US20040210892A1 - Dynamic routing on networks - Google Patents

Dynamic routing on networks Download PDF

Info

Publication number
US20040210892A1
US20040210892A1 US10/742,132 US74213203A US2004210892A1 US 20040210892 A1 US20040210892 A1 US 20040210892A1 US 74213203 A US74213203 A US 74213203A US 2004210892 A1 US2004210892 A1 US 2004210892A1
Authority
US
United States
Prior art keywords
gateway
route
routing
routing table
nexthop
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US10/742,132
Inventor
Atul Sharma
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Check Point Software Technologies Inc
Original Assignee
Nokia Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Inc filed Critical Nokia Inc
Priority to US10/742,132 priority Critical patent/US20040210892A1/en
Assigned to NOKIA, INC. reassignment NOKIA, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: SHARMA, ATUL
Publication of US20040210892A1 publication Critical patent/US20040210892A1/en
Assigned to CHECK POINT SOFTWARE TECHNOLOGIES INC. reassignment CHECK POINT SOFTWARE TECHNOLOGIES INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: NOKIA, INC.
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • H04L45/03Topology update or discovery by updating link state protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • H04L45/033Topology update or discovery by updating distance vector protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/12Shortest path evaluation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/302Route determination based on requested QoS
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/48Routing tree calculation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/164Implementing security features at a particular protocol layer at the network layer

