×

Multi-tunnel virtual private network

  • US 9,300,570 B2
  • Filed: 05/22/2012
  • Issued: 03/29/2016
  • Est. Priority Date: 05/22/2012
  • Status: Active Grant
First Claim
Patent Images

1. A method for controlling Quality-of-Service (“

  • QoS”

    ) in a Virtual Private Network (“

    VPN”

    ) in a transport network providing a plurality of QoS bearers, the method comprising;

    establishing, between a first VPN endpoint and a second VPN endpoint, a plurality of VPN tunnels through said transport network, said plurality of VPN tunnels including at least a default VPN tunnel associated with a first QoS bearer and an alternate VPN tunnel associated with a second QoS bearer;

    establishing at the first and second VPN endpoints a VPN policy which specifies at least two different QoS levels to be applied to transport packets in accordance with at least one characteristic of the application data contained therein, the VPN policy specified independently of a transport network policy established for the transport network which also specifies at least two different QoS levels to be applied to transport packets; and

    performing the following steps at said first VPN endpoint;

    receiving a first data block of a plurality of data blocks specifying application messages generated by at least two software applications, each said data block comprising application data;

    analyzing said first data block to determine at least one said characteristic of the application data contained therein;

    applying the VPN policy to said first data block whereby said default VPN tunnel or said alternate VPN tunnel is assigned to the first data block based on the characteristic of the application data in accordance with the VPN policy;

    selectively assigning a VPN tunnel indicator to the first data block that defines a QoS in the transport network which is different from the QoS which would be assigned to a transport packet including the first data block by the transport network in the presence of encryption;

    encrypting said first data block to generate a VPN payload;

    encapsulating said VPN payload with a transport packet header to form a transport packet, said transport packet header including the VPN tunnel indicator which specifies which one of the default VPN tunnel and the alternate VPN tunnel was previously assigned to the first data block; and

    communicating said transport packet to the transport network where a QoS policy is applied to assign the transport packet to the first QoS bearer or the second QoS bearer based on the VPN tunnel indicator contained in the transport packet header;

    wherein the transport packet is communicated across the transport network using one of the first or second QoS bearers as determined in accordance with the VPN policy, independently of the transport network policy for the application data having said characteristic.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×