公开(公告)号：US20120137358A1

公开(公告)日：2012-05-31

申请号：US13369735

申请日：2012-02-09

Applicant: Changming LIU ,  Choung-Yaw SHIEH ,  Yonghui CHENG

Inventor： Changming LIU ,  Choung-Yaw SHIEH ,  Yonghui CHENG

IPC: H04L9/00 ,  G06F21/00

CPC classification number: H04L45/00 ,  H04L12/4633 ,  H04L29/06 ,  H04L63/0272 ,  H04L63/20

Abstract: A system establishes a virtual private network (VPN) tunnel to a destination and determines a next hop for the VPN tunnel. The system inserts the next hop, and an address associated with the destination, into an entry of a first table. The system inserts the next hop, and a tunnel identifier corresponding to the established VPN tunnel, into an entry of a second table. The system associates one or more security parameters, used to encrypt traffic sent via the VPN tunnel, with the tunnel identifier.

Abstract translation: 系统建立到目的地的虚拟专用网（VPN）隧道，并确定VPN隧道的下一跳。 系统将下一跳和与目的地相关联的地址插入到第一个表的条目中。 系统将下一跳和对应于已建立的VPN隧道的隧道标识符插入第二个表的条目。 该系统将用于加密经由VPN隧道发送的流量的一个或多个安全参数与隧道标识符相关联。

公开(公告)号：US07848335B1

公开(公告)日：2010-12-07

申请号：US11260839

申请日：2005-10-27

Applicant: Yong Kang ,  Changming Liu ,  Yonghui Cheng

Inventor： Yong Kang ,  Changming Liu ,  Yonghui Cheng

IPC: H04L12/28

CPC classification number: H04L63/0272 ,  H04L12/4633 ,  H04L12/4641 ,  H04L45/10 ,  H04L45/54 ,  H04L2212/00

Abstract: A virtual private network (VPN) tunnel is established that extends from a source spoke to a destination spoke in a hub-and-spoke enterprise network. Prior to establishing the VPN tunnel, packets are sent from the source spoke to the destination spoke through the hub network. In this manner, packets are not dropped while the VPN tunnel is being set up. The VPN tunnel is established by querying a server for the network address of a destination router in the destination spoke, then setting up the VPN tunnel using a secure communication protocol. An extension to the Internet Key Exchange (IKE) protocol is used to obtain the private network address of the destination router during setup of the VPN tunnel. A forwarding table is updated after the VPN tunnel is established to reroute the packets through the new VPN tunnel.

Abstract translation: 建立了一个虚拟专用网（VPN）隧道，该隧道从辐射源辐射到中心辐射企业网络中的目的地。 在建立VPN隧道之前，通过集线器网络将数据包从源辐条发送到目的地。 以这种方式，在VPN隧道建立时，数据包不会丢弃。 通过向服务器查询目的地分支中的目的地路由器的网络地址，然后使用安全通信协议设置VPN隧道来建立VPN隧道。 在VPN隧道建立过程中，使用Internet密钥交换协议（IKE）协议来扩展目的路由器的私有网络地址。 在建立VPN隧道后，通过新的VPN隧道重新路由数据包，更新转发表。

公开(公告)号：US07725925B2

公开(公告)日：2010-05-25

申请号：US10976311

申请日：2004-10-29

Applicant: Changming Liu ,  Gregory M. Lebovitz ,  Purvi Desai

Inventor： Changming Liu ,  Gregory M. Lebovitz ,  Purvi Desai

IPC: H04L9/00 ,  H04L9/32 ,  G06F7/04

CPC classification number: H04L12/185 ,  H04L45/04 ,  H04L45/16

Abstract: Systems, apparatus, methods, and computer program products for multicast access control are provided to analyze incoming data based on a source zone and a destination zone of the incoming data. Appropriate access control rules are applied to incoming data based on the results of the analysis. Additional implementations of a multicast access control include using a proxy rendezvous point operable to function as a rendezvous point in place of a physical rendezvous point.

