公开(公告)号：US20170195233A1

公开(公告)日：2017-07-06

申请号：US15462951

申请日：2017-03-20

申请人： Patrick Ho Wai SUNG ,  Wan Chun LEUNG ,  Kam Chiu NG ,  Kit Wai CHAU

发明人： Patrick Ho Wai SUNG ,  Wan Chun LEUNG ,  Kit Wai CHAU ,  Kam Chiu NG

IPC分类号： H04L12/803 ,  H04L12/853 ,  H04L12/851 ,  H04L12/26

CPC分类号： H04L47/125 ,  H04L43/0811 ,  H04L43/0858 ,  H04L43/16 ,  H04L45/24 ,  H04L47/2416 ,  H04L47/2441 ,  H04L47/365

摘要： The present invention discloses a method carried out by a first communications device for determining performance of a plurality of connections and selecting at least one first connection from the plurality of connections substantially based on performance. Data packets are then transmitted through the at least one first connection. The plurality of connections are aggregated to form an aggregated connection. The determining of performance is performed by transmitting evaluation packets through the plurality of connections. The evaluation packets are based on data packets that are received by the first communication device but have not yet been transmitted through the aggregated connection. The data packets may be designated for a host or node reachable through the aggregated connection. Alternatively, the evaluation packets may be based on predefined information when there are no data packets to be transmitted through the aggregated connection. The performance may be determined periodically.

公开(公告)号：US20170111250A1

公开(公告)日：2017-04-20

申请号：US15389769

申请日：2016-12-23

申请人： Patrick Ho Wai SUNG ,  Kam Chiu NG ,  Alex Wing Hong CHAN ,  Kit Wai CHAU ,  Pismo Labs Technology Limited

发明人： Ho Ming CHAN ,  Patrick Ho Wai SUNG ,  Kam Chiu NG ,  Alex Wing Hong CHAN ,  Kit Wai CHAU

IPC分类号： H04L12/26 ,  H04L12/46 ,  H04L12/801

CPC分类号： H04L43/0829 ,  H04L12/4625 ,  H04L12/4633 ,  H04L12/4641 ,  H04L43/10 ,  H04L47/10 ,  H04L65/1069 ,  H04L65/1083 ,  H04L65/80

摘要： The present invention discloses methods and systems carried out at a network device for reducing network congestion by establishing an aggregated connection, wherein the aggregated connection comprise a plurality of virtual private network (VPN) tunnels. The system further comprises assigning default weights to the plurality of VPN tunnels along with transmitting and receiving data packets of a data session through the aggregated connection. When there is a missing data packet in the received data packets, the missing data packet is recreated based on a previous or a next data packet. Furthermore the present invention discloses methods and systems for determining whether a VPN tunnel from the plurality of VPN tunnels is experiencing an unacceptable packet drop rate. If it is seen that a VPN tunnel is experiencing an unacceptable packet drop rate, an effective weight of the at least one VPN tunnel is decreased in order to overcome the setback.

公开(公告)号：US20170195180A1

公开(公告)日：2017-07-06

申请号：US15389475

申请日：2016-12-23

申请人： Kam Chiu NG ,  Patrick Ho Wai SUNG ,  Kit Wai CHAU

发明人： Kam Chiu NG ,  Patrick Ho Wai SUNG ,  Kit Wai CHAU

IPC分类号： H04L12/24 ,  H04L12/26 ,  H04L12/709 ,  H04L12/46

CPC分类号： H04L41/0896 ,  H04L12/4633 ,  H04L12/4641 ,  H04L43/0882 ,  H04L45/245 ,  H04L47/41 ,  Y02D50/30

摘要： The present invention discloses methods and systems for managing VPN tunnels. A VPN concentrator establishes a first aggregated VPN connection and a second aggregated VPN connection with a first host and a first network device respectively. When the first aggregated VPN connection comprises a first plurality of VPN tunnels, the VPN concentrator applies uplink and downlink bandwidth limits to each of the plurality of VPN tunnels. Similarly, when the second aggregated VPN connection comprise a second plurality of VPN tunnels, the VPN concentrator applies uplink and downlink bandwidth limits to each of the plurality of VPN tunnels. The first host encapsulates a first data packet in a first encapsulating packet and transmits the first encapsulating packet to a VPN concentrator using a first aggregated VPN connection. When the VPN concentrator receives the first encapsulating packet, the VPN concentrator decapsulates the first data packet from the first encapsulating packet and encapsulates the first data packet in a second encapsulating packet. The VPN concentrator then transmits the second encapsulating packet to a first network device using a second aggregated VPN connection.

