`
`
`
`
`
`EXHIBIT
`
`EXHIBIT
`1004
`
`1004
`
`
`
`EXPRESS MAIL LABEL: EV 389082077 US
`CUSTOMER NO. 20,551
`
`INfEll£CTUlL ~ROPUl't UW
`
`(~;· .. r
`~!IJJ.~I
`' THORPE
`
`NORTH~
`WESTERN
`
`PATENT APPLICATION
`DOCKET NO. 22973.CON
`
`John W. L. Ogilvie
`Registered Patent Attorney
`ogilvie@tnw.com
`
`IN THE UNITED STATES PATENT AND TRADEMARK OFFICE
`
`Commissioner for Patents
`P.O. Box 1450
`Alexandria, VA 22313-1450
`
`Sir/Madam:
`
`Transmitted herewith for filing is the patent application of Datta, et al. for
`TOOLS AND TECHNIQUES FOR DIRECTING PACKETS OVER DISPARATE
`NETWORKS comprising 44 pages of specification and claims.
`
`[gJ
`
`This continuation application claims priority to U.S. application no.
`10/361,837 filed February 7, 2003.
`
`Enclosed also are:
`2 sheet(s) of drawings.
`
`[g]
`
`[g]
`
`[gJ
`
`[gJ
`
`[gJ
`
`[g]
`0
`[g]
`
`D
`
`Applicant claims small entity status under 37 CFR 1.9(b) & 1.27(c).
`
`Copy of executed Assignment filed in prior application, with cover sheet,
`from the inventors to Ragula Systems (FatPipe Networks).
`
`Copy of executed Declaration and Petition filed in prior application.
`
`Copy of executed Power of Attorney filed in prior application.
`
`A Preliminary Amendment is enclosed.
`
`Nonpublication Request Under 35 USC 122(b)(2)(B)(i).
`
`A Certificate of Mailing by "Express. Mail" certifying a filing date of
`August 3. 2004, by use of Express Mail Label No. EV 389082077 US.
`
`Information Disclosure Statement under 37 C.F.R. § 1.97, PTO Form-
`1449 with listed references attached (if indicated as being attached by the
`Information Disclosure Statement).
`
`www.tnw.com
`8180 South 700 East· Suite 200 ·Sandy, Utah 84070-0562 • 801.566.6633 ·f. 801.566.0750 · patlaw@tnw.com I U.S. Mailing Address: P.O. Box 1219 ·Sandy, Utah 84091-1219
`The Team Approach to Premier Performance<~~>
`
`Viptela, Inc. - Exhibit 1004
`Page 1
`
`
`
`Commissioner for Patents
`Page 2
`
`The filing fee has been calculated as shown below.
`
`...
`BASIC FEE
`
`TOT. CLAIMS
`
`11-20==
`
`9-03=
`IND. CLAIMS
`MULTIPLE DEPENDENT
`CLAIMS PRESENTED
`ASSIGNMENT
`RECORDATION FEE
`
`0
`6
`
`0
`
`NO
`FILED
`
`EXTRA .·.. RA T.E.
`"
`
`RATE-:
`
`FEE
`
`' .. ,
`
`:
`
`..
`·.>'
`
`$385.00
`
`X $9.00 ==
`X $43.00 =
`
`$385.00 $ 770.00
`X $18.00 =
`$ 258.00 X $86.00 ==
`
`$145.00
`
`$40.00
`
`$290.00
`
`$40.00
`
`[g)
`
`A check in the amount of$ 643.00 is enclosed to cover the filing fee.
`
`The Commissioner is hereby authorized to charge any additional fees associated
`with this communication or to credit any overpayment to Deposit Account No. 20-0100.
`Please address all future correspondence in connection with the above-identified patent
`application to the attention of the undersigned.
`
`Dated this 3rd day of August, 2004.
