`Monachello et al.
`
`I lllll llllllll Ill lllll lllll lllll lllll lllll 111111111111111111111111111111111
`
`US006748439Bl
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 6,748,439 Bl
`Jun.8,2004
`
`(54) SYSTEM AND METHOD FOR SELECTING
`INTERNET SERVICE PROVIDERS FROM A
`WORKSTATION THAT IS CONNECTED TO
`A LOCAL AREA NETWORK
`
`(75)
`
`Inventors: David R. Monachello, Westlake
`Village, CA (US); Mark de Lange,
`West Hills, CA (US); Sean Finlay,
`West Hills, CA (US)
`
`(73) Assignee: Accelerated Networks, Moorpark, CA
`(US)
`
`( *) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 0 days.
`
`(21) Appl. No.: 09/370,105
`
`(22) Filed:
`
`Aug. 6, 1999
`
`(51)
`Int. Cl.7 ................................................ G06F 15/16
`(52) U.S. Cl. ....................... 709/229; 709/227; 370/352;
`370/232; 340/825
`(58) Field of Search ................................. 709/227-229,
`709/203; 707/10; 705/32, 412; 725/1, 30,
`99; 713/201, 156, 155; 370/232-234, 352;
`455/432, 433; 340/810, 825; 379/230, 112.01,
`201.03
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`5,682,325 A * 10/1997 Lightfoot et al. ........... 340/825
`
`6,023,698 A * 2/2000 Lavey et al. .................. 707/10
`6,108,330 A * 8/2000 Bhatia et al.
`............... 370/352
`6,115,755 A * 9/2000 Krishan ...................... 370/351
`6,151,629 A * 11/2000 Trewitt ....................... 709/225
`6,243,379 Bl * 6/2001 Veerina et al. .............. 370/389
`6,243,451 Bl * 6/2001 Shah et al.
`................. 370/352
`6,351,453 Bl * 2/2002 Nolting et al. .............. 370/232
`6,385,651 B2 * 5/2002 Danes et al. ................ 709/227
`2002/0002615 Al * 1/2002 Bhagavath et al.
`......... 709/227
`
`* cited by examiner
`
`Primary Examiner-Wen-Tai Lin
`(74) Attorney, Agent, or Firm-Blakely, Sokoloff, Taylor &
`Zafman LLP
`
`(57)
`
`ABSTRACT
`
`A method for dynamically selecting a network service
`provider is disclosed. The method allows a user to select a
`default route for an internet connection in a network con(cid:173)
`figuration having a local area network workstations coupled
`to the network, customer premises equipment and a central
`office. Multiple network service providers may be selected
`for an individual workstation. The method may include
`simultaneously connecting the workstation to the network
`service providers.
`
`20 Claims, 6 Drawing Sheets
`
`Ethernet
`
`L.10
`
`I
`.
`I
`1 Subscriber
`1 Port 1
`VC 1
`I
`I
`
`1
`CPE 1
`Bridge Mode 1
`with NAT
`Subscriber ,
`Port1
`'
`VC2&3
`\
`
`\
`
`\
`
`Workstation WS1
`X.20
`
`Workstation WS2
`L.2
`
`Workstation WS3
`L.1
`
`1
`CPE 2
`Bridge Mode:
`with NAT 1
`1 Subscriber
`1 Port 2
`I VC 2 &3
`I
`I
`I
`I
`I
`I
`
`Customer
`Premises
`
`Central
`Office
`
`Ethernet
`
`9.1
`
`HQ-IPX
`
`a
`
`Mainframe
`Z.2
`
`Network
`Service
`Provider
`
`Cisco Systems, Inc.
`Exhibit 1007
`Page 1 of 17
`
`
`
`lo-"
`~
`\0
`~
`
`~
`.i;;..
`""-l
`-..a-..
`rJ'J.
`e
`
`O'I
`
`"'"" 0 .....,
`~ .....
`'Jl =(cid:173)~
`
`N c c
`~ = ?
`
`~CIO
`
`.i;;..
`
`~ = ......
`~ ......
`~
`•
`\JJ.
`d •
`
`FIG. 1
`
`Provider
`Service
`Network
`
`Office
`Central
`
`Premises
`Customer
`
`Mainframe
`
`Z.2
`
`Ethernet
`
`HQ z.
`
`ISP2
`
`Y.
`
`x.
`ISP 1
`
`-
`
`.:!.
