-
公开(公告)号:US06842462B1
公开(公告)日:2005-01-11
申请号:US09466485
申请日:1999-12-17
申请人: Ramachandran Ramjee , Thomas F. La Porta , Kannan Varadhan , Luca Salgarelli , Mark Haner , Arun Narayan Netravali , Gerard Terence Foster
发明人: Ramachandran Ramjee , Thomas F. La Porta , Kannan Varadhan , Luca Salgarelli , Mark Haner , Arun Narayan Netravali , Gerard Terence Foster
CPC分类号: H04L63/0823 , H04L63/0428 , H04L69/08 , H04W8/26 , H04W12/06 , H04W40/02 , H04W76/20 , H04W80/04 , H04W92/02
摘要: A General Packet Radio Service (GPRS) Accessed Extended Mobile Internet Protocol (EMIP) [G-EMIP] network is provided for wireless mobile device access to external packet data networks. Domains are defined to incorporate a subnet of standard GPRS and EMIP network entities accessed through a Domain Router. Packet access at the radio interface is provided using the base station portion of a GPRS network. Wireless link specific processing is relegated to this potion of the G-EMIP network. EMIP is utilized as a backbone network to provide mobility and service management and interconnection to external networks. A GPRS-IP Interworking entity (GII) interworks IP and GPRS protocols between GPRS and IP addressable network entities (i.e., translates messages of each protocol to corresponding messages of the other protocol). Mobility-related functionality is handled at the IP (network) layer. Mobile IP is used to support the macro-mobility and Handoff-Aware Wireless Access Internet Infrastructure (HAWAII) is used to support micro-mobility and paging. The Domain Router provides packet service management and interacts with a Home Location Register/Authentication Center, which provides GRPS registration, authentication and encryption.
摘要翻译: 通用分组无线业务(GPRS)接入扩展移动因特网协议(EMIP)[G-EMIP]网络用于无线移动设备接入外部分组数据网络。 域被定义为包含通过域路由器访问的标准GPRS和EMIP网络实体的子网。 使用GPRS网络的基站部分提供在无线电接口处的分组接入。 无线链路特定处理被归入G-EMIP网络的这一药水。 EMIP被用作骨干网络,以提供移动性和服务管理以及与外部网络的互连。 GPRS-IP互通实体(GII)在GPRS和IP可寻址网络实体之间互通IP和GPRS协议(即,将每个协议的消息转换为另一协议的相应消息)。 移动性相关功能在IP(网络)层处理。 移动IP用于支持宏移动性和Handoff-Aware无线接入互联网基础架构(HAWAII)用于支持微移动和分页。 域路由器提供数据包服务管理,并与归属位置寄存器/认证中心交互,该中心提供GRPS注册,认证和加密。
-
公开(公告)号:US07554967B1
公开(公告)日:2009-06-30
申请号:US09662531
申请日:2000-09-15
IPC分类号: H04L12/28
摘要: Portable and/or mobile IP hosts desiring to connect to the Internet can dynamically acquire a home address and other configuration information through DHCP when powering up in a foreign network. A two-stage configuration procedure is used. First, the mobile host uses the M-IP protocol to establish contact with an addressing element, referred to as a bootstrapping agent, that is usually co-located with a M-IP Home Agent, and that allocates a temporary home address for the mobile host. The temporary address is used to create a temporary tunnel. Second, this temporary tunnel is used as the communication vehicle over which standard DHCP transactions take place. The present invention is thus arranged to use a) M-IP as the signaling mechanism for reaching the home network and dynamically allocating a temporary home address for the mobile host; and b) DHCP to allocate a permanent home address and any other configuration state for the mobile host.