`
`ohn W.L. Ogilvie
`Attorney for App ·cant
`Registration No. 37,987
`
`THORPE NORTH & WESTERN, LLP
`Customer No. 20,551
`P.O. Box 1219
`Sandy, Utah 84091-1219
`Telephone: (801) 566-6633
`
`•
`
`JWO/sbh
`Enclosures
`
`. DATE OFPEPOSIT: August··3. 2004':
`.
`EXPRESS MAIL LABEL NO.: EV 389082077 .US .
`~ ,·::
`; ·. ,,., ' ... ' . .
`I he~eby certifY that. this paper or :fee {al~n·g.~th ~y paper or f~ referred ~o ~ being anac.hed or.e~~losed):i~ bel~g ~i:Po;ited With
`:the .lJ'l\~e,d swes. Post!lt SeiVi~ ~~E~Pt~~s MaiJt~?,Sl 9ffice,tg;~dd~essee~· servic~ !Jndeq?, C,;F.,.R::§;tJ o.witn:.su.ffi9i~ni P§~tage P!td ..
`:the' date inilicated above. and is addressed to: Coriunissioner for PatentS, P.O. B0x:I450;'~Ii:ximdria;'VA: 223!321.450.~ .,~·..
`•· • ·. '· ·"\·
`. . . . . :.: .. WJ~;~:~:i::ff;,:'
`.. ..•
`i . '
`....
`'
`.
`
`.~. "',..
`
`Viptela, Inc. - Exhibit 1004
`Page 2
`
`
`
`·-···· -- -- --· ··- ....... ---. . . --··--·---~-·--·--- ·----·--·--·--_... ____ ----·------- -· -- ---··
`
`Express Mail Label No. EV04 7149870US
`PATENT APPLICATION
`DOCKET NO. 3003.2.11A
`
`UNITED STATES
`PATENT APPLICATION
`
`OF
`
`SANCHAITA DATTA AND RAGULA BHASKAR
`
`FOR
`
`TOOLS AND TECHNIQUES FOR
`DIRECTING PACKETS OVER DISPARATE NETWORKS
`
`Viptela, Inc. - Exhibit 1004
`Page 3
`
`
`
`TOOLS AND TECHNIQUES FOR
`DIRECTING PACKETS OVER DISPARATE NETWORKS
`
`5
`
`RELATED APPLICATIONS
`
`This application claims priority to commonly owned copending U.S. provisional
`
`patent application serial no. 60/355,509 filed February 8, 2002, which is also incorporated
`
`herein by reference. This application is a continuation-in-part of U.S. patent application
`
`serial no. 10/034,197 filed December 28, 200 I, which claims priority to U.S. provisional
`
`10
`
`patent application serial no. 60/259,269 filed December 29,2000, each of which is also
`
`incorporated herein by reference.
`
`FIELD OF THE INVENTION
`
`The present invention relates to computer network data transmission, and more
`
`15
`
`particularly relates to tools and techniques for communications using disparate parallel
`
`networks, such as a virtual private network ("VPN") or the Internet in parallel with a
`
`point-to-point, leased line, or frame relay network, in order to help provide benefits such
`
`as load balancing across network connections, greater reliability, and increased security.
`
`20
`
`TECHNICAL BACKGROUND OF THE INVENTION
`
`Organizations have used frame relay networks and point-to-point leased line
`
`networks for interconnecting geographically dispersed offices or locations. These
`
`networks have been implemented in the past and are currently in use for interoffice
`
`communication, data exchange and file sharing. Such networks have advantages, some of
`
`25
`
`which are noted below. But these networks also tend to be expensive, and there are
`
`1
`
`Viptela, Inc. - Exhibit 1004
`Page 4
`
`
`
`relatively few options for reliability and redundancy. As networked data communication
`
`becomes critical to the day-to-day operation and functioning of an organization, the need
`
`for lower cost alternatives for redundant back-up for wide area networks becomes
`
`important.
`
`5
`
`Frame relay networking technology offers relatively high throughput and
`
`reliability. Data is sent in variable length frames, which are a type of packet. Each frame
`
`has an address that the frame relay network uses to determine the frame's destination.
