Virtual private network migration and management in centrally controlled networks

US 9,450,862 B2
Filed: 03/11/2014
Issued: 09/20/2016
Est. Priority Date: 03/11/2014
Status: Active Grant

First Claim

Patent Images

1. In a first edge node coupled to a first site, a method of migrating control of at least one virtual private network (VPN) to a central controller, the method comprising:

taking over a native border gateway protocol (BGP) peer session with a second edge node coupled to a second site; and

using a first software agent to perform the steps of;

taking over and maintaining a BGP peer session with the second edge node;

receiving a first VPN route with a first VPN label from the central controller and sending the first VPN route with the first VPN label to the second edge node via the BGP peer session; and

receiving a second VPN route with a second VPN label from the second edge node coupled to the second site via the BGP peer session and sending the second VPN route with the second VPN label to the central controller.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a first edge node coupled to a first site, a method of migrating control of at least one virtual private network (VPN) to a central controller, the method comprising taking over a native border gateway protocol (BGP) peer session with a second edge node coupled to a second site, using a first software agent: taking over and maintaining a BGP peer session with a second edge node connected to a second site, receiving a VPN label from the central controller and sending the VPN label to the second edge node via the BGP peer session, and receiving first VPN routes from the second site via the BGP peer session and sending the first VPN routes to the central controller.

18 Citations

View as Search Results

19 Claims

1. In a first edge node coupled to a first site, a method of migrating control of at least one virtual private network (VPN) to a central controller, the method comprising:
- taking over a native border gateway protocol (BGP) peer session with a second edge node coupled to a second site; and
  
  using a first software agent to perform the steps of;
  
  taking over and maintaining a BGP peer session with the second edge node;
  
  receiving a first VPN route with a first VPN label from the central controller and sending the first VPN route with the first VPN label to the second edge node via the BGP peer session; and
  
  receiving a second VPN route with a second VPN label from the second edge node coupled to the second site via the BGP peer session and sending the second VPN route with the second VPN label to the central controller.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising using a second software agent to perform the steps of:
    - receiving the first VPN route from the first site and sending the first VPN route to the central controller;
      
      receiving the second VPN route from the central controller; and
      
      sending the second VPN route to the first site.
  - 3. The method of claim 2, further comprising using the central controller to perform the steps of:
    - receiving the first VPN route from the second software agent;
      
      allocating the first VPN label;
      
      sending the first VPN route with the first VPN label to the first software agent; and
      
      receiving the second VPN route with the second VPN label from the first software agent and sending the second VPN route to the second software agent.
  - 4. The method of claim 2, further comprising installing the first software agent and the second software agent, wherein the first software agent and the second software agent are received from the central controller.
  - 5. The ethod of claim 3, wherein after the second software agent on the first edge node is stable, the method further comprises:
    - ending the BGP peer session with the second edge node; and
      
      deleting the first software agent.
  - 6. The method of claim 5, further comprising using the second software agent to perform the steps of:
    - receiving an update to the first VPN route from the first site and sending the updated first VPN route to the central controller;
      
      receiving an update to the second VPN route from the central controller; and
      
      sending the updated second VPN route to the first site.
  - 7. The method of claim 6, further comprising using the central controller to perform the steps of:
    - receiving the update to the first VPN route from the second software agent, allocating the first VPN label, updating a VPN routing and forwarding (VRF) on the first edge node and the second edge node based on the update and the VPN label, and sending the update to the first VPN route to the second software agent on the second edge node; and
      
      receiving the update to the second VPN route from the second software agent on the second edge node, allocating the second VPN label, updating the VRF on the first edge node and the second edge node based on the update and the VPN label, and sending the update to the second VPN route to the second software agent on the first edge node.