摘要翻译: 希望连接到互联网的便携式和/或移动IP主机可以在外部网络中上电时通过DHCP动态获取家庭地址和其他配置信息。 使用两阶段配置步骤。 首先,移动主机使用M-IP协议与通常与M-IP归属代理共同定位的寻址元素(称为引导代理)建立联系,并且为移动终端分配临时归属地址 主办。 临时地址用于创建临时隧道。 第二,这个临时隧道被用作通过标准DHCP交易发生的通信工具。 因此,本发明被设计为使用a)M-IP作为到达家庭网络的信令机制,并为移动主机动态分配临时家庭地址; 和b)DHCP为移动主机分配永久家庭住址和任何其他配置状态。
-
公开(公告)号:US06654359B1
公开(公告)日:2003-11-25
申请号:US09210072
申请日:1998-12-11
申请人: Thomas F. La Porta , Kazutaka Murakami , Ramachandran Ramjee , Sandra R. Thuel , Kannan Varadhan
发明人: Thomas F. La Porta , Kazutaka Murakami , Ramachandran Ramjee , Sandra R. Thuel , Kannan Varadhan
IPC分类号: H04J1228
CPC分类号: H04L61/2015 , H04L29/12216 , H04L29/12301 , H04L29/12311 , H04L29/12801 , H04L61/2076 , H04L61/2084 , H04L61/6004 , H04W40/248 , H04W40/28 , H04W40/36 , H04W80/04 , H04W88/005
摘要: Domains are defined to incorporate a subnet including a plurality of base stations and routers. Base stations are used by mobile devices to attach to the wired portion of a packet-based network, such as the Internet, and exchange packets thereover with a correspondent node. Local mobility between domain base stations is provided by including and updating routing table entries at domain routers and base stations for forwarding packets having a mobile device's address as a destination address to the mobile device. Packets are delivered to the mobile device regardless of the domain base station to which the mobile device is attached. When a mobile device is attached to a base station included within a foreign domain, a care-of address is assigned, and packets are tunneled for delivery of packets to the mobile device. Only one care-of address is required per mobile device per foreign domain. Routing table entries used for packet delivery are updated on a purely local subnet basis within domains, whether home domain or foreign domain, making handoffs between base stations substantially transparent to the home agent and the correspondent node.
摘要翻译: 域被定义为并入包括多个基站和路由器的子网。 移动设备使用基站来附加到诸如因特网的基于分组的网络的有线部分,并且与对应节点交换分组。 通过在域路由器和基站处包括和更新路由表条目来提供域基站之间的本地移动,用于将具有移动设备地址的分组转发到移动设备。 无论移动设备连接到的域基站如何,都将数据包传送到移动设备。 当移动设备附接到包含在外部域中的基站时,分配转交地址,并且分组被隧道传送到移动设备的分组。 每个移动设备每个外国域只需要一个转交地址。 用于分组传递的路由表条目在域内纯属于本地子网进行更新,无论是归属域还是外部域,使基站之间的切换对归属代理和通信节点基本上是透明的。
-
4.发明授权Packet tunneling optimization to wireless devices accessing packet-based wired networks 有权分组隧道优化到接入基于分组的有线网络的无线设备公开(公告)号:US06496505B2
公开(公告)日:2002-12-17
申请号:US09210487
申请日:1998-12-11
IPC分类号: H04L1228
摘要: A tunneling optimization is described in which packets are forwarded from a home agent to a mobile device by co-locating a foreign agent corresponding to a mobile device at the mobile device. When a mobile device acquires a new foreign agent, the mobile device notifies the home agent as to the corresponding foreign agent address. A packet received at the home agent having the mobile device as a packet header destination address is parsed and the foreign agent address is substituted for the mobile device address, and the packet is forwarded to the foreign agent. The foreign agent, upon receiving the packet, removes the foreign agent address and replaces the mobile device address as the packet header destination address. The packet is then forwarded to the mobile device.
