Establishing a private network using multi-uplink capable network devices

專利號(hào)

US11497067B2

公開日期

2022-11-08

申請(qǐng)人

Cisco Technology, Inc.（US CA San Jose）

發(fā)明人

Robert Tristan Shanks; Jignesh Devji Patel; Patrick Douglas Verkaik; Selahattin Daghan Altas; Joseph Morgan Aronow; Justin Delegard; Dylan Jason Koenig

IPC分類

H04W76/12; H04L9/40; H04W76/11; H04L61/256; H04L61/2592; H04L61/2517; H04L61/2514

技術(shù)領(lǐng)域

uplink,network,registry,device,peer,contact,in,point,uplinks,private

地域： CA CA San Jose

摘要

Various implementations disclosed herein include systems, methods and apparatuses of a first device, that obtain contact point information of a second device associated with the first device, as a peer device in a private network, where the contact point information of the second device includes one or more peer uplink identifiers and each respective peer uplink identifier corresponds to a respective peer device uplink of the second device. The systems, methods and apparatuses establish a first private network data tunnel from a first uplink of the first device to the second device, using the contact point information of the second device, and a first uplink identifier associated with the first uplink, and establish a second private network data tunnel from a second uplink of the first device to the second device, using the contact point information of the second device, and a second uplink identifier associated with the second uplink.

說明書

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59

RELATED APPLICATION

This application is a continuation of U.S. patent application Ser. No. 17/110,484, filed on Dec. 3, 2020, which in turn, is a continuation of U.S. patent application Ser. No. 15/984,243, filed on May 18, 2018, now U.S. Pat. No. 10,917,926, which in turn, is a continuation application of U.S. patent application Ser. No. 14/974,331, filed on Dec. 18, 2015, now U.S. Pat. No. 9,980,303, the contents of which are incorporated herein by reference in their entireties.

TECHNICAL FIELD

The present disclosure relates to communication networks, and in particular, to the establishment of private network data tunnels between networking devices.

BACKGROUND

As a business organization grows and spreads out to geographically separated branch locations, the associated information technology (IT) network infrastructure often also changes. One aspect of changing IT network infrastructure is the desire to establish and maintain a secure private network associated with the business organization that is distributed geographically. In many cases, a private network between branch locations is established over public networks. One example of this networking technique is site-to-site virtual private network (VPN) deployment. To set up and maintain these private networks, various networking devices such as routers, switches and security appliances are utilized.

權(quán)利要求

What is claimed is:

1. A method comprising:at a first network device, including a memory, one or more processors and two or more communication ports:communicating with one or more remote hosts to obtain, at the first network device, contact point information of one or more other network devices, the one or more other network devices including at least a second device associated with the first network device as a peer device in a private network, wherein the contact point information of the second device includes one or more peer uplink identifiers, each respective peer uplink identifier corresponding to a respective peer device uplink of the second device;

establishing, from a first port of the first network device, a first private network data tunnel from a first uplink of the first network device to the second device, based on the contact point information of the second device and a first uplink identifier associated with the first uplink;

establishing, from a second port of the first network device, a second private network data tunnel from a second uplink of the first network device to the second device, based on the contact point information of the second device and a second uplink identifier associated with the second uplink, wherein the first and second private network data tunnels are concurrently active, wherein the first private network data tunnel is associated with a first link type and the second private network data tunnel is associated with a second link type different from the first link type, and wherein the first link type is a public network connection and the second link type is an MPLS link; and

selectively routing data from the first network device to the second device across the first private network data tunnel from the first uplink to the second device and the second private network data tunnel from the second uplink to the second device, the first uplink being a different uplink than the second uplink.

2. The method of claim 1, wherein the contact point information provided to the first network device depends on a role associated with the first network device in a network topology and one or more roles of the other network devices in the network topology.

3. The method of claim 2, wherein at least one role is a hub and at least another role is a spoke.

4. The method of claim 1, wherein selectively routing the data includes:routing a first portion of the data that satisfies a selection criterion via the first private network data tunnel; and

routing a second portion of the data that does not satisfy the selection criterion via the second private network data tunnel based on a routing criterion.

5. The method of claim 1, further comprising:forwarding network traffic destined for a third party destination over a public network.

6. The method of claim 1, wherein one of the remote hosts is a cloud-hosted management server.

7. The method of claim 6, wherein the cloud-hosted management server is operative to store and provide configuration information to the first and second network devices.

8. The method of claim 6, further comprising transmitting status information of the first network device to the cloud-hosted management server.

9. The method of claim 6, further comprising transmitting network traffic information from the first network device to the cloud-hosted management server.

10. A first network device comprising:a memory, one or more processors and two or more communication ports, the memory coupled to the one or more processors, the memory storing instructions which when executed by the one or more processors causes the first network device to:communicate with one or more remote hosts to obtain, at the first network device, contact point information of one or more other network devices, the one or more other network devices including at least a second device associated with the first network device as a peer device in a private network, wherein the contact point information of the second device includes one or more peer uplink identifiers, each respective peer uplink identifier corresponding to a respective peer device uplink of the second device;

establish, from a first port of the first network device, a first private network data tunnel from a first uplink of the first network device to the second device, based on the contact point information of the second device and a first uplink identifier associated with the first uplink;

establish, from a second port of the first network device, a second private network data tunnel from a second uplink of the first network device to the second device, based on the contact point information of the second device and a second uplink identifier associated with the second uplink, wherein the first and second private network data tunnels are concurrently active, wherein the first private network data tunnel is associated with a first link type and the second private network data tunnel is associated with a second link type different from the first link type, and wherein the first link type is a public network connection and the second link type is an MPLS link; and

selectively route data from the first network device to the second device across the first private network data tunnel from the first uplink to the second device and the second private network data tunnel from the second uplink to the second device, the first uplink being a different uplink than the second uplink.

