, of the network device, to transmit the encrypted data, based on the identified particular LSP label; and
      
      transmitting, after applying the identified particular LSP label, the encrypted data via the identified output port of the network device.
  - 5. The method of claim 4, where identifying the output port comprises:
    - mapping the identified particular LSP label, associated with a particular input port, to a corresponding LSP label, associated with the identified output port.

6. A network device comprising:
- a memory to;
  
  store a plurality of label switched path (LSP) labels and quality of service information, each LSP label, of the stored plurality of LSP labels, defining a path, through a first network, that is associated with a particular quality of service, each LSP label, of the stored plurality of LSP labels, being associated with corresponding quality of service information of the stored quality of service information, and the first network corresponding to an untrusted network; and
  
  logic, implemented at least partially in hardware, to;
  
  receive data from a second network to be transmitted through the first network, the data including a request for a quality of service, and the second network being different than the first network;
  
  receive, from another network device associated with the first network, information indicating a connection, associated with the data, to be established based on the quality of service of the request;
  
  encrypt the data received from the second network after receiving the information indicating the connection to be established;
  
  map the quality of service, of the request, to particular quality of service information of the stored quality of service information;
  
  select a particular LSP label, of the plurality of LSP labels, that is associated with the particular quality of service information;
  
  apply the selected particular LSP label to the encrypted data; and
  
  transmit the encrypted and LSP labeled data through the first network via a path identified by the applied particular LSP label.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The network device of claim 6, where the first network is a multi-protocol label switching (MPLS) network.
  - 8. The network device of claim 6, where the data, received from the second network, is transmitted by a client device, to the network device, via the second network.
  - 9. The network device of claim 6, further comprising:
    - a first portion that receives the data from the second network;
      
      a second portion, different than the first portion, that transmits the encrypted data with the applied LSP label to the first network; and
      
      an encryption engine to;
      
      receive the data from the first portion,encrypt the data received from the first portion, andforward the encrypted data to the second portion, where the second portion transmits the encrypted data with the applied LSP label via the first network.
  - 10. The network device of claim 6, where the network device comprises a first portion that receives data from the second network and a second portion, different than the first portion, that transmits data to the first network, andwhere the plurality of LSP labels and the quality of service information are stored in the first portion of the network device.

11. A method comprising:
- transmitting, by a network device and to a server that is associated with a particular network, a request for a label switched path (LSP) label that defines a path through a multi-protocol label switching (MPLS) network, the path being associated with a particular quality of service,the MPLS network being an untrusted network, and the particular network being different than the MPLS network;
  
  receiving, by the network device and from the server, the LSP label via the particular network;
  
  receiving, by the network device, data from the particular network,the data to be transmitted, via the MPLS network, based on a quality of service that corresponds to the particular quality of service;
  
  receiving, by the network device and from another network device associated with the MPLS network, information indicating a connection, associated with the data, to be established based on the quality of service;
  
  encrypting, by the network device, the data after receiving the information indicating the connection to be established;
  
  identifying, by the network device, the LSP label based on the quality of service;
  
  applying, by the network device, the LSP label to the encrypted data; and
  
  transmitting, by the network device, the encrypted data with the applied LSP label via the path through the MPLS network.
- View Dependent Claims (12, 13, 14)
- - 12. The method of claim 11, where receiving the data comprises:
    - receiving a request to transmit the data via the MPLS network based on the quality of service, the request being received from a client device that is associated with the particular network.
  - 13. The method of claim 11, further comprising:
    - storing the received LSP label; and
      
      retrieving the received LSP label based identifying the LSP label.
  - 14. The method of claim 13, where the network device comprises a first portion that receives data from the second network, anda second portion, different than the first portion, that transmits data to the first network, andwhere storing the received LSP label comprises:
    - storing the received LSP label and the particular quality of service in a memory, in the first portion, that stores a plurality of LSP labels and quality of service information, where each of the plurality of LSP labels is mapped to corresponding quality of service information of the stored quality of service information.

15. A non-transitory computer-readable medium comprising:
- one or more instructions which, when executed by at least one processor of a network device, cause the at least one processor to;
  
  store a plurality of label switched path (LSP) labels and quality of service information,each LSP label, of the stored plurality of LSP labels, defining a path, through a first network, that is associated with a particular quality of service, and each LSP label, of the stored plurality of LSP labels, being associated with corresponding quality of service information of the stored quality of service information, the first network corresponding to an untrusted network;
  
  receive data, from a second network, that is to be transmitted through the first network, the data including a request for a quality of service, and the second network being different than the first network;
  
  receive, from another network device in the first network, information indicating a connection, associated with the data, to be established based on the quality of service;
  
  encrypt the data received from the second network after receiving the information indicating the connection to be established;
  
  map the quality of service, of the request, to particular quality of service information of the stored quality of service information;
  
  select a particular LSP label, of the plurality of LSP labels, that is associated with the particular quality of service information;
  
  encapsulate the encrypted data using the selected particular LSP label; and
  
  transmit the encapsulated data through the first network via a path identified by the particular LSP label.
- View Dependent Claims (16, 17, 18)
- - 16. The non-transitory computer-readable medium of claim 15, where the one or more instructions to receive the data comprise:
    - one or more instructions to receive, from a client device that is associated with the second network, a request to transmit the data via the first network based on the quality of service,where the first network corresponds to a multi-protocol label switching (MPLS) network, andwhere the second network correspond to a trusted network.
  - 17. The non-transitory computer-readable medium of claim 15, further comprising:
    - one or more instructions to receive, via the second network, the plurality of LSP labels and quality of service information from another network device.
  - 18. The non-transitory computer-readable medium of claim 17, where the first network corresponds to a multi-protocol label switching (MPLS) network, andwhere the second network corresponds to a trusted network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Inventors
Wood, Daniel M.
Primary Examiner(s)
RENNER, BRANDON M

Application Number

US11/558,682
Publication Number

US 20080112410A1
Time in Patent Office

2,153 Days
Field of Search

370/468
US Class Current

370/389
CPC Class Codes

H04L 45/00   Routing or path finding of ...

H04L 45/302   Route determination based o...

H04L 45/308   Route determination based o...

H04L 45/50   using label swapping, e.g. ...

H04L 47/70   Admission control; Resource...

H04L 47/746   Reaction triggered by a fai...

H04L 47/805   QOS or priority aware

H04L 47/825   Involving tunnels, e.g. MPLS

H04L 63/0428   wherein the data content is...

Policy based quality of service and encryption over MPLS networks

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

226 Citations

18 Claims

Specification

Use Cases

Quick Links

Others

Policy based quality of service and encryption over MPLS networks

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

226 Citations

18 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others