Patent Application
20070110072
The invention relates to Digital Subscriber Link (DSL) connections over a network. More particularly, the invention relates to DSL connections to a Multi-Protocol Label Switching (MPLS) Virtual Private Network (VPN) using a Layer 2 Tunneling Protocol Access Concentrator.
While DSL connections use asynchronous transfer mode (ATM) as their transport, most DSL connections use a protocol called PPPoE (Point to Point Protocol over Ethernet) as the encapsulation mechanism. PPPoE is not a routable protocol like IP (Internet Protocol). In fact, in the ATM network, an IP address has not been assigned to these connections. It is the function of the remote access server, such as a broadband remote access server (B-RAS) and the network server, such as a Layer 2 Transport Protocol network server (LNS) to both authenticate the subscribers (to make sure that they have authorization to be on the network) and provide an IP address for the subscriber connection that will be used for subsequent packet transmissions.
Customers may require the use of DSL as an access into Multi-Protocol Label Switching (MPLS) Layer 3 VPN's (Virtual Private Networks computer networking and telecommunications, Multi-protocol Label Switching is a data-carrying mechanism, operating at a layer below protocols such as Internet Protocol (IP) which uses an assigned IP address to control communication of data packets to a destination. It is designed to provide a unified data-carrying service for both circuit-based clients and packet-switching clients which provide a datagram service model. It can be used to carry many different kinds of traffic, including both voice telephone traffic and IP packets. MPLS may dispense with the cell-switching and signaling-protocol baggage of ATM. MPLS may provide that small ATM cells may not be needed in the core of modern networks, since modern optical networks are so fast (at 10 Gbit/s and well beyond) that even full-length 1500 byte packets may not incur significant real-time queuing delays. The need to reduce such delays, to support voice traffic, has been the motivation for the cell nature of ATM.
However, DSL traffic must first be sent to a device that can provide an IP address to the PPPoE connections. Furthermore, since a MPLS Provider Edge (PE) router may not be in the same geographical location as the B-RAS or LNS, it becomes necessary to forward and aggregate DSL traffic to these MPLS enabled locations. Aside from its ability to aggregate multiple PPPoE sessions, L2TP is a routable protocol. This may permit an L2TP tunnel and its contents to be routed over an IP network.
The invention can be better understood with reference to the following drawings and description. The components in the figures are not necessarily to scale, emphasis instead being placed upon illustrating the principles of the invention. Moreover, in the figures, like referenced numerals designate corresponding parts throughout the different views.
A DSL network providing an interconnection to a virtual private network using MPLS includes a DSL source, an L2TP access concentrator (LAC) to aggregate DSL source traffic, a B-RAS to aggregate DSL Internet traffic as well as to function as a LAC for MPLS destined PPPoE sessions, an L2TP network server (LNS) to aggregate and authenticate Internet-bound DSL traffic and to switch PPPoE sessions destined to MPLS-enabled locations, and an MPLS-enabled LNS to terminate the PPPoE sessions and transmit the sessions to an MPLS network.
A process for connecting a DSL source to a virtual private network includes aggregating a source of DSL data at a LAC or B-RAS; processing the DSL data including authenticating the data and assigning IP addresses to the data; switching the DSL data to be routed to MPLS-enabled locations through a second network using routable tunnels; receiving and processing the routable tunnels at an MPLS-enabled network server; and transmitting data associated with the routable tunnels to MPLS VPN customers.
Other systems, methods, features and advantages of the invention will be, or will become, apparent to one with skill in the art upon examination of the following figures and detailed description. It is intended that all such additional systems, methods, features and advantages be included within this description, be within the scope of the invention, and be protected by the following claims.
The DSL modem 102 is in communication with the office PC 101 and with the ATM network 103. The LAC 104, the B-RAS 105, and the L2TP network server 106 are in communication with the ATM network 103. The B-RAS 105, the L2TP network server 106 also are in communication with the IP network 107, as are the second L2TP network server 108, the MPLS VPN PE router 109 and the Internet peering router 110. The Internet peering router 110 is in communication with the public Internet network 111 and may serve as a bridge between the IP network 107 and the public Internet network 111. The illustrated embodiment is exemplary only. Other connections and arrangements are possible.
The B-RAS 105 may reside at the core of an ISP network, and may aggregate user sessions from the access network. An ISP may inject policy management and IP Quality of Service (QoS) at the B-RAS 105. L2TP may act as a data link layer (layer 2 of the OSI model) protocol for tunneling network traffic between two peers over an existing network, usually the Internet. L2TP is an extension of the Point-to-Point Protocol (PPP). L2TP may not provide confidentiality or strong authentication. IPSec is often used to tunnel L2TP packets and provide confidentiality and authentication. The combination of these two protocols is generally known as L2TP/IPSec, and is standardized in RFC3193.
