1. Technical Field
The present invention relates to an improved data processing system and, in particular, to a method and system for reliable communication on a computer network.
2. Description of Related Art
As electronic commerce becomes more prevalent, business relationships between vendors and between a vendor and its customers become more valuable. Businesses are more willing to protect those relationships by spending more money on information technology that protects the integrity and reliability of their electronic commerce connections. In so doing, businesses protect not only their data and cash flow but also intangibles, such as reputations and good will. In addition, the complexity of information technology, the pressure of global competition, and the demands of universal access around-the-clock availability of electronic systems greatly increases the need to minimize disruptions in electronic commerce operations. The growing complexity of distributed data processing systems faces increasing reliability demands. Corporations are using new methods of communicating to meet expanding and disparate needs. Traveling employees require access to company databases. Some companies employ extranets, and other companies may require constant communication paths with strategic partners. All of these factors contribute to a corporation""s growing reliance and vulnerability to complex communication infrastructures.
A corporation""s information technology infrastructure may fail at various pressure points, such as telecommunication links, servers, networks, etc. Although hardware reliability may be a major concern, cost may also be a concern, and corporations have attempted to contain costs by using the open, distributed infrastructure of the Internet to transmit data between corporate sites. Dedicated leased lines may be prohibitively expensive for some companies, and other companies may require more flexibility than is provided by owning a complete communication channel. However, this openness also introduces another major concern to corporations: vulnerability. Corporations must protect against both physical vulnerability, such as hardware failures, and logical vulnerability, such as network failures.
Virtual private networks (VPNs) using the Internet enterprise-wide, communication-related problems. VPNs allow corporate administrators to connect remote branch offices to a main corporate network economically and relatively securely. Rather than depend on dedicated leased lines, an Internet-based VPN uses the open infrastructure of the Internet.
Computer systems within one business site are typically connected using a Local Area Network (LAN) and a Network Administrator is responsible for keeping the network up and running properly. To the user, a VPN has the same appearance as a LAN and requires a network administration just like a LAN. However network administration is much more difficult in a VPN because some machines are local and other machines are remote, perhaps even thousands of miles away. Many remote sites may be in small offices or may be mobile; in both cases, no network administrator is present at the remote site to solve problems.
In the past, problems have been handled by installing a second network card in every machine on the VPN. One of the cards in each machine is used to set up the data channels for the users and the second card provides a communications channel for the network administrator. Even if there is a problem on the data channels, the network administrator can access the machine on the administrative channel and work on solving the problem. This redundancy solution is usually successful since a vast majority of networking problems are due to software issues and not due to hardware failures. This solution has one major disadvantage: the need for a second network card. This is not only expensive but it uses up a card slot in the machine that may be needed for some other purpose.
Therefore, it would be advantageous to have a method and a system for more reliable network communication, and in particular, to provide a reliable network link using secure VPN channels.
A method and system for dual channel network connections where one channel can be used for normal data transmission and the second channel can be used for administration tasks such as correcting error on the data channel or running diagnostics. A first data processing system and a second data processing system communicate on a physical network by transmitting data packets on the network using a virtual private network (VPN). Data packets are transmitted through a first VPN channel. Administrative packets are transmitted through a second VPN channel independently of the first VPN channel. The data packets may be transmitted using Internet Protocol (IP), and a portion of the network may include the Internet. The data VPN channel and the administrative VPN channel share a single network interface card, hence only a single network interface card (NIC) is required for each data processing system.