Claims
- 1. A method of creating a discontiguous address plan for an enterprise, comprising:
determining a hierarchy of route advertisement optimization for an enterprise; determining the number of route advertisement aggregation points at each level of the hierarchy; rounding each number up to a power of a base number of the address plan; determining a number of network security policy areas for the enterprise; determining a number of addresses for each of the network security policy areas; rounding each number of addresses up to a power of the base number to produce a plurality of rounded addresses; allocating an address range for each of the plurality of rounded addresses so that a starting address of the address range begins on a power of the base number; determining a size of the plurality of address ranges; rounding the size of the plurality of address ranges up to a power of the base number to produce the size of a repeating policy pattern; assigning an instance of the repeating policy pattern to each of the route advertisement aggregation points; and determining an address and a mask for each of the network security policy areas in the repeating policy patterns.
- 2. A method as defined in claim 1, wherein the hierarchy is based on the geography of the enterprise.
- 3. A method as defined in claim 1, wherein the hierarchy is based on a network topology of the enterprise.
- 4. A method as defined in claim 1, wherein each level of the hierarchy is selected from a group consisting of a floor of a building, a building, a campus, a site, a city, a region, a state, a country, and a continent.
- 5. A method as defined in claim 1, wherein the base number is selected from a group consisting of 2, 3, 5, 6, 8, 10, 12, and 16.
- 6. A method as defined in claim 1, wherein determining a number of addresses for each of the network security policy areas comprises determining the largest instance for each of the network security policy areas at the minimum size hierarchy of route advertisement optimization.
- 7. A method as defined in claim 1, wherein rounding the number of addresses up to a power of the base number comprises rounding the number of addresses up to a nearest power of the base number.
- 8. A method as defined in claim 1, wherein the size of the address range is a power of the base number.
- 9. A method as defined in claim 1, further comprising arranging the address ranges from the largest range to the smallest range.
- 10. A method as defined in claim 1, wherein the repeating address ranges are identical and adjacent to one another.
- 11. A method as defined in claim 1, further comprising determining a maximum number of lower level address ranges to be aggregated.
- 12. A method as defined in claim 11, further comprising rounding the maximum number up to a power of the base number.
- 13. A method as defined in claim 1, wherein the mask is discontiguous.
- 14. A method as defined in claim 1, wherein determining an address and a mask for the repeating policy ranges comprises dividing the network address space for the enterprise into a plurality of adjacent identical repeating policy ranges.
- 15. A method as defined in claim 14, wherein each of the plurality of adjacent identical repeating policy ranges has a size that is divisible by a power of the base number.
- 16. A method as defined in claim 1, further comprising determining a size mask using a policy area of a first repeating policy range of the repeating policy pattern.
- 17. A method as defined in claim 16, further comprising determining a pattern mask using the first repeating policy range of the repeating policy pattern.
- 18. A method as defined in claim 17, further comprising determining an all patterns mask using the repeating policy pattern.
- 19. A method as defined in claim 18, further comprising determining a discontiguous mask using the size mask, the pattern mask, and the all patterns mask.
- 20. A method of creating an address and a discontiguous mask, comprising:
dividing a network address space into a plurality of adjacent repeating policy patterns; determining a size mask that represents a policy area in a first repeating section of the repeating policy patterns; determining a pattern mask that represents the first repeating section of the repeating policy patterns; determining an all patterns mask that represents the repeating policy patterns; and creating the address and the discontiguous mask using the size mask, the pattern mask, and the all patterns mask.
- 21. A method as defined in claim 20, further comprising determining a starting address for the policy area that is a power of a base number.
- 22. A method as defined in claim 21, wherein the base number is selected from a group consisting of 2, 3, 5, 6, 8, 10, 12, and 16.
- 23. A method as defined in claim 20, wherein each of the plurality of adjacent repeating policy patterns are identical to one another.
- 24. A method as defined in claim 20, wherein each of the plurality of adjacent repeating policy patterns contains some information that is similar to and some information that is identical to at least one other repeating policy pattern.
- 25. A method of creating a discontiguous address plan having repeating patterns within repeating patterns using an address and a discontiguous mask, the method comprising:
dividing a network address space into a plurality of adjacent repeating policy patterns; determining a size mask that represents a policy area in a repeating section of the repeating policy patterns; determining a pattern mask that represents the repeating section of the repeating policy patterns; repeating the determining steps until all patterns within patterns have been determined; determining an all patterns mask that represents the entire repeating policy patterns; and creating the address and the discontiguous mask using the size masks, the pattern masks, and the all patterns mask.
- 26. A method as defined in claim 25, further comprising determining a starting address for the policy area that is a power of a base number.
- 27. A method as defined in claim 26, wherein the base number is selected from a group consisting of 2, 3, 5, 6, 8, 10, 12, and 16.
- 28. A method as defined in claim 25, wherein each of the plurality of adjacent repeating policy patterns are identical to one another.
- 29. A method as defined in claim 25, wherein each of the plurality of adjacent repeating policy patterns contains some information that is similar to and some information that is identical to at least one other repeating policy pattern.
CROSS-REFERENCE TO RELATED APPLICATION
[0001] This application claims priority from U.S. provisional patent application Serial No. 60/204,229, filed May 15, 2000, which is herein incorporated by reference for all purposes.
Provisional Applications (1)
|
Number |
Date |
Country |
|
60204229 |
May 2000 |
US |