Method and apparatus for learning endpoint addresses of IPSec VPN tunnels
US7907595B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 29, 2006 |
| Grant date | Mar 15, 2011 |
| Priority date | — |
| Expiry date | Jul 29, 2027 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/164
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Customer Edge (CE) network elements can automatically learn IPSec tunnel endpoints for other CEs connected to sites in a Virtual Private Network (VPN) so that manual configuration of IPSec tunnel endpoints is not required and so that a centralized database of IPSec tunnel endpoints is not required to be separately maintained. According to an embodiment of the invention, a BGP export route policy is set on all CEs, so that when they announce their VPN routes in the standard format, the application of this export route policy changes the announcement to replace the BGP peering point address that would ordinarily be advertised with the IPSec tunnel endpoint address. When any given site receives a VPN route update formatted in this manner, it processes the VPN route update and learns from the update the IPSec tunnel endpoint as well as the associated VPN routes.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.