Computer networks typically provide a physical interconnection between different computers to allow convenient exchange of programs and data. A plurality of connectivity devices, such as switches and routers, interconnect each user computer connected to such a network. The connectivity devices maintain routing information about the computers and other connectivity devices, and perform routing decisions concerning message traffic passed between the computers via the connectivity devices. Each connectivity device, or router, corresponds to a network routing prefix (prefix) indicative of the other computers which it has direct or indirect access to. Therefore, data routed from one computer to another follows a path through the network defined by the routers between the two computers. In this manner, the aggregation of routers in the network define a graph of interconnections between the various computers connected to the network.
In a graphical representation, therefore, such a network may be conceived as a graph of nodes between computers. The graph defines one or more paths between each of the computers connected to the network. The routers, therefore, define nodes in a network, and data travels between the nodes in a series of so-called “hops” over the network. Since each router is typically connected to multiple other routers, there may be multiple potential paths between given computers. Typically, the routing information is employed in a routing table in each router which is used to determine a path to a destination computer or network. The router makes a routing decision, using the routing table, to identify the next “hop,” or next router, to send the data to in order for it to ultimately reach the destination computer. However, network problems may arise which render routers and transmission paths between routers inoperable. Such failures effectively eliminate nodes or hops in the graph defined by the network, therefore interfering with data traffic which would have been routed over the affected paths.
In a typical conventional network, as indicated above, data takes the form of messages, which travel from among network devices, such as routers, in a series of hops from a source to the destination. In an exemplary network suitable for use with the methods and devices discussed herein, a Virtual Private Network (VPN) interconnects two or more local networks, such as LANs, by a VPN service operable to provide security to message traffic between the subnetworks, such that nodes of each sub-LAN can communicate with nodes of other sub-LANs as members of the same VPN. In a typical VPN arrangement, the particular subnetworks may be individual sites of a large business enterprise, such as a bank, retail, or large corporation, having multiple distinct sites each with a substantial subnetwork. A conventional VPN in such an environment is well suited to provide the transparent protection to communication between the subnetworks.