Abstract translation: 提供用于组播访问控制的系统，装置，方法和计算机程序产品，用于基于输入数据的源区和目的地区来分析输入数据。 基于分析结果，对输入数据应用适当的访问控制规则。 多播访问控制的附加实现包括使用可操作以用作会合点的代理会合点来代替物理会合点。

公开(公告)号：US20090213730A1

公开(公告)日：2009-08-27

申请号：US12070863

申请日：2008-02-21

Applicant: Jianlin Zeng ,  Changming Liu

Inventor： Jianlin Zeng ,  Changming Liu

IPC: G01R31/08

CPC classification number: H04W24/04 ,  H04W88/10

Abstract: A method and corresponding system for providing for recovering from a failure of a wired link used for communication between the first access point and a wired network. The first access point has at least two radios including a first radio and a second radio each for providing a wireless communications link. The method including selectively configuring the radios in an access mode for enabling a communications path with a corresponding client node to enable each client node to have a communication path via the first access point to the wired network, wherein the first and second radios are enabled to be associated with a first and second client node, respectively. The method and system includes providing communications paths for the client nodes to the wired network in response to detection of loss of the wired link to the first access point by selectively reconfiguring the second radio to a backhaul mode.

Abstract translation: 一种用于提供从用于第一接入点和有线网络之间的通信的有线链路的故障中恢复的方法和对应系统。 第一接入点具有包括第一无线电和第二无线电的至少两个无线电装置，用于提供无线通信链路。 该方法包括以访问模式选择性地配置无线电，以便能够与对应的客户机节点通信路径，以使得每个客户端节点能够经由第一接入点到有线网络的通信路径，其中第一和第二无线电被使能到 分别与第一和第二客户端节点相关联。 所述方法和系统包括通过有选择地将第二无线电重新配置为回程模式来响应于检测到到第一接入点的有线链路的丢失而向有线网络提供用于客户端节点的通信路径。

公开(公告)号：US20080267116A1

公开(公告)日：2008-10-30

申请号：US11903443

申请日：2007-09-21

Applicant: Yong Kang ,  Changming Liu

Inventor： Yong Kang ,  Changming Liu

IPC: H04Q7/00

CPC classification number: H04W40/02 ,  H04L41/0893 ,  H04L45/00 ,  H04L45/02 ,  H04L45/18 ,  H04L45/20 ,  H04L45/22 ,  H04W4/06 ,  H04W40/24 ,  H04W40/246 ,  H04W40/30 ,  H04W40/36 ,  H04W84/005

Abstract: A method and system for selecting a route in a wireless network for the transmission of a data packet between wireless nodes in said network using a modified link-state routing algorithm wherein only a limited number of broadcast messages are generated to synchronize the link-state database throughout the wireless network. A subset of nodes called portal nodes within the network are elected to do the broadcasting for the entire network. Each portal node broadcasts an announcement of its identity to all of the wireless nodes. Each wireless node responds to these broadcasts to select one of the portal nodes as its root portal node. It then identifies a unicast route back to its root portal node, and sends a link-state register message to this portal node. These link-state register messages received by each portal node are aggregated by them and are broadcast to each of the wireless nodes for storage. When a data packet is thereafter received by a wireless node from a neighboring node, it detects if the data packet satisfies one of a plurality of predetermined conditions and rebroadcasts the data packet to neighboring wireless nodes if none of the conditions is satisfied.

Abstract translation: 一种用于在无线网络中选择用于在所述网络中的无线节点之间传输数据分组的路由的方法和系统，其使用修改的链路状态路由算法，其中仅生成有限数量的广播消息以同步链路状态数据库 在整个无线网络。 网络中称为门户节点的节点子集被选为整个网络的广播。 每个门户节点向所有无线节点广播其身份的公告。 每个无线节点响应这些广播以选择一个门户网站节点作为其根门户节点。 然后，将单播路由标识回其根端口节点，并向该门户节点发送链路状态注册消息。 由每个门户节点接收的这些链路状态寄存器消息被它们聚合，并被广播到每个无线节点用于存储。 当无线节点之后的数据分组从相邻节点接收时，如果没有条件满足，则检测数据分组是否满足多个预定条件中的一个，并将数据分组重新广播到相邻无线节点。