`
`The frames travel to their destination through a series of switches in the frame relay
`
`network, which is sometimes called a network "cloud"; frame relay is an example of
`
`10
`
`packet-switched networking technology. The transmission lines in the frame relay cloud
`
`must be essentially error-free for frame relay to perform well, although error handling by
`
`other mechanisms at the data source and destination can compensate to some extent for
`
`lower line reliability. Frame relay and/or point-to-point network services are provided or
`
`have been provided by various carriers, such as AT&T, Qwest, XO, and MCI WorldCom.
`
`15
`
`Frame relay networks are an example of a network that is "disparate·· from the
`
`Internet and from Internet-based virtual private networks for purposes of the present
`
`invention. Another example of such a "disparate" network is a point-to-point network,
`
`such as a T 1 or T3 connection. Although the underlying technologies differ somewhat,
`
`for purposes of the present invention frame relay networks and point-to-point networks
`
`20
`
`are generally equivalent in important ways, such as the conv~ntional reliance on manual
`
`switchovers when traffic must be redirected after a connection fails, and their
`
`implementation distinct from the Internet. A frame relay permanent virtual circuit is a
`
`virtual point-to-point connection. Frame relays are used as examples throughout this
`
`2
`
`Viptela, Inc. - Exhibit 1004
`Page 5
`
`
`
`document, but the teachings will also be understood in the context of point-to-point
`
`networks.
`
`A frame relay or point-to-point network may become suddenly unavailable for
`
`use. For instance, both MCI WorldCom and AT&T users have lost access to their
`
`5
`
`respective frame relay networks during major outages. During each outage, the entire
`
`network failed. Loss of a particular line or node in a network is relatively easy to work
`
`around. But loss of an entire network creates much larger problems.
`
`Tools and techniques to permit continued data transmission after loss of an entire
`
`frame relay network that would normally carry data are discussed in United States Patent
`
`I 0
`
`Application No. 10/034,197 filed December 28, 2001 and incorporated herein. The '197
`
`application focuses on architectures involving two or more "private" networks in parallel,
`
`whereas the present application focuses on architectures involving disparate networks in
`
`parallel, such as a proprietary frame relay network and the Internet. Note that the term
`
`"private network" is used herein in a manner consistent with its use in the '197 applica-
`
`15
`
`tion (which comprises frame relay and point-to-point networks), except that a "virtual
`
`private network" as discussed herein is not a "private network". Virtual private networks
`
`are Internet-based, and hence disparate from private networks, i.e., from frame relay and
`
`point-to-point networks. To reduce the risk of confusion that might arise from misunder(cid:173)
`
`standing "private network" to comprise "virtual private network" herein, virtual private
`
`20
`
`networks will be henceforth referred to as VPNs. Other differences and similarities
`
`between the present application and the '197 application will also be apparent to those of
`
`skill in the art on reading the two applications.
`
`3
`
`Viptela, Inc. - Exhibit 1004
`Page 6
`
`
`
`Various architectures involving multiple networks are known in the art. For
`
`instance, Figure 1 illustrates prior art configurations involving two frame relay networks
`
`for increased reliability; similar configurations involve one or more point-to-point
`
`network connections. Two sites 102 transmit data to each other (alternately, one site
`
`5 might be only a data source, while the other is only a data destination). Each site has two
`
`border routers 105. Two frame relay networks 106, 108 are available to the sites 102
`
`through the routers 105. The two frame relay networks I 06, 108 have been given
`
`separate numbers in the figure, even though each is a frame relay network, to emphasize
`
`the incompatibility of frame relay networks provided by different carriers. An AT&T
`
`10
`
`frame relay network. for instance, is incompatible- in details such as maximum frame
`
`size or switching capacity- with an MCI WorldCom frame relay network, even though
`
`they are similar when one takes the broader view that encompasses disparate networks
`
`like those discussed herein. The two frame relay providers have to agree upon
`
`information rates, switching capacities, frame sizes, etc. before the two networks can
`
`15
`
`communicate directly with each other.
