The invention generally relates to networks and, more particularly, the invention relates to management of routing tables utilized for transmitting data across a network.
Information is transmitted across the Internet in accord with the well known Internet Protocol (hereinafter xe2x80x9cIPxe2x80x9d). Among other things, IP specifies that information is to be transmitted from network device to network device within data packets. To facilitate data transmission across the Internet, each data packet includes a header with address information (e.g., the address of the destination network device) and a payload (i.e., the information being transmitted). Accordingly, a network device receiving IP data packets uses the data in the packet header to determine how to forward such data packet to other network devices in the network. To that end, network devices utilizing IP include routing tables that each lists a specific network device address and/or a family of network device addresses, and pre-specified routing data for data packets destined for each such network device. A network device receiving an IP data packet thus utilizes the address data in the header as an index in its relevant routing table to ascertain the prescribed routing data.
Various types of data traffic are maintained in routing tables in different ways. For example, virtual private networks (referred to herein asxe2x80x9cVPNsxe2x80x9d) are specified to store their relevant routing data for no more than one VPN in a single routing table. Specifically, as known in the art, a VPN is a plurality of network devices connected to a third party network (e.g., the Internet) that encrypt data packets sent through the network to other member VPN network devices. Encrypting VPN data traffic ensures the privacy of the VPN transmissions. As the number of VPNs on the Internet increases, however, single network devices are required to maintain an increasing number of routing tables. Undesirably, maintaining a single routing table for each VPN can cause scaling, stability, and other problems in the network.
In accordance with one aspect of the invention, a method and apparatus for managing virtual private network (xe2x80x9cVPNxe2x80x9d) routing data stores encoded VPN routing data in a routing table. To that end, VPN routing data is received, and then encoded into a format that is compatible with a protocol associated with the routing table. The encoded VPN routing data then is stored in the routing table (as noted above). The protocol is different from VPN.
In illustrative embodiments, a given VPN packet is received from a given interface. Once received, the given interface is matched with a given VPN identifier that identifies the given VPN. It also may be determined if the given VPN is a large mode VPN or a small mode VPN. Moreover, the encoded VPN routing data may be stored in a multicast address space in the routing table. In a similar manner, the VPN routing data may be encoded into a multicast format. For example, the encoded VPN routing data may be stored in at least one of a class D and a class E address space in the routing table. The routing table may include routing data for at least two different VPNs.
In other embodiments, the received VPN routing data relates to a given VPN. In such case, the routing table may have data relating to the given VPN, and another VPN. Additionally, the routing data may be encoded by forming a bit combination that complies with a multicast entry in the routing table. In illustrative embodiments, the received VPN routing data relates to a given VPN having a given route, VPN identifier identifying the given VPN, and a mode identifier indicating whether the given VPN is a small mode VPN or a large mode VPN. The routing data thus may be encoded to be a bit combination that includes the VPN identifier, the mode identifier, and the given route.
In accordance with another aspect of the invention, an apparatus and method of managing given VPN routing data received for a given VPN encodes the given VPN routing data into a format that is compatible with a located routing table. The encoded VPN routing data then is stored in the routing table. In illustrative embodiments, the routing table has routing data for the given VPN, and routing data for another VPN. Accordingly, the routing table is capable of storing VPN routing data for more than one VPN.
Various embodiments of the invention are implemented as a computer program product having a computer usable medium with computer readable program code thereon. The computer readable code may be read and utilized by a computer system in accordance with conventional processes.