`
`PVC 1
`
`Bridge Mode
`
`CPE 2
`
`10
`
`Ethernet
`
`PVC2
`-----t" ·-
`
`-----
`
`Subscriber
`
`vc 2
`Port 1
`
`Bridge Mode
`
`$ 3
`
`40
`
`----4-L-----
`VC 1
`11 I Port 1
`1 Subscriber
`I
`
`D:Cl:CCCD "'------
`
`CPE 1
`I a
`.---L---. I
`
`Workstation WS3
`
`Z.3
`
`~
`
`21---JO
`
`Workstation WS2
`
`Y.2
`
`~
`
`22-..JO
`
`Workstation WS1
`
`X.2
`
`23
`
`Cisco Systems, Inc.
`Exhibit 1007
`Page 2 of 17
`
`
`
`U.S. Patent
`
`Jun.8,2004
`
`Sheet 2 of 6
`
`US 6,748,439 Bl
`
`Display a List of NSPs Using a ~ 210/211
`Web Browser
`
`, f
`
`Select One or More NSPs
`
`r..._ 212
`
`, ,
`
`CPE receives the Selection ~ 213
`
`, ,
`
`CPE Maintains the Selection
`
`FIG. 2
`
`Cisco Systems, Inc.
`Exhibit 1007
`Page 3 of 17
`
`
`
`lo-"
`~
`\0
`~
`
`~
`.i;;..
`""-l
`-..a-..
`rJ'J.
`e
`
`O'I
`0 .....,
`~
`
`~ .....
`=-(cid:173)~
`'Jl
`
`N c c
`~ = ?
`
`~CIO
`
`.i;;..
`
`~ = ......
`~ ......
`~
`•
`\JJ.
`d •
`
`9.1
`
`8.2
`
`Mainframe
`
`Z.2
`
`Provider
`Service
`Network
`
`FIG. 3
`
`Office
`Central
`
`Premises
`Customer
`
`Novell Server
`OllllDbl
`llMH~I
`
`Ii
`
`Ethernet
`
`HQ-IPX
`
`z.
`HQ-IP
`
`I
`
`---
`
`vc 2 &3
`Port 2
`Subscriber
`
`,,
`,,
`,,
`,,
`fi
`\
`
`\
`
`\
`
`1
`\
`'
`,
`
`vc 2 & 3
`Port 1
`Subscriber
`
`Bridge Mode
`
`with NAT
`
`CPE 2
`
`Workstation WS3
`
`L.1
`
`a::cx:a:J:D
`
`D
`
`10
`
`Ethernet
`
`D
`
`......
`I
`I
`1 Port 1 .---.....
`: Subscriber
`I
`
`VC 1
`
`Bridge Mode
`
`with NAT
`
`CPE 1
`
`a::cx:a:J:D
`
`D
`
`L.10
`
`Ethernet
`
`Workstation WS2
`
`L.2
`
`D
`
`Workstation WS1
`
`X.20
`
`Cisco Systems, Inc.
`Exhibit 1007
`Page 4 of 17
`
`
`
`U.S. Patent
`
`Jun.8,2004
`
`Sheet 4 of 6
`
`US 6,748,439 Bl
`
`Program
`
`~ ~ 430
`
`Memory
`
`-
`
`420
`
`CPU
`
`-
`
`-
`
`-
`
`440
`
`410
`-
`
`FIG. 4
`
`Cisco Systems, Inc.
`Exhibit 1007
`Page 5 of 17
`
`
`
`U.S. Patent
`
`Jun.8,2004
`
`Sheet 5 of 6
`
`US 6,748,439 Bl
`
`Subscriber
`Table
`
`Connection
`Usage
`Table
`
`Connection
`Statistics
`
`Dynamic
`Connection
`Profile
`
`Service
`Table
`
`Management
`Reachability
`Profile
`
`Traffic
`Management
`Profile
`
`Service
`Reachability
`Profile
`
`Subscriber
`Connection
`Table
`
`Connections
`list
`
`FIG. 5
`
`Cisco Systems, Inc.
`Exhibit 1007
`Page 6 of 17
`
`
`
`lo-"
`~
`\0
`~
`
`~
`.i;;..
`""-l
`-..a-..
`rJ'J.
`e
`
`O'I
`0 .....,
`O'I
`~ .....
`'Jl =(cid:173)~
`
`.i;;..
`
`N c c
`
`~CIO
`?
`~
`
`~ = ......
