The present disclosure relates to network computing. Computer networks typically include a collection of computing devices enabled to communicate with each other for handling data traffic and control instructions. For example, such devices can include servers, data centers, routers, network switches, management applications, wireless access points, and client computers. Computer networks can provide network connectivity to wired computing devices and/or wireless computing devices.
Computer networks can include various configurations. One such configuration, known as a virtual private network (VPN), is a network that operates over a public communication network (such as the Internet) to provide remote offices or individual clients with secure, private access to a specific network, such as a network specific to an organization or company. VPNs function by encapsulating data transfers between two or more networked devices that are not on the same private network. Such encapsulation keeps transferred data private from other devices on one or more intervening local area networks or wide area networks. A VPN can enable a group of client computers to communicate and access specific resources as members of a given broadcast domain even if the various member client computers are not attached to the same network switch.
Network services, including VPN services are commonly provided using Ethernet technology. Ethernet has become a default Data Link Layer technology for data transport, that is, the default for Layer 2 (L2) of the Open Systems Interconnection (OSI) model. There are several accompanying technologies and protocols that expand Ethernet technologies to other or larger networks. One such protocol is that of Provider Backbone Bridges (PBB) or IEEE 802.1ah. A network that uses IEEE 802.1ah can route a customer network over a provider's network allowing interconnection of multiple Provider Bridge Networks without losing each customer's individually defined Virtual LANs (VLANs). Another such protocol is that of Shortest Path Bridging or IEEE 802.1aq. A network that uses IEEE 802.1aq can advertise both topology and logical network membership.
Packets are encapsulated at an edge node either in Mac-in-Mac 802.1ah or Q-in-Q 802.1ad frames and transported only to other members of the logical network. IEEE 802.1aq supports unicast and multicast, and all routing is on symmetric shortest paths. IEEE 802.1aq includes Shortest Path Bridging MAC (SPBM) functionality. There exist other related technologies that follow the model of a provider network (transport network) that connects two or more customer networks (access networks), where the provider network is functionally distinct from the customer network, even if a single administrator runs both networks.