8. In a central controller, a method for migrating and managing a virtual private network (VPN) comprising a first edge node for a first site and a second edge node for a second site, the method comprising:
- sending a first software agent to the first edge node for installation on the first edge node;
  
  sending a second software agent to the first edge node for installation on the first edge node;
  
  allocating a first VPN label for a first VPN route from the first site via the second software agent;
  
  sending the first VPN route with the first VPN label to the first software agent;
  
  receiving a second VPN route with a second VPN label for a second edge node from the first software agent; and
  
  sending the second VPN route for the second site from the second edge node to the second software agent.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, further comprising:
    - adding a forwarding entry into a VPN routing and forwarding (VRF) table on the first edge node and the second edge node based on the first VPN route and the first VPN label; and
      
      adding a forwarding entry into a VRF table on the first edge node and the second edge node based on the second VPN route and the second VPN label.
  - 10. The method of claim 8, wherein the first software agent maintains a border gateway protocol (BGP) peer session with the second edge node, and wherein the second software agent maintains a protocol adjacency with the first site.
  - 11. The method of claim 8, further comprising:
    - sending a third software agent to the second edge node for installation on the second edge node, wherein the third software agent takes over a border gateway protocol (BGP) peer session from native BGP software; and
      
      sending a fourth software agent to the second edge node for installation on the second edge node, wherein the fourth software agent takes over a protocol adjacency with the second site.
  - 12. The method of claim 11, wherein after the second software agent on the first edge node and the fourth software agent on the second edge node are stable, the method further comprises:
    - requesting that the first edge node remove the first software agent; and
      
      requesting that the second edge node remove the third software agent.
  - 13. The method of claim 12, wherein after the first software agent and the third software agent are removed, the method further comprises:
    - receiving a new VPN route for the first site via the second software agent;
      
      allocating a VPN label for the new VPN route; and
      
      adding a forwarding entry to a VPN routing and forwarding (VRF) table in the first edge node and the second edge node corresponding to the new VPN route and the VPN label.
  - 14. The method of claim 12, wherein after the first software agent and the third software agent are removed, the method further comprises:
    - receiving a new VPN route for the second site via the fourth software agent;
      
      allocating a VPN label for the new VPN route; and
      
      adding a forwarding entry to a VPN routing and forwarding (VRF) table in the first edge node and the second edge node corresponding to the new VPN route and the VPN label.

15. A computer program product comprising computer executable instructions stored on a non-transitory computer readable medium such that when executed by a processor cause a central controller to:
- receive a new remote virtual private network (VPN) route from a first edge node at a first site;
  
  allocate a VPN label for the new remote VPN route;
  
  add a forwarding entry to a VPN routing and forwarding (VRF) table in the first edge node and a second edge node, wherein the forwarding entry is based on the new remote VPN route and the VPN label;
  
  send a first software agent to the first edge node for installation on the first edge node; and
  
  send a second software agent to the first edge node for installation on the first edge node.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The computer program product of claim 15, further comprising instructions that cause the central controller to:
    - send a first VPN route with the VPN label to the second software agent; and
      
      receive a second VPN route from the second edge node for a second site via the second software agent.
  - 17. The computer program product of claim 16, wherein the first software agent takes over a border gateway protocol (BGP) peer session with the second edge node, and wherein the second software agent takes over an adjacency with the first site.
  - 18. The computer program product of claim 17, further comprising instructions that cause the central controller to:
    - send a third software agent to the second edge node for installation on the second edge node, wherein the third software agent takes over the BGP peer session from native BGP software; and
      
      send a fourth software agent to the second edge node for installation on the second edge node, wherein the fourth software agent takes over an adjacency with the second site.
  - 19. The computer program product of claim 18, wherein after the second software agent on the first edge node and the fourth software agent on the second edge node are stable, the instructions further cause the central controller to:
    - request that the first edge node remove the first software agent; and
      
      request that the second edge node remove the third software agent.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Futurewei Technologies Incorporated (Huawei Investment & Holding Co., Ltd.)
Original Assignee
Futurewei Technologies Incorporated (Huawei Investment & Holding Co., Ltd.)
Inventors
Chen, Huaimo, Li, Renwei, Dong, Xuesong
Primary Examiner(s)
Orgad, Edan
Assistant Examiner(s)
Shah, Saumit

Application Number

US14/204,827
Publication Number

US 20150263867A1
Time in Patent Office

924 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 12/6418   Hybrid transport

H04L 45/02   Topology update or discovery

H04L 45/033   by updating distance vector...

H04L 45/04   Interdomain routing, e.g. h...

H04L 45/42   Centralised routing

Virtual private network migration and management in centrally controlled networks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

18 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Virtual private network migration and management in centrally controlled networks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

18 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links