Definitions

  • This invention relates generally to telecommunications networks. More particularly, the invention concerns systems and methods for dynamically routing packets on a network.
  • Dynamic Routing is used on the Internet backbone (core and edge) routers. With the coming of Virtual Private Networks and overlay secure networks using VPN, semantics of dynamic routing shall be affected. Current methods for dynamic routing will lead to various issues and difficulties as virtual private networks become more common. Issues related to running dynamic routing on virtual private networks need to be addressed.
  • IPsec is the Internet Engineering Task Force (IETF) standards protocol for providing security over the Internet at the network (IP) level. It provides authentication and encryption with the help of manual or automatic key exchange via IKE protocol.
  • IPsec can be implemented via transport or tunnel mode. For the application of virtual private networks and secure overlay networks, tunnel mode of IPsec is typically used.
  • IPsec tunnels are logical virtual interfaces overlaying the physical interfaces. These logical virtual interfaces can be used as with other interfaces to run dynamic protocols on top of them. In such a setup, the tunnel endpoints will be considered as neighbors and the tunnel will be considered as a point-to-point link.
  • Running a dynamic protocol, such as Open Shortest Path First (OSPF), Routing Information Protocol (RIP), or Border Gateway Protocol (BGP) on a tunnel interface would mean that routing information like adjacency, distance vector, and link state of the nodes behind one tunnel end point are shipped to the remote tunnel endpoint. As such, the routes at one end (local and private) are learned by the remote tunnel endpoint.
  • OSPF Open Shortest Path First
  • RIP Routing Information Protocol
  • BGP Border Gateway Protocol
  • FIG. 1 shows a tunnel link between endpoints A and B via the Internet.
  • the routes to hosts in protected network A shall be visible to B as well as to hosts in protected network B.
  • the routes in protected network B shall be visible to A as well as to hosts in protected network A.
  • the routing information conveyed in the dynamic routing protocol shall go out encrypted from A to B and B to A.
  • the tunnel interface can be chosen. As such, packets will go through IPsec processing, thereby coming out of the tunnel encrypted for destinations in B. Difficulties may arise, however, such as difficulties related to conflicts in routing between the virtual nature of the link between A and B and the physical links on which it is overlaid. Other difficulties may also arise, such as related to routing decisions between virtual paths and physical paths, between more than one virtual path, or between IPsec processing and routing procedures.
  • the present invention overcomes many routing difficulties that may arise in relation to dynamic routing and virtual paths.
  • the present invention provides methods for updating a routing table and routing packets on a network having virtual links overlaying physical links.
  • One embodiment of the invention includes updating a routing table using interface information shared by a neighboring router.
  • Other embodiments include making routing decisions based on interface information from a neighboring router.
  • Further embodiments include making routing decisions based on priorities established according to interface information.
  • Yet other embodiments include making routing decisions based on local interface information.
  • a method of updating a routing table on a first gateway includes the steps of receiving data disclosing interface information on a neighboring second gateway, and updating a routing table based on the interface information.
  • the interface information for the neighboring second gateway includes identification of communication interfaces on the second gateway, a neighbor for each one of the interfaces, an interface type for each one of the interfaces, and a physical type interface on which each virtual type interface is overlaid.
  • a gateway that routes packets based on data provided in an interface message from neighboring gateways.
  • the steps involved in routing a packet at the gateway includes receiving the data packet, choosing a first route based on a routing protocol, determining an interface on the second gateway corresponding to a second next hop in the route, identifying a third gateway based on the interface, and if the third gateway matches the first gateway, choosing another route.
  • FIG. 1 shows an architecture that supports virtual connections between gateways in accordance with prior art
  • FIG. 2 shows an architecture that supports apparatus and methods in accordance with embodiments of the invention
  • FIG. 3 shows a RIP Response Message and an Interface Message/Interface Table in accordance with one embodiment of the present invention according to the architecture of FIG. 2;
  • FIG. 4 shows a Link State Advertisement Message, an Interface Table, and entries from a Global Routing Table in accordance with another embodiment of the present invention according to the architecture of FIG. 2;
  • FIG. 5 shows a router according to a further embodiment of the present invention
  • FIG. 6 shows a Radix Prefix Tree based on a Global Routing Table according to another embodiment of the present invention based on the architecture of FIG. 2;
  • FIG. 7 shows another architecture that supports apparatus and methods in accordance with embodiments of the invention.
  • FIG. 8 shows a Radix Prefix Tree based on a Global Routing Table according to another embodiment of the present invention based on the architecture of FIG. 7;
  • FIG. 9 shows a Radix Prefix Tree based on a Global Routing Table according to a further embodiment of the present invention based on the architecture of FIG. 7;
  • FIG. 10 shows steps of a method in accordance with embodiments of the invention.
  • FIG. 11 shows a distance vector response message in accordance with another embodiment of the present invention.
  • FIG. 12 shows a Link State Advertisement message in accordance with another embodiment of the present invention.
  • FIG. 13 shows a routing entry in accordance with another embodiment of the invention.
  • FIG. 14 shows a flow chart of a method in accordance with embodiments of the invention.
  • FIG. 15 shows a Prefix Tree based on a Global Routing Table according to another embodiment of the present invention.
  • FIG. 16 shows a block diagram of a one-legged virtual private network in accordance with embodiments of the present invention.
  • the invention may be embodied in various forms.
  • the architecture generally includes gateways A, B, C, D, E, and F labeled 12 , 14 , 16 , 18 , 20 , and 22 respectively.
  • a gateway refers to any device capable of forwarding data packets, such as a personal computer or a router. That is, the term gateway refers to any node in a network that can forward data packets, and can also refer to an entire network through which data packets are forwarded.
  • Architecture 10 is a simple example that does not differentiate between hosts and routers, packet switches and terminals, subnets and links, etc. Each gateway is identified by its address, which is simply represented here as A, B, C, D, E and F. Assume for simplicity sake that the links are symmetric.
  • gateway A is connected to neighbors C, E, and F via links 24 (L 1 ), 26 and 28 respectively.
  • gateway D is connected to neighbors C and B via links 30 (L 2 ) and 32 (L 3 ) respectively.
  • the links may be point-to-point links or broadcast links.
  • a tunnel 34 acts as a virtual link between gateways A and B, which have a security association therebetween.
  • gateways A and B treat each other as neighbors, even though in reality tunnel 34 is overlaid on physical links L 1 , L 2 and L 3 .
  • gateway E is in the network net 2
  • gateway B is the network net 5
  • gateway C is in the network net 0
  • gateway D is in the network net 4
  • gateway F is in the network net 1 .
  • FIG. 5 An example gateway according to one embodiment of the invention is shown in FIG. 5, which includes a router 100 .
  • the router 100 generally includes a processor 102 connected to a memory 104 and a plurality of real interfaces 106 , 108 , and 110 .
  • the real interfaces 106 , 108 , 110 according to one embodiment include ethernet interfaces identified as eth 0 , eth 1 and eth 2 , which correspond to real (physical) interfaces 110 , 106 and 108 respectively.
  • eth 0 ethernet interfaces identified as eth 0 , eth 1 and eth 2 , which correspond to real (physical) interfaces 110 , 106 and 108 respectively.
  • eth 1 is connected to network net 1 with gateway F as a next hop within that network
  • eth 2 is connected to network net 2 with gateway E as a next hop within that network.
  • virtual interface 120 e.g. tun 0 for gateway C
  • Tun 0 may be established and stored in memory 104 for forwarding packets via an associated tunnel, such as tunnel 34 .
  • Tun 0 therefore is a virtual interface on gateway A that is connected to network net 3 with gateway B as a neighbor (a virtual next hop) within that network.
  • Tun 0 is overlaid on eth 0 , which is connected to net 0 with gateway C as a neighbor.
  • routing daemon 114 Stored in the memory 104 of router 100 are forwarding software 112 and a global routing table 116 .
  • a routing daemon 114 may also be stored in the memory 104 , as well as an interface table 118 for a neighboring router.
  • Routing daemon 114 and forwarding software 112 are programs written in a language such as the language known as C.
  • router 100 operates on a UNIX® operating system, such as systems known as Berkeley System Distribution Unix (BSD) or Free BSD.
  • BSD Berkeley System Distribution Unix
  • Free BSD Free BSD
  • tunnel 34 has a cost equal to 5.
  • L 1 has a cost of 1
  • L 2 has a cost of 1
  • L 3 has a cost of 10. This creates an inconsistency of costs for tunnel 34 versus the aggregate cost of physical links L 1 , L 2 and L 3 on which tunnel 34 is overlaid. This inconsistency may be due to various reasons, such as the use of multiple metrics, inconsistent updates from gateways, flaws in computing metrics, or for other reasons.
  • gateway A may route the packet to gateway B through at least two routes. Assume that one route through tunnel 34 is a viable option and that another route through links L 1 , L 2 and L 3 (i.e. unencrypted) is another option. Assume based on the lower cost of tunnel 34 , gateway A selects the route with tunnel 34 and therefore performs IPSec processing and forwards the packet on tunnel 34 to gateway B. Because tunnel 34 overlays L 1 , the packet is forwarded to C with a destination address for B.
  • gateway C forwards the packet to A.
  • Gateway A repeats its evaluation and forwards the packet back to gateway C. Accordingly, the packet is continuously looped until its time to live expires, thereby never reaching gateway B.
  • the continuous loop between A and C may be avoided by exchanging interface information between neighboring gateways A and C and updating their routing tables accordingly.
  • FIGS. 2, 3, 5 and 10 a method for updating a routing table according to interface information for a neighbor gateway in accordance with one embodiment of the invention is shown.
  • Inclusion of interface information of neighboring gateways in routing decisions avoids the loop problem discussed above. It further avoids other potential problems and provides advantages, such as greater flexibility and improved accuracy in routing decisions.
  • Such routing decisions generally include the use of dynamic routing protocols.
  • gateways typically send routing messages to their neighbors that include routing information known by the sending gateway.
  • gateways A and C use RIP and that gateway A sends 80 to gateway C a routing message 34 , which in this example is a RIP response message.
  • the RIP response message 34 includes an identification 36 of each network connected to A (e.g. net 0 , net 1 , net 2 and net 3 ), the number of hops 38 to each network identified, and a nexthop_link indicator 40 for each network.
  • the nexthop_link indicator 40 in one embodiment includes information that discloses an interface ' id 42 for one of the interfaces 106 , 108 , 110 , 120 on A for the network represented by identification 36 .
  • nexthop_link discloses the interface on A that a packet will take in being forwarded on A to the network with which the nexthop_link is associated.
  • gateway A also sends 82 an interface message 44 to gateway C.
  • the interface message 44 may be sent along with the RIP response message 34 or it may be sent independently.
  • the interface message 44 includes an interface list 46 that discloses an interface_id 42 for each interface on gateway A.
  • interface message 44 discloses an interface type 48 for the corresponding interface on A, a neighbor 50 (a gateway for a point to point network or a network for a broadcast network) to which the corresponding interface is connected, and if the interface type 48 is virtual, the physical type interface 52 on which the virtual type interface is overlaid.
  • gateway C Upon reception of the interface message 44 , gateway C either creates 84 an interface table 54 for gateway A and stores it in memory 104 , or updates an existing interface table 54 in memory 104 , according to instructions stored in memory 104 .
  • the interface table 54 according to one embodiment includes interface list 46 from interface message 44 .
  • gateway C updates 86 entries 35 of a global routing table (not shown) to include the nexthop_link indicator 42 for each associated route that includes gateway A as the nexthop in the route.
  • the nexthop_link indicator 42 identifies the interface_id for the nexthop from gateway A in the associated route.
  • the nexthop_link indicator 42 further includes a pointer 56 pointing to an entry in interface table 54 corresponding to the interface_id for the next hop.
  • An example of global routing table entries that include nexthop_link indicators is shown in FIG. 6 and is discussed along with another embodiment of the invention.
  • FIGS. 2, 4, 5 and 10 another embodiment of a method for updating a routing table according to the present invention is shown.
  • This embodiment coincides with the use of a link state protocol, such as Open Shortest Path First (OSPF), on gateways A and C.
  • OSPF Open Shortest Path First
  • a conventional OSPF link state advertisement message includes an indication of link type 62 for each link connected to the gateway, as well as a link_id 64 for a neighbor gateway connected to that link. It also typically includes link data 66 identifying real interfaces on the gateway for each real link. It may include an interface_id 68 for each interface on the gateway, but generally does not provide overlay information 70 .
  • the link state advertisement message 60 is expanded to include overlay information 70 for at least virtual link types.
  • link state advertisement message 60 includes link type information 62 for each interface on gateway A.
  • the link_id 64 discloses each of A's neighbors based on the link.
  • the virtual link from A to B is represented accurately as a virtual type link with the link_id equaling “B,” the neighbor through that link.
  • It further includes link_data 66 , which identifies a physical interface for each link, or for each virtual link, identifies a gateway (e.g. gateway A) as a host of the virtual link.
  • It may further include interface_id 68 , which identifies an interface for each physical or virtual link. Accordingly, the interface_id for the virtual link on gateway A identifies tun 0 as the interface for the virtual link to B.
  • Overlay information 70 identifies physical interface “eth 0 ” as being the real interface for the virtual link 34 to gateway B.
  • an interface table 54 is created (or updated) 84 based on the information in the advertisement message 60 .
  • entries 35 in the global routing table (not shown) for gateway C may also be updated 86 to include a nexthop_link indicator 42 .
  • the nexthop_link indicator 42 may be created by information inferred from the advertisement message 60 .
  • routing daemon 114 may evaluate advertisement message 60 and determine that the nexthop_link for the virtual link on gateway A is “tun 0 .” Routing daemon 114 may further create a pointer to an entry in the interface table 54 that corresponds to the nexthop_link for the virtual link. Based on the updated global routing table (not shown) and the interface table 54 , methods for routing packets disclosed in accordance with the RIP embodiment are also applicable in this embodiment.
  • a method of routing a data packet includes the steps of receiving 88 a data packet (not shown) and choosing 90 a potential route based on a routing protocol.
  • the routing is a part of forwarding software 122 stored on gateway C.
  • gateway C receives a packet (not shown) destined for gateway B and that the routing protocol selects the route of L 1 to A and A to B (network 3 ) via tunnel 34 as the potential route.
  • forwarding software 122 or alternatively routing daemon 114 ) reviews the entry 35 for the selected route in the global routing table (not shown), which includes a nexthop_link indicator 42 .
  • forwarding software 122 Upon finding the nexthop_link indicator 42 , forwarding software 122 is able to determine 92 the interface that will be taken on gateway A to forward the packet to gateway B. As indicated by nexthop_link indicator 42 , and as shown in the example architecture 10 and RIP response message 34 , gateway A will forward the packet along such a route using interface tun 0 .
  • nexthop_link indicator 42 further includes a pointer 56 to an entry in interface table 54 .