Asynchronous Transfer Mode Permanent Virtual Circuits (PVCs) may be passed to either the B-RAS 105 (e..g., between the ATM network 103 and the IP network 107 or to the LAC 104). A permanent virtual circuit is a virtual circuit established for repeated use between the same data terminal equipments (DTE). In a PVC, the long-term association is identical to the data transfer phase of a virtual call. Permanent virtual circuits eliminate the need for repeated call set-up and clearing.
Since the DSL traffic at the LAC 104 has not yet been broken out to IP packets, it may be forwarded over an L2TP tunnel to the LNS 106. The B-RAS 105 and LNS 106 both may handle DSL subscriber authentication and IP address assignment. Normally, DSL traffic may be destined for the Internet 111. The B-RAS 105 and LNS 106 may authenticate the subscribers (to make sure that they have authorization to be on the network) and provide an IP address for the subscriber connection that will be used for subsequent packet transmissions.
Customers may require the use of DSL as an access into MPLS Layer 3 VPN's. DSL traffic must first be sent to a device that may provide an IP address to the PPPoE connections in order to provide routable data packets. Since the MPLS PE router 109 may not be in the same geographical location as the B-RAS 105 or LNS 106, it may be necessary to forward and aggregate DSL traffic to these MPLS-enabled locations. Aside from its ability to aggregate multiple PPPoE sessions, L2TP is a routable protocol. This may permit an L2TP tunnel and its contents to be routed over an IP network. Traffic into the MPLS VPN PE router 109 may be segregated into different VPN's, while the second, MPLS LNS 108 may terminate DSL traffic and transmit the traffic as IP packets into the Internet 111.
The first LAC 104 may function as a provider of PPPoE over the LAC 104. The LNS 106 and B-RAS 105 may provide additional functions. The B-RAS 105 may serve as both a B-RAS 105 for DSL Internet traffic as well as a LAC 104 for MPLS destined PPPoE sessions. The LNS 106, aside from providing an aggregation and authentication point for Internet-bound DSL traffic may also function as an L2TP Tunnel Switch, switching PPPoE session destined to MPLS-enabled locations into a new set of tunnels, where the tunnel may comprise a packet based on one protocol wrapped, or encapsulated, in a second packet based on whatever differing protocol is needed in order for it to travel over an intermediary network. In effect, the second wrapper “insulates” the original packet and creates the illusion of a tunnel through which the wrapped packet travels across the intermediary network.
DSL traffic that may normally be intended for transmission into the Internet 111 may be routed through the LNS 106 and into customer VPN's. The LNS 106 may serve as a customer edge (CE) device. The CE device may be responsible for aggregating customer traffic received over the IP network 107. Examples of customer traffic may include distributed location entities such as automotive companies, financial and/or investment firms, insurance companies, and other companies that may have offices separated geographically.
Since DSL may be a regional service, it may be difficult to aggregate with the use of ATM's. With the network shown in
Like the tunnels from the B-RAS 105, the tunnels from the Tunnel Switch may be routed, either over a local network or over a regional or national IP network, to a new LNS 108 that may provide an aggregation point for MPLS destined traffic. This MPLS LNS 108 will provide a point of termination for the PPPoE sessions, permitting MPLS VPN customers to authenticate DSL sessions and provide IP addresses from their own address blocks.
While it may be possible to deploy a separate MPLS LNS 108 for each customer wanting DSL aggregation to an MPLS VPN, it may be desirable to use virtual routing capabilities to partition the MPLS LNS 108 for the use of multiple customers. The interconnection to the MPLS network may be either a shared medium, like ATM PVC's or Ethernet VLAN's, or separate physical connections, one per customer.
With the network 100 configured as in
Like the methods shown in
A “computer-readable medium,” “machine-readable medium,” “propagated-signal” medium, and/or “signal-bearing medium” may comprise any unit that contains, stores, communicates, propagates, or transports software for use by or in connection with an instruction executable system, apparatus, or device. The machine-readable medium may selectively be, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, device, or propagation medium. A non-exhaustive list of examples of a machine-readable medium would include: an electrical connection “electronic” having one or more wires, a portable magnetic or optical disk, a volatile memory such as a Random Access Memory “RAM” (electronic), a Read-Only Memory “ROM” (electronic), an Erasable Programmable Read-Only Memory (EPROM or Flash memory) (electronic), or an optical fiber (optical). A machine-readable medium may also include a tangible medium upon which software is printed, as the software may be electronically stored as an image or in another format (e.g., through an optical scan), then compiled, and/or interpreted or otherwise processed. The processed medium may then be stored in a computer and/or machine memory.
While various embodiments of the invention have been described, it will be apparent to those of ordinary skill in the art that many more embodiments and implementations are possible within the scope of the invention. Accordingly, the invention is not to be restricted except in light of the attached claims and their equivalents.
