Regional virtual VPN
First Claim
1. A process of communication, comprising a network abstraction layer (NAL) built on a public Internet, the NAL comprising an overlay network allowing a direct Internet Protocol (IP) communication between endpoints in a virtual private network (VPN) over the Internet, wherein the NAL provides the overlay network between the endpoints, the overlay network being built over the Internet;
- anda network virtualization layer (NVL) built on the NAL, the NVL comprising a VPN aggregator using GDOI protocol encryption, providing synchronization of session keys to encrypt a payload between all the endpoints over the NAL such that encrypted traffic is able to be decrypted by any endpoint for an entire session to allow instantly available communication between all the endpoints, wherein communication between all the endpoints does not require using a hub after an initial connection is established, and wherein the VPN aggregator enables aggregation of multiple Group Domain of Interpretation (GDOI) domains;
wherein an IP communication defines data being exchanged between the endpoints via tunnel interfaces,wherein a runnel interface defines an interface on an endpoint that is one side of a point-to-point or point-to-multipoint link with another endpoint;
wherein IP tunnel addresses define all IP addresses of tunnel interfaces of an endpoint,wherein translation of the IP tunnel addresses and all LAN IP subnets of the endpoint interact IP address occurs for each endpoint, andwherein a registration process the IP addressing scheme of the each endpoint is recorded, said IP addressing scheme including public IP addresses and the IP tunnel addresses of the each endpoint and all LAN IP subnets of the each endpoint; and
wherein the endpoint is connected to a non-broadcast multi-access (NBMA) network to discover internetworking layer addresses and subnetwork addresses of a NBMA next hop towards a destination endpoint; and
wherein the NBMA next hop is a Next Hop Resolution Protocol (NHRP).
5 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for communication. A network abstraction layer (NAL) is built on a public Internet, the NAL comprising an overlay network allowing a direct Internet Protocol (IP) communication between endpoints in a virtual private network (VPN) over the Internet. A network virtualization layer (NVL) is built on the NAL, the NVL comprising a VPN aggregator using DGOI protocol encryption, providing synchronization of session keys to encrypt a payload between all the endpoints over the NAL such that encrypted traffic is able to be decrypted by any endpoint for an entire session to allow instantly available communication between all the endpoints.
-
Citations
56 Claims
-
1. A process of communication, comprising a network abstraction layer (NAL) built on a public Internet, the NAL comprising an overlay network allowing a direct Internet Protocol (IP) communication between endpoints in a virtual private network (VPN) over the Internet, wherein the NAL provides the overlay network between the endpoints, the overlay network being built over the Internet;
- and
a network virtualization layer (NVL) built on the NAL, the NVL comprising a VPN aggregator using GDOI protocol encryption, providing synchronization of session keys to encrypt a payload between all the endpoints over the NAL such that encrypted traffic is able to be decrypted by any endpoint for an entire session to allow instantly available communication between all the endpoints, wherein communication between all the endpoints does not require using a hub after an initial connection is established, and wherein the VPN aggregator enables aggregation of multiple Group Domain of Interpretation (GDOI) domains; wherein an IP communication defines data being exchanged between the endpoints via tunnel interfaces, wherein a runnel interface defines an interface on an endpoint that is one side of a point-to-point or point-to-multipoint link with another endpoint; wherein IP tunnel addresses define all IP addresses of tunnel interfaces of an endpoint, wherein translation of the IP tunnel addresses and all LAN IP subnets of the endpoint interact IP address occurs for each endpoint, and wherein a registration process the IP addressing scheme of the each endpoint is recorded, said IP addressing scheme including public IP addresses and the IP tunnel addresses of the each endpoint and all LAN IP subnets of the each endpoint; and wherein the endpoint is connected to a non-broadcast multi-access (NBMA) network to discover internetworking layer addresses and subnetwork addresses of a NBMA next hop towards a destination endpoint; and wherein the NBMA next hop is a Next Hop Resolution Protocol (NHRP). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- and
-
26. A system of communication, comprising:
-
a network abstraction layer (NAL) built on a public Internet, the NAL comprising an overlay network allowing a direct Internet Protocol (IP) communication between endpoints in a virtual private network (VPN) over the Internet, wherein the NAL provides the overlay network between the endpoints, the overlay network being built over the Internet; and a network virtualization layer (NVL) built on the NAL, the NVL comprising a VPN aggregator using GDOI protocol encryption, providing synchronization of session keys to encrypt a payload between all the endpoints over the NAL such that encrypted traffic is able to be decrypted by any endpoint for an entire session to allow instantly available communication between all the endpoints after an initial connection is established, wherein communication between all the endpoints does not require using a hub, and wherein the VPN aggregator enables aggregation of multiple Group Domain of Interpretation (GDOI) domains; wherein an IP communication defines data being exchanged between the endpoints via tunnel interfaces, wherein a tunnel interface defines an interface on an endpoint that is one side of a point-to-point or point-to-multipoint link with another endpoint, wherein IP tunnel addresses define all IP addresses of tunnel interfaces of the endpoint, wherein the translation of the IP tunnel addresses and all LAN IP subnets of endpoint internet IP addresses occurs for each endpoint, and wherein at a registration system the IP addressing scheme of the each endpoint is recorded, the IP addressing scheme including public IP addresses and the IP tunnel addresses of the each endpoint, and all LAN IP subnets of the each endpoint; and wherein the endpoint is connected to a non-broadcast multi-access (NBMA) network to discover internetworking layer addresses and subnetwork addresses of a NBMA next hop towards a destination endpoint; and wherein the NBMA next hop is a Next Hop Resolution Protocol (NHRP). - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52)
-
-
53. One or more processor readable storage devices having processor readable code embodied on said processor readable storage devices, said processor readable code for programming one or more processors to perform the process of providing a method of communication, comprising:
-
a network abstraction layer (NAL) built on a public Internet, the NAL comprising an overlay network allowing a direct Internet Protocol (IP) communication between endpoints in a virtual private network (VPN) over the Internet, wherein the NAL provides an overlay network between the endpoints, the overlay network being built over the Internet; and a network virtualization layer (NVL) built on the NAL, the NVL comprising a VPN aggregator using GDOI protocol encryption, providing synchronization of session keys to encrypt a payload between all the endpoints over the NAL to allow instantly available communication between all the endpoints, wherein communication between all the endpoints does not require using a hub after an initial connection is established, and wherein the VPN aggregator enables aggregation of multiple Group Domain of Interpretation (GDOI) domains; wherein an IP communication defines data being exchanged between the endpoints via tunnel interfaces, wherein a runnel interface defines an interface on an endpoint that is one side of a point-to-point or point-to-multipoint link with another endpoint; wherein IP tunnel addresses define all the IP addresses of tunnel interfaces of the endpoint, wherein the translation of the IP tunnel addresses and all LAN IP subnets of a endpoint Internet IP address occurs for each endpoint, and wherein at a registration process the IP addressing scheme of the each endpoint is recorded, the IP addressing scheme including public IP addresses and the IP tunnel addresses of the each endpoint and all LAN IP subnets of the each endpoint; wherein the endpoint is connected to a non-broadcast multi-access (NBMA) network to discover internetworking layer addresses and subnetwork addresses of a NBMA next hop towards a destination endpoint; and wherein the NBMA next hop is a Next Hop Resolution Protocol (NHRP). - View Dependent Claims (54, 55, 56)
-
Specification