  • forwarding software 112 is able to determine 92 that the interface having interface_id “tun 0 ” is a virtual link to neighbor B that is overlaid on the outgoing physical interface represented by interface_id “eth 0 .” Based on the entry in interface table 54 for interface_id “eth 0 ,” forwarding software 112 is able to determine that the packet will be forwarded on “eth 0 ” to neighbor “C.” Once forwarding software 112 recognizes itself (gateway C) as the neighbor for the nexthop_link on A, it will choose 94 another route that excludes gateway A. As such, the forwarding software 122 will return another route to B as a potential route, such as a route through D. A route is chosen 99 based on priority, and the forwarding software forwards 96 the data packet along the selected route.
  • FIGS. 2, 5, 6 and 10 another embodiment of the present invention is shown, which includes a further method for forwarding a data packet (not shown) based on interface information.
  • This method may take advantage of previous methods discussed for updating a routing table.
  • a routing daemon 114 stored in memory 104 of a router 100 updates 97 route entries 35 of global routing table (not shown) to include priorities 70 based on interface information. For example, assume gateway C has established an interface table 54 for gateway A and has updated routing entries 35 associated with routes to gateway B to include nexthop_link indicators 42 . Based on instructions included in daemon 114 , daemon 114 evaluates the nexthop_link 42 for each route to B (e.g.
  • Daemon 114 determines the potential conflict by following the pointer 56 of nexthop_link indicator 42 and by determining that packets via tun 0 on gateway A will be routed to itself, gateway C.
  • forwarding software 112 consults global routing table entries 35 for routes to B. This may occur by following logic such as represented by, for example, a Radix Prefix Tree 72 . Upon evaluating the priorities of entries 35 , forwarding software 112 selects 99 the route via D based on its assigned priority being higher than the priority for the route via A. As such, even though the route via A has a lower cost as determined by metrics, the route via D is selected and the data packet is forwarded 96 along that route.
  • the architecture 210 generally includes gateways A, B, C, D, E, and F labeled 212 , 214 , 216 , 218 , 220 , and 222 respectively.
  • Architecture 210 is similar to architecture 10 of FIG. 2, except that gateway F is shown connected to gateway B. Further, the cost for routing a packet (not shown) between A and B via gateway F as determined by metrics is 2, versus a cost of 5 via tunnel 234 . Accordingly, for a packet received at gateway A for forwarding to gateway B, a routing decision based on metrics would favor the route via gateway F.
  • Such a decision may be contrary to the intent of sending the packet (not shown) to gateway A.
  • a method of routing a data packet according to one embodiment of the invention is illustrated with reference to FIGS. 7, 8 and 10 .
  • a data packet (not shown) is received at gateway A that has a destination of gateway B.
  • entries 235 corresponding to routes to gateway B in a routing table (not shown) are evaluated and updated 98 to include priorities 270 .
  • the priorities are determined by routing daemon 114 based on the interface type for a local interface corresponding to each route. As such, routing daemon 114 considers the local interface associated with each route and determines the interface type for each interface.
  • Daemon 114 thereby determines that the route to gateway B via gateway F is connected to local interface eth 1 , which is a physical type interface. Daemon 114 also determines that the route via tunnel 234 is connected to local interface tun 0 and is a virtual type interface. Because tun 0 is a virtual interface and eth 1 is a physical interface, daemon 114 assigns a higher priority 270 to the route via tunnel 234 .
  • forwarding software 112 selects the route via tunnel 234 even though the route via gateway F has a lower cost. Accordingly, the packets received at gateway A will be encrypted in transmission to gateway B via tunnel 234 , despite other choices suggested by metrics.
  • forwarding software 112 performs the steps performed by routing daemon 114 except for assigning priorities. As such, forwarding software 112 determines that the route via tunnel 234 is connected to local interface tun 0 and is a virtual type interface. Because tun 0 is a virtual interface and eth 1 is a physical interface, forwarding software 112 selects the route via tunnel 234 according to its programming despite the costs determined by metrics.
  • gateway D receives an encrypted data packet (not shown) from gateway C that has a destination address of gateway B, as part of routing on tunnel 234 . Based on metrics, it is possible that gateway D will forward the data packet to gateway C on a route to gateway B that includes gateways C, A, and F. This may cause a loop as the packet is routed back and forth between gateways C and D or gateways A, C and D.
  • a method for routing a packet is shown in FIG. 9.
  • instructions stored in the memory 104 of gateway D such as daemon 114 , evaluates potential routes for forwarding the packet to gateway B by looking at entries 235 of a global routing table.
  • daemon 114 assigns a higher priority to this route than to other routes that includes multiple hops.
  • forwarding software 112 selects the direct route to gateway B over other routes suggested by metrics.
  • Embodiments of the invention described with reference to FIGS. 1-10 above are directed at overcoming the routing difficulties such as previously described.
  • Embodiments of the invention described with reference to FIGS. 11-16 below are directed at overcoming the routing difficulties such as previously described.
  • embodiments of the invention described with reference to FIGS. 11-16 below are further directed at solving additional routing difficulties.
  • a one-legged virtual private network may present additional routing difficulties, as described in greater detail with reference to FIG. 16, below.
  • Embodiments of the invention described with reference to FIGS. 11-16 may be employed to overcome the routing difficulties previously described, as well as overcoming routing difficulties presented by one-legged VPNs and the like.
  • FIG. 11 shows an embodiment of distance vector response message 1134 .
  • Distance vector response message 1134 may include a modified RIP response message, and the like.
  • distance vector response message 1134 is sent from gateway A 12 to gateway C 16 (referring to FIG. 2).
  • distance vector response message 1134 may include an identification 1136 of each network connected to gateway A 12 (e.g. net 0 , net 1 , net 2 and net 3 , referring to FIG. 2), the number of hops 1138 to each network identified, and next_physical_hop indicator 1190 for each network.
  • Next_physical_hop indicator 1190 may identify the gateway that is one physical hop away from gateway A 12 for the network identified.
  • FIG. 12 shows Link State Advertisement message 1260 .
  • Link State Advertisement message 1260 may include a modified OSPF Link State Advertisement message, and the like.
  • Link State Advertisement message 1260 is sent from gateway A 12 to gateway C 16 (referring to FIG. 2).
  • Link State Advertisement message 1260 may include link type indicator 1262 for each link connected to gateway A 12 , as well as link_id 1264 for a neighbor (gateway C 16 ) connected to that link.
  • Link type indicator 1262 may indicate whether the link is a point-to-point link, a virtual link, and the like.
  • Link_id 1264 may identify each of gateway A 12 's neighbors based on the link.
  • the virtual link from gateway A 12 to gateway B 14 (referring to FIG. 2) may be represented as a virtual type link with the link_id identifying gateway B 14 , the neighbor through that link.
  • Link State Advertisement message 1260 may include link_data 1266 .
  • Link_data 1266 may identify a physical interface for each physical link. Also, for each virtual link, Link_data 1266 may identify a gateway (e.g. gateway A 12 ) as a host of the virtual link.
  • Link State Advertisement message 1260 may further include interface_id 1268 , which may identify an interface for each physical or virtual link. Accordingly, the interface_id for the virtual link on gateway A 12 may identify tun 0 (referring to FIG. 2) as the interface for the virtual link to gateway B 14 . Also, Link State Advertisement message 1260 may include next_physical_hop indicator 1280 . If the link type for the network identifier is virtual, next_physical_hop indicator 1280 may identify the gateway that is one physical hop away from the gateway A 12 for the network identified.
  • link_id 1264 identifies gateway B 14
  • next_physical_hop indicator 1280 identifies gateway C 1216 , since gateway C 1216 is the next physical hop from gateway A 12 to gateway B 14 on link T 1 .
  • the gateway that is one physical hop away from the gateway A 12 for the network is not identified if the link type for the network is point-to-point, as illustrated in FIG. 12.
  • the next_physical_hop indicator may also identify the gateway that is one physical hop away from the gateway A 12 for the network identified if the link type for the network identifier is point-to-point.
  • FIG. 13 shows an embodiment of routing entry 1335 .
  • Gateway C 16 (referring to FIG. 2) may have a global routing table (not shown) that may include routing entries 1335 after gateway C 16 has been updated in response to routing messages. Additionally, each routing entry 1335 may include Nexthop indicator 1391 , local interface indicator 1392 , next_nexthop indicator 1394 , priority indicator 1396 , and next route indicator 1398 .
  • routing entry 1335 that may be included in the global routing table of gateway C 16 is discussed herein. However, it is understood that other embodiments of routing entry 1335 may be included in the global routing table of other gateways.
  • Each routing entry 1335 may be associated with a particular route.
  • Nexthop indicator 1391 may identify the gateway that is one physical hop away from this gateway along the associated route.
  • this gateway refers to gateway C 16 .
  • identifying a gateway may refer to indicating an address of the gateway, and the like.
  • FIG. 13 illustrates an embodiment of routing entry 1335 that is associated with a route from gateway C 16 to gateway B 14 with gateway A 12 (referring to FIG. 2) as the first physical hop taken. Accordingly, in this embodiment, Nexthop indicator 1391 identifies gateway A 12 .
  • Local interface indicator 1392 may identify the first local interface that a packet would take along the associated route.
  • the local interface may be virtual or physical.
  • local interface indicator 1392 may identify interface Eth 0 (referring to FIG. 2), since that is the first local interface along the associated route.
  • Next_nexthop indicator 1394 may identify the gateway that is two physical hops away from this gateway (i.e. gateway C 16 ) along the associated route.
  • FIG. 13 illustrates an embodiment of routing entry 1335 that is associated with a route from gateway C 16 to gateway B 14 with gateway A 12 as the first physical hop taken.
  • gateway A 12 is the first physical hop on the route from gateway C 16 to gateway A 12 .
  • a packet would use link T 1 to reach gateway B 14 .
  • the first physical hop that a packet would take on link T 1 (when going from gateway A 12 to gateway B 14 ) is gateway C 16 .
  • next_nexthop indicator 1394 may identify gateway C 16 .
  • Gateway C 16 may be configured to evaluate whether next_nexthop indicator 1394 identifies itself (i.e. gateway C 16 ). If next_nexthop indicator 1394 identifies itself, gateway C 16 may make the associated route inactive. Making the associated route inactive may be accomplished in a number of ways, including discarding the associated route, reducing the priority of the associated route, making the route unusable in some other manner, and the like.
  • Priority indicator 1396 may indicate the priority of the associated route.
  • Gateway C 16 may be configured to use the priority to determine which route should be selected for a packet.
  • the priority of the associated route may be determined, in part, by one or more metrics, protocols, and the like. Examples of such protocols may include distance vector protocols, link state protocols, and the like. However, the metrics may not be the sole factor in determining priority.
  • the priority of the route may be lowered if next_nexthop indicator 1394 identifies this gateway (i.e. gateway C 16 ), as discussed in the previous paragraph.
  • routing entries 1335 in the global routing table having associated routes that each lead to the same gateway may be ordered in a list, group, and the like.
  • routing entry 1335 may include next route indicator 1398 .
  • Next route indicator 1398 may identify the next routing entry 1335 in the list, if there is a subsequent entry in the list.
  • FIG. 14 shows an embodiment of a flow chart of process 1400 .
  • the signal may be a routing message, and the like.
  • the routing message may be Distance Vector Response Message 1134 (referring to FIG. 11), Link State Advertisement Message 1236 (referring to FIG. 12), and the like.
  • the routing message may be received by a gateway that maintains a global routing table.
  • the routing message may include information that is related to identifying at least one gateway that is two physical hops away from this gateway. At least one of the two physical hops may be associated with a virtual interface, such as tun 0 (referring to FIG. 2), and the like.
  • the process then steps from block 1404 to decision block 1406 , where a determination is made as to whether the next nexthop indicator for any of the route entries in the global routing table identifies this gateway.
  • This gateway refers to the gateway in which the global routing table is held.
  • the determination at block 1406 is made using logic that can be represented in a prefix tree, as described in greater detail with reference to FIG. 15 below. If none of the routing entries in the global routing table identify this gateway, the process advances to a return block, where the process returns to performing other actions.
  • FIG. 15 shows an embodiment of prefix tree 1573 based on a global routing table (not shown).
  • a routing daemon e.g. 114 , referring to FIG. 5 stored in a memory (e.g. 104 , referring to FIG. 5) of a gateway (e.g. 100 , referring to FIG. 5) updates route entries 1535 of the global routing table to include priorities 1596 .
  • gateway C 16 updates routing entries 1535 associated with routes to gateway B 14 (referring to FIG. 2) to include next_nexthop indicators 1594 .
  • the daemon may evaluate the next_nexthop indicator 1594 for each route to gateway B 14 (e.g.
  • gateway D 18 via gateway D 18 or via gateway A 12
  • gateway D 18 may assign priority 1596 based on a potential conflict with the route via gateway A 12 (referring to FIG. 2).
  • the daemon may make the route to gateway C 16 via gateway A 12 inactive, since next_nexthop indicator 1594 for that route identifies gateway C 16 .
  • forwarding software in gateway C 16 may consult routing entries 1535 for routes to gateway B 14 . This may occur by employing logic such as represented by, for example, radix prefix tree 1573 . Additionally, the forwarding software may be configured to evaluate priorities 1596 of entries 1535 .
  • the forwarding software may be configured to then select the route via gateway D 18 since priority 1596 for the route via gateway D 18 is higher than the priority for the route via gateway A 12 . Even though the route via gateway A 12 may have a lower cost as determined by metrics, the route via gateway D 18 may be selected and a data packet is forwarded along that route. In one embodiment, a lower number may be used to indicate a higher priority. In another embodiment, a higher number may be used to indicate a higher priority. In the embodiment shown in FIG. 15, the highest priority identified with the number 1 , the second highest priority is identified with the number 2 , and so forth.
  • FIG. 16 shows a block diagram of an embodiment of one-legged VPN 1610 .
  • One-legged VPN 1610 may include gateways such as gateway A 1612 , gateway B 1614 , gateway C 1616 , gateway D 1618 , gateway E 1660 , gateway F 1622 , and gateway G 1680 .
  • Another embodiment may include another arrangement for a one-legged VPN.
  • Gateway A 1612 may be configured for routing packets. For a packet that is sent from gateway A 1612 to gateway B 1614 via virtual link T 1 , gateway A may encrypt the packet before sending it. In contrast, for a packet that is sent from gateway A via one of the physical links L 1 , L 4 , or L 5 , the packet may be sent as clear text (i.e. unencrypted).
  • Gateway G 1680 is part of the one-legged VPN. In one embodiment, it is desirable for packets sent from gateway G 1680 to gateway B 1614 to be encrypted. Accordingly, in this embodiment, it is desirable that a packet sent from gateway G 1680 be forwarded to gateway A 1612 , so that gateway A 1612 can encrypt the packet before the packet is sent to gateway B 1614 . However, in this embodiment, it is desirable for packets sent from gateway C 1616 that are destined for gateway B 1614 to be forwarded to gateway D 1618 rather than gateway A 1612 . If a packet sent from gateway C 1616 that is destined for gateway B 1614 is forwarded to gateway A 1612 , a loop may result.
  • gateway G 1680 packets sent from gateway G 1680 to gateway B 1614 (or another gateway that may be reached via gateway B 1614 ) may be forwarded to gateway A 1612 .
  • the route entry with an associated route to gateway B 1614 via gateway A 1612 may have a next_nexthop indicator that identifies gateway C 1616 . If the next_nexthop indicator does not identify itself (gateway G 1680 ), the associated route may be accepted.
  • packets sent from gateway C to gateway B 1614 may be forwarded to gateway D 1618 rather than gateway A 1612 .
  • the route entry with an associated route to gateway B 1614 via gateway A 1612 may have a next_nexthop indicator that identifies gateway C 1616 . Since the next_nexthop indicator identifies itself (gateway C 1616 ), the associated route may be made inactive.

