This invention relates generally to communications and, more particularly, to packet communications systems.
One use of the Internet as a communications vehicle is as an enhanced data back-bone for coupling together workgroups to provide what is referred to as a xe2x80x9cvirtual private networkxe2x80x9d (VPN). One application of a VPN is in a corporate environment such that employees, e.g., at home, can remotely access, via the Internet, corporate data networks. A VPN provides security, and authentication, for a remote user to join a closed user group notwithstanding the use of public facilities. In effect, the use of a VPN provides a WAN-like vehicle to the corporation and its employees. Although the corporate network could also provide direct remote access, e.g., a user dials directly into the corporate network, there are economic advantages to the use of a VPN.
To provide a VPN, tunneling protocols are used such as the xe2x80x9cPoint-to-Point Tunneling protocolxe2x80x9d (PPTP) and the xe2x80x9cLayer 2 Forwardingxe2x80x9d (L2F) protocol. Generally speaking, a tunnel protocol enables the creation of a private data stream via a public network by placing one packet inside of another. In the context of a VPN, an IP packet is placed inside another IP packet. In an attempt to develop an industry standard, the Internet Engineering Task Force (IETF) is developing the xe2x80x9cLayer 2 Tunneling Protocolxe2x80x9d (L2TP), which is a hybrid of the PPTP and L2F protocols (e.g., see K. Hamzeh, T. Kolar, M. Littlewood, G. Singh Pall, J. Taarud, A. J. Valencia, W. Verthein; Layer Two Tunneling Protocol xe2x80x9cL2TPxe2x80x9d; Internet draft, March, 1998).
For a remote user, a typical form of access to a VPN is via a xe2x80x9cplain-old-telephone servicexe2x80x9d (POTS) connection to an xe2x80x9cInternet service providerxe2x80x9d (ISP) that provides the VPN service. For example, a user incorporates an analog modem into a personal computer, or equivalent, and has a customer account with a particular ISP, referred to herein as the xe2x80x9chomexe2x80x9d ISP. It is also assumed that the user""s personal computer is properly configured to support one of the above-mentioned tunneling protocols. The user accesses the VPN by simply making a data call to the home ISP, e.g., dialing a telephone number associated with the xe2x80x9chomexe2x80x9d ISP and then xe2x80x9clogging inxe2x80x9d to the VPN.
Typically, access to an ISP is via a network access server (NAS). It has been realized that in a Personal Communications Service (PCS) wireless environment the above-described tunneling protocols do not allow a remote user, on an existing call, to change the NAS that is providing access to a VPN. As such, the user""s physical mobility may disconnect, or drop, the user from the existing VPN connection.
Therefore, and in accordance with one aspect of the invention, apparatus and methods for transferring packet data provide a xe2x80x9chand-offxe2x80x9d feature that allows an existing point-to-point (PPP) connection to be transferred from one packet server to another packet server.
In one embodiment of the invention, three new hand-off control messages are defined for use with the packet servers, namely: (i) Continued Call Request, (ii) Continued Call Reply, and (iii) Continued Call Connect. These three new control messages comprise a L2TP control message header, message identifier (e.g., continued call request, etc.), and a number of fields. As a result, the user does not have to terminate the current PPP connection and then re-establish a new PPP connection.
Advantageously, such a hand-off control message or call continue transaction can be initiated by any of the servers involved in the hand-off scenario. For instance, assume an initial arrangement where a point-to-point call is set up and in progress between a user and a private network via a first packet server (e.g., a first Serving LAC) and a second packet server (e.g., an Anchor LAC). If, for example, the user moves out of the region served by the first packet server into a region served by a third packet server (e.g., a second Serving LAC), then a hand-off control message transaction, according to the invention, is initiated. In accordance with the invention, the second Serving LAC may initiate the call continue transaction or the Anchor LAC may initiate the call continue transaction. Alternatively, in accordance with another aspect of the invention, radius servers respectively associated with the packet servers may be employed to perform the call continue transaction.
In another aspect of the invention, assuming that a communication path is not yet established between the second packet server (e.g., Anchor LAC) and the third packet server (e.g., the second Serving LAC), a communication path (e.g., tunnel) set-up control message transaction may be performed concurrent with the call continue transaction.
Further, in yet another aspect of the invention, at least one packet server (e.g., the Anchor LAC) monitors state variables associated with the packet servers (e.g., the second Serving LAC and the private network) from which it receives packet data.