`
`A configuration like that shown in Figure 1 may be actively and routinely using
`
`both frame relay networks A and B. For instance, a local area network (LAN) at site 1
`
`may be set up to send all traffic from the accounting and sales departments to router A 1
`
`and send all traffic from the engineering department to router B 1. This may provide a
`
`20
`
`very rough balance of the traffic load between the routers, but it does not attempt to
`
`balance routet: loads dynamically in response to actual traffic and thus is not "load(cid:173)
`
`balancing" as that term is used herein.
`
`4
`
`Viptela, Inc. - Exhibit 1004
`Page 7
`
`
`
`Alternatively, one ofthe frame relay networks may be a backup which is used
`
`only when the other frame relay network becomes unavailable. In that case, it may take
`
`even skilled network administrators several hours to perform the steps needed to switch
`
`the traffic away from the failed network and onto the backup network, unless the
`
`5
`
`invention of the '197 application is used. In general, the necessary Private Virtual
`
`Circuits (PVCs) must be established, routers at each site 102 must be reconfigured to use
`
`the correct serial links and PYCs, and LANs at each site 102 must be reconfigured to
`
`point at the correct router as the default gateway.
`
`Although two private networks are shown in Figure 1, three or more such
`
`10
`
`networks could be employed, with similar considerations coming into play as to increased
`
`reliability, limits on load-balancing, the efforts needed to switch traffic when a network
`
`fails, and so on. Likewise, for clarity of illustration Figure 1 shows only two sites, but
`
`three or more sites could communicate through one or more private networks.
`
`Figure 2 illustrates a prior art configuration in which data is normally sent
`
`15
`
`between sites 102 over a private network 106. A failover box 202 at each site 102 can
`
`detect failure ofthe network 106 and, in response to such a failure, will send the data
`
`instead over an ISDN link 204 while the network l 06 is down. Using an ISDN link 204
`
`as a backup is relatively easier and less expensive than using another private network 106
`
`as the backup, but generally provides lower throughput. The ISDN link is an example of
`
`20
`
`a point-to-point or leased line network link.
`
`Figure 3 illustrates prior art configurations involving two private networks for
`
`increased reliability, in the sense that some of the sites in a given government agency or
`
`other entity 302 can continue communicating even after one network goes down. For
`
`5
`
`Viptela, Inc. - Exhibit 1004
`Page 8
`
`
`
`instance, if a frame relay network A goes down, sites I, 2, and 3 will be unable to
`
`communicate with each other but sites 4, 5, and 6 will still be able to communicate
`
`amongst themselves through frame relay network B. Likewise, if network B goes down,
`
`sites L 2, and 3 will still be able to communicate through network A. Only if both
`
`5
`
`networks go down at the same time would all sites be completely cut off. Like the Figure
`
`l configurations, the Figure 3 configuration uses two private networks. Unlike Figure I,
`
`however, there is no option for switching traffic to another private network when one
`
`network 106 goes down, although either or both of the networks in Figure 3 could have
`
`an ISDN backup like that shown in Figure 2. Note also that even when both private
`
`10
`
`networks are up, sites I, 2, and 3 communicate only among themselves; they are not
`
`connected to sites 4, 5, and 6. Networks A and Bin Figure 3 are therefore not in
`
`"parallel" as that term is used herein, because all the traffic between each pair of sites
`
`goes through at most one of the networks A, B.
`
`Figure 4 illustrates a prior art response to the incompatibility of frame relay
`
`15
`
`networks of different carriers. A special "network-to-network interface" (NNI) 402 is
`
`used to reliably transmit data between the two frame relay networks A and B. NNis are
`
`generally implemented in software at carrier offices. Note that the configuration in
`
`Figure 4 does not provide additional reliability by using two frame relay networks 106,
`
`because those networks are in series rather than in parallel. If either of the frame relay
`
`20
`
`networks A, Bin the Figure 4 configuration fails, there is no path between site 1 and site
`
`2~ adding the second frame relay network has not increased reliability. By contrast,
`
`Figure I increases reliability by placing the frame relay networks in parallel, so that an
`
`alternate path is available if either (but not both) of the frame relay networks fails.
