Rule-based routing to resources through a network
First Claim
1. A method of routing resource access requests based upon a resource name, the method comprising:
- receiving a name service reply for a resource;
extracting a name for the resource from the name service reply;
identifying that the resource name matches a redirection rule;
deriving routing information for the resource from the name service reply in response to the resource name matching the redirection rule;
identifying that the name service reply for the resource corresponds to at least one of a transfer control protocol synchronization (TCP SYNC) value, a universal datagram protocol (UDP) datagram, or an Internet control message protocol (ICMP) value;
identifying that the incoming name service reply does not already have a corresponding entry in a virtual private network (VPN) look aside table;
creating a routing entry in the VPN look aside table based on identifying that the VPN look aside table does not already have a corresponding entry that maps the name against the derived routing information in a look aside table based upon the name service reply;
identifying that the incoming name service reply does not already have a corresponding entry in a system routing table; and
creating an entry in the system routing table.
13 Assignments
0 Petitions
Accused Products
Abstract
Techniques for determining which resource access requests are handled locally at a remote computer, and which resource access requests are routed or “redirected” through a virtual private network. One or more routing or “redirection” rules are downloaded from a redirection rule server to a remote computer. When the node of the virtual private network running on the remote computer receives a resource access request, it compares the identified resource with the rules. Based upon how the identified resource matches one or more rules, the node will determine whether the resource access request is redirected through the virtual private network or handled locally (e.g., retrieved locally from another network). A single set of redirection rules can be distributed to and employed by a variety of different virtual private network communication techniques.
-
Citations
4 Claims
-
1. A method of routing resource access requests based upon a resource name, the method comprising:
-
receiving a name service reply for a resource; extracting a name for the resource from the name service reply; identifying that the resource name matches a redirection rule; deriving routing information for the resource from the name service reply in response to the resource name matching the redirection rule; identifying that the name service reply for the resource corresponds to at least one of a transfer control protocol synchronization (TCP SYNC) value, a universal datagram protocol (UDP) datagram, or an Internet control message protocol (ICMP) value; identifying that the incoming name service reply does not already have a corresponding entry in a virtual private network (VPN) look aside table; creating a routing entry in the VPN look aside table based on identifying that the VPN look aside table does not already have a corresponding entry that maps the name against the derived routing information in a look aside table based upon the name service reply; identifying that the incoming name service reply does not already have a corresponding entry in a system routing table; and creating an entry in the system routing table. - View Dependent Claims (2, 3, 4)
-
Specification