公开(公告)号：US08948046B2

公开(公告)日：2015-02-03

申请号：US11903443

申请日：2007-09-21

Applicant: Yong Kang ,  Changming Liu

Inventor： Yong Kang ,  Changming Liu

IPC: H04L12/28 ,  H04W40/24 ,  H04L12/705 ,  H04L12/701 ,  H04L12/733 ,  H04W4/06 ,  H04L12/751 ,  H04W40/02 ,  H04W40/36 ,  H04L12/707 ,  H04W84/00 ,  H04W40/30

CPC classification number: H04W40/02 ,  H04L41/0893 ,  H04L45/00 ,  H04L45/02 ,  H04L45/18 ,  H04L45/20 ,  H04L45/22 ,  H04W4/06 ,  H04W40/24 ,  H04W40/246 ,  H04W40/30 ,  H04W40/36 ,  H04W84/005

Abstract: A method and system for selecting a route in a wireless network for the transmission of a data packet between wireless nodes in said network using a modified link-state routing algorithm wherein only a limited number of broadcast messages are generated to synchronize the link-state database throughout the wireless network. A subset of nodes called portal nodes within the network are elected to do the broadcasting for the entire network. Each portal node broadcasts an announcement of its identity to all of the wireless nodes. Each wireless node responds to these broadcasts to select one of the portal nodes as its root portal node. It then identifies a unicast route back to its root portal node, and sends a link-state register message to this portal node. These link-state register messages received by each portal node are aggregated by them and are broadcast to each of the wireless nodes for storage. When a data packet is thereafter received by a wireless node from a neighboring node, it detects if the data packet satisfies one of a plurality of predetermined conditions and rebroadcasts the data packet to neighboring wireless nodes if none of the conditions is satisfied.

Abstract translation: 一种用于在无线网络中选择用于在所述网络中的无线节点之间传输数据分组的路由的方法和系统，其使用修改的链路状态路由算法，其中仅生成有限数量的广播消息以同步链路状态数据库 在整个无线网络。 网络中称为门户节点的节点子集被选为整个网络的广播。 每个门户节点向所有无线节点广播其身份的公告。 每个无线节点响应这些广播以选择一个门户网站节点作为其根门户节点。 然后，将单播路由标识回其根端口节点，并向该门户节点发送链路状态注册消息。 由每个门户节点接收的这些链路状态寄存器消息被它们聚合，并被广播到每个无线节点用于存储。 当无线节点之后的数据分组从相邻节点接收时，如果没有条件满足，则检测数据分组是否满足多个预定条件中的一个，并将数据分组重新广播到相邻无线节点。

公开(公告)号：US08407355B1

公开(公告)日：2013-03-26

申请号：US11428061

申请日：2006-06-30

Applicant: Xiaosong Yang ,  Lin Chen ,  Changming Liu

Inventor： Xiaosong Yang ,  Lin Chen ,  Changming Liu

IPC: G06F15/16 ,  G06F15/173 ,  G06F11/00 ,  H04L1/00

CPC classification number: H04L1/22

Abstract: A backup device detects that a session timer associated with a session in a session table of the backup network device has expired and ages out the session from the session table based on whether a first message has been sent to a master network device regarding the session and whether a second message has been received from the master network device regarding the session.

Abstract translation: 备份设备检测到与备用网络设备的会话表中的会话相关联的会话定时器是否已经过期，并且基于是否已经向主网络设备发送关于会话的第一消息已经从会话表中筛选出会话，并且 是否已经从主网络设备接收到关于会话的第二消息。

公开(公告)号：US20120281630A1

公开(公告)日：2012-11-08

申请号：US13528729

申请日：2012-06-20

Applicant: Changming Liu ,  Yong Kang ,  Jianlin Zeng ,  Sreekanth Reddy

Inventor： Changming Liu ,  Yong Kang ,  Jianlin Zeng ,  Sreekanth Reddy

IPC: H04W8/14

CPC classification number: H04W36/0011 ,  H04L12/4633 ,  H04L63/0876 ,  H04W8/005 ,  H04W8/02 ,  H04W8/087 ,  H04W8/18 ,  H04W8/26 ,  H04W12/04 ,  H04W28/08 ,  H04W36/0016 ,  H04W36/0061 ,  H04W36/0066 ,  H04W36/08 ,  H04W36/245 ,  H04W48/16 ,  H04W76/12 ,  H04W76/22 ,  H04W84/12 ,  H04W88/08

