Default internet traffic and transparent passthrough

US 7,420,932 B1
Filed: 04/04/2002
Issued: 09/02/2008
Est. Priority Date: 12/30/1998
Status: Expired due to Term

First Claim

Patent Images

1. A method comprising:

if a user has logged on to a gateway,extracting a source network address from a packet sent from the user to the Internet;

using the source network address to retrieve a user profile of the user indicating whether to route the packet to the Internet directly or through a private network; and

routing the packet according to the user profile; and

if the user has not logged on to the gateway, routing the packet according to a global flag indicating whether to route the packet to the Internet directly or through the private network.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for routing packets sent from a user to the internet is provided for systems in which the user is connected to a private network. The method includes: extracting a source network address from the packet; using said source network address to retrieve a user profile for the user; examining said user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet; and routing said packet according to said profile. This allows a user or network provider to choose whether to route packets destined for the Internet directly to the Internet rather than through the private network, thus preventing excessive network traffic on the private network.

83 Citations

View as Search Results

26 Claims

1. A method comprising:
- if a user has logged on to a gateway,extracting a source network address from a packet sent from the user to the Internet;
  
  using the source network address to retrieve a user profile of the user indicating whether to route the packet to the Internet directly or through a private network; and
  
  routing the packet according to the user profile; and
  
  if the user has not logged on to the gateway, routing the packet according to a global flag indicating whether to route the packet to the Internet directly or through the private network.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the user profile corresponds only to the user.
  - 3. The method of claim 1, wherein the user profile corresponds to multiple users in a group.
  - 4. The method of claim 1, wherein the user profile is retrieved from an authentication server.

5. A method comprising:
- if a user has logged on to a gateway having separate connections to a private network and to the Internet,extracting a source network address from a packet sent from the user to the Internet;
  
  using the source network address to retrieve a user profile of the user indicating whether to route the packet to the Internet directly or through a private network; and
  
  routing the packet according to the user profile; and
  
  if the user has not logged on to the gateway routing the packet according to a global flag indicating whether to route the packet to the Internet directly or through the private network.
- View Dependent Claims (6, 7, 8)
- - 6. The method of claim 5, wherein the user profile corresponds only to the user.
  - 7. The method of claim 5, wherein the user profile corresponds to multiple users in a group.
  - 8. The method of claim 5, wherein the user profile is retrieved from an authentication server.

9. A program storage device readable by a computer, tangibly embodying a program of instructions executable by the computer to perform a method, the method comprising:
- if a user has logged on to a gateway,extracting a source network address from a packet sent from the user to the Internet;
  
  using the source network address to retrieve a user profile of the user indicating whether to route the packet to the Internet directly or through a private network; and
  
  routing the packet according to the user profile; and
  
  if the user has not logged on to the gateway, routing the packet according to a global flag indicating whether to route the packet to the Internet directly or through the private network.
- View Dependent Claims (10, 11)
- - 10. The program storage device of claim 9, wherein the user profile corresponds only to the user.
  - 11. The program storage device of claim 9, wherein the user profile corresponds to multiple users in a group.

12. A program storage device readable by a computer, tangibly embodying a program of instructions executable by the computer to perform a method, the method comprising:
- if a user has logged on to a gateway having separate connections to a private network and to the Internet,extracting a source network address from a packet sent from the user to the Internet;
  
  using the source network address to retrieve a user profile of the user indicating whether to route the packet to the Internet directly or through a private network; and
  
  routing the packet according to the user profile; and
  
  if the user has not logged on to the gateway routing the packet according to a global flag indicating whether to route the packet to the Internet directly or through the private network.
- View Dependent Claims (13, 14)
- - 13. The program storage device of claim 12, wherein the user profile corresponds only to the user.
  - 14. The program storage device of claim 12, wherein the user profile corresponds to multiple users in a group.

15. An apparatus comprising:
- means for, if a user has logged on to a gateway,extracting a source network address from a packet sent from the user to the Internet;
  
  using the source network address to retrieve a user profile of the user indicating whether to route the packet to the Internet directly or through a private network; and
  
  routing the packet according to the user profile; and
  
  means for, if the user has not logged on to the gateway, routing the packet according to a global flag indicating whether to route the packet to the Internet directly or through the private network.
- View Dependent Claims (16, 17, 18)
- - 16. The apparatus of claim 15, wherein the user profile corresponds only to the user.
  - 17. The apparatus of claim 15, wherein the user profile corresponds to multiple users in a group.
  - 18. The apparatus of claim 15, wherein the user profile is retrieved from an authentication server.