`~ ......
`~
`•
`\JJ.
`d •
`
`FIG. 6
`
`7
`
`Handler
`Protocol
`CO/CPE
`
`Connection Manager
`
`CPE Comms
`
`I Callback
`A
`
`I Resp Pipe
`•
`
`•
`Req Pipe
`
`Resp Pipe
`...
`
`i
`API Calls
`
`API Calls
`
`•
`
`SSA
`
`• Resp Pipe
`
`I
`
`SNMP
`
`oss
`
`API Calls ..
`
`Connections
`Services
`Subscribers
`~
`
`Cisco Systems, Inc.
`Exhibit 1007
`Page 7 of 17
`
`
`
`US 6,748,439 Bl
`
`1
`SYSTEM AND METHOD FOR SELECTING
`INTERNET SERVICE PROVIDERS FROM A
`WORKSTATION THAT IS CONNECTED TO
`A LOCAL AREA NETWORK
`
`BACKGROUND OF THE INVENTION
`
`2
`FIG. 3 is a block diagram of one embodiment of a system
`in which one workstation selects several network service
`providers.
`FIG. 4 illustrates a general purpose computer executing a
`5 software program stored in a memory.
`FIG. 5 illustrates an exemplary SSA data structure.
`FIG. 6 illustrates interactions between various modules in
`a connection establishment phase.
`
`DETAILED DESCRIPTION
`The dynamic service selection (DSS) described herein
`allows the user or group to select and use one or more
`Network Service Providers (NSPs). In the following
`description, numerous details are set forth. It will be
`15 apparent, however, to one skilled in the art, that the present
`invention may be practiced without these specific details. In
`other instances, well-known structures and devices are
`shown in block diagram form, rather than in detail, in order
`to avoid obscuring the present invention.
`Some portions of the detailed descriptions that follow are
`presented in terms of algorithms and symbolic representa(cid:173)
`tions of operations on data bits within a computer memory.
`These algorithmic descriptions and representations are the
`25 means used by those skilled in the data processing arts to
`most effectively convey the substance of their work to others
`skilled in the art. An algorithm is here, and generally,
`conceived to be a self-consistent sequence of steps leading
`to a desired result. The steps are those requiring physical
`30 manipulations of physical quantities. Usually, though not
`necessarily, these quantities take the form of electrical or
`magnetic signals capable of being stored, transferred,
`combined, compared, and otherwise manipulated. It has
`proven convenient at times, principally for reasons of com-
`35 mon usage, to refer to these signals as bits, values, elements,
`symbols, characters, terms, numbers, or the like.
`It should be borne in mind, however, that all of these and
`similar terms are to be associated with the appropriate
`physical quantities and are merely convenient labels applied
`40 to these quantities. Unless specifically stated otherwise as
`apparent from the following discussion, it is appreciated that
`throughout the description, discussions utilizing terms such
`as "processing" or "computing" or "calculating" or "deter(cid:173)
`mining" or "displaying" or the like, refer to the action and
`45 processes of a computer system, or similar electronic com(cid:173)
`puting device, that manipulates and transforms data repre(cid:173)
`sented as physical (electronic) quantities within the com(cid:173)
`puter system's registers and memories into other data
`similarly represented as physical quantities within the com-
`50 puter system memories or registers or other such informa(cid:173)
`tion storage, transmission or display devices.
`The present invention also relates to apparatus for per(cid:173)
`forming the operations herein. This apparatus may be spe(cid:173)
`cially constructed for the required purposes, or it may
`55 comprise a general purpose computer selectively activated
`or reconfigured by a computer program stored in the com(cid:173)
`puter. Such a computer program may be stored in a computer
`readable storage medium, such as, but is not limited to, any
`type of disk including floppy disks, optical disks,
`60 CD-ROMs, and magnetic-optical disks, read-only memories
`(ROMs), random access memories (RAMs), EPROMs,
`EEPROMs, magnetic or optical cards, or any type of media
`suitable for storing electronic instructions, and each coupled
`to a computer system bus.
`The algorithms and displays presented herein are not
`inherently related to any particular computer or other appa(cid:173)
`ratus. Various general purpose systems may be used with
`
`20
`
`1. Field of the Invention
`The invention relates generally to establishing a connec- 10
`tion to a network service provider, and specifically to
`dynamically selecting a service.
