Rule-based routing to resources through a network

US 9,397,927 B2
Filed: 09/04/2014
Issued: 07/19/2016
Est. Priority Date: 12/10/2003
Status: Expired due to Fees

First Claim

Patent Images

1. A method of routing resource access requests based upon a resource name, the method comprising:

receiving a name service reply for a resource;

extracting a name for the resource from the name service reply;

identifying that the resource name matches a redirection rule;

deriving routing information for the resource from the name service reply in response to the resource name matching the redirection rule;

identifying that the name service reply for the resource corresponds to at least one of a transfer control protocol synchronization (TCP SYNC) value, a universal datagram protocol (UDP) datagram, or an Internet control message protocol (ICMP) value;

identifying that the incoming name service reply does not already have a corresponding entry in a virtual private network (VPN) look aside table;

creating a routing entry in the VPN look aside table based on identifying that the VPN look aside table does not already have a corresponding entry that maps the name against the derived routing information in a look aside table based upon the name service reply;

identifying that the incoming name service reply does not already have a corresponding entry in a system routing table; and

creating an entry in the system routing table.

View all claims

13 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for determining which resource access requests are handled locally at a remote computer, and which resource access requests are routed or “redirected” through a virtual private network. One or more routing or “redirection” rules are downloaded from a redirection rule server to a remote computer. When the node of the virtual private network running on the remote computer receives a resource access request, it compares the identified resource with the rules. Based upon how the identified resource matches one or more rules, the node will determine whether the resource access request is redirected through the virtual private network or handled locally (e.g., retrieved locally from another network). A single set of redirection rules can be distributed to and employed by a variety of different virtual private network communication techniques.

Citations

4 Claims

1. A method of routing resource access requests based upon a resource name, the method comprising:
- receiving a name service reply for a resource;
  
  extracting a name for the resource from the name service reply;
  
  identifying that the resource name matches a redirection rule;
  
  deriving routing information for the resource from the name service reply in response to the resource name matching the redirection rule;
  
  identifying that the name service reply for the resource corresponds to at least one of a transfer control protocol synchronization (TCP SYNC) value, a universal datagram protocol (UDP) datagram, or an Internet control message protocol (ICMP) value;
  
  identifying that the incoming name service reply does not already have a corresponding entry in a virtual private network (VPN) look aside table;
  
  creating a routing entry in the VPN look aside table based on identifying that the VPN look aside table does not already have a corresponding entry that maps the name against the derived routing information in a look aside table based upon the name service reply;
  
  identifying that the incoming name service reply does not already have a corresponding entry in a system routing table; and
  
  creating an entry in the system routing table.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further comprising:
    - receiving a resource access request that identifies a requested resource by name;
      
      identifying that the name of the requested resource is in the VPN look aside table;
      
      obtaining the routing information mapped to the name of the requested resource from the VPN look aside table when the name of the requested resource is in the VPN look aside table; and
      
      routing the resource access request using the obtained routing information.
  - 3. The method of claim 2, further comprising routing the resource access request using the obtained routing information by providing the obtained routing information to the system routing table.
  - 4. The method of claim 1, wherein the name service reply is a domain name service reply or a WINS reply.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SonicWALL US Holdings, Inc. (SonicWall Holdings Ltd.)
Original Assignee
Aventail LLC
Inventors
Hopen, Chris, Sauve, Bryan, Hoover, Paul, Perry, Bill
Primary Examiner(s)
Hirl, Joseph P
Assistant Examiner(s)
BEHESHTI SHIRAZI, SAYED ARESH

Application Number

US14/477,767
Publication Number

US 20150052248A1
Time in Patent Office

684 Days
Field of Search

713/13, 726/13, 726/19, 726/23, 709/223, 709/224, 709/226, 709/249
US Class Current

1/1
CPC Class Codes

G06F 21/6218   to a system of files or obj...

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 45/14   Routing performance; Theore...

H04L 47/70   Admission control; Resource...

H04L 61/5007   Internet protocol [IP] addr...

H04L 63/0272   Virtual private networks

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/10   for controlling access to d...

H04L 63/101   Access control lists [ACL]

H04L 67/63   Routing a service request d...

Rule-based routing to resources through a network

First Claim

13 Assignments

0 Petitions

Accused Products

Abstract

Citations

4 Claims

Specification

Solutions

Use Cases

Quick Links

Rule-based routing to resources through a network

First Claim

13 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

4 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links