摘要翻译: 描述了隧道优化,其中通过在移动设备处共同定位对应于移动设备的外部代理,将分组从归属代理转发到移动设备。 当移动设备获取新的外部代理时,移动设备通知归属代理关于相应的外部代理地址。 解析在归属代理处接收到的具有移动设备作为分组报头目的地地址的分组,并且将外部代理地址替换为移动设备地址,并将分组转发给外部代理。 外部代理在接收到分组后,移除外部代理地址,并将移动设备地址替换为分组头目的地址。 然后将数据包转发到移动设备。
-
5.发明授权Single phase local mobility scheme for wireless access to packet-based networks 失效用于无线接入基于分组的网络的单相本地移动性方案公开(公告)号:US07239618B1
公开(公告)日:2007-07-03
申请号:US09210213
申请日:1998-12-11
申请人: Thomas F. La Porta , Kazutaka Murakami , Ramachandran Ramjee , Sandra R. Thuel , Kannan Varadhan
发明人: Thomas F. La Porta , Kazutaka Murakami , Ramachandran Ramjee , Sandra R. Thuel , Kannan Varadhan
IPC分类号: H04Q7/00
CPC分类号: H04L61/2015 , H04L29/06 , H04L29/12018 , H04L29/12216 , H04L29/12301 , H04L29/12311 , H04L29/12801 , H04L61/10 , H04L61/2076 , H04L61/2084 , H04L61/6004 , H04W8/087 , H04W36/04 , H04W80/04
摘要: Local mobility within a subnet is supported by classifying wireless base stations, and the routers used to forward packets to those base stations, within defined domains. Domains are defined to incorporate a subnet having a plurality of base stations. Base stations are used by mobile devices to attach to the wired portion of a packet-based network, such as the Internet, and exchange packets thereover with a correspondent node. Packets sent from the correspondent node to the mobile device have a packet destination address corresponding to the mobile device. The mobile device retains this address for the duration of time it is powered up and attached to the Internet via any base station within a given domain. Host-based routing is utilized to update routing table entries corresponding to the mobile device at routers incorporated within a single domain. The routing table entries are established and updated via path setup schemes to convey packets destined for the mobile device along the proper established path through the domain routers and base stations, regardless of the domain base station through which the mobile device is attached. Path setup schemes utilize power up, refresh, and handoff path setup messages to maintain the proper relationship between router interfaces and packet addresses for routing table entries.
摘要翻译: 通过对无线基站进行分类来支持子网内的本地移动性,并且用于将数据包转发到定义域内的那些基站的路由器。 域定义为包含具有多个基站的子网。 移动设备使用基站来附加到诸如因特网的基于分组的网络的有线部分,并且与对应节点交换分组。 从通信节点发送到移动设备的分组具有对应于移动设备的分组目的地地址。 移动设备在其被加电并且经由给定域内的任何基站连接到因特网的时间内保留该地址。 基于主机的路由用于在单个域内的路由器上更新与移动设备相对应的路由表条目。 通过路径设置方案建立和更新路由表条目,以便通过域路由器和基站传送去往移动设备的分组沿着适当的建立路径,而不管移动设备通过哪个域基站。 路径设置方案利用上电,刷新和切换路径建立消息来维护路由器接口和路由表条目的包地址之间的适当关系。
-
6.发明授权Two phase local mobility scheme for wireless access to packet based networks 有权用于无线接入基于分组的网络的两相本地移动性方案公开(公告)号:US06763007B1
公开(公告)日:2004-07-13
申请号:US09209705
申请日:1998-12-11
申请人: Thomas F. La Porta , Kazutaka Murakami , Ramachandran Ramjee , Sandra R. Thuel , Kannan Varadhan
发明人: Thomas F. La Porta , Kazutaka Murakami , Ramachandran Ramjee , Sandra R. Thuel , Kannan Varadhan
IPC分类号: H04Q700
摘要: Local mobility within a subnet is supported by classifying wireless base stations, and the routers used to forward packets to those base stations, within defined domains. Domains are defined to incorporate a subnet having a plurality of base stations. Base stations are used by mobile devices to attach to the wired portion of a packet-based network, such as the Internet, and exchange packets thereover with a correspondent node. Packets sent from the correspondent node to the mobile device have a packet destination address corresponding to the mobile device. The mobile device retains this address for the duration of time it is powered up and attached to the Internet via any base station within a given domain. Host-based routing is utilized to update routing table entries corresponding to the mobile device at routers incorporated within a single domain. The routing table entries are established and updated via path setup schemes to convey packets destined for the mobile device along the proper established path through the domain routers and base stations, regardless of the domain base station through which the mobile device is attached. Path setup schemes utilize power up, refresh, and handoff path setup messages to maintain the proper relationship between router interfaces and packet addresses for routing table entries.
