Multi-tunnel virtual private network
First Claim
1. A method for controlling Quality-of-Service (“
- QoS”
) in a Virtual Private Network (“
VPN”
) in a transport network providing a plurality of QoS bearers, the method comprising;
establishing, between a first VPN endpoint and a second VPN endpoint, a plurality of VPN tunnels through said transport network, said plurality of VPN tunnels including at least a default VPN tunnel associated with a first QoS bearer and an alternate VPN tunnel associated with a second QoS bearer;
establishing at the first and second VPN endpoints a VPN policy which specifies at least two different QoS levels to be applied to transport packets in accordance with at least one characteristic of the application data contained therein, the VPN policy specified independently of a transport network policy established for the transport network which also specifies at least two different QoS levels to be applied to transport packets; and
performing the following steps at said first VPN endpoint;
receiving a first data block of a plurality of data blocks specifying application messages generated by at least two software applications, each said data block comprising application data;
analyzing said first data block to determine at least one said characteristic of the application data contained therein;
applying the VPN policy to said first data block whereby said default VPN tunnel or said alternate VPN tunnel is assigned to the first data block based on the characteristic of the application data in accordance with the VPN policy;
selectively assigning a VPN tunnel indicator to the first data block that defines a QoS in the transport network which is different from the QoS which would be assigned to a transport packet including the first data block by the transport network in the presence of encryption;
encrypting said first data block to generate a VPN payload;
encapsulating said VPN payload with a transport packet header to form a transport packet, said transport packet header including the VPN tunnel indicator which specifies which one of the default VPN tunnel and the alternate VPN tunnel was previously assigned to the first data block; and
communicating said transport packet to the transport network where a QoS policy is applied to assign the transport packet to the first QoS bearer or the second QoS bearer based on the VPN tunnel indicator contained in the transport packet header;
wherein the transport packet is communicated across the transport network using one of the first or second QoS bearers as determined in accordance with the VPN policy, independently of the transport network policy for the application data having said characteristic.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for controlling Quality-of-Service (“QoS”) in a Virtual Private Network (“VPN”) in a transport network providing a plurality of QoS bearers. The methods involve: establishing, between two VPN endpoints, a plurality of VPN tunnels through the transport network, including at least a default VPN tunnel associated with a first QoS bearer and an alternate VPN tunnel associated with a second QoS bearer; receiving and analyzing a data block; applying a VPN policy to assign the data block to either default VPN tunnel or alternate VPN tunnel; and encapsulating the data block in a transport data block including at least one indicator. The indicator specifies whether the transport data block is to be communicated by the transport network using the first QoS bearer or second QoS bearer.
-
Citations
18 Claims
-
1. A method for controlling Quality-of-Service (“
- QoS”
) in a Virtual Private Network (“
VPN”
) in a transport network providing a plurality of QoS bearers, the method comprising;establishing, between a first VPN endpoint and a second VPN endpoint, a plurality of VPN tunnels through said transport network, said plurality of VPN tunnels including at least a default VPN tunnel associated with a first QoS bearer and an alternate VPN tunnel associated with a second QoS bearer; establishing at the first and second VPN endpoints a VPN policy which specifies at least two different QoS levels to be applied to transport packets in accordance with at least one characteristic of the application data contained therein, the VPN policy specified independently of a transport network policy established for the transport network which also specifies at least two different QoS levels to be applied to transport packets; and performing the following steps at said first VPN endpoint; receiving a first data block of a plurality of data blocks specifying application messages generated by at least two software applications, each said data block comprising application data; analyzing said first data block to determine at least one said characteristic of the application data contained therein; applying the VPN policy to said first data block whereby said default VPN tunnel or said alternate VPN tunnel is assigned to the first data block based on the characteristic of the application data in accordance with the VPN policy; selectively assigning a VPN tunnel indicator to the first data block that defines a QoS in the transport network which is different from the QoS which would be assigned to a transport packet including the first data block by the transport network in the presence of encryption; encrypting said first data block to generate a VPN payload; encapsulating said VPN payload with a transport packet header to form a transport packet, said transport packet header including the VPN tunnel indicator which specifies which one of the default VPN tunnel and the alternate VPN tunnel was previously assigned to the first data block; and communicating said transport packet to the transport network where a QoS policy is applied to assign the transport packet to the first QoS bearer or the second QoS bearer based on the VPN tunnel indicator contained in the transport packet header; wherein the transport packet is communicated across the transport network using one of the first or second QoS bearers as determined in accordance with the VPN policy, independently of the transport network policy for the application data having said characteristic. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- QoS”
-
11. A system for controlling Quality-of-Service (“
- QoS”
) in a Virtual Private Network (“
VPN”
) in a transport network providing a plurality of QoS bearers, the system comprising;at least one electronic circuit configured to; establish, between a first VPN endpoint and a second VPN endpoint, a plurality of VPN tunnels through said transport network, said plurality of VPN tunnels including at least a default VPN tunnel associated with a first QoS bearer and an alternate VPN tunnel associated with a second QoS bearer; access a VPN policy which specifies at least two different QoS levels to be applied to transport packets in accordance with at least one characteristic of the application data contained therein, the VPN policy specified independently of a transport network policy established for the transport network which also specifies at least two different QoS levels to be applied to transport packets; receive a first data block of a plurality of data blocks specifying application messages generated by at least two software applications, each said data block comprising application data; analyze said first data block to determine at least one said characteristic of the application data contained therein; apply the VPN policy to said first data block whereby said default VPN tunnel or said alternate VPN tunnel is assigned to the first data block based on the characteristic of the application data in accordance with the VPN policy; selectively assign a VPN tunnel indicator to the first data block that defines a QoS in the transport network which is different from the QoS which would be assigned to a transport packet including the first data block by the transport network in the presence of encryption; encrypting said first data block to generate a VPN payload; encapsulate said VPN payload with a transport packet header to form a transport packet, said transport packet header including at least one VPN tunnel indicator which specifies which one of the default VPN tunnel and the alternate tunnel was previously assigned to the first data block; and communicate said transport packet to the transport network where a QoS policy is applied to assign the transport packet to the first QoS bearer or the second QoS bearer based on the VPN tunnel indicator contained in the transport packet header; wherein the transport packet is communicated across the transport network using one of the first or second QoS bearer as determined in accordance with the VPN policy, independently of the transport network policy for said application data having said characteristic. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- QoS”
Specification