Multicast is a well known concept that enables the delivery of a message to a group of destination addresses simultaneously, in a single transmission from the sending computer. Copies of the message are automatically created in network elements, such as routers, only when the topology of the network requires it.
Multicast is also known in a tactical network. A typical tactical network is shown in FIG. 1, and consists of an encrypted, or “black” domain 100, and one or more unencrypted, or “red” domains, which may be individual network elements or sub-networks 104. Encryption devices 102 bridge the black and red domains and may be, for example, a HAIPE (High Assurance Internet Protocol Encryptor) enabled router.
There are several well-known methods used to implement multicasts in a partitioned tactical network and, in particular, in a network containing a HAIPE device. One method in use is to create a GRE (generic routing encapsulation) tunnel to bridge the multicasts packets over the HAIPE devices. This method can require the addition of up to 24 bytes of overhead per data packet. Because bandwidth may be limited in the black domain of a tactical network, for instance, when traversing the black core involves a satellite link, the added overhead using this method is significant.
A second approach currently in use is to use two multicast proxies in tandem for each HAIPE device, one on the red side of the HAIPE device and one on the black side of the HAIPE device. This method, however, wastes space and power by requiring additional proxies to create the multicast bridge. Furthermore, this method may require exceptions to existing security protocols to communicate between the two proxies that surround the HAIPE device.
Yet a third method of conducting multicasts transmissions over a partitioned tactical network is to add a multicast proxy to the HAIPE device itself. However, this method requires the latest version of HAIPE devices and will not work with legacy versions. In addition, code changes to the multicast proxy would need to be certified by the National Security Agency, which is a very expensive process.
Thus, it would be desirable to implement a multicast solution for tactical networks that overcomes the deficiencies in the current methods.