`2. Discussion of Related Art
`In networking today, routers are used to route information
`throughout a network. These routers often use a router table
`which provides specific instructions as to what path to take
`to arrive at certain locations. The router tables often specify
`a default route that is used when another route is not
`specified. That is, when a message being transferred has an
`Internet Protocol (IP) address, the router takes the destina(cid:173)
`tion address from the header of the IP address and attempts
`to match the address to one stored in the router table. If a
`match exists, then the entry in the table having the matching
`address specifies the path to take for that message. If a match
`doesn't exist, then the default route is taken. The default
`route is usually the one taken when accessing an internet
`service provider or the internet at large.
`Today, individual access to a high-speed backbone may
`occur using a Multi-Service Access Platform (MSAP). The
`MSAP enables service providers to offer services over a
`single access facility. Customers, using customer premises
`equipment (CPE), gain access to the MSAP, which is usually
`located at a central office.
`If an individual wants to access the internet through a
`workstation (or other computer systems), which is a part of
`a local area network, the person must establish a connection
`with an internet service provider through the CPE and the
`MSAP. However, in a local area network, the service pro(cid:173)
`vider is the same for all users. An individual user cannot
`select a specific provider other than the previously desig(cid:173)
`nated provider for the local area network. Individual users
`may desire to select a specific provider for one or more of
`a variety of reasons, such as cost, speed, reliability and/or
`security. Thus, there is a need for allowing a user to be able
`to select an internet service provider or any network service
`provider.
`
`SUMMARY OF THE INVENTION
`
`A method for dynamically selecting a network service
`provider (NSP) is described. In one embodiment, the method
`includes presenting a list of at least one NSP and dynami(cid:173)
`cally selecting a network service provider from the list.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`The present invention will be understood more fully from
`the detailed description given below and from the accom(cid:173)
`panying drawings of various embodiments of the invention,
`which, however, should not be taken to limit the invention
`to the specific embodiments, but are for explanation and
`understanding only.
`FIG. 1 is a block diagram of one embodiment of a system
`in which a workstation or other computer system may select
`a network service provider.
`FIG. 2 is a flow diagram of one embodiment of a process
`for selecting a network service provider.
`
`65
`
`Cisco Systems, Inc.
`Exhibit 1007
`Page 8 of 17
`
`
`
`US 6,748,439 Bl
`
`3
`programs in accordance with the teachings herein, or it may
`prove convenient to construct more specialized apparatus to
`perform the required method steps. The required structure
`for a variety of these systems will appear from the descrip(cid:173)
`tion below. In addition, the present invention is not
`described with reference to any particular programming
`language. It will be appreciated that a variety of program(cid:173)
`ming languages may be used to implement the teachings of
`the invention as described herein.
`
`10
`
`Overview
`Dynamic service selection allows a user or group to select
`one or more network service providers (NSPs). In one
`embodiment, dynamic service selection comprises indi(cid:173)
`vidual service selection or group service selection. Indi-
`vidual service selection allows each workstation user to
`select one or more NSPs, while group service selection
`designates one or more NSPs for all users in the group (e.g.,
`all users of a customer premises equipment (CPE)). In one
`embodiment, dynamic service selection is advantageous in
`that the selection takes effect without requiring a reboot of
`the user workstation or the other network equipment. An
`NSP for purposes herein may be, for example, an Internet
`Service Provider (ISP), a company headquarters, or a con(cid:173)
`tent provider such as, for example, America Online or
`CompuServe.
`FIG. 1 is a block diagram of a system in which dynamic
`service selection occurs. Referring to FIG. 1, customer
`premises equipment (CPE) 10 and 11 are coupled to one or
`more workstations 21-23 via networks. In one embodiment,
`these networks comprise Ethernet networks. Each of the
`workstations 21-23 may comprise a computer system or
`other processing device that may communicate with a CPE
`and an NSP through a local area network (LAN) to which the
`workstation is coupled. A user can gain access to one of 35
`NSPs 30-32 through one of workstations 23 and 22 coupled
`to the CPE 11 or workstation 21 coupled to CPE 10. The
`type of connection to the NSP depends on the configuration
`of the CPE.
`CPEs 10 and 11 are configured by the central office (CO)
`40, which maintains all the configuration information. The
`CO 40 maintains the NSP selection. Thus, CPEs 10 and 11
`do not have to be configured with the NSP selection.
