Regulation of network traffic in virtual private networks
First Claim
Patent Images
1. A method comprising:
- receiving network traffic transmitted along a plurality of communication paths, the plurality of communication paths being associated with a plurality of forwarding identifiers that identify destination addresses for the communication paths at device interfaces in a network;
identifying a portion of the plurality of forwarding identifiers to match a forwarding identifier associated with a particular virtual private network, each forwarding identifier in the identified portion of the plurality of forwarding identifiers corresponding to a destination address in the particular virtual private network;
identifying a policy associated with the particular virtual private network; and
regulating a portion of the network traffic associated with the identified portion of the plurality of forwarding identifiers based on the policy, the regulation of the portion of the network traffic including shaping the portion of the network traffic by increasing a first bandwidth allocation at a first routing device of the particular virtual private network and decreasing a second bandwidth allocation at a second routing device of the particular virtual private network.
1 Assignment
0 Petitions
Accused Products
Abstract
In an embodiment, a method is provided for regulating network traffic and virtual private networks. In this method, network traffic transmitted along multiple communication paths is received, and these communication paths are associated with forwarding identifiers. A portion of the forwarding identifiers is identified to match a particular forwarding identifier associated with a particular virtual private network. At the same time, the policy associated with the particular virtual private network is identified. A portion of the network traffic that is associated with the portion of the identified forwarding identifiers can then be regulated based on the policy.
-
Citations
23 Claims
-
1. A method comprising:
-
receiving network traffic transmitted along a plurality of communication paths, the plurality of communication paths being associated with a plurality of forwarding identifiers that identify destination addresses for the communication paths at device interfaces in a network; identifying a portion of the plurality of forwarding identifiers to match a forwarding identifier associated with a particular virtual private network, each forwarding identifier in the identified portion of the plurality of forwarding identifiers corresponding to a destination address in the particular virtual private network; identifying a policy associated with the particular virtual private network; and regulating a portion of the network traffic associated with the identified portion of the plurality of forwarding identifiers based on the policy, the regulation of the portion of the network traffic including shaping the portion of the network traffic by increasing a first bandwidth allocation at a first routing device of the particular virtual private network and decreasing a second bandwidth allocation at a second routing device of the particular virtual private network. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. Logic encoded in one or more tangible, non-transitory media for execution and when executed operable to perform operations comprising:
-
receiving network traffic transmitted along a plurality of communication paths, the plurality of communication paths being associated with a plurality of forwarding identifiers that identify destination addresses for the communication paths at device interfaces in a network; identifying a portion of the plurality of forwarding identifiers to match a forwarding identifier associated with a particular virtual private network, each forwarding identifier in the identified portion of the plurality of forwarding identifiers corresponding to a destination address in the particular virtual private network; identifying a policy associated with the particular virtual private network; and regulating a portion of the network traffic associated with the identified portion of the plurality of forwarding identifiers based on the policy, the regulation of the portion of the network traffic including shaping the portion of the network traffic by increasing a first bandwidth allocation at a first routing device of the particular virtual private network and decreasing a second bandwidth allocation at a second routing device of the particular virtual private network. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. An apparatus comprising:
-
at least one processor; and a machine-readable medium in communication with the at least one processor, the machine-readable medium being configured to store a policy management and application module, the policy management and application module being executed by the at least one processor cause operations to be performed, comprising; receiving network traffic transmitted along a plurality of communication paths, the plurality of communication paths being associated with a plurality of forwarding identifiers that identify destination addresses for the communication paths at device interfaces in a network; identifying a portion of the plurality of forwarding identifiers to match a forwarding identifier associated with a particular virtual private network, each forwarding identifier in the identified portion of the plurality of forwarding identifiers corresponding to a destination address in the particular virtual private network; identifying a policy associated with the particular virtual private network; regulating a portion of the network traffic associated with the portion of the plurality of forwarding identifiers based on the policy; identifying a network bandwidth utilization associated with the particular virtual private network; and transmitting the network bandwidth utilization to a plurality of remote routing devices. - View Dependent Claims (18, 19)
-
-
20. An apparatus comprising:
-
a virtual private network traffic identification module configured to receive network traffic transmitted along a plurality of communication paths, the plurality of communication paths being associated with a plurality of forwarding identifiers that identify destination addresses for the communication paths at device interfaces in a network; a first means for identifying a portion of the plurality of forwarding identifiers to match a forwarding identifier associated with a particular virtual private network, each forwarding identifier in the identified portion of the plurality of forwarding identifiers corresponding to a destination address in the particular virtual private network; a second means for identifying a policy associated with the particular virtual private network; and a third means for regulating a portion of the network traffic associated with the portion of the plurality of forwarding identifiers based on the policy, the regulation of the portion of the network traffic including shaping the portion of the network traffic by increasing a first bandwidth allocation at a first routing device of the particular virtual private network and decreasing a second bandwidth allocation at a second routing device of the particular virtual private network.
-
-
21. A method comprising:
-
receiving network traffic transmitted along a plurality of label-switched communication paths, the plurality of label-switched communication paths being associated with a plurality of input labels that identify destination addresses for the communication paths at device interfaces in a network; identifying a portion of the plurality of input labels to match a label associated with a particular virtual private network, each input label in the identified portion of the plurality of input labels corresponding to a destination address in the particular virtual private network; identifying a policy associated with the particular virtual private network; and regulating a portion of the network traffic associated with the identified portion of the plurality of input labels based on the policy.
-
-
22. A method comprising:
-
receiving network traffic transmitted along a plurality of communication paths, the plurality of communication paths being associated with a plurality of forwarding identifiers that identify destination addresses for the communication paths at device interfaces in a network; identifying a portion of the plurality of forwarding identifiers to match a forwarding identifier associated with a particular virtual private network, each forwarding identifier in the identified portion of the plurality of forwarding identifiers corresponding to a destination address in the particular virtual private network; identifying a policy associated with the particular virtual private network; regulating a portion of the network traffic associated with the identified portion of the plurality of forwarding identifiers based on the policy, the network traffic associated with the identified portion of the plurality of forwarding identifiers being a portion of a total network traffic associated with the particular virtual private network, and the total network traffic being divided between a plurality of remote routing devices; receiving a network bandwidth utilization associated with the total network traffic from at least one of the plurality of remote routing devices; and regulating the portion of the network traffic associated with the identified portion of the plurality of forwarding identifiers based on the policy and the network bandwidth utilization.
-
-
23. An apparatus comprising:
-
at least one processor; and a machine-readable medium in communication with the at least one processor, the machine-readable medium being configured to store a policy management and application module, the policy management and application module being executed by the at least one processor cause operations to be performed, comprising; receiving network traffic transmitted along a plurality of communication paths, the plurality of communication paths being associated with a plurality of forwarding identifiers that identify destination addresses for the communication paths at device interfaces in a network; identifying a portion of the plurality of forwarding identifiers to match a forwarding identifier associated with a particular virtual private network, each forwarding identifier in the identified portion of the plurality of forwarding identifiers corresponding to a destination address in the particular virtual private network; identifying a policy associated with the particular virtual private network; regulating a portion of the network traffic associated with the portion of the plurality of forwarding identifiers based on the policy, the network traffic associated with the portion of the plurality of forwarding identifiers being a portion of a total network traffic associated with the particular virtual private network, and the total network traffic being divided between a plurality of remote routing devices; receiving a network bandwidth utilization associated with the total network traffic from at least one of the plurality of remote routing devices; and regulating the portion of the network traffic associated with the identified portion of the plurality of forwarding identifiers based on the policy and the network bandwidth utilization.
-
Specification