摘要:
Techniques for determining a problem location or otherwise characterizing a network comprising a plurality of processing elements, including at least one processing element associated with performance of a packet encapsulation operation of an encapsulation protocol. The packet encapsulation operation is performed on a test packet to generate an encapsulated packet, the test packet having a time to live (TTL) value and an identifier. In conjunction with performance of the packet encapsulation operation, the TTL value and the identifier of the test packet are copied to a header of the encapsulated packet. The encapsulated packet is transmitted, and a determination is made as to whether a reply packet has been received responsive to transmission of the encapsulated packet. The reply packet, if any, is processed to obtain information utilizable in determining the problem location or otherwise characterizing the network. By way of example, these operations may be repeated, for subsequent test packets with increasing TTL values, until an amount of router hop information sufficient to determine the problem location is obtained.
摘要:
The present invention provides a method and an apparatus for establishing a virtual private network that operates over a public data network. One embodiment of the present invention includes a system that selects a plurality of entities coupled to the public data network to include in the virtual private network. The system next assembles a plurality of identifiers for the plurality of entities. These identifiers are used to identify communications between the plurality of entities, so that these communications can be transferred securely over the public data network. A variation on this embodiment includes defining encryption, authentication and compression parameters for the virtual private network. In another variation, selecting the plurality of entities includes, assembling entities coupled to the public data network into groups, and selecting groups of entities to include in the virtual private network. Another variation includes defining access control rules specifying types of communications that are allowed to pass through virtual private network units. These virtual private network units are typically used to couple local area networks to the public network so that secure communications on the public network pass through the virtual private network units. Yet another variation on this embodiment includes defining address translation rules for virtual private network units coupled to the public data network. These address translation rules are used to translate local network addresses to public network addresses.
摘要:
One embodiment of the present invention provides a computer system with a plurality of storage memories, each storage memory storing an operating system program, and an identifier for identifying a storage memory containing an operating system program to be loaded when the unit is booted. The identifier is selectively switchable between storage memories so that the computer system may be selectively booted with an alternate operating system program. This facilitates loading a new version of an operating system, and then rapidly switching back to an old version of the operating system if the new version fails to function properly.
摘要:
A linearly actuated lightbar system elevates an emergency lightbar several feet above the cab or other highest point of a vehicle to provide the earliest possible notification to other drivers as to the presence of a service or emergency vehicle, and to the possible existence of a dangerous situation that requires other drivers to slow down and be more attentive. By raising the lightbar well-above the cab of the vehicle, conditions such as obstructions and topographic characteristics can be overcome that might otherwise delay such notification. The lightbar can then be lowered back to a more typical height for safe travel once the vehicle is ready to leave. A linear actuator is provided to raise and lower the lightbar that can be hydraulic, pneumatic, or mechanical. The system can be coupled to a frame for rigidly coupling the system to the bed, or other stable structure of the vehicle.
摘要:
A network gateway is disclosed, wherein for a received communication, the gateway determines a network component to which information for the communication is routed based upon one or more of: (a) a characterization of the source of the communication, (b) a characterization of non-address data in the communication, and (c) services applied to the communication by the gateway. The characterization of the communication source can be related to a perceived risk that the communication may be illicitly compromised or may cause a malfunction in a network component. The characterization of non-address data identifies a use of the communication, or service to be applied to the communication prior to reaching its destination, or a security feature (or lack thereof) of the communication. The services applied by the gateway are generally generic services for facilitating appropriate non-malicious communications, e.g., such services can be for a firewall, secure communications (virtual private network), FTP communications, voice over IP, email, and general Internet communications.