`
`6
`
`Viptela, Inc. - Exhibit 1004
`Page 9
`
`
`
`Someone of skill in the art who was looking for ways to improve reliability by putting
`
`networks in parallel would probably not consider NNis pertinent, because they were used
`
`for serial configurations rather than parallel ones, and adding networks in a serial manner
`
`does not improve reliability.
`
`5
`
`Internet-based communication solutions such as VPNs and Secure Sockets Layer
`
`(SSL) offer alternatives to frame relay 106 and point-to-point leased line networks such
`
`as those using an ISDN link 204. These Internet-based solutions are advantageous in the
`
`flexibility and choice they offer in cost, in service providers, and in vendors.
`
`Accordingly, some organizations have a frame relay 106 or leased line connection (a.k.a.
`
`to
`
`point-to-point) for intranet commtmication and also have a connection for accessing tl1e
`
`Internet 500, using an architecture such as that shown in Figure 5.
`
`But better tools and techniques are needed for use in architectures such as that
`
`shown in Figure 5. In particular, prior approaches for selecting which network to use for
`
`which packet(s) are coarse. For instance, all packets from department X might be sent
`
`15
`
`over the frame relay connection 106 while all packets from department Yare sent over
`
`the Internet 500. Or the architecture might send all traffic over the frame relay network
`
`unless that network fails, and then be manually reconfigured to send all traffic over a
`
`VPN 502.
`
`Organizations are still looking for better ways to use Internet-based redundant
`
`20
`
`connections to backup the primary frame relay networks. Also, organizations wanting to
`
`change from frame relay and point-to-point solutions to Internet-based solutions have not
`
`had the option of transitioning in a staged manner. They have had to decide instead
`
`between the two solutions, and deploy the solution in their entire network communica-
`
`7
`
`Viptela, Inc. - Exhibit 1004
`Page 10
`
`
`
`tions system in one step. This is a barrier for deployment of Internet-based solutions
`
`500/502, since an existing working network would be replaced by a yet-untested new
`
`network. Also, for organizations with several geographically distributed locations a
`
`single step conversion is very complex. Some organizations may want a redundant
`
`5
`
`Internet-based backup between a few locations while maintaining the frame relay network
`
`for the entire organization.
`
`It would be an advancement in the art to provide new tools and techniques for
`
`configuring disparate networks (e.g., frame relay/point-to-point WANs and lnternet-based
`
`VPNs) in parallel, to obtain benefits such as greater reliability, improved security, and/or
`
`10
`
`load-balancing. Such improvements are disclosed and claimed herein.
`
`BRIEF SUMMARY OF THE INVENTION
`
`The present invention provides tools and techniques for directing packets over
`
`multiple parallel disparate networks, based on addresses and other criteria. This helps
`
`15
`
`organizations make better use of frame relay networks and/or point-to-point (e.g., Tl, T3,
`
`fiber, OCx, Gigabit, wireless, or satellite based) network connections in parallel with
`
`VPNs and/or other Internet-based networks. For instance, some embodiments of the
`
`invention allow frame relay and VPN wide area networks to co-exist for redundancy as
`
`well as for transitioning from frame relay/point-to-point solutions to Internet-based
`
`20
`
`solutions in a staged manner. Some embodiments operate in configurations which
`
`communicate data packets over two or more disparate WAN connections, with the data
`
`traffic being dynamically load-balanced across the connections, while some embodiments
`
`8
`
`Viptela, Inc. - Exhibit 1004
`Page 11
`
`
`
`treat one of the WANs as a backup for use mainly in case the primary connection through
`
`the other WAN fails.