19. An apparatus comprising:
- means for, if a user has logged on to a gateway having separate connections to a private network and to the Internet,extracting a source network address from a packet sent from the user to the Internet;
  
  using the source network address to retrieve a user profile of the user indicating whether to route the packet to the Internet directly or through a private network; and
  
  routing the packet according to the user profile; and
  
  means for, if the user has not logged on to the gateway, routing the packet according to a global flag indicating whether to route the packet to the Internet directly or through the private network.
- View Dependent Claims (20, 21, 22)
- - 20. The apparatus of claim 19, wherein the user profile corresponds only to the user.
  - 21. The apparatus of claim 19, wherein the user profile corresponds to multiple users in a group.
  - 22. The apparatus of claim 19, wherein the user profile is retrieved from an authentication server.

23. An apparatus for routing a packet sent from a user to the Internet, the user connected to a private network, including:
- a source network address extracting module configured to extract a source network address from the packet;
  
  a user profile retrieving module configured to use the source network address to retrieve a user profile for the user;
  
  a user profile examining module configured to examine the user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet;
  
  a routing module configured to route the packet according to the user profile;
  
  a global flag examining module configured to examine a global flag rather than a user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet if the user has not logged on to the gateway; and
  
  wherein the routing module is further configured to route the packet according to the global flag rather than according to a user profile if the user has not logged on to the gateway.

24. An apparatus for routing a packet sent from a user to the Internet, the user having a connection to a gateway and the gateway having separate connections to a private network and to the Internet, including:
- a source network address extracting module configured to extract a source network address from the packet;
  
  a user profile retrieving module configured to use the source network address to retrieve a user profile for the user;
  
  a user profile examining module configured to examine the user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet;
  
  a routing module configured to route the packet according to the user profile;
  
  a global flag examining module configured to examine a global flag rather than a user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet if the user has not logged on to the gateway; and
  
  wherein the routing module is further configured to route the packet according to the global flag rather than according to a user profile if the user has not logged on to the gateway.

25. A network device for routing a packet sent from a user to the Internet, the user connected to a private network, including:
- an input interface;
  
  an output interface;
  
  a processing module which executes instructions that cause the processing module to;
  
  extract a source network address from the packet;
  
  use the source network address to retrieve a user profile for the user;
  
  examine the user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet;
  
  route the packet according to the user profile;
  
  determine if the user has logged on to a gateway;
  
  examine a global flag rather than a user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet if the user has not logged on to the gateway; and
  
  route the packet according to the global flag rather than according to a user profile if the user has not logged on to the gateway.

26. A network device for routing a packet sent from a user to the Internet, the user having a connection to a gateway and the gateway having separate connections to a private network and to the Internet, including:
- an input interface;
  
  an output interface;
  
  a processing module which executes instructions that cause the processing module to;
  
  extract a source network address from the packet;
  
  use the source network address to retrieve a user profile for the user;
  
  examine the user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet;
  
  route the packet according to the user profile;
  
  determine if the user has logged on to a gateway;
  
  examine a global flag rather than a user profile to determine whether to route the packet through the private network or to route the packet directly to the Internet if the user has not logged on to the gateway; and
  
  route the packet according to the global flag rather than according to a user profile if the user has not logged on to the gateway.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Chu, Jie, Dos Santos, Maria Alice, Zhang, Shujin
Primary Examiner(s)
Chan; Wing
Assistant Examiner(s)
JONES, PRENELL P

Application Number

US10/117,803
Time in Patent Office

2,343 Days
Field of Search

370/254, 370/401, 370/469, 370/356, 370/468, 370/285, 370/352, 370389-395, 370/328, 370335-338, 370/441, 370/342, 370/208, 370/465, 370/351, 370/331, 370/252, 370/235, 370/329, 370/260, 370/230, 709/222, 709/250, 709/203, 709/218, 709/245, 709/229, 709/219, 709/224, 709/202, 709/238, 709/201, 709/228, 709/225, 709/227, 709/223, 709/246, 709/249, 725/112, 725/136, 725/40, 725/120, 455/422.1, 455/426.1, 455/433, 455/434, 455/555, 455/432, 455/552, 455/431, 455/12.1, 455/456, 379/121.01, 379/201, 379/221.02, 379/900, 379/209, 379/210, 705/1, 713/1, 713/153
US Class Current

370/254
CPC Class Codes

H04L 45/00   Routing or path finding of ...

H04L 45/308   Route determination based o...

H04L 47/10   Flow control; Congestion co...

H04L 47/20   Traffic policing

H04L 69/16   Implementation or adaptatio...

H04L 69/161   Implementation details of T...

H04L 69/165   Combined use of TCP and UDP...

H04L 69/169   Special adaptations of TCP,...

Default internet traffic and transparent passthrough

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

83 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Default internet traffic and transparent passthrough

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

83 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links