-
公开(公告)号:US10164822B2
公开(公告)日:2018-12-25
申请号:US15216499
申请日:2016-07-21
申请人: FatPipe, Inc.
摘要: Failover controllers help maintain user-perceived continuous connectivity for users of a geographically dispersed flat network when part of that network becomes unavailable, even though flat network packets are not WAN-routable. One such controller has local and remote flat network ports, at least one WAN port, and failover capability to WAN(s) utilizing encapsulation when the flat network is partially or fully unavailable. The failover procedure uses a packet origin table built automatically from incoming packets and from double-tunneled ARP requests. A monitor indicates whether the flat network is fully available (up) or not fully available (down). Controller software updates the packet origin table, and directs packets between ports depending on flatnet status, the packet origin table's content, and any packet handling enhancements such as load balancing, affinity enforcement, quality of service maintenance, packet traffic shaping, packet policy application, firewall operation, reverse firewall operation, encryption/decryption, and/or compression/decompression.
-
公开(公告)号:US20170126626A1
公开(公告)日:2017-05-04
申请号:US15338341
申请日:2016-10-29
申请人: FatPipe, Inc.
CPC分类号: H04L63/0272 , H04L61/2514 , H04L61/2521 , H04L63/0869 , H04L63/164
摘要: Instead of specifying actual transport layer IP addresses as a basis for a secure tunnel's security association, an approach described herein specifies virtual addresses. Then suitable network appliances intercept and modify packets in order to map between the virtual addresses and actual addresses. The virtual addresses satisfy IPsec or another authentication procedure that checks packets using the security association. The actual addresses are used by transport layer protocols. This overlay approach permits a session to failover from one network connection to another without requiring restoration of the session in a newly created secure tunnel after one of the network interfaces becomes unavailable, thereby obsoleting the security association based in part on the IP address of the now unavailable interface. This innovative approach also allows the use of parallel paths and the use of one-to-many or many-to-one path topologies, which would otherwise not be permitted.
-
公开(公告)号:US20160330070A1
公开(公告)日:2016-11-10
申请号:US15216499
申请日:2016-07-21
申请人: FatPipe, Inc.
IPC分类号: H04L12/24 , H04L29/12 , H04L12/803
CPC分类号: H04L41/0654 , H04L41/0659 , H04L47/125 , H04L61/103 , H04L61/2592 , H04L63/0428
摘要: Failover controllers help maintain user-perceived continuous connectivity for users of a geographically dispersed flat network when part of that network becomes unavailable, even though flat network packets are not WAN-routable. One such controller has local and remote flat network ports, at least one WAN port, and failover capability to WAN(s) utilizing encapsulation when the flat network is partially or fully unavailable. The failover procedure uses a packet origin table built automatically from incoming packets and from double-tunneled ARP requests. A monitor indicates whether the flat network is fully available (up) or not fully available (down). Controller software updates the packet origin table, and directs packets between ports depending on flatnet status, the packet origin table's content, and any packet handling enhancements such as load balancing, affinity enforcement, quality of service maintenance, packet traffic shaping, packet policy application, firewall operation, reverse firewall operation, encryption/decryption, and/or compression/decompression.
摘要翻译: 故障转移控制器有助于在部分网络变得不可用时,维护用户感知到的地理上分散的平面网络的用户的连续连接,即使平坦的网络数据包不能WAN可路由。 一个这样的控制器具有本地和远程平面网络端口,至少一个WAN端口,以及当扁平网络部分或完全不可用时利用封装的WAN的故障切换能力。 故障切换过程使用从传入数据包和双隧道ARP请求自动构建的数据包原始表。 监视器指示扁平网络是否完全可用(向上)还是不完全可用(向下)。 控制器软件更新数据包原始表,并根据平面网络状态,数据包原始表的内容以及任何数据包处理增强功能,如负载平衡,亲和力强制,服务质量维护,数据包流量整形,数据包策略应用, 防火墙操作,反向防火墙操作,加密/解密和/或压缩/解压缩。
-
公开(公告)号:US10965649B2
公开(公告)日:2021-03-30
申请号:US15338341
申请日:2016-10-29
申请人: FatPipe, Inc.
