1. Field of the Invention
The present invention relates to communications protocols, specifically packet encapsulation protocols for use in network communications.
2. Description of the Related Art
The global computer network, known today in one form as the xe2x80x9cInternet,xe2x80x9d consists of a large installed base of many types of switches, routers and other equipment and software employing multiple communications protocols. Among these is the well-known Internet Protocol (IP), which is a connectionless communications protocol that provides, among other things, transport services for packetized data. The Internet Protocol is described in Karanjit S. Siyan, Inside TCP/IP, New Riders Publishing 1997, incorporated herein by reference in its entirety. Networks relying on connection-oriented protocols, such as Frame Relay or Asynchronous Transfer Mode (ATM), are also currently installed. There is a generally recognized need to provide fast, efficient, and inexpensive data communications to users regardless of the form of the network and the protocols currently installed.
One problem seen among users of so-called xe2x80x9clegacyxe2x80x9d systems, for example the older time division multiplex (TDM), Frame Relay, and ATM connection-oriented systems, is the relative lack of compatibility with modern network elements that use IP. Many legacy ATM and Frame Relay networks are unable to inexpensively connect to IP networks while providing the speed and bandwidth required by their users.
One potential solution to this problem is the virtual private network (VPN). A virtual private network consists of a closed user group (CUG) that communicates across a backbone network. The backbone provides service isolation and security from other CUGs. The backbone network can be any type of physical network, such as the global Internet, a private extranet, or campus intranet. To the users within the CUG, each is connected to the others as if the backbone did not exist. In essence, the VPN allow a network manager with an installed base of networking equipment to provide seamless transport for users without revealing the types of underlying network protocols used to furnish that transport. However, existing protocols and methods of connecting CUG members on legacy systems are still subject to the above-noted problems of a lack of speed and bandwidth due to shortfalls in the legacy protocols themselves.
Another option known in the art is providing virtual path trunking using an IPX protocol xe2x80x9ctunnelxe2x80x9d through an existing Internet Protocol network. The process whereby a virtual path protocol establishes a tunnel is called xe2x80x9ctunneling.xe2x80x9d xe2x80x9cTunnelingxe2x80x9d generally refers to a user-transparent transport method of encapsulating one data form (the xe2x80x9cpayload,xe2x80x9d in this case IPX packets) within another packet protocol (here, IP) so that the payload data can pass across the IP network. One form of tunneling, known as generic routing encapsulation (GRE), is described in Internet Requests For Comments (RFCs) 1701 and 1702, available on the Internet at the URL http://www.ietf.org/rfc.html, incorporated herein by reference in their entireties.
While methods such as GRE are known in the prior art, the complexities of these systems do not approach the wide applicability currently desired by users. Current tunneling schemes are computation-intensive, slow, and increase the complexity of the IP network itself. Additional shortcomings are a lack of sufficient security at the ingress and egress interfaces of the virtual circuit tunnel. Also, the GRE protocol (in particular) is not viewed as amenable to ultra-high speed processing.
What is needed is an inexpensive, flexible, and user-transparent method of providing virtual path communications for users employing any protocol currently known or conceivable. Furthermore, what is needed is a system that has no effect on the existing IP network carrying this system.
Presently disclosed is a method for implementing a simple protocol, referred to as the universal transport interface (UTI), that can be used to create high speed Internet Protocol (IP) tunnels through a network for carrying a variety of different payloads. These payload packets may comprise any currently known packet protocol, including but not limited to IP packets, asynchronous transfer mode (ATM) cells, Packet-over-SONET/SDH (POS) packets, and Frame Relay frames. The universal transport interface protocol consists of a predefined set of encapsulations (or xe2x80x9cmappingsxe2x80x9d) whereby any previously known protocol can be transformed into a universal transport encapsulation (UTE) packet format. UTE format packets are, by design, amenable to transport over an IP network without further modification beyond standard IP encapsulation. In this fashion, the UTI protocol creates a tunnel through an existing network that connects two user networks operating on a different protocol. A tunnel security key system prevents unauthorized use or interception of UTE packets on the network.
The UTI method, according to one embodiment of the present invention, comprises identification of the protocol used in the payload packet and determining the mapping function needed, if any, to translate the payload packet field ordering into the UTE format. This work is performed at the ingress interface to the UTI tunnel. The ingress interface device (e.g., a router) then performs a translation mapping on the payload packet and prepends the UTE header to the reformed packet. A tunnel security key that enables verification and validation of packet data sent through the UTI tunnel is included in the UTE header. On receipt of the transport packet thus conveyed through the tunnel, the receiving (egress) interface device validates the packet, strips off the UTE header, and reverses the mapping process. The reconstituted payload packet is then available for further routing within the receiving user network.