Abstract

Systems and methods are provided for routing packets on a network based on information of a routing gateway or a neighboring gateway. One embodiment includes updating a routing table using interface information shared by a neighboring router. Another embodiment includes making routing decisions based on interface information from a neighboring router. Another embodiment includes making routing decisions based on priorities determined from interface information. Another embodiment updating a routing table on a first gateway by receiving data disclosing interface information on a neighboring second gateway and updating a routing table based on the interface information. Another embodiment includes maintaining a routing table on the first gateway that includes, for each route, information on the gateway that is two physical hops away from the first gateway. For each route, if the gateway that is two physical hops away from the first gateway is the first gateway, the route is made inactive.

Description

    RELATED APPLICATIONS
  • This application is a continuation-in-part of the application having the application Ser. No. 10/180,181, filed on Jun. 27, 2002, of which the benefit of the earlier filing date is hereby claimed under 35 U.S.C. § 120, and of which is hereby incorporated by reference.[0001]
    • FIELD OF THE INVENTION
  • This invention relates generally to telecommunications networks. More particularly, the invention concerns systems and methods for dynamically routing packets on a network. [0002]
    • BACKGROUND OF THE INVENTION
  • Dynamic Routing is used on the Internet backbone (core and edge) routers. With the coming of Virtual Private Networks and overlay secure networks using VPN, semantics of dynamic routing shall be affected. Current methods for dynamic routing will lead to various issues and difficulties as virtual private networks become more common. Issues related to running dynamic routing on virtual private networks need to be addressed. [0003]
  • IPsec is the Internet Engineering Task Force (IETF) standards protocol for providing security over the Internet at the network (IP) level. It provides authentication and encryption with the help of manual or automatic key exchange via IKE protocol. IPsec can be implemented via transport or tunnel mode. For the application of virtual private networks and secure overlay networks, tunnel mode of IPsec is typically used. Many implementations implement IPsec tunnels as logical virtual interfaces overlaying the physical interfaces. These logical virtual interfaces can be used as with other interfaces to run dynamic protocols on top of them. In such a setup, the tunnel endpoints will be considered as neighbors and the tunnel will be considered as a point-to-point link. [0004]
  • Running a dynamic protocol, such as Open Shortest Path First (OSPF), Routing Information Protocol (RIP), or Border Gateway Protocol (BGP) on a tunnel interface would mean that routing information like adjacency, distance vector, and link state of the nodes behind one tunnel end point are shipped to the remote tunnel endpoint. As such, the routes at one end (local and private) are learned by the remote tunnel endpoint. [0005]
  • For example, FIG. 1 shows a tunnel link between endpoints A and B via the Internet. [0006]
  • After enabling a dynamic protocol on the tunnel link interfaces on A and B, the routes to hosts in protected network A shall be visible to B as well as to hosts in protected network B. Similarly, the routes in protected network B shall be visible to A as well as to hosts in protected network A. The routing information conveyed in the dynamic routing protocol shall go out encrypted from A to B and B to A. [0007]
  • After the new routes are learned, for traffic from A or hosts in protected network A destined to B, or for hosts in protected network B, the tunnel interface can be chosen. As such, packets will go through IPsec processing, thereby coming out of the tunnel encrypted for destinations in B. Difficulties may arise, however, such as difficulties related to conflicts in routing between the virtual nature of the link between A and B and the physical links on which it is overlaid. Other difficulties may also arise, such as related to routing decisions between virtual paths and physical paths, between more than one virtual path, or between IPsec processing and routing procedures. [0008]
    • SUMMARY OF THE INVENTION
  • The present invention overcomes many routing difficulties that may arise in relation to dynamic routing and virtual paths. As such, the present invention provides methods for updating a routing table and routing packets on a network having virtual links overlaying physical links. One embodiment of the invention includes updating a routing table using interface information shared by a neighboring router. Other embodiments include making routing decisions based on interface information from a neighboring router. Further embodiments include making routing decisions based on priorities established according to interface information. Yet other embodiments include making routing decisions based on local interface information. [0009]
  • In one embodiment of the invention, a method of updating a routing table on a first gateway includes the steps of receiving data disclosing interface information on a neighboring second gateway, and updating a routing table based on the interface information. The interface information for the neighboring second gateway includes identification of communication interfaces on the second gateway, a neighbor for each one of the interfaces, an interface type for each one of the interfaces, and a physical type interface on which each virtual type interface is overlaid. [0010]
  • In another embodiment of the invention, a gateway is provided that routes packets based on data provided in an interface message from neighboring gateways. The steps involved in routing a packet at the gateway includes receiving the data packet, choosing a first route based on a routing protocol, determining an interface on the second gateway corresponding to a second next hop in the route, identifying a third gateway based on the interface, and if the third gateway matches the first gateway, choosing another route. [0011]
  • In other embodiments of the invention, computer-executable instructions for implementing the disclosed methods are stored on computer-readable media. Other features and advantages of the invention will become apparent with reference to the following detailed description and figures.[0012]
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • The invention will be described in detail in the following description of preferred embodiments with reference to the following figures wherein: [0013]
  • FIG. 1 shows an architecture that supports virtual connections between gateways in accordance with prior art; [0014]
  • FIG. 2 shows an architecture that supports apparatus and methods in accordance with embodiments of the invention; [0015]
  • FIG. 3 shows a RIP Response Message and an Interface Message/Interface Table in accordance with one embodiment of the present invention according to the architecture of FIG. 2; [0016]
  • FIG. 4 shows a Link State Advertisement Message, an Interface Table, and entries from a Global Routing Table in accordance with another embodiment of the present invention according to the architecture of FIG. 2; [0017]
  • FIG. 5 shows a router according to a further embodiment of the present invention; [0018]
  • FIG. 6 shows a Radix Prefix Tree based on a Global Routing Table according to another embodiment of the present invention based on the architecture of FIG. 2; [0019]
  • FIG. 7 shows another architecture that supports apparatus and methods in accordance with embodiments of the invention; [0020]
  • FIG. 8 shows a Radix Prefix Tree based on a Global Routing Table according to another embodiment of the present invention based on the architecture of FIG. 7; [0021]
  • FIG. 9 shows a Radix Prefix Tree based on a Global Routing Table according to a further embodiment of the present invention based on the architecture of FIG. 7; [0022]
  • FIG. 10 shows steps of a method in accordance with embodiments of the invention; [0023]
  • FIG. 11 shows a distance vector response message in accordance with another embodiment of the present invention; [0024]
  • FIG. 12 shows a Link State Advertisement message in accordance with another embodiment of the present invention; [0025]
  • FIG. 13 shows a routing entry in accordance with another embodiment of the invention; [0026]
  • FIG. 14 shows a flow chart of a method in accordance with embodiments of the invention; [0027]
  • FIG. 15 shows a Prefix Tree based on a Global Routing Table according to another embodiment of the present invention; and [0028]
  • FIG. 16 shows a block diagram of a one-legged virtual private network in accordance with embodiments of the present invention. [0029]
    • DETAILED DESCRIPTION OF THE INVENTION
  • Throughout the specification and claims, the following terms take at least the meanings explicitly associated herein, unless the context clearly dictates otherwise. The meanings identified below are not intended to limit the terms, but merely provide illustrative examples for the terms. The phrase “in one embodiment,” as used herein does not necessarily refer to the same embodiment, although it may. The meaning of “a,” “an,” and “the” includes plural reference, and the meaning of “in” includes “in” and “on.”[0030]
  • The invention may be embodied in various forms. Referring now to FIG. 2, a [0031] network architecture 10 is shown that supports systems and methods in accordance with embodiments of the invention. The architecture generally includes gateways A, B, C, D, E, and F labeled 12, 14, 16, 18, 20, and 22 respectively. A gateway as used herein refers to any device capable of forwarding data packets, such as a personal computer or a router. That is, the term gateway refers to any node in a network that can forward data packets, and can also refer to an entire network through which data packets are forwarded. Architecture 10 is a simple example that does not differentiate between hosts and routers, packet switches and terminals, subnets and links, etc. Each gateway is identified by its address, which is simply represented here as A, B, C, D, E and F. Assume for simplicity sake that the links are symmetric.
  • As shown, gateway A is connected to neighbors C, E, and F via links [0032] 24 (L1), 26 and 28 respectively. Likewise, gateway D is connected to neighbors C and B via links 30 (L2) and 32 (L3) respectively. The links may be point-to-point links or broadcast links. A tunnel 34 acts as a virtual link between gateways A and B, which have a security association therebetween. As such, gateways A and B treat each other as neighbors, even though in reality tunnel 34 is overlaid on physical links L1, L2 and L3. From the perspective of gateway A, gateway E is in the network net2, gateway B is the network net5, gateway C is in the network net0, gateway D is in the network net4, and gateway F is in the network net1.
  • An example gateway according to one embodiment of the invention is shown in FIG. 5, which includes a [0033] router 100. The router 100 generally includes a processor 102 connected to a memory 104 and a plurality of real interfaces 106, 108, and 110. The real interfaces 106, 108, 110 according to one embodiment include ethernet interfaces identified as eth0, eth1 and eth2, which correspond to real (physical) interfaces 110, 106 and 108 respectively. As an example, suppose that router 100 represents gateway A. Accordingly, as represented in FIG. 2, interface eth0 is connected to network net0 with gateway C as a next hop within that network. In addition, eth1 is connected to network net1 with gateway F as a next hop within that network, and eth2 is connected to network net2 with gateway E as a next hop within that network. Further, based on a security association with another gateway, virtual interface 120 (e.g. tun0 for gateway C) may be established and stored in memory 104 for forwarding packets via an associated tunnel, such as tunnel 34. Tun0 therefore is a virtual interface on gateway A that is connected to network net3 with gateway B as a neighbor (a virtual next hop) within that network.
  • Tun[0034] 0, however, is overlaid on eth0, which is connected to net0 with gateway C as a neighbor.
  • Stored in the [0035] memory 104 of router 100 are forwarding software 112 and a global routing table 116. As discussed later, a routing daemon 114 may also be stored in the memory 104, as well as an interface table 118 for a neighboring router. Routing daemon 114 and forwarding software 112 are programs written in a language such as the language known as C. In one embodiment router 100 operates on a UNIX® operating system, such as systems known as Berkeley System Distribution Unix (BSD) or Free BSD.
  • Referring back to FIG. 2, suppose that from the perspectives of A and C, based on a metric such as a throughput metric or a delay metric, that [0036] tunnel 34 has a cost equal to 5. Suppose also that L1 has a cost of 1, L2 has a cost of 1, and L3 has a cost of 10. This creates an inconsistency of costs for tunnel 34 versus the aggregate cost of physical links L1, L2 and L3 on which tunnel 34 is overlaid. This inconsistency may be due to various reasons, such as the use of multiple metrics, inconsistent updates from gateways, flaws in computing metrics, or for other reasons.
  • Suppose now that a data packet (not shown) arrives at gateway A and that the data packet has a destination, for example a gateway (not shown) beyond gateway B. As such, gateway A may route the packet to gateway B through at least two routes. Assume that one route through [0037] tunnel 34 is a viable option and that another route through links L1, L2 and L3 (i.e. unencrypted) is another option. Assume based on the lower cost of tunnel 34, gateway A selects the route with tunnel 34 and therefore performs IPSec processing and forwards the packet on tunnel 34 to gateway B. Because tunnel 34 overlays L1, the packet is forwarded to C with a destination address for B. Based on an aggregate cost of 6 to forward the packet via L1 and tunnel 34 versus an aggregate cost of 11 to forward the packet via L2 and L3, gateway C forwards the packet to A. Gateway A repeats its evaluation and forwards the packet back to gateway C. Accordingly, the packet is continuously looped until its time to live expires, thereby never reaching gateway B. The continuous loop between A and C may be avoided by exchanging interface information between neighboring gateways A and C and updating their routing tables accordingly.
  • Referring now to FIGS. 2, 3, [0038] 5 and 10, a method for updating a routing table according to interface information for a neighbor gateway in accordance with one embodiment of the invention is shown. Inclusion of interface information of neighboring gateways in routing decisions avoids the loop problem discussed above. It further avoids other potential problems and provides advantages, such as greater flexibility and improved accuracy in routing decisions. Such routing decisions generally include the use of dynamic routing protocols.
  • As an example, suppose that a dynamic routing protocol in operation on gateway A and C includes a distance vector protocol such as Routing Information Protocol (RIP) version 1 (see IETF RFC 1058) or RIP version 2 (see IETF RFC 1388). In accordance with such protocols, gateways typically send routing messages to their neighbors that include routing information known by the sending gateway. Suppose that gateways A and C use RIP and that gateway A sends [0039] 80 to gateway C a routing message 34, which in this example is a RIP response message.
  • As shown in FIG. 3, the [0040] RIP response message 34 according to one embodiment of the invention includes an identification 36 of each network connected to A (e.g. net0, net1, net2 and net3), the number of hops 38 to each network identified, and a nexthop_link indicator 40 for each network. The nexthop_link indicator 40 in one embodiment includes information that discloses an interface'id 42 for one of the interfaces 106, 108, 110, 120 on A for the network represented by identification 36. In other words, nexthop_link discloses the interface on A that a packet will take in being forwarded on A to the network with which the nexthop_link is associated.
  • According to such an embodiment, gateway A also sends [0041] 82 an interface message 44 to gateway C. The interface message 44 may be sent along with the RIP response message 34 or it may be sent independently. The interface message 44 according to one embodiment includes an interface list 46 that discloses an interface_id 42 for each interface on gateway A. For each interface_id 42, interface message 44 discloses an interface type 48 for the corresponding interface on A, a neighbor 50 (a gateway for a point to point network or a network for a broadcast network) to which the corresponding interface is connected, and if the interface type 48 is virtual, the physical type interface 52 on which the virtual type interface is overlaid.
  • Upon reception of the [0042] interface message 44, gateway C either creates 84 an interface table 54 for gateway A and stores it in memory 104, or updates an existing interface table 54 in memory 104, according to instructions stored in memory 104. The interface table 54 according to one embodiment includes interface list 46 from interface message 44. Upon reception of RIP Response message 34, gateway C updates 86 entries 35 of a global routing table (not shown) to include the nexthop_link indicator 42 for each associated route that includes gateway A as the nexthop in the route. The nexthop_link indicator 42 identifies the interface_id for the nexthop from gateway A in the associated route. The nexthop_link indicator 42 further includes a pointer 56 pointing to an entry in interface table 54 corresponding to the interface_id for the next hop. An example of global routing table entries that include nexthop_link indicators is shown in FIG. 6 and is discussed along with another embodiment of the invention.
  • Referring now to FIGS. 2, 4, [0043] 5 and 10, another embodiment of a method for updating a routing table according to the present invention is shown. This embodiment coincides with the use of a link state protocol, such as Open Shortest Path First (OSPF), on gateways A and C. As such, this embodiment is generally the same as the previous RIP embodiment, except that only a link state advertisement message 60 is sent 80 from A to C, rather than an interface message 44. A conventional OSPF link state advertisement message includes an indication of link type 62 for each link connected to the gateway, as well as a link_id 64 for a neighbor gateway connected to that link. It also typically includes link data 66 identifying real interfaces on the gateway for each real link. It may include an interface_id 68 for each interface on the gateway, but generally does not provide overlay information 70. In such an embodiment according to the present invention, the link state advertisement message 60 is expanded to include overlay information 70 for at least virtual link types.
  • As an example, link [0044] state advertisement message 60 includes link type information 62 for each interface on gateway A. The link_id 64 discloses each of A's neighbors based on the link. For example, the virtual link from A to B is represented accurately as a virtual type link with the link_id equaling “B,” the neighbor through that link. It further includes link_data 66, which identifies a physical interface for each link, or for each virtual link, identifies a gateway (e.g. gateway A) as a host of the virtual link. It may further include interface_id 68, which identifies an interface for each physical or virtual link. Accordingly, the interface_id for the virtual link on gateway A identifies tun0 as the interface for the virtual link to B. Overlay information 70 identifies physical interface “eth0” as being the real interface for the virtual link 34 to gateway B.
  • Upon [0045] reception 80 of the link state advertisement message 60, in accordance with a further embodiment the present invention, an interface table 54 is created (or updated) 84 based on the information in the advertisement message 60. Further, entries 35 in the global routing table (not shown) for gateway C may also be updated 86 to include a nexthop_link indicator 42. The nexthop_link indicator 42 may be created by information inferred from the advertisement message 60. For example, routing daemon 114 may evaluate advertisement message 60 and determine that the nexthop_link for the virtual link on gateway A is “tun0.” Routing daemon 114 may further create a pointer to an entry in the interface table 54 that corresponds to the nexthop_link for the virtual link. Based on the updated global routing table (not shown) and the interface table 54, methods for routing packets disclosed in accordance with the RIP embodiment are also applicable in this embodiment.
  • In a further embodiment of the present invention shown in FIGS. 2, 5 and [0046] 10, a method of routing a data packet includes the steps of receiving 88 a data packet (not shown) and choosing 90 a potential route based on a routing protocol. Suppose that the routing is a part of forwarding software 122 stored on gateway C. Suppose further that gateway C receives a packet (not shown) destined for gateway B and that the routing protocol selects the route of L1 to A and A to B (network 3) via tunnel 34 as the potential route. After selecting such a route, forwarding software 122 (or alternatively routing daemon 114) reviews the entry 35 for the selected route in the global routing table (not shown), which includes a nexthop_link indicator 42. Upon finding the nexthop_link indicator 42, forwarding software 122 is able to determine 92 the interface that will be taken on gateway A to forward the packet to gateway B. As indicated by nexthop_link indicator 42, and as shown in the example architecture 10 and RIP response message 34, gateway A will forward the packet along such a route using interface tun0.