摘要翻译: 通过对无线基站进行分类来支持子网内的本地移动性,并且用于将数据包转发到定义域内的那些基站的路由器。 域定义为包含具有多个基站的子网。 移动设备使用基站来附加到诸如因特网的基于分组的网络的有线部分,并且与对应节点交换分组。 从通信节点发送到移动设备的分组具有对应于移动设备的分组目的地地址。 移动设备在其被加电并且经由给定域内的任何基站连接到因特网的时间内保留该地址。 基于主机的路由用于在单个域内的路由器上更新与移动设备相对应的路由表条目。 通过路径设置方案建立和更新路由表条目,以便通过域路由器和基站传送去往移动设备的分组沿着适当的建立路径,而不管移动设备通过哪个域基站。 路径设置方案利用上电,刷新和切换路径建立消息来维护路由器接口和路由表条目的包地址之间的适当关系。
-
公开(公告)号:US08949444B1
公开(公告)日:2015-02-03
申请号:US12502808
申请日:2009-07-14
申请人: Qingming Ma , Kannan Varadhan , Rohini Kasturi
发明人: Qingming Ma , Kannan Varadhan , Rohini Kasturi
IPC分类号: G06F15/16
CPC分类号: H04L65/105 , H04L12/2858 , H04L47/10 , H04L47/22 , H04L47/27 , H04L47/283
摘要: A method includes a proxy device receiving from a source device a request to establish a flow to a destination device; generating, based on the request, a meta-packet that indicates that the flow to the destination device is to be proxied; determining whether a pre-established flow connecting the proxy device to another proxy device that leads toward the destination device exists; sending the meta-packet on the pre-established flow, when it is determined that the pre-established flow exists; receiving by the other proxy device, the meta-packet, and establishing the flow to the destination device based on the meta-packet, where the proxy devices assign one or more of a source address, a source port, a destination address, or a destination port, associated with the source device and the destination device, to the pre-established flow.
摘要翻译: 一种方法包括代理设备从源设备接收建立到目的地设备的流的请求; 基于所述请求生成表示到目的地设备的流的代理的元数据包; 确定是否存在将代理设备连接到通向目的地设备的另一个代理设备的预先建立的流程; 当确定预先建立的流程存在时,在预先建立的流程上发送元数据包; 由所述其他代理设备接收所述元数据包,以及基于所述元数据包建立到所述目的地设备的流,其中所述代理设备分配源地址,源端口,目的地地址或者源地址中的一个或多个 与源设备和目标设备相关联的目标端口连接到预先建立的流。
-
公开(公告)号:US08307422B2
公开(公告)日:2012-11-06
申请号:US12271605
申请日:2008-11-14
IPC分类号: G06F15/16
CPC分类号: H04L63/0272 , H04L12/4633 , H04L12/4641 , H04L45/04 , H04L45/50 , H04L45/60 , H04L63/0227
摘要: An MPLS-aware firewall allows firewall security policies to be applied to MPLS traffic. The firewall, which may be integrated within a routing device, can be configured into multiple virtual security systems. The routing device provides a user interface by which a user specifies one or more zones to be recognized by the integrated firewall when applying stateful firewall services to the packets. The user interface allows the user to define different zones and policies for different ones of the virtual security systems. In addition, the user interface supports a syntax that allows the user to define the zones for the firewall by specifying the customer VPNs as interfaces associated with the zones. The routing device generates mapping information for the integrated firewall to map the customer VPNs to specific MPLS labels for the MPLS tunnels carrying the customer's traffic.