`
`Other features and advantages of the invention will become more fully apparent
`
`through the following description.
`
`5
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`To illustrate the manner in which the advantages and features of the invention are
`
`obtained, a more particular description of the invention will be given with reference to the
`
`attached drawings. These drawings only illustrate selected aspects of the invention and
`
`10
`
`its context. In the drawings:
`
`Figure l is a diagram illustrating a prior art approach having frame relay networks
`
`configured in parallel for increased reliability for all networked sites, in configurations
`
`that employ manual switchover between the two frame relay networks in case of failure.
`
`Figure 2 is a diagram illustrating a prior art approach having a frame relay
`
`15
`
`network configured in parallel with an ISDN network link for increased reliability for all
`
`networked sites.
`
`Figure 3 is a diagram illustrating a prior art approach having independent and non(cid:173)
`
`parallel frame relay networks, with each network connecting several sites but no routine
`
`or extensive communication between the networks.
`
`20
`
`Figure 4 is a diagram illustrating a prior art approach having frame relay networks
`
`configured in series through a network-to-network interface, with no consequent increase
`
`in reliability because the networks are in series rather than in parallel.
`
`9
`
`Viptela, Inc. - Exhibit 1004
`Page 12
`
`
`
`Figure 5 is a diagram illustrating a prior art approach having a frame relay
`
`network configured in parallel with a VPN or other Internet-based network that is
`
`disparate to the frame relay network, but without the fine-grained packet routing of the
`
`present invention.
`
`5
`
`Figure 6 is a diagram illustrating one system configuration of the present
`
`invention, in which the Internet and a private network are placed in parallel for increased
`
`reliability for all networked sites, without requiring manual traffic switchover, and with
`
`the option in some embodiments of load balancing between the networks and/or
`
`increasing security by transmitting packets of a single logical connection over disparate
`
`I 0
`
`networks.
`
`Figure 7 is a diagram further illustrating a multiple disparate network access
`
`controller of the present invention, which comprises an interface component for each
`
`network to which the controller connects. and a path selector in the controller which uses
`
`one or more of the following as criteria: destination address, network status (up/down),
`
`15
`
`network load, use of a particular network for previous packets in a given logical
`
`connection or session.
`
`Figure 8 is a flowchart illustrating methods of the present invention for sending
`
`packets using a controller such as the one shown in Figure 7.
`
`Figure 9 is a flowchart illustrating methods of the present invention for combining
`
`20
`
`connections to send traffic over multiple parallel independent disparate networks for
`
`reasons such as enhanced reliability, load balancing, and/or security.
`
`Figure 1 0 is a diagram illustrating another system configuration of the present
`
`invention, in which the Internet and a frame relay network are placed in parallel, with a
`
`10
`
`Viptela, Inc. - Exhibit 1004
`Page 13
`
`
`
`VPN tunnel originating after the source controller and terminating before the destination
`
`controller, and each known site that is accessible through one network is also accessible
`
`through the other network unless that other network fails.
`
`Figure l 1 is a diagram illustrating a system configuration similar to Figure 10,
`
`5
`
`except the VPN tunnel originates before the source controller and terminates after the
`
`destination controller.
`
`DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
`
`The present invention relates to methods, systems, and configured storage media
`
`10
`
`for connecting sites over multiple independent parallel disparate networks, such as frame
`
`relay networks and/or point-to-point network connections, on the one hand, and VPNs or
`
`other Internet-based network connections, on the other hand. "Multiple" networks means
`
`two or more such networks. "Independent" means routing information need not be
`
`shared between the networks. "Parallel" does not rule out all use ofNNis and serial
`
`15
`
`networks, but it does require that at least two of the networks in the configuration be in
`
`parallel at the location where the invention distributes traffic, so that alternate data paths
`
`through different networks are present. "Frame relay networks" or "private networks"
`
`does not rule out the use of an ISDN link or other backup for a particular frame relay or
`
`point-to-point private network, but it does require the presence of multiple such networks;
`
`20
`
`Figure 2, for instance, does not meet this requirement. A "frame relay network" is
`
`unavailable to the general public and thus disparate from the Internet and VPNs (which
`
`may be Internet-based), even though some traffic in the Internet may use public frame
`
`relay networks once the traffic leaves the location where the invention distributes traffic.