  • Because [0047] nexthop_link indicator 42 further includes a pointer 56 to an entry in interface table 54, forwarding software 112 is able to determine 92 that the interface having interface_id “tun0” is a virtual link to neighbor B that is overlaid on the outgoing physical interface represented by interface_id “eth0.” Based on the entry in interface table 54 for interface_id “eth0,” forwarding software 112 is able to determine that the packet will be forwarded on “eth0” to neighbor “C.” Once forwarding software 112 recognizes itself (gateway C) as the neighbor for the nexthop_link on A, it will choose 94 another route that excludes gateway A. As such, the forwarding software 122 will return another route to B as a potential route, such as a route through D. A route is chosen 99 based on priority, and the forwarding software forwards 96 the data packet along the selected route.
  • Referring now to FIGS. 2, 5, [0048] 6 and 10, another embodiment of the present invention is shown, which includes a further method for forwarding a data packet (not shown) based on interface information. This method may take advantage of previous methods discussed for updating a routing table. However, in accordance with this method, a routing daemon 114 stored in memory 104 of a router 100 updates 97 route entries 35 of global routing table (not shown) to include priorities 70 based on interface information. For example, assume gateway C has established an interface table 54 for gateway A and has updated routing entries 35 associated with routes to gateway B to include nexthop_link indicators 42. Based on instructions included in daemon 114, daemon 114 evaluates the nexthop_link 42 for each route to B (e.g. via D or via A), and assigns a priority based on a potential conflict with the route via A. Daemon 114 determines the potential conflict by following the pointer 56 of nexthop_link indicator 42 and by determining that packets via tun0 on gateway A will be routed to itself, gateway C.
  • As part of the method for routing the packet (not shown), [0049] forwarding software 112 consults global routing table entries 35 for routes to B. This may occur by following logic such as represented by, for example, a Radix Prefix Tree 72. Upon evaluating the priorities of entries 35, forwarding software 112 selects 99 the route via D based on its assigned priority being higher than the priority for the route via A. As such, even though the route via A has a lower cost as determined by metrics, the route via D is selected and the data packet is forwarded 96 along that route.
  • Referring now to FIG. 7, a [0050] network architecture 210 is shown that supports systems and methods in accordance with further embodiments of the invention. The architecture 210 generally includes gateways A, B, C, D, E, and F labeled 212, 214, 216, 218, 220, and 222 respectively. Architecture 210 is similar to architecture 10 of FIG. 2, except that gateway F is shown connected to gateway B. Further, the cost for routing a packet (not shown) between A and B via gateway F as determined by metrics is 2, versus a cost of 5 via tunnel 234. Accordingly, for a packet received at gateway A for forwarding to gateway B, a routing decision based on metrics would favor the route via gateway F. Such a decision, however, may be contrary to the intent of sending the packet (not shown) to gateway A. For example, it may be desirable for the packet to be routed to gateway B in an encrypted state via tunnel 234, rather than in an unencrypted state via gateway F. A routing decision based on metrics, therefore, would frustrate this intent.
  • A method of routing a data packet according to one embodiment of the invention is illustrated with reference to FIGS. 7, 8 and [0051] 10. Suppose that a data packet (not shown) is received at gateway A that has a destination of gateway B. According to instructions stored in the memory 104 of gateway A, such as part of a routing daemon 114, entries 235 corresponding to routes to gateway B in a routing table (not shown) are evaluated and updated 98 to include priorities 270. The priorities are determined by routing daemon 114 based on the interface type for a local interface corresponding to each route. As such, routing daemon 114 considers the local interface associated with each route and determines the interface type for each interface. Daemon 114 thereby determines that the route to gateway B via gateway F is connected to local interface eth1, which is a physical type interface. Daemon 114 also determines that the route via tunnel 234 is connected to local interface tun0 and is a virtual type interface. Because tun0 is a virtual interface and eth1 is a physical interface, daemon 114 assigns a higher priority 270 to the route via tunnel 234.
  • Based on the priorities, [0052] forwarding software 112 selects the route via tunnel 234 even though the route via gateway F has a lower cost. Accordingly, the packets received at gateway A will be encrypted in transmission to gateway B via tunnel 234, despite other choices suggested by metrics.
  • In another embodiment of the invention, [0053] forwarding software 112 performs the steps performed by routing daemon 114 except for assigning priorities. As such, forwarding software 112 determines that the route via tunnel 234 is connected to local interface tun0 and is a virtual type interface. Because tun0 is a virtual interface and eth1 is a physical interface, forwarding software 112 selects the route via tunnel 234 according to its programming despite the costs determined by metrics.
  • Referring now to FIGS. 7 and 9, a method of routing a data packet according to a further embodiment of the invention is shown. Suppose that an encrypted data packet (not shown) is received at gateway D from gateway C that has a destination address of gateway B, as part of routing on [0054] tunnel 234. Based on metrics, it is possible that gateway D will forward the data packet to gateway C on a route to gateway B that includes gateways C, A, and F. This may cause a loop as the packet is routed back and forth between gateways C and D or gateways A, C and D.
  • According to a further embodiment of the present invention, a method for routing a packet is shown in FIG. 9. As such, instructions stored in the [0055] memory 104 of gateway D, such as daemon 114, evaluates potential routes for forwarding the packet to gateway B by looking at entries 235 of a global routing table. Upon recognizing that the direct route to gateway B includes one hop (e.g. nexthop=B), daemon 114 assigns a higher priority to this route than to other routes that includes multiple hops. Accordingly, forwarding software 112 selects the direct route to gateway B over other routes suggested by metrics.
  • Embodiments of the invention described with reference to FIGS. 1-10 above are directed at overcoming the routing difficulties such as previously described. Embodiments of the invention described with reference to FIGS. 11-16 below are directed at overcoming the routing difficulties such as previously described. Moreover, embodiments of the invention described with reference to FIGS. 11-16 below are further directed at solving additional routing difficulties. For example, a one-legged virtual private network (VPN) may present additional routing difficulties, as described in greater detail with reference to FIG. 16, below. Embodiments of the invention described with reference to FIGS. 11-16 may be employed to overcome the routing difficulties previously described, as well as overcoming routing difficulties presented by one-legged VPNs and the like. [0056]
  • FIG. 11 shows an embodiment of distance [0057] vector response message 1134. Distance vector response message 1134 may include a modified RIP response message, and the like. In one embodiment, distance vector response message 1134 is sent from gateway A 12 to gateway C 16 (referring to FIG. 2). Also, distance vector response message 1134 may include an identification 1136 of each network connected to gateway A 12 (e.g. net0, net1, net2 and net3, referring to FIG. 2), the number of hops 1138 to each network identified, and next_physical_hop indicator 1190 for each network. Next_physical_hop indicator 1190 may identify the gateway that is one physical hop away from gateway A 12 for the network identified.
  • FIG. 12 shows Link [0058] State Advertisement message 1260. Link State Advertisement message 1260 may include a modified OSPF Link State Advertisement message, and the like. In one embodiment, Link State Advertisement message 1260 is sent from gateway A 12 to gateway C 16 (referring to FIG. 2).
  • Link [0059] State Advertisement message 1260 may include link type indicator 1262 for each link connected to gateway A 12, as well as link_id 1264 for a neighbor (gateway C 16) connected to that link. Link type indicator 1262 may indicate whether the link is a point-to-point link, a virtual link, and the like. Link_id 1264 may identify each of gateway A 12's neighbors based on the link. In one embodiment, the virtual link from gateway A 12 to gateway B 14 (referring to FIG. 2) may be represented as a virtual type link with the link_id identifying gateway B 14, the neighbor through that link.
  • Additionally, Link [0060] State Advertisement message 1260 may include link_data 1266. Link_data 1266 may identify a physical interface for each physical link. Also, for each virtual link, Link_data 1266 may identify a gateway (e.g. gateway A 12) as a host of the virtual link.
  • Link [0061] State Advertisement message 1260 may further include interface_id 1268, which may identify an interface for each physical or virtual link. Accordingly, the interface_id for the virtual link on gateway A 12 may identify tun0 (referring to FIG. 2) as the interface for the virtual link to gateway B 14. Also, Link State Advertisement message 1260 may include next_physical_hop indicator 1280. If the link type for the network identifier is virtual, next_physical_hop indicator 1280 may identify the gateway that is one physical hop away from the gateway A 12 for the network identified.
  • According to one embodiment, for link T[0062] 1 (referring to FIG. 2), link_id 1264 identifies gateway B14, and next_physical_hop indicator 1280 identifies gateway C 1216, since gateway C 1216 is the next physical hop from gateway A 12 to gateway B 14 on link T1.
  • According to one embodiment, the gateway that is one physical hop away from the [0063] gateway A 12 for the network is not identified if the link type for the network is point-to-point, as illustrated in FIG. 12. Although not shown in FIG. 12, according to another embodiment, the next_physical_hop indicator may also identify the gateway that is one physical hop away from the gateway A 12 for the network identified if the link type for the network identifier is point-to-point.
  • FIG. 13 shows an embodiment of [0064] routing entry 1335. Gateway C 16 (referring to FIG. 2) may have a global routing table (not shown) that may include routing entries 1335 after gateway C 16 has been updated in response to routing messages. Additionally, each routing entry 1335 may include Nexthop indicator 1391, local interface indicator 1392, next_nexthop indicator 1394, priority indicator 1396, and next route indicator 1398.
  • An embodiment of [0065] routing entry 1335 that may be included in the global routing table of gateway C 16 is discussed herein. However, it is understood that other embodiments of routing entry 1335 may be included in the global routing table of other gateways.
  • Each [0066] routing entry 1335 may be associated with a particular route. In one embodiment, Nexthop indicator 1391 may identify the gateway that is one physical hop away from this gateway along the associated route. For this embodiment, “this gateway” refers to gateway C 16. As used herein, identifying a gateway may refer to indicating an address of the gateway, and the like. FIG. 13 illustrates an embodiment of routing entry 1335 that is associated with a route from gateway C 16 to gateway B 14 with gateway A 12 (referring to FIG. 2) as the first physical hop taken. Accordingly, in this embodiment, Nexthop indicator 1391 identifies gateway A 12.
  • [0067] Local interface indicator 1392 may identify the first local interface that a packet would take along the associated route. The local interface may be virtual or physical. In the embodiment of routing entry 1335 shown in FIG. 13, local interface indicator 1392 may identify interface Eth0 (referring to FIG. 2), since that is the first local interface along the associated route.
  • [0068] Next_nexthop indicator 1394 may identify the gateway that is two physical hops away from this gateway (i.e. gateway C 16) along the associated route. FIG. 13 illustrates an embodiment of routing entry 1335 that is associated with a route from gateway C 16 to gateway B 14 with gateway A 12 as the first physical hop taken. Accordingly, in this embodiment, gateway A 12 is the first physical hop on the route from gateway C 16 to gateway A 12. At gateway A 12, in this embodiment, a packet would use link T1 to reach gateway B 14. In this embodiment, the first physical hop that a packet would take on link T1 (when going from gateway A 12 to gateway B 14) is gateway C 16. So in this embodiment, the first physical hop on the associated route is from gateway C 16 to gateway A 12, and the second physical hop on the associated route is from gateway A 12 to gateway C 16. Accordingly, for this embodiment, next_nexthop indicator 1394 may identify gateway C 16.
  • [0069] Gateway C 16 may be configured to evaluate whether next_nexthop indicator 1394 identifies itself (i.e. gateway C 16). If next_nexthop indicator 1394 identifies itself, gateway C 16 may make the associated route inactive. Making the associated route inactive may be accomplished in a number of ways, including discarding the associated route, reducing the priority of the associated route, making the route unusable in some other manner, and the like.
  • [0070] Priority indicator 1396 may indicate the priority of the associated route. Gateway C 16 may be configured to use the priority to determine which route should be selected for a packet. The priority of the associated route may be determined, in part, by one or more metrics, protocols, and the like. Examples of such protocols may include distance vector protocols, link state protocols, and the like. However, the metrics may not be the sole factor in determining priority. In one embodiment, the priority of the route may be lowered if next_nexthop indicator 1394 identifies this gateway (i.e. gateway C 16), as discussed in the previous paragraph.
  • In one embodiment, [0071] routing entries 1335 in the global routing table having associated routes that each lead to the same gateway may be ordered in a list, group, and the like. In this embodiment, routing entry 1335 may include next route indicator 1398. Next route indicator 1398 may identify the next routing entry 1335 in the list, if there is a subsequent entry in the list.
  • FIG. 14 shows an embodiment of a flow chart of [0072] process 1400. After a start block, the process proceeds to block 1402, where a signal is received. The signal may be a routing message, and the like. The routing message may be Distance Vector Response Message 1134 (referring to FIG. 11), Link State Advertisement Message 1236 (referring to FIG. 12), and the like. The routing message may be received by a gateway that maintains a global routing table. The routing message may include information that is related to identifying at least one gateway that is two physical hops away from this gateway. At least one of the two physical hops may be associated with a virtual interface, such as tun0 (referring to FIG. 2), and the like.
  • The process then moves from [0073] block 1402 to block 1404, wherein appropriate routing entries (e.g. routing entry 1335, referring to FIG. 13) for the global routing table are updated. This may include adding or updating a next_nexthop indicator for appropriate route entries.
  • The process then steps from [0074] block 1404 to decision block 1406, where a determination is made as to whether the next nexthop indicator for any of the route entries in the global routing table identifies this gateway. “This gateway” refers to the gateway in which the global routing table is held. In one embodiment, the determination at block 1406 is made using logic that can be represented in a prefix tree, as described in greater detail with reference to FIG. 15 below. If none of the routing entries in the global routing table identify this gateway, the process advances to a return block, where the process returns to performing other actions.
  • At [0075] decision block 1406, if it is determined that a route entry identifies this gateway, the process proceeds to block 1408. At block 1408, the route entry that includes the next_nexthop indicator that identifies this gateway is made inactive. The process then moves from block 1408 to the return block, where the process returns to performing other actions.
  • FIG. 15 shows an embodiment of [0076] prefix tree 1573 based on a global routing table (not shown). In one embodiment, a routing daemon (e.g. 114, referring to FIG. 5) stored in a memory (e.g. 104, referring to FIG. 5) of a gateway (e.g. 100, referring to FIG. 5) updates route entries 1535 of the global routing table to include priorities 1596. In one embodiment, gateway C 16 updates routing entries 1535 associated with routes to gateway B 14 (referring to FIG. 2) to include next_nexthop indicators 1594. Based on instructions that may be included in the daemon, the daemon may evaluate the next_nexthop indicator 1594 for each route to gateway B 14 (e.g. via gateway D 18 or via gateway A 12), and may assign priority 1596 based on a potential conflict with the route via gateway A 12 (referring to FIG. 2). The daemon may make the route to gateway C 16 via gateway A 12 inactive, since next_nexthop indicator 1594 for that route identifies gateway C 16.
  • In one embodiment, forwarding software (e.g. [0077] 112, referring to FIG. 5) in gateway C 16 may consult routing entries 1535 for routes to gateway B 14. This may occur by employing logic such as represented by, for example, radix prefix tree 1573. Additionally, the forwarding software may be configured to evaluate priorities 1596 of entries 1535.
  • Further, the forwarding software may be configured to then select the route via [0078] gateway D 18 since priority 1596 for the route via gateway D 18 is higher than the priority for the route via gateway A 12. Even though the route via gateway A 12 may have a lower cost as determined by metrics, the route via gateway D 18 may be selected and a data packet is forwarded along that route. In one embodiment, a lower number may be used to indicate a higher priority. In another embodiment, a higher number may be used to indicate a higher priority. In the embodiment shown in FIG. 15, the highest priority identified with the number 1, the second highest priority is identified with the number 2, and so forth.
  • FIG. 16 shows a block diagram of an embodiment of one-[0079] legged VPN 1610. One-legged VPN 1610 may include gateways such as gateway A 1612, gateway B 1614, gateway C 1616, gateway D 1618, gateway E 1660, gateway F 1622, and gateway G 1680. Another embodiment may include another arrangement for a one-legged VPN.
  • [0080] Gateway A 1612 may be configured for routing packets. For a packet that is sent from gateway A 1612 to gateway B 1614 via virtual link T1, gateway A may encrypt the packet before sending it. In contrast, for a packet that is sent from gateway A via one of the physical links L1, L4, or L5, the packet may be sent as clear text (i.e. unencrypted).
  • [0081] Gateway G 1680 is part of the one-legged VPN. In one embodiment, it is desirable for packets sent from gateway G 1680 to gateway B 1614 to be encrypted. Accordingly, in this embodiment, it is desirable that a packet sent from gateway G 1680 be forwarded to gateway A 1612, so that gateway A 1612 can encrypt the packet before the packet is sent to gateway B 1614. However, in this embodiment, it is desirable for packets sent from gateway C 1616 that are destined for gateway B 1614 to be forwarded to gateway D 1618 rather than gateway A 1612. If a packet sent from gateway C 1616 that is destined for gateway B 1614 is forwarded to gateway A 1612, a loop may result.
  • The desirable forwarding discussed in the previous paragraph can be accomplished by employing process [0082] 1400 (referring to FIG. 14). Employing method 1400, packets sent from gateway G 1680 to gateway B 1614 (or another gateway that may be reached via gateway B 1614) may be forwarded to gateway A 1612. In the global routing table of gateway G 1680, the route entry with an associated route to gateway B 1614 via gateway A 1612 may have a next_nexthop indicator that identifies gateway C 1616. If the next_nexthop indicator does not identify itself (gateway G 1680), the associated route may be accepted.
  • Employing [0083] process 1400, packets sent from gateway C to gateway B 1614 (or another gateway that may be reached via gateway B) may be forwarded to gateway D 1618 rather than gateway A 1612. In the global routing table of gateway C 1616, the route entry with an associated route to gateway B 1614 via gateway A 1612 may have a next_nexthop indicator that identifies gateway C 1616. Since the next_nexthop indicator identifies itself (gateway C 1616), the associated route may be made inactive.
  • While the present invention has been described in connection with the illustrated embodiments, it will be appreciated and understood that modifications may be made without departing from the true spirit and scope of the invention. In particular, the invention applies to almost any type of network and a variety of different routing protocols, such as path vector protocols. Since many embodiments of the invention can be made without departing from the spirit and scope of the invention, the invention also resides in the claims hereinafter appended. [0084]