11. The first network device of claim 10, wherein the contact point information provided to the first network device depends on a role associated with the first network device in a network topology and one or more roles of the other network devices in the network topology.

12. The first network device of claim 11, wherein at least one role is a hub and at least another role is a spoke.

13. The first network device of claim 10, wherein selectively routing the data includes:routing a first portion of the data that satisfies a selection criterion via the first private network data tunnel; and

routing a second portion of the data that does not satisfy the selection criterion via the second private network data tunnel based on a routing criterion.

14. The first network device of claim 10, wherein the instructions when executed by the one or more processors cause the first network to forward network traffic destined for a third party destination over a public network.

15. The first network device of claim 10, wherein one of the remote hosts is a cloud-hosted management server.

16. The first network device of claim 15, wherein the cloud-hosted management server is operative to store and provide configuration information to the first network device.

17. The first network device of claim 15, wherein the instructions which when executed by the one or more processors causes the first network device to transmit status information of the first network device to the cloud-hosted management server.

18. The first network device of claim 15, wherein the instructions when executed by the one or more processors cause the first network device to transmit network traffic information from the first network device to the cloud-hosted management server.

19. A method comprising:at a first network device, including a memory, one or more processors and two or more communication ports:communicating with one or more remote hosts to obtain, at the first network device, contact point information of one or more other network devices, the one or more other network devices including one or more second network devices corresponding to a network site associated with the first network device as peer devices in a private network, wherein the contact point information of the one or more second network devices includes two or more peer uplink identifiers, each respective peer uplink identifier corresponding to a respective peer device uplink of the one or more second network devices;

establishing, from a first port of the first network device, a first private network data tunnel from a first uplink of the first network device to one of the one or more second network devices, based on the contact point information of the one or more second network devices and a first uplink identifier associated with the first uplink;

establishing, from a second port of the first network device, a second private network data tunnel from a second uplink of the first network device to one of the one or more second network devices, based on the contact point information of the one or more second network devices and a second uplink identifier associated with the second uplink, wherein the first and second private network data tunnels are concurrently active, wherein the first private network data tunnel is associated with a first link type and the second private network data tunnel is associated with a second link type different from the first link type, and wherein the first link type is a public network connection and the second link type is an MPLS link; and

selectively routing data from the first network device to the one or more second network devices across the first private network data tunnel from the first uplink to the one of the one or more second network devices and the second private network data tunnel from the second uplink to the one of the one or more second network devices, the first uplink being a different uplink than the second uplink.

20. The method of claim 19, wherein the one or more second network devices corresponding to the network site comprise second and third network devices and wherein the network site is a hub in a hub-and-spoke network.

21. The method of claim 19, wherein the contact point information provided to the first network device depends on a role associated with the first network device in a network topology and one or more roles of the other network devices in the network topology.

22. The method of claim 21, wherein at least one role is a hub and at least another role is a spoke.

23. The method of claim 19, wherein selectively routing the data includes:routing a first portion of the data that satisfies a selection criterion via the first private network data tunnel; and

routing a second portion of the data that does not satisfy the selection criterion via the second private network data tunnel based on a routing criterion.

24. A first network device, comprising:a memory, one or more processors and two or more communication ports; the memory coupled to the one or more processors, the memory storing instructions which when executed by the one or more processors causes the first network device to:communicate with one or more remote hosts to obtain, at the first network device, contact point information of one or more other network devices, the one or more other network devices including one or more second network devices corresponding to a network site associated with the first network device as peer devices in a private network, wherein the contact point information of the one or more second network devices includes two or more peer uplink identifiers, each respective peer uplink identifier corresponding to a respective peer device uplink of the one or more second network devices;

establish, from a first port of the first network device, a first private network data tunnel from a first uplink of the first network device to one of the one or more second network devices, based on the contact point information of the one or more second network devices and a first uplink identifier associated with the first uplink;

establish, from a second port of the first network device, a second private network data tunnel from a second uplink of the first network device to one of the one or more second network devices, based on the contact point information of the one or more second network devices and a second uplink identifier associated with the second uplink, wherein the first and second private network data tunnels are concurrently active, wherein the first private network data tunnel is associated with a first link type and the second private network data tunnel is associated with a second link type different from the first link type, and wherein the first link type is a public network connection and the second link type is an MPLS link; and

selectively route data from the first network device to the one or more second network devices across the first private network data tunnel from the first uplink to the one of the one or more second network devices and the second private network data tunnel from the second uplink to the one of the one or more second network devices, the first uplink being a different uplink than the second uplink.

微信群二維碼

意見反饋

白丝美女被狂躁免费视频网站,500av导航大全精品,yw.193.cnc爆乳尤物未满,97se亚洲综合色区,аⅴ天堂中文在线网官网

Establishing a private network using multi-uplink capable network devices

摘要

說明書

權(quán)利要求

該功能需要專業(yè)版企業(yè)版VIP權(quán)限，您可以：

該功能需要專業(yè)版企業(yè)版VIP權(quán)限，您可以：