`
`11
`
`Viptela, Inc. - Exhibit 1004
`Page 14
`
`
`
`Figure 6 illustrates one of many possible configurations of the present invention.
`
`Comments made here also apply to similar configurations involving only one or more
`
`frame relay networks 106, those involving only one or more point-to-point networks 204,
`
`and those not involving a VPN 604. for example. Two or more disparate networks are
`
`5
`
`placed in parallel between two or more sites l 02. In the illustrated configuration, the
`
`Internet 500 and a VPN 604 are disparate from, and in parallel with, frame relay I point(cid:173)
`
`to-point network 106/204, with respect to site A and site B. No networks are parallel
`
`disparate networks in Figure 6 with reg~rd to site C as a traffic source, since that site is
`
`not connected to the Internet 500. Access to the disparate networks at site A and and site
`
`10
`
`8 is through an inventive controller 602 at each site. Additional controllers 602 may be
`
`used at each location (i.e., controllers 602 may be placed in parallel to one another) in
`
`order to provide a switched connection system with no single point of failure.
`
`With continued attention to the illustrative network topology for one embodiment
`
`of the invention shown in Figure 6, in this topology the three locations A, B, and C are
`
`15
`
`connected to each other via a frame relay 106 or leased line network 204. Assume, for
`
`example, that all three locations are connected via a single frame relay network 106.
`
`Locations A and Bare also connected to each other via a VPN connection 604. VPN
`
`tunnels are established between locations A and Bin the VPN, which pairs line 1 to line 3
`
`and also pairs line 2 to line 3. There can be only one VPN tunnel between locations A
`
`20
`
`and B. There is no VPN connection between location C and either location A or location
`
`B.
`
`Therefore, locations A, B, and C can communicate with each other over the frame
`
`relay network 106, and locations A and B (but not C) can also communicate with each
`
`12
`
`Viptela, Inc. - Exhibit 1004
`Page 15
`
`
`
`other over the VPN connection 604. Communication between locations A and C, and
`
`communication between locations 8 and C, can take place over the frame relay network
`
`106 only. Communication between locations A and 8 can take place over frame relay
`
`network 106. It can also take place over one of the lines 1-and-3 pair, or the lines 2-and-3
`
`5
`
`pair, but not both at the same time. Traffic can also travel over lines 2 and 4, but without
`
`a VPN tunnel. When the source and destination IP address pairs are the same between
`
`locations A and B but different types of networks connect those locations, as in Figure 6
`
`for instance, then a traffic routing decision that selects between network types cannot he
`
`made \Vith an existing commercially available device. By contrast, the invention allows
`
`10
`
`an organiza!ion to deploy an Internet-based solution between locations A and 8 while
`
`maintaining the frame relay network 106 between locations A, B, and C, and allows
`
`traffic routing that selects between the Internet and the frame relay network on a packet(cid:173)
`
`by-packet basis.
`
`The invention may thus be configured to allow the organization to achieve the
`
`15
`
`following goals, in the context of Figure 6; similar goals are facilitated in other
`
`configurations. First, the organization can deploy an Internet-based second connection
`
`between only locations A and B, while maintaining frame relay connectivity between
`
`locations A, B, and C. Later the organization may deploy an Internet-based solution at
`
`location C as well. Second, the organization can use the Internet-based connection
`
`20
`
`between locations A and B for full load-balancing or backup, or a combination of the two.
`
`Third, the organization can use the frame relay connection between locations A and 8 for
`
`full load-balancing or backup, or a combination of the two. Fourth, the organization can
`
`13
`
`Viptela, Inc. - Exhibit 1004
`Page 16
`
`
`
`load-balance traffic in a multi-homing situation between two ISPs or two connections to
`
`the Internet at locations A and/or B.