Claims (20)

I claim:
1. A gateway for routing over a network, comprising:
a transceiver that is configured to receive a signal, wherein the signal includes information that is associated a second gateway that is two physical hops away from the gateway; and
a processor that is configured to perform actions, the actions comprising:
maintaining a routing table that identifies a third gateway that is two physical hops away from the gateway; and
updating the routing table in response to the signal.
2. The gateway of claim 1, wherein the signal includes at least one of a distance vector response message and a link state advertisement message.
3. The gateway of claim 1, wherein the signal is sent from a fourth gateway, the signal includes an entry that indicates an address of the second gateway, and wherein the second gateway is one physical hop away from the fourth gateway.
4. The gateway of claim 1, wherein the signal is sent from a fourth gateway, the signal includes a first indicator that indicates a link type of a link that is associated with the fourth gateway, the second gateway is the third gateway, and wherein if the link type corresponds to a virtual link type, the signal further includes a second indicator that identifies the third gateway.
5. The gateway of claim 1, wherein the gateway is further configured to route packets based on the routing table.
6. The gateway of claim 1, wherein the gateway is further configured to dynamically route packets based on the routing table, and wherein the gateway is part of a one-legged virtual private network.
7. The gateway of claim 1, wherein the routing table includes a plurality of route entries, and wherein the processor is configured to maintain the routing table by including a next_nexthop indicator for each of the plurality of route entries.
8. The gateway of claim 7, wherein the processor is configured to perform further actions, comprising:
determining, for each of the route entries, if the next_nexthop indicator identifies the gateway; and
if the next_nexthop indictor identifies the gateway, making the route entry inactive.
9. A gateway for routing over a network, comprising:
a transceiver that is configured to process packets; and
a processor that is configured to perform actions, the actions comprising:
maintaining a routing table that includes a plurality of route entries, wherein each of the route entries is associated with a route, each of the route entries includes a next_nexthop indicator, and wherein each next_nexthop indicator identifies another gateway that is two physical hops from the gateway on the associated route; and
for each route of the plurality of route entries:
determining if the next_nexthop indicator of the route entry identifies the gateway; and
if the next_nexthop indicator of the route entry identifies the gateway, making the route inactive.
10. The gateway of claim 9, wherein the processor is configured to perform further actions, comprising
receiving a routing message; and
updating the routing table in response to the routing message.
11. The gateway of claim 10, wherein the routing message is related to one of the next_nexthop indicators, and wherein the processor is configured to update the routing table such that the one of the next_nexthop indicators is updated.
12. The gateway of claim 10, wherein the processor is configured to update the routing table such that a new next_nexthop indicator is added to the routing table.
13. A method for routing over a network, comprising:
maintaining a routing table that is associated with a gateway, wherein the routing table identifies another gateway that is two physical hops away from the gateway, wherein at least one of the two physical hops is associated with a virtual interface; and
routing a packet based upon the routing table.
14. The method of claim 13, wherein the routing table includes a plurality of route entries, each of the route entries includes a next_nexthop indicator, and wherein each next_nexthop indicator identifies an indicated gateway that is two physical hops from the gateway on a route that is associated with the route entry.
15. The method of claim 14, further comprising:
for each route of the plurality of routes:
determining if the next_nexthop indicator identifies the gateway, wherein the routing table is maintained in the gateway; and
if the next_nexthop indicator identifies the gateway, making the route inactive.
16. The method of claim 13, further comprising:
receiving a signal, wherein the signal includes information that is associated with a second gateway that is two physical hops away the gateway; and
updating the routing table in response to the signal.
17. The gateway of claim 16, wherein the signal is sent from a third gateway, and wherein the signal includes an entry that indicates an address of the second gateway.
18. A computer-readable medium encoded with a data structure for routing a packet over a network, the data structure comprising:
a plurality of route entries, wherein each route entry is associated with a route over the network, wherein the plurality of route entries is associated with a gateway, and
wherein each route entry comprises an indicator that identifies an indicated gateway that is two physical hops away from the gateway.
19. The computer-readable medium of claim 18, wherein, for at least one of the route entries, the indicated gateway is the gateway.
20. A gateway for routing over a network, comprising:
means for maintaining a routing table that identifies at least one gateway that is two physical hops away from the gateway, wherein at least one of the two physical hops is associated with a virtual interface; and
means for routing a packet based upon the routing table.
US10/742,132 2002-06-27 2003-12-18 Dynamic routing on networks Abandoned US20040210892A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US10/742,132 US20040210892A1 (en) 2002-06-27 2003-12-18 Dynamic routing on networks

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/180,081 US6744774B2 (en) 2002-06-27 2002-06-27 Dynamic routing over secure networks
US10/742,132 US20040210892A1 (en) 2002-06-27 2003-12-18 Dynamic routing on networks

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US10/180,081 Continuation-In-Part US6744774B2 (en) 2002-06-27 2002-06-27 Dynamic routing over secure networks

Publications (1)

Publication Number Publication Date
US20040210892A1 true US20040210892A1 (en) 2004-10-21

Family

ID=29778857

Family Applications (2)

Application Number Title Priority Date Filing Date
US10/180,081 Expired - Lifetime US6744774B2 (en) 2002-06-27 2002-06-27 Dynamic routing over secure networks
US10/742,132 Abandoned US20040210892A1 (en) 2002-06-27 2003-12-18 Dynamic routing on networks

