System and method for reducing CPU load in processing PPP packets on a SSL-VPN tunneling device
First Claim
1. A method of reducing processing required to transmit a data packet over a virtual private network, the method comprising:
- receiving, at a network transmitting device, an initial encapsulated data packet to be transmitted over an established Virtual Private Network (VPN) tunnel connection to a receiving device;
removing, at the network transmitting device, from the initial encapsulated data packet, a Layer 2 (L2) protocol header and at least one framing element selected from a front end delimiter or a back end delimiter;
appending, at the network transmitting device, an alternate encapsulated protocol header to an Internet Protocol (IP) data packet of the initial encapsulated data packet to generate a modified encapsulated data packet, wherein the alternate encapsulated protocol header contains processing information for the IP data packet, the processing information comprising at least a payload length of the IP data packet; and
sending, with the network transmitting device, the modified encapsulated data packet to the receiving device over the VPN tunnel connection, wherein the alternate encapsulated protocol header is configured to allow the receiving device to handle the IP data packet in the modified encapsulated data packet using less computational resources in comparison to handling the initial encapsulated data packet.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for reducing processing load on an encapsulated data packet transmitted over a virtual private network. The method includes handling an initial encapsulated data packet to be transmitted over an established VPN tunnel connection to a receiving device, the initial encapsulated data packet having a Layer 2 (L2) protocol header, an IP data packet and at least one framing element; removing the at least one framing element; removing the L2 protocol header; appending an alternate L2 encapsulated protocol header to the IP data packet to generate a modified encapsulated data packet, wherein the alternate header contains information of the IP data packet; and sending the modified encapsulated data packet to the receiving device, wherein the alternate encapsulated protocol header allows the receiving device to handle the IP data packet using less computational resources in comparison to receiving the initial encapsulated data packet.
247 Citations
18 Claims
-
1. A method of reducing processing required to transmit a data packet over a virtual private network, the method comprising:
-
receiving, at a network transmitting device, an initial encapsulated data packet to be transmitted over an established Virtual Private Network (VPN) tunnel connection to a receiving device; removing, at the network transmitting device, from the initial encapsulated data packet, a Layer 2 (L2) protocol header and at least one framing element selected from a front end delimiter or a back end delimiter; appending, at the network transmitting device, an alternate encapsulated protocol header to an Internet Protocol (IP) data packet of the initial encapsulated data packet to generate a modified encapsulated data packet, wherein the alternate encapsulated protocol header contains processing information for the IP data packet, the processing information comprising at least a payload length of the IP data packet; and sending, with the network transmitting device, the modified encapsulated data packet to the receiving device over the VPN tunnel connection, wherein the alternate encapsulated protocol header is configured to allow the receiving device to handle the IP data packet in the modified encapsulated data packet using less computational resources in comparison to handling the initial encapsulated data packet. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A non-transitory machine readable medium having stored thereon instructions for reducing processing required to transmit a data packet over a virtual private network, the medium comprising machine executable code which when executed by at least one machine, causes the machine to:
-
receive an initial encapsulated data packet to be transmitted over an established Virtual Private Network (VPN) tunnel connection to a receiving device; remove from the initial encapsulated data packet, a Layer 2 (L2) protocol header and at least one framing element selected from a front end delimiter or a back end delimiter; append an alternate encapsulated protocol header to an Internet Protocol (IP) data packet of the initial encapsulated data packet to generate a modified encapsulated data packet, wherein the alternate encapsulated protocol header contains processing information for the IP data packet, the processing information comprising at least a payload length of the IP data packet; and send the modified encapsulated data packet to the receiving device over the VPN tunnel connection, wherein the alternate encapsulated protocol header is configured to allow the receiving device to handle the IP data packet in the modified encapsulated data packet using less computational resources in comparison to handling the initial encapsulated data packet. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A network device comprising:
-
a memory storing an application module having one or more programming instructions; and a processor configured execute the application module, which when executed by the processor, causes the processor to; receive an initial encapsulated data packet to be transmitted over an established Virtual Private Network (VPN) tunnel connection to a receiving device; remove from the initial encapsulated data packet, a Layer 2 (L2) protocol header and at least one framing element selected from a front end delimiter or a back end delimiter; append an alternate encapsulated protocol header to an Internet Protocol (IP) data packet of the initial encapsulated data packet to generate a modified encapsulated data packet, wherein the alternate encapsulated protocol header contains processing information for the IP data packet, the processing information comprising at least a payload length of the IP data packet; and send the modified encapsulated data packet to the receiving device over the VPN tunnel connection, wherein the alternate encapsulated protocol header is configured to allow the receiving device to handle the IP data packet in the modified encapsulated data packet using less computational resources in comparison to handling the initial encapsulated data packet. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification