The Internet is a world-wide network of interconnected computers. One component of the Internet includes a large number of individual networks called Autonomous Systems ("AS"). Autonomous Systems include network topologies that typically have a single administrative entity. Examples of Autonomous Systems include universities (e.g., mit.edu, wisconsin.edu, etc.), corporations (3com.com, microsoft.com, etc.) and Internet Service Providers ("ISP") (e.g., aol.com, mci.com, etc.). An individual Autonomous System may include one or more Local Area Networks ("LAN") connected by bridges or routers. As is known in the art, bridges store and forward data frames between network topologies, while routers translate differences between network protocols and route data packets to appropriate devices on a network topology. An Autonomous System may also include Wide Area Networks ("WAN") running point-to-point or switched protocols.
Most Autonomous Systems comprise LANs connected by bridges or routers and only carry traffic to or from their own domain. Such Autonomous Systems are referred to as "stub" or "edge" networks and are typically interconnected to the Internet by a number of independent high speed backbone networks. Connectivity to the Internet in Autonomous Systems is often ad-hoc and based on administrative preferences rather than performance criteria. For example, network traffic between a first Autonomous System and a second Autonomous System in the same city may pass through another city tens or hundreds of miles away since the first and second Autonomous Systems may connect to the Internet through different backbones.
In some cases, multiple edge networks may be part of the same administrative entity. Large organizations with multiple sites use Virtual Private Networks ("VPN") comprising multiple edge networks. Instead of using dedicated long-haul lines between sites, a VPN with Autonomous Systems connects each site through the Internet with an "edge router" or "firewall" typically capable of data encryption and/or data authentication. Data packets, such as Internet Protocol ("IP") packets are encrypted and routed to the Internet traveling between multiple sites in the VPN. As is known in the art, IP is an addressing protocol designed to route traffic within a network or between networks.
Within an Autonomous System, routing and connectivity are typically determined by the organization's network administrator. Routing can be either static (e.g., statically assigned into a network device) or dynamic (e.g., using routing protocols such as Routing Internet Protocol ("RIP"), Open Shortest Path First ("OSPF"), etc.). For small to medium size Autonomous Systems, internal routes to the Internet do not change very often. Incoming and outgoing Internet traffic typically passes through a single router called a "gateway" or "edge router." As is known in the art, a gateway stores and forwards data packets between dissimilar network topologies. However, on the Internet, routing is typically very dynamic. Paths between Autonomous Systems through the Internet may change minute-by-minute or they may remain static for long periods of time (e.g., days or weeks). Paths between Autonomous Systems may traverse several different backbones to complete an Internet connection. Routing on the Internet is discussed in "End-to-end routing behavior on the Internet," by V. Paxson in IEEE/ACM Transactions on Networking, Vol. 5, No. 5, pp. 601-615, Octerber 1997, incorporated herein by reference.
There arc several problems associated with two or more Autonomous Systems with edge routers or firewalls using static routine to connect to the Internet, which uses dynamic routing. The Internet typically suffers from significant performance problems including excessive data packet delays and data packet losses that may addressly affect the Autonomous Systems. The data packet delays and losses typically occur at public Network Access Points ("NAP") and private switches. Within each Autonomous System, network administration planning and fault tolerance can accommodate reasonable traffic growth for Internet connections. However, at Network Access Points, it is difficult to upgrade and maintain edge routers because multiple administrative entities for multiple Autonomous Systems arc involved.
There have been attempts to provide "intelligent" capabilities to edge routers. Intelligent edge router capabilities may include: Forward Error Correction ("FEC"), where loss resiliency is achieved by employing Forward Error Correcting Schemes, such as eXclusive-OR ("XOR"), Reed-Solomon codes, or other forward error correcting schemes known in the art; encryption, where performance and end-to-end privacy is enhanced with edge routers that encrypt packets that are being sent to edge networks with similar capabilities; compression, where performance is increased and bandwidth is reduced if packets are compressed and sent edge-to-edge; or other intelligence.
The "intelligent" edge router services described above and other services known in the art typically require that edge routers be able to identify each other (e.g., to negotiate an encryption or compression scheme). However, there is currently no mechanism to allow edge routers to identify one other using networking protocols (e.g., Transmission Control Protocol "TCP" ). As is known in the art, TCP provides a connection-oriented, end-to-end reliable protocol designed to fit into a layered hierarchy of protocols that support multi-network applications. Thus, it is desirable to provide a mechanism to allow "intelligent" edge routers to identify one another using networking protocols and increase network performance.