Abstract: Wireless access points detect neighboring wireless access points in different subnets. Upon connecting with a wireless client, a wireless access point determines predictive roaming information for the wireless client. Predictive roaming information identifies the wireless client; its home network subnet; and includes connection information associated with the wireless client. The wireless access point forwards the predictive roaming information associated with a wireless client to neighboring wireless access points while the wireless client is still connected with the wireless access point. Neighboring wireless access points store received predictive roaming information. Upon connecting with a wireless client, a neighboring wireless access point determines if the wireless client matches the stored predictive roaming information. If so, the neighboring wireless access point uses the predictive roaming information to quickly connect with the wireless client and to establish a tunnel to redirect network traffic associated with the wireless client through to its home subnet.

Abstract translation: 无线接入点检测不同子网中的相邻无线接入点。 当与无线客户端连接时，无线接入点确定无线客户端的预测漫游信息。 预测漫游信息标识无线客户端; 其家庭网络子网; 并且包括与无线客户端相关联的连接信息。 当无线客户端仍然与无线接入点连接时，无线接入点将与无线客户端相关联的预测漫游信息转发到相邻的无线接入点。 相邻的无线接入点存储接收到的预测漫游信息。 在与无线客户端连接时，相邻无线接入点确定无线客户端是否匹配所存储的预测漫游信息。 如果是这样，相邻的无线接入点使用预测漫游信息来与无线客户端快速连接并且建立隧道以将与无线客户端相关联的网络流量重定向到其归属子网。

公开(公告)号：US20120144191A1

公开(公告)日：2012-06-07

申请号：US13308254

申请日：2011-11-30

Applicant: Gregory M. Lebovitz ,  Changming Liu ,  Choung-Yaw Shieh

Inventor： Gregory M. Lebovitz ,  Changming Liu ,  Choung-Yaw Shieh

IPC: H04L29/06 ,  H04L12/56

CPC classification number: H04L63/065 ,  H04L12/185 ,  H04L12/4633 ,  H04L63/08

Abstract: A request to receive multicast data, associated with a multicast group, may be transmitted. The request may be transmitted via a tunnel. Group keys may be received in response to the request. The group keys may be based on the multicast group. An encapsulated packet may be received via another tunnel. The encapsulated packet may be processed, using the group keys, to obtain a multicast packet associated with the multicast data. The multicast packet may be forwarded to at least one multicast recipient.

Abstract translation: 可以发送与多播组相关联的接收组播数据的请求。 请求可以通过隧道传输。 可以响应于该请求而接收组密钥。 组密钥可以基于组播组。 封装的分组可以经由另一个隧道接收。 可以使用组密钥来处理封装的分组以获得与多播数据相关联的多播分组。 多播分组可以被转发到至少一个多播接收者。

公开(公告)号：US20100325486A1

公开(公告)日：2010-12-23

申请号：US12871702

申请日：2010-08-30

Applicant: Changming LIU ,  Xiaosong Yang ,  Lin Chen

Inventor： Changming LIU ,  Xiaosong Yang ,  Lin Chen

IPC: G06F11/07

CPC classification number: H04L45/00 ,  H04L43/0817 ,  H04L45/22 ,  H04L45/28

Abstract: A system includes a first network device and a second network device. The first network device includes a group of first logical portions and is configured to detect a problem with one of the first logical portions, and transmit a message identifying the one first logical portion. The second network device includes a group of second logical portions, where the group of second logical portions corresponds to the group of first logical portions. The second network device is configured to receive the message from the first network device, and activate the one second logical portion corresponding to the one first logical portion in response to receiving the message.

Abstract translation: 系统包括第一网络设备和第二网络设备。 第一网络设备包括一组第一逻辑部分，并且被配置为检测第一逻辑部分之一的问题，并且发送标识该第一逻辑部分的消息。 第二网络设备包括一组第二逻辑部分，其中第二逻辑部分组对应于第一逻辑部分的组。 第二网络设备被配置为从第一网络设备接收消息，并响应于接收到该消息而激活对应于该第一逻辑部分的一个第二逻辑部分。