Broadband access for virtual private networks
First Claim
1. A method for communicating between a source and a destination in a service provider internet protocol network, comprising:
- receiving, at an egress edge device from an ingress edge device on the service provider internet protocol network, an upper layer packet comprising data received in turn from the source and encapsulated in accordance with a service provider format into the upper layer packet, the upper layer packet including a virtual private network identification identifying a destination;
authenticating the upper layer packet at the egress edge device using the virtual private network identification by matching the virtual private network identification against an expectation for the upper layer packet; and
upon authentication, decapsulating the upper layer packet into a lower layer packet for the destination.
4 Assignments
0 Petitions
Accused Products
Abstract
A method for communicating between a source and a destination in a service provider internet protocol network includes receiving, at an egress edge device from an ingress edge device on the service provider internet protocol network, an upper layer packet comprising data received in turn from the source and encapsulated in accordance with a service provider format into the upper layer packet. The upper layer packet includes a virtual private network identification identifying a destination. The method also includes authenticating the upper layer packet at the egress edge device using the virtual private network identification. Upon authentication, the upper layer packet is decapsulated into a lower layer packet for the destination.
122 Citations
20 Claims
-
1. A method for communicating between a source and a destination in a service provider internet protocol network, comprising:
-
receiving, at an egress edge device from an ingress edge device on the service provider internet protocol network, an upper layer packet comprising data received in turn from the source and encapsulated in accordance with a service provider format into the upper layer packet, the upper layer packet including a virtual private network identification identifying a destination; authenticating the upper layer packet at the egress edge device using the virtual private network identification by matching the virtual private network identification against an expectation for the upper layer packet; and upon authentication, decapsulating the upper layer packet into a lower layer packet for the destination. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system for communicating between a source and a destination in a service provider internet protocol network, comprising:
-
a receiver at an egress edge device that receives, from an ingress edge device on the service provider internet protocol network, an upper layer packet comprising data received in turn from the source and encapsulated in accordance with a service provider format into the upper layer packet, the upper layer packet including a virtual private network identification identifying a destination; and a decapsulator at the egress edge device that authenticates the upper layer packet using the virtual private network identification by matching the virtual private network identification against an expectation for the upper layer packet and, upon authentication, decapsulates the upper layer packet into a lower layer packet for the destination.
-
-
20. A non-transitory computer readable medium comprising a set of instructions for communicating between a source and a destination in a service provider internet protocol network, the set of instructions directing at least one processor to perform acts of:
-
receiving, at an egress edge device from an ingress edge device on the service provider internet protocol network, an upper layer packet comprising data received in turn from the source and encapsulated in accordance with a service provider format into the upper layer packet, the upper layer packet including a virtual private network identification identifying a destination; authenticating the upper layer packet at the egress edge device using the virtual private network identification by matching the virtual private network identification against an expectation for the upper layer packet; and upon authentication, decapsulating the upper layer packet into a lower layer packet for the destination.
-
Specification