Many types of communications are possible over data networks, including electronic mail, web browsing, file downloads, electronic commerce transactions, voice or other forms of real-time, interactive communications, and so forth. Networks include private networks, such as local area networks (LANs) or wide area networks (WANs), and public networks, such as the Internet. Private networks are networks in which access is restricted to authorized users, while public networks are generally accessible.
To prevent unauthorized access or interception of data communicated over data networks, various security protocols have been implemented to allow for encryption of data and authentication of sources of data. One such security protocol is the Internet Protocol Security (IPsec) protocol, which provides for secure communications over data networks.
One application of secure communications over data networks is to enable virtual private networks (VPNs). A VPN includes a public network as the primary transport medium, with communications protected by a security protocol. Access to a private network (such as a corporate LAN) from a remote location (such as from a branch office or by a remote user) is often desirable. Rather than using direct dial-up or dedicated point-to-point lines that are relatively expensive to maintain, a VPN between two endpoints (one endpoint being the LAN and the other endpoint being the remote terminal) can be established to provide secure communications over a public network. By using a VPN, a secure, convenient, and cost-effective mechanism is provided for users who desire to remotely access a private network.
Although IPsec provides a robust security mechanism to protect communications between two endpoints, IPsec does not provide for a mechanism to determine if the link between the two endpoints is functioning properly. In other words, IPsec does not provide for a keep-alive mechanism. Thus, for example, nodes connected over a VPN may assume that the VPN connection is still valid even though the VPN may be down. As a result, reliable communications over the VPN may not be possible or may be delayed due to the time needed to re-establish a connection.