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US10/180,081 Expired - Lifetime US6744774B2 (en) 2002-06-27 2002-06-27 Dynamic routing over secure networks

Country Status (5)

Country Link
US (2) US6744774B2 (en)
EP (1) EP1516460B1 (en)
AU (1) AU2003240207A1 (en)
DE (1) DE60321791D1 (en)
WO (1) WO2004004239A1 (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050226217A1 (en) * 2003-02-26 2005-10-13 Gunter Logemann Data sink/data source, data transmission device and data terminal device for a circuit-switched and packet-switched network
US20060126495A1 (en) * 2004-12-01 2006-06-15 Guichard James N System and methods for detecting network failure
US20060198321A1 (en) * 2005-03-04 2006-09-07 Nadeau Thomas D System and methods for network reachability detection
US20060215577A1 (en) * 2005-03-22 2006-09-28 Guichard James N System and methods for identifying network path performance
US20070097973A1 (en) * 2005-10-28 2007-05-03 John Scudder Method and apparatus for prioritized processing of routing information
US20070276958A1 (en) * 2006-05-26 2007-11-29 International Business Machines Corporation System, method and program for encryption during routing
US20090003223A1 (en) * 2007-06-29 2009-01-01 Mccallum Gavin Discovering configured tunnels between nodes on a path in a data communications network
US20100169157A1 (en) * 2008-12-30 2010-07-01 Nokia Corporation Methods, apparatuses, and computer program products for providing targeted advertising
US7912934B1 (en) 2006-01-09 2011-03-22 Cisco Technology, Inc. Methods and apparatus for scheduling network probes
US7983174B1 (en) 2005-12-19 2011-07-19 Cisco Technology, Inc. Method and apparatus for diagnosing a fault in a network path
US20120076150A1 (en) * 2010-09-23 2012-03-29 Radia Perlman Controlled interconnection of networks using virtual nodes
KR101152752B1 (en) 2010-10-22 2012-06-18 한국과학기술원 Method for delivery of messages between intermediate nodes
US8737406B1 (en) * 2002-08-01 2014-05-27 Cisco Technology, Inc. Method for transmitting IP routes to prioritize convergence

Families Citing this family (79)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7039720B2 (en) * 2001-01-25 2006-05-02 Marconi Intellectual Property (Ringfence) , Inc. Dense virtual router packet switching
US20050198379A1 (en) 2001-06-13 2005-09-08 Citrix Systems, Inc. Automatically reconnecting a client across reliable and persistent communication sessions
US8532127B2 (en) 2001-10-19 2013-09-10 Juniper Networks, Inc. Network routing using indirect next hop data
US6744774B2 (en) * 2002-06-27 2004-06-01 Nokia, Inc. Dynamic routing over secure networks
US7184437B1 (en) 2002-07-17 2007-02-27 Juniper Networks, Inc. Scalable route resolution
CN100459534C (en) * 2002-10-07 2009-02-04 日本电信电话株式会社 Layer network node and network constituted throuth said nodes, the node and layer network thereof
US20040098505A1 (en) * 2002-11-20 2004-05-20 Clemmensen Daniel G. Forwarding system with multiple logical sub-system functionality
KR100462864B1 (en) * 2002-11-22 2004-12-17 삼성전자주식회사 Routing table Management Method using Interface ID in the IPv6
US7792991B2 (en) * 2002-12-17 2010-09-07 Cisco Technology, Inc. Method and apparatus for advertising a link cost in a data communications network
US7707307B2 (en) * 2003-01-09 2010-04-27 Cisco Technology, Inc. Method and apparatus for constructing a backup route in a data communications network
US7869350B1 (en) 2003-01-15 2011-01-11 Cisco Technology, Inc. Method and apparatus for determining a data communication network repair strategy
DE60313572T2 (en) * 2003-02-03 2007-12-27 Alcatel Lucent Establishment of diversity connections via different access nodes
KR100514742B1 (en) * 2003-02-06 2005-09-14 삼성전자주식회사 Apparatus and method for determining next hop address by using unified cache
US8151318B1 (en) * 2003-02-25 2012-04-03 Cisco Technology, Inc. Method and apparatus for reliably and asymmetrically distributing security information within a fibre channel fabric
WO2004080026A1 (en) * 2003-03-04 2004-09-16 Lukas Wunner Method, system and storage medium for introducing data network accessibility information
US7382731B1 (en) * 2003-03-05 2008-06-03 Cisco Technology, Inc. Method and apparatus for updating probabilistic network routing information
US7441267B1 (en) * 2003-03-19 2008-10-21 Bbn Technologies Corp. Method and apparatus for controlling the flow of data across a network interface
US7392378B1 (en) * 2003-03-19 2008-06-24 Verizon Corporate Services Group Inc. Method and apparatus for routing data traffic in a cryptographically-protected network
US7330440B1 (en) * 2003-05-20 2008-02-12 Cisco Technology, Inc. Method and apparatus for constructing a transition route in a data communications network
US7864708B1 (en) 2003-07-15 2011-01-04 Cisco Technology, Inc. Method and apparatus for forwarding a tunneled packet in a data communications network
US7466661B1 (en) 2003-09-22 2008-12-16 Cisco Technology, Inc. Method and apparatus for establishing adjacency for a restarting router during convergence
US7554921B2 (en) * 2003-10-14 2009-06-30 Cisco Technology, Inc. Method and apparatus for generating routing information in a data communication network
US7580360B2 (en) * 2003-10-14 2009-08-25 Cisco Technology, Inc. Method and apparatus for generating routing information in a data communications network
US7978716B2 (en) 2003-11-24 2011-07-12 Citrix Systems, Inc. Systems and methods for providing a VPN solution
US7710882B1 (en) 2004-03-03 2010-05-04 Cisco Technology, Inc. Method and apparatus for computing routing information for a data communications network
US7848240B2 (en) * 2004-06-01 2010-12-07 Cisco Technology, Inc. Method and apparatus for forwarding data in a data communications network
US7730294B2 (en) * 2004-06-04 2010-06-01 Nokia Corporation System for geographically distributed virtual routing
US8495305B2 (en) 2004-06-30 2013-07-23 Citrix Systems, Inc. Method and device for performing caching of dynamically generated objects in a data communication network
US8739274B2 (en) 2004-06-30 2014-05-27 Citrix Systems, Inc. Method and device for performing integrated caching in a data communication network
US7757074B2 (en) 2004-06-30 2010-07-13 Citrix Application Networking, Llc System and method for establishing a virtual private network
US7577106B1 (en) 2004-07-12 2009-08-18 Cisco Technology, Inc. Method and apparatus for managing a transition for a class of data between first and second topologies in a data communications network
KR20070037648A (en) 2004-07-23 2007-04-05 사이트릭스 시스템스, 인크. A method and systems for routing packets from a peripheral device to a virtual private network gateway
US7808906B2 (en) 2004-07-23 2010-10-05 Citrix Systems, Inc. Systems and methods for communicating a lossy protocol via a lossless protocol using false acknowledgements
US7657657B2 (en) 2004-08-13 2010-02-02 Citrix Systems, Inc. Method for maintaining transaction integrity across multiple remote access servers
US7630298B2 (en) * 2004-10-27 2009-12-08 Cisco Technology, Inc. Method and apparatus for forwarding data in a data communications network
US7496644B2 (en) * 2004-11-05 2009-02-24 Cisco Technology, Inc. Method and apparatus for managing a network component change
US7978708B2 (en) * 2004-12-29 2011-07-12 Cisco Technology, Inc. Automatic route tagging of BGP next-hop routes in IGP
US7436838B2 (en) * 2004-12-29 2008-10-14 Cisco Technology, Inc. Automatic prioritization of BGP next-hop in IGP
US7810089B2 (en) 2004-12-30 2010-10-05 Citrix Systems, Inc. Systems and methods for automatic installation and execution of a client-side acceleration program
US8706877B2 (en) 2004-12-30 2014-04-22 Citrix Systems, Inc. Systems and methods for providing client-side dynamic redirection to bypass an intermediary
US8549149B2 (en) 2004-12-30 2013-10-01 Citrix Systems, Inc. Systems and methods for providing client-side accelerated access to remote applications via TCP multiplexing
US8700695B2 (en) 2004-12-30 2014-04-15 Citrix Systems, Inc. Systems and methods for providing client-side accelerated access to remote applications via TCP pooling
US8954595B2 (en) 2004-12-30 2015-02-10 Citrix Systems, Inc. Systems and methods for providing client-side accelerated access to remote applications via TCP buffering
US8255456B2 (en) 2005-12-30 2012-08-28 Citrix Systems, Inc. System and method for performing flash caching of dynamically generated objects in a data communication network
WO2006081032A2 (en) 2005-01-24 2006-08-03 Citrix Systems, Inc. Systems and methods for performing caching of dynamically generated objects in a network
US7933197B2 (en) * 2005-02-22 2011-04-26 Cisco Technology, Inc. Method and apparatus for constructing a repair path around a non-available component in a data communications network
US7848224B2 (en) * 2005-07-05 2010-12-07 Cisco Technology, Inc. Method and apparatus for constructing a repair path for multicast data
US7835312B2 (en) * 2005-07-20 2010-11-16 Cisco Technology, Inc. Method and apparatus for updating label-switched paths
US7693043B2 (en) * 2005-07-22 2010-04-06 Cisco Technology, Inc. Method and apparatus for advertising repair capability
US7512080B1 (en) * 2005-11-08 2009-03-31 Juniper Networks, Inc. Forwarding tree having multiple bit and intermediate bit pattern comparisons
US8301839B2 (en) 2005-12-30 2012-10-30 Citrix Systems, Inc. System and method for performing granular invalidation of cached dynamically generated objects in a data communication network
US7921184B2 (en) 2005-12-30 2011-04-05 Citrix Systems, Inc. System and method for performing flash crowd caching of dynamically generated objects in a data communication network
KR101256687B1 (en) * 2006-02-13 2013-04-19 리서치 파운데이션 오브 더 시티 유니버시티 오브 뉴욕 Apparatus for setting multipath and method thereof
US7701845B2 (en) 2006-09-25 2010-04-20 Cisco Technology, Inc. Forwarding data in a data communications network
US8584199B1 (en) 2006-10-17 2013-11-12 A10 Networks, Inc. System and method to apply a packet routing policy to an application session
US8312507B2 (en) 2006-10-17 2012-11-13 A10 Networks, Inc. System and method to apply network traffic policy to an application session
US7720995B2 (en) * 2007-06-08 2010-05-18 Cisco Technology, Inc. Conditional BGP advertising for dynamic group VPN (DGVPN) clients
US7940776B2 (en) * 2007-06-13 2011-05-10 Cisco Technology, Inc. Fast re-routing in distance vector routing protocol networks
US8335162B2 (en) 2007-08-13 2012-12-18 At&T Intellectual Property I, Lp Methods and apparatus to control traffic in a packet-switched network
US8514876B2 (en) * 2009-08-11 2013-08-20 Cisco Technology, Inc. Method and apparatus for sequencing operations for an incoming interface check in data center ethernet
US8542578B1 (en) 2010-08-04 2013-09-24 Cisco Technology, Inc. System and method for providing a link-state path to a node in a network environment
CN102480410B (en) * 2010-11-22 2015-06-10 杭州华三通信技术有限公司 Single board for centralized business processing and virtualized resource dividing method
CN102868598B (en) * 2011-07-07 2015-07-29 株式会社日立制作所 Control device and control method
US9118618B2 (en) 2012-03-29 2015-08-25 A10 Networks, Inc. Hardware-based packet editor
US9049148B1 (en) 2012-09-28 2015-06-02 Juniper Networks, Inc. Dynamic forwarding plane reconfiguration in a network device
TWI483138B (en) * 2012-10-12 2015-05-01 Acer Inc Method for processing and verifying remote dynamic data, system using the same, and computer-readable medium
US9338225B2 (en) 2012-12-06 2016-05-10 A10 Networks, Inc. Forwarding policies on a virtual service network
US9407701B2 (en) 2012-12-14 2016-08-02 Apple Inc. Address family preference in multiple network interface environments
WO2014144837A1 (en) 2013-03-15 2014-09-18 A10 Networks, Inc. Processing data packets using a policy based network path
WO2014179753A2 (en) 2013-05-03 2014-11-06 A10 Networks, Inc. Facilitating secure network traffic by an application delivery controller
US9942152B2 (en) * 2014-03-25 2018-04-10 A10 Networks, Inc. Forwarding data packets using a service-based forwarding policy
US10268467B2 (en) 2014-11-11 2019-04-23 A10 Networks, Inc. Policy-driven management of application traffic for providing services to cloud-based applications
CN106161224B (en) * 2015-04-02 2019-09-17 阿里巴巴集团控股有限公司 Method for interchanging data, device and equipment
US9998428B2 (en) * 2015-06-29 2018-06-12 Cisco Technology, Inc. Virtual routing and forwarding (VRF) for asymmetrical virtual service provider (VSP) tunnels
US20190007277A1 (en) * 2017-06-30 2019-01-03 Infinera Corporation Large network simulator for device characterization
US11290941B2 (en) * 2020-02-28 2022-03-29 At&T Intellectual Property I, L.P. Selectively using a co-processor to process network routing information in a fifth generation (5G) or other next generation network
US10939256B1 (en) * 2020-07-22 2021-03-02 Bandwidth, Inc. Techniques for routing messages in a communications network
CN113438178B (en) * 2021-06-22 2023-04-18 北京天融信网络安全技术有限公司 Message forwarding method and device, computer equipment and storage medium
JP2023042172A (en) * 2021-09-14 2023-03-27 株式会社東芝 Wireless relay device, gateway device and radio system