公开(公告)号：US20170272554A1

公开(公告)日：2017-09-21

申请号：US15613412

申请日：2017-06-05

申请人： Ying KWAN ,  Ho Cheung LAM ,  Wan Chun LEUNG ,  Kit Wai CHAU

发明人： Ying KWAN ,  Ho Cheung LAM ,  Wan Chun LEUNG ,  Kit Wai CHAU

IPC分类号： H04L29/06 ,  H04L12/64 ,  H04L29/12 ,  H04L12/46 ,  H04L12/26

CPC分类号： H04L69/22 ,  H04L12/413 ,  H04L12/417 ,  H04L12/4625 ,  H04L12/4633 ,  H04L12/4641 ,  H04L12/64 ,  H04L12/6418 ,  H04L43/028 ,  H04L43/045 ,  H04L43/106 ,  H04L43/18 ,  H04L47/2483 ,  H04L61/2514 ,  H04L61/2592 ,  H04L63/0227 ,  H04L63/0272

摘要： Methods and systems for transmitting data packets from a host to a destination via a virtual private network (VPN) connection at a VPN gateway. VPN gateway receives encapsulated packets via the VPN connection. The encapsulated packets encapsulate the data packets originated from the host. VPN gateway decapsulates the encapsulated packets to retrieve the data packets. VPN gateway determines whether the data packets originated from an IoT device based on IP address of the host. When the host is the IoT device, VPN gateway performs deep packet inspection (DPI) on the data packets. VPN gateway determines whether the data packets are allowed to be transmitted to the destination. When the data packets are allowed to be transmitted to the destination, VPN gateway transmits the data packets to the destination.

公开(公告)号：US20170359447A1

公开(公告)日：2017-12-14

申请号：US15180287

申请日：2016-06-13

申请人： Ho Ming CHAN ,  Sze Hon CHAN ,  Alex Wing Hong CHAN ,  Kit Wai CHAU

发明人： Ho Ming CHAN ,  Sze Hon CHAN ,  Alex Wing Hong CHAN ,  Kit Wai CHAU

IPC分类号： H04L29/06 ,  H04L12/733 ,  H04L29/12

摘要： A method and a system for creating Internet Protocol address based network policies (IPPs) by using domain name based network policies (DNNTPs) is disclosed. The DNNTPs are stored in a second device, and are used for enforcing IPPs at a first device. The first device retrieves one or more DNNTPs from the second device and monitors network traffic for Domain Name System (DNS) look-up reply. When a network device receives a record Domain Name System look-up reply, the network device identifies one or more Internet Protocol addresses of one or more host names specified in the address record Domain Name System look-up reply, then determine whether the one or more host names contain a domain name used in one or more DNNTPs and create one or more IPPs.

公开(公告)号：US20170250946A1

公开(公告)日：2017-08-31

申请号：US15594682

申请日：2017-05-15

申请人： Ho Ming CHAN ,  Min-Fu TSAI ,  Alex Wing Hong CHAN ,  Kit Wai CHAU

发明人： Ho Ming CHAN ,  Min-Fu TSAI ,  Alex Wing Hong CHAN ,  Kit Wai CHAU

IPC分类号： H04L29/12

CPC分类号： H04L61/1511 ,  H04L61/2015 ,  H04L67/1036

摘要： Methods and apparatus for processing DNS request in a gateway with WAN and LAN interfaces. The gateway receives a first DNS request from a host via the LAN interface. The gateway selects DNS servers according to predefined selection policies and selects access networks that are authorized to send new DNS requests. The new DNS requests and the first DNA request have the same content. The gateway transmits the new DNS requests to corresponding DNS sever of the selected access networks through the selected access networks and via the WAN interfaces that are connected to the selected access networks. The gateway then identifies valid DNS responses from DNS responses received from the corresponding DNS server. The gateway selects one of the identified valid DNS responses and generates a first new DNS response with the same content thereof. The gateway sends the first new DNS response to the host.