IPC分类号: H04L29/06
摘要: Instead of specifying actual transport layer IP addresses as a basis for a secure tunnel's security association, an approach described herein specifies virtual addresses. Then suitable network appliances intercept and modify packets in order to map between the virtual addresses and actual addresses. The virtual addresses satisfy IPsec or another authentication procedure that checks packets using the security association. The actual addresses are used by transport layer protocols. This overlay approach permits a session to failover from one network connection to another without requiring restoration of the session in a newly created secure tunnel after one of the network interfaces becomes unavailable, thereby obsoleting the security association based in part on the IP address of the now unavailable interface. This innovative approach also allows the use of parallel paths and the use of one-to-many or many-to-one path topologies, which would otherwise not be permitted.
-
公开(公告)号:US10819536B1
公开(公告)日:2020-10-27
申请号:US16439555
申请日:2019-06-12
申请人: FatPipe, Inc.
IPC分类号: H04L12/46
摘要: Tools and technologies geographically extend local area networks by transparently inserting transmission of encapsulated local area network frames over wide area network connections. Some devices receive frames from a switch or other physically addressed device using layer 2 protocols, encapsulate them, and send them over a wide area network to a similar remote device which decapsulates the frames and forwards them using layer 2 protocols. Load balancing, quality of service, compression, encryption, and other packet processing may be performed on the encapsulated packets.
-
公开(公告)号:US10374830B1
公开(公告)日:2019-08-06
申请号:US15648734
申请日:2017-07-13
申请人: FatPipe, Inc.
IPC分类号: H04L12/46
摘要: Tools and technologies geographically extend local area networks by transparently inserting transmission of encapsulated local area network frames over wide area network connections. Some devices receive frames from a switch or other physically addressed device using layer 2 protocols, encapsulate them, and send them over a wide area network to a similar remote device which decapsulates the frames and forwards them using layer 2 protocols. Load balancing, quality of service, compression, encryption, and other packet processing may be performed on the encapsulated packets.
-
公开(公告)号:US08780811B1
公开(公告)日:2014-07-15
申请号:US14172708
申请日:2014-02-04
申请人: FatPipe, Inc.
CPC分类号: H04L41/0654 , H04L41/0659 , H04L47/125 , H04L61/103 , H04L61/2592 , H04L63/0428
摘要: Failover controllers help maintain user-perceived continuous connectivity for users of a geographically dispersed flat network when part of that network becomes unavailable, even though flat network packets are not WAN-routable. One such controller has local and remote flat network ports, at least one WAN port, and failover capability to WAN(s) utilizing encapsulation when the flat network is partially or fully unavailable. The failover procedure uses a packet origin table built automatically from incoming packets and from double-tunneled ARP requests. A monitor indicates whether the flat network is fully available (up) or not fully available (down). Controller software updates the packet origin table, and directs packets between ports depending on flatnet status, the packet origin table's content, and any packet handling enhancements such as load balancing, affinity enforcement, quality of service maintenance, packet traffic shaping, packet policy application, firewall operation, reverse firewall operation, encryption/decryption, and/or compression/decompression.
摘要翻译: 故障转移控制器有助于在部分网络变得不可用时,维护用户感知到的地理上分散的平面网络的用户的连续连接,即使平坦的网络数据包不能WAN可路由。 一个这样的控制器具有本地和远程平面网络端口,至少一个WAN端口,以及当扁平网络部分或完全不可用时利用封装的WAN的故障切换能力。 故障切换过程使用从传入数据包和双隧道ARP请求自动构建的数据包原始表。 监视器指示扁平网络是否完全可用(向上)还是不完全可用(向下)。 控制器软件更新数据包原始表,并根据平面网络状态,数据包原始表的内容以及任何数据包处理增强功能,如负载平衡,亲和力强制,服务质量维护,数据包流量整形,数据包策略应用, 防火墙操作,反向防火墙操作,加密/解密和/或压缩/解压缩。
-
-
-
-
-
-