Virtual private networks and methods for their operation

Assignee

• Nortel Networks Limited · CA

Inventors

• Alan Hurren · Ottawa, CA
• Joseph M. Regan · Pleasanton, US
• Paul Bottorff · Palo Alto, US
• Mark Cobbold · Winchester, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L61/5069
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method and apparatus for providing a Virtual Private Network (VPN) over a connectionless network connecting a plurality of Local Area Networks (LANs), such as an Ethernet network, is disclosed. The method and apparatus comprises associated each VPN with a unique identifier and each LAN of the VPN with a interface device connecting the LAN to the connectionless network, which may be for example, a Synchronous Optical Network (SONET). The interface device may service a plurality of LANs. Accordingly, each LAN is associated with a User-Network Interface that forms part of the interface device. Each data packet destined for a second LAN, such Ethernet frames, received by the interface device for a first LAN is encapsulated with, if known, a Media Access Control (MAC) address of the interface device connected to the second LAN, the VPN's unique identifier, and the port on the interface device connected to the second LAN. Additionally, the corresponding MAC and port address of the first interface device is also used to encapsulate the Ethernet frames. If the MAC and port address is not known (i.e., it is not stored in a database on the first interface device), the first interface devic…