`
`To better understand the invention, consider the operation of controller device 602
`
`at location A. The controller 602 examines the IP data traffic meant to go through it and
`
`5 makes determinations and takes steps such as those discussed below.
`
`If the traffic is destined for the Internet 500, send the traffic over the Internet using
`
`lines 1 and/or 2. Load balancing decisions that guide the controller 602 in distributing
`
`packets between the lines can be based on criteria such as the load of a given network,
`
`router, or connection relative to other networks, routers, or connections, to be performed
`
`10
`
`dynamically in response to actual traffic. Load-balancing may be done through a round(cid:173)
`
`robin algorithm which places the next TCP or UDP session on the next available line, or
`
`it may involve more complex algorithms that attempt to measure and track the
`
`throughput, latency, and/or other performance characteristics of a given link or path
`
`element. Load-balancing is preferably done on a per-packet basis for site-to-site data
`
`15
`
`traffic over the Internet or frame relay net, or done on a TCP or UDP session basis for
`
`Internet traffic, as opposed to prior approaches that use a per-department and/or per(cid:173)
`
`router basis for dividing traffic. Load-balancing algorithms in general are well
`
`understood. although their application in the context of the present invention is believed
`
`to be new.
`
`20
`
`If the traffic is destined for location B, then there are at least three paths from the
`
`current location (A) to location B: frame relay line 5, VPN line I, or Internet line 2. In
`
`some embodiments, the invention determines whether the three connections are in load(cid:173)
`
`balance mode or on-failure backup mode or a combination thereof. For a load-balance
`
`' 14
`
`Viptela, Inc. - Exhibit 1004
`Page 17
`
`
`
`mode, the controller 602 chooses the communication line based on load-balancing
`
`criteria. For backup mode, it chooses the communication line that is either the preferred
`
`line or (if the preferred line is down) the currently functional (backup) line.
`
`By contrast with the preceding, if the traffic is destined for location C, then the
`
`5
`
`controller 602 at site A sends the traffic on the frame relay line, line 5.
`
`Now let us look at the operation of the controller device 602 at location B. The
`
`device examines the IP data traffic sent to it and makes determinations like the following:
`
`I. Is the traffic destined for the Internet, as opposed to one of the three "known"
`
`locations A, B, and C? If so, send the traffic over the Internet lines (line 3 and/or line
`
`10
`
`4). Load balancing decisions can be based on the criteria described above.
`
`2.
`
`Is the traffic destined for location A? If so, then there are at least two paths to
`
`location A: the frame relay line 6, or VPN line 3. The controller 602 decides whether
`
`the two connections are in load-balance or on-failure backup mode, and chooses
`
`line(s) accordingly as discussed above.
`
`15
`
`3. Is the traffic destined for location C? If so, then send the traffic on the frame relay
`
`line, line 6.
`
`To operate as discussed herein, the invention uses information about the IP
`
`address ranges in the locations reside as input data. For instance, a packet destined for
`
`the Internet 500 is one whose destination address is not in any of the address ranges of the
`
`20
`
`know·n locations (e.g., locations A, B, and C in the example of Figure 6). In some
`
`configurations, this is the same as saying that a packet destined for the Internet is one
`
`whose address is not in the address range of any ofthe organization's locations.
`
`However, although all the known locations may belong to a single organization, that is
`
`15
`
`Viptela, Inc. - Exhibit 1004
`Page 18
`
`
`
`not a necessary condition for using the invention. Known locations may also belong to
`
`multiple organizations or individuals. Likewise, other locations belonging to the
`
`organization may be unknown for purposes of a given embodiment of the invention.
`
`Address ranges can be specified and tested by the controller 602 using subnet
`
`5 masks. The subnet masks may be of different lengths (contain a different number of one
`
`bits) in different embodiments and/o
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