摘要翻译: 支持MPLS的防火墙允许将防火墙安全策略应用于MPLS流量。 可以集成在路由设备中的防火墙可以被配置成多个虚拟安全系统。 路由设备提供用户界面,当用户界面向应用状态的防火墙服务应用时,用户指定一个或多个被集成防火墙识别的区域。 用户界面允许用户为不同的虚拟安全系统定义不同的区域和策略。 此外,用户界面支持语法,允许用户通过将客户VPN指定为与区域相关联的接口来定义防火墙的区域。 路由设备生成集成防火墙的映射信息,将客户VPN映射到承载客户流量的MPLS隧道的特定MPLS标签。
-
公开(公告)号:US20100043068A1
公开(公告)日:2010-02-18
申请号:US12271605
申请日:2008-11-14
CPC分类号: H04L63/0272 , H04L12/4633 , H04L12/4641 , H04L45/04 , H04L45/50 , H04L45/60 , H04L63/0227
摘要: An MPLS-aware firewall allows firewall security policies to be applied to MPLS traffic. The firewall, which may be integrated within a routing device, can be configured into multiple virtual security systems. The routing device provides a user interface by which a user specifies one or more zones to be recognized by the integrated firewall when applying stateful firewall services to the packets. The user interface allows the user to define different zones and policies for different ones of the virtual security systems. In addition, the user interface supports a syntax that allows the user to define the zones for the firewall by specifying the customer VPNs as interfaces associated with the zones. The routing device generates mapping information for the integrated firewall to map the customer VPNs to specific MPLS labels for the MPLS tunnels carrying the customer's traffic.
摘要翻译: 支持MPLS的防火墙允许将防火墙安全策略应用于MPLS流量。 可以集成在路由设备中的防火墙可以被配置成多个虚拟安全系统。 路由设备提供用户界面,当用户界面向应用状态的防火墙服务应用时,用户指定一个或多个被集成防火墙识别的区域。 用户界面允许用户为不同的虚拟安全系统定义不同的区域和策略。 此外,用户界面支持语法,允许用户通过将客户VPN指定为与区域相关联的接口来定义防火墙的区域。 路由设备生成集成防火墙的映射信息,将客户VPN映射到承载客户流量的MPLS隧道的特定MPLS标签。
-
10.发明授权Routing device having integrated MPLS-aware firewall with virtual security system support 有权具有集成MPLS感知防火墙和虚拟安全系统支持的路由设备公开(公告)号:US08316435B1
公开(公告)日:2012-11-20
申请号:US12271585
申请日:2008-11-14
IPC分类号: H04L29/06
CPC分类号: H04L45/50 , H04L45/60 , H04L63/0254 , H04L63/0272
摘要: An MPLS-aware firewall allows firewall security policies to be applied to MPLS traffic. The firewall, which may be integrated within a routing device, can be configured into multiple virtual security systems. The routing device provides a user interface by which a user specifies one or more zones to be recognized by the integrated firewall when applying stateful firewall services to the packets. The user interface allows the user to define different zones and policies for different ones of the virtual security systems. In addition, the user interface supports a syntax that allows the user to define the zones for the firewall by specifying the customer VPNs as interfaces associated with the zones. The routing device generates mapping information for the integrated firewall to map the customer VPNs to specific MPLS labels for the MPLS tunnels carrying the customer's traffic.
摘要翻译: 支持MPLS的防火墙允许将防火墙安全策略应用于MPLS流量。 可以集成在路由设备中的防火墙可以被配置成多个虚拟安全系统。 路由设备提供用户界面,当用户界面向应用状态的防火墙服务应用时,用户指定一个或多个被集成防火墙识别的区域。 用户界面允许用户为不同的虚拟安全系统定义不同的区域和策略。 此外,用户界面支持语法,允许用户通过将客户VPN指定为与区域相关联的接口来定义防火墙的区域。 路由设备生成集成防火墙的映射信息,将客户VPN映射到承载客户流量的MPLS隧道的特定MPLS标签。
-
-
-
-
-
-
-
-
-
搜索结果
17 条记录 (耗时 0.049 秒)