Citations (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5274644A (en) * 1991-11-05 1993-12-28 At&T Bell Laboratories Efficient, rate-base multiclass access control
US5602839A (en) * 1995-11-09 1997-02-11 International Business Machines Corporation Adaptive and dynamic message routing system for multinode wormhole networks
US5867666A (en) * 1994-12-29 1999-02-02 Cisco Systems, Inc. Virtual interfaces with dynamic binding
US5923854A (en) * 1996-11-22 1999-07-13 International Business Machines Corporation Virtual internet protocol (IP) addressing
US6067574A (en) * 1998-05-18 2000-05-23 Lucent Technologies Inc High speed routing using compressed tree process
US6101188A (en) * 1996-09-12 2000-08-08 Nec Corporation Internetworking router
US6111872A (en) * 1995-03-03 2000-08-29 Matsushita Electric Industrial Co., Ltd. Telemeter telecontrol system
US6115362A (en) * 1997-03-28 2000-09-05 Cabletron Systems, Inc. Method and apparatus for determining frame relay connections
US20010014892A1 (en) * 2000-02-02 2001-08-16 Gaither Blaine D. Method and apparatus for transating virtual path file access operations to physical file path access
US6330599B1 (en) * 1997-08-05 2001-12-11 Cisco Technology, Inc. Virtual interfaces with dynamic binding
US20020051427A1 (en) * 2000-09-21 2002-05-02 Avici Systems, Inc. Switched interconnection network with increased bandwidth and port count
US6510159B1 (en) * 1997-04-23 2003-01-21 Nec Corporation Router and routing method
US20030033394A1 (en) * 2001-03-21 2003-02-13 Stine John A. Access and routing protocol for ad hoc network using synchronous collision resolution and node state dissemination
US6615273B1 (en) * 2000-01-20 2003-09-02 Lucent Technologies Inc. Method for performing enhanced target identifier (TID) address resolution
US6625658B1 (en) * 1998-06-30 2003-09-23 Fujitsu Limited End equipment and router
US6744774B2 (en) * 2002-06-27 2004-06-01 Nokia, Inc. Dynamic routing over secure networks
US7177295B1 (en) * 2002-03-08 2007-02-13 Scientific Research Corporation Wireless routing protocol for ad-hoc networks
US7184421B1 (en) * 2001-12-21 2007-02-27 Itt Manufacturing Enterprises, Inc. Method and apparatus for on demand multicast and unicast using controlled flood multicast communications
US20070206494A1 (en) * 1999-05-19 2007-09-06 Cisco Technology, Inc. Tunnel Reroute

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6611872B1 (en) * 1999-01-11 2003-08-26 Fastforward Networks, Inc. Performing multicast communication in computer networks by using overlay routing

Patent Citations (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5274644A (en) * 1991-11-05 1993-12-28 At&T Bell Laboratories Efficient, rate-base multiclass access control
US5867666A (en) * 1994-12-29 1999-02-02 Cisco Systems, Inc. Virtual interfaces with dynamic binding
US6111872A (en) * 1995-03-03 2000-08-29 Matsushita Electric Industrial Co., Ltd. Telemeter telecontrol system
US5602839A (en) * 1995-11-09 1997-02-11 International Business Machines Corporation Adaptive and dynamic message routing system for multinode wormhole networks
US6101188A (en) * 1996-09-12 2000-08-08 Nec Corporation Internetworking router
US5923854A (en) * 1996-11-22 1999-07-13 International Business Machines Corporation Virtual internet protocol (IP) addressing
US6115362A (en) * 1997-03-28 2000-09-05 Cabletron Systems, Inc. Method and apparatus for determining frame relay connections
US6510159B1 (en) * 1997-04-23 2003-01-21 Nec Corporation Router and routing method
US6330599B1 (en) * 1997-08-05 2001-12-11 Cisco Technology, Inc. Virtual interfaces with dynamic binding
US6067574A (en) * 1998-05-18 2000-05-23 Lucent Technologies Inc High speed routing using compressed tree process
US6625658B1 (en) * 1998-06-30 2003-09-23 Fujitsu Limited End equipment and router
US20070206494A1 (en) * 1999-05-19 2007-09-06 Cisco Technology, Inc. Tunnel Reroute
US6615273B1 (en) * 2000-01-20 2003-09-02 Lucent Technologies Inc. Method for performing enhanced target identifier (TID) address resolution
US20010014892A1 (en) * 2000-02-02 2001-08-16 Gaither Blaine D. Method and apparatus for transating virtual path file access operations to physical file path access
US20020051427A1 (en) * 2000-09-21 2002-05-02 Avici Systems, Inc. Switched interconnection network with increased bandwidth and port count
US20030033394A1 (en) * 2001-03-21 2003-02-13 Stine John A. Access and routing protocol for ad hoc network using synchronous collision resolution and node state dissemination
US7184421B1 (en) * 2001-12-21 2007-02-27 Itt Manufacturing Enterprises, Inc. Method and apparatus for on demand multicast and unicast using controlled flood multicast communications
US7177295B1 (en) * 2002-03-08 2007-02-13 Scientific Research Corporation Wireless routing protocol for ad-hoc networks
US6744774B2 (en) * 2002-06-27 2004-06-01 Nokia, Inc. Dynamic routing over secure networks

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8737406B1 (en) * 2002-08-01 2014-05-27 Cisco Technology, Inc. Method for transmitting IP routes to prioritize convergence
US7715364B2 (en) * 2003-02-26 2010-05-11 Siemens Aktiengesellschaft Data sink/data source, data transmission device and data terminal device for a circuit-switched and packet-switched network
US9130781B2 (en) 2003-02-26 2015-09-08 Siemens Aktiengesellschaft Data sink/data source, data transmission device and data terminal device for a circuit-switched and packet-switched network
US20050226217A1 (en) * 2003-02-26 2005-10-13 Gunter Logemann Data sink/data source, data transmission device and data terminal device for a circuit-switched and packet-switched network
US20100157992A1 (en) * 2003-02-26 2010-06-24 Gunter Logemann Data sin/data source, data transmission device and data terminal device for a circuit-switched and packet-switched network
US20060126495A1 (en) * 2004-12-01 2006-06-15 Guichard James N System and methods for detecting network failure
US20060198321A1 (en) * 2005-03-04 2006-09-07 Nadeau Thomas D System and methods for network reachability detection
US7990888B2 (en) 2005-03-04 2011-08-02 Cisco Technology, Inc. System and methods for network reachability detection
WO2006102398A3 (en) * 2005-03-22 2007-11-22 Cisco Tech Inc System and methods for identifying network path performance
US20060215577A1 (en) * 2005-03-22 2006-09-28 Guichard James N System and methods for identifying network path performance
US7778248B2 (en) * 2005-10-28 2010-08-17 Cisco Technology, Inc. Method and apparatus for prioritized processing of routing information
US20070097973A1 (en) * 2005-10-28 2007-05-03 John Scudder Method and apparatus for prioritized processing of routing information
US7983174B1 (en) 2005-12-19 2011-07-19 Cisco Technology, Inc. Method and apparatus for diagnosing a fault in a network path
US7912934B1 (en) 2006-01-09 2011-03-22 Cisco Technology, Inc. Methods and apparatus for scheduling network probes
US20070276958A1 (en) * 2006-05-26 2007-11-29 International Business Machines Corporation System, method and program for encryption during routing
US7877506B2 (en) 2006-05-26 2011-01-25 International Business Machines Corporation System, method and program for encryption during routing
US20090003223A1 (en) * 2007-06-29 2009-01-01 Mccallum Gavin Discovering configured tunnels between nodes on a path in a data communications network
US8111627B2 (en) 2007-06-29 2012-02-07 Cisco Technology, Inc. Discovering configured tunnels between nodes on a path in a data communications network
US20100169157A1 (en) * 2008-12-30 2010-07-01 Nokia Corporation Methods, apparatuses, and computer program products for providing targeted advertising
US20120076150A1 (en) * 2010-09-23 2012-03-29 Radia Perlman Controlled interconnection of networks using virtual nodes
US8908526B2 (en) * 2010-09-23 2014-12-09 Intel Corporation Controlled interconnection of networks using virtual nodes
KR101152752B1 (en) 2010-10-22 2012-06-18 한국과학기술원 Method for delivery of messages between intermediate nodes

Also Published As

Publication number Publication date
AU2003240207A1 (en) 2004-01-19
WO2004004239A1 (en) 2004-01-08
DE60321791D1 (en) 2008-08-07
US6744774B2 (en) 2004-06-01
US20040001497A1 (en) 2004-01-01
EP1516460A1 (en) 2005-03-23
EP1516460B1 (en) 2008-06-25
EP1516460A4 (en) 2007-02-28

Similar Documents

Publication Publication Date Title
US20040210892A1 (en) Dynamic routing on networks
US10218610B2 (en) MPLS segment routing
US10178022B2 (en) Segment routing using a remote forwarding adjacency identifier
US10164838B2 (en) Seamless segment routing
US11431633B2 (en) Label forwarding entry generation method and apparatus, packet sending method and apparatus, and device
US7957306B2 (en) Providing reachability information in a routing domain of an external destination address in a data communications network
US20220052945A1 (en) Transmission control method, node, network system and storage medium
US7564803B1 (en) Point to multi-point label switched paths with label distribution protocol
US8098663B2 (en) Carrier's carrier without customer-edge-to-customer-edge border gateway protocol
US7813265B2 (en) Backup BGP paths for non-multipath BGP fast convergence
US7639688B2 (en) Automatic protection of an SP infrastructure against exterior traffic
US10742599B2 (en) Conflict resolution in segment routing
US11743166B2 (en) Provisioning non-colored segment routing label switched paths via segment routing policies in border gateway protocol
US20070008949A1 (en) Method for automatic route aggregation in a communication system
US20110051738A1 (en) Method, system and device for maintaining routes
US7965642B2 (en) Computing path information to a destination node in a data communication network
US8279881B2 (en) Method and system for route updating
WO2009111959A1 (en) Method and device for route installation and distribution
US7821970B2 (en) Protection of transit links in a network
EP3754914B1 (en) Class-based traffic engineering in an ip network
KR102245989B1 (en) Redundancy Administrating Method for a Virtual Private Network and Network Switching Apparatus with the method implemented on it
WO2017198131A1 (en) Method and system for redirecting data stream, and network device and control device
US20080186978A1 (en) Method and Independent Communications Subnet for Determining Label-Switched Routes a Communications Subnet of this Type
WO2021254173A1 (en) Routing processing method and related device
KR101022532B1 (en) Method for routing paket in wireless communication system

Legal Events

Date Code Title Description
AS Assignment

Owner name: NOKIA, INC., TEXAS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SHARMA, ATUL;REEL/FRAME:014838/0584

Effective date: 20031218

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION

AS Assignment

Owner name: CHECK POINT SOFTWARE TECHNOLOGIES INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:NOKIA, INC.;REEL/FRAME:023133/0973

Effective date: 20090421