`Alternatively, multiple services may be available, and the
`CPEs 10 and 11 are able to select one NSP for all worksta(cid:173)
`tions in the case of group service selection or one NSP per
`workstation in the case of individual service selection. In
`one embodiment, the CPEs 10 and/or 11 may also allow
`selection of multiple NSPs per workstation.
`The connection between a workstation and an internet 50
`service provider occurs through a CPE, which acts as a
`router. A multi-service access platform (MSAP) 40 may be
`located in the phone company central office.
`In one embodiment, a web-based application may provide
`a graphical user interface (GUI), such as, for example, a web
`browser, for the user perform the service selection. The web
`browser may be part of a Java application which, when
`executed, displays a list of NSPs that the user is authorized
`to use. Using the web browser, the user selects an NSP. For
`example, if a particular end user decides he or she wants to
`get to the internet through America Online and another
`decides to do it through PSI Net, the individual end users
`may select the NSPs and essentially configure the system. In
`one embodiment, users may bring up an a Java application
`in a web browser.
`In an alternative embodiment, the user selects more than
`one NSP or selects the NSP on an application by application
`
`15
`
`4
`basis. For Internet Protocol (IP), the application (network)
`layer examined to determine where to route information. In
`this manner, email may be transferred through one NSP,
`while Telnet is routed through another NSP. In one
`5 embodiment, the TCP or UDP header at the network layer is
`examined to determine to which NSP the particular traffic is
`to be routed. In an alternative embodiment, the user may
`discriminate between NSPs on a protocol by protocol basis
`(e.g., IP vs. IPX, IPX vs. Appletalk, etc.).
`In response to the user's selection, the CPE obtains the list
`of services for that individual client is authorized to use. The
`list may be maintained by a directory service that is part of
`a central office (e.g., Multiple Service Access Platform
`(MSAP)). In one embodiment, the MSAP maintains a work(cid:173)
`station ID that may be used to request the list of authorized
`NSPs maintained by the central office. In one embodiment,
`the workstation ID comprises the workstation MAC address.
`When selecting an NSP, the user makes the selection through
`an application and the CPE passes the information to the
`20 central office, which maintains a database of NSPs.
`Once the list of NSPs has been obtained, the CPE presents
`the list to the user. The user makes a selection and the CPE
`obtains the user's choice. The CPE and CO make provi(cid:173)
`sioning changes based on the selection. In one embodiment,
`25 when a selection occurs, a network connection is established
`from the CPE to the CO and from the CO to the NSP.
`Second, remote authentication occurs with the NSP to
`determine whether the user is allowed to use that service
`(e.g., determines whether the user is valid). Third, the global
`address parameters are acquired from the NSP or locally
`configured on the MSAP to be given to the CPE. This
`information is used for network address translation (NA1).
`In one embodiment, the CPE and CO performs all or some
`of these functions by executing software.
`After the user selects one or more NSPs, the CPE main(cid:173)
`tains a table for the particular end user (or work station). One
`effect of the selection is a change in the default route for the
`user. For example, if the user of work station 21 selects
`America Online, then the default route for work station 21
`is America Online. Similarly, if the user at work station 22
`selected the route to headquarters, the default route for
`workstation 22 is headquarters. In one embodiment, the
`connection to headquarters may only be a more exact route
`to arrive at a more specific location (as opposed to the
`primary route to the NSP).
`Thus, the DSS described herein is advantageous over
`standard routers in that it allows the user to decide which
`path will be used to arrive at a particular destination.
`FIG. 2 illustrates one embodiment of a process for select-
`ing a service dynamically. Referring to FIG. 2, initially a
`user displays a web browser (processing block 210). Then,
`a list of NSPs for which the end user has authorization to use
`is displayed (processing block 211). The user selects one or
`55 more NSPs from the list (processing block 212). The CPE
`receives the end users selection (processing block 213) and
`maintains the selection for the end user (processing block
`214).
`When using DSS, network address translation is used
`60 when a network's internal IP addresses cannot be used
`outside the network, either for privacy reasons or because
`they are invalid for use outside the network. In one
`embodiment, when using DSS, NAT mode or NAPT mode
`is used. NAT mode is a local to global address translation in
`65 which there is a one-to-one mapping between local
`addresses used on the LAN and global addresses used
`beyond the CPE. NAT is used to eliminate routing problems
`
`30
`
`40
`
`45
`
`Cisco Systems, Inc.
`Exhibit 1007
`Page 9 of 17
`
`
`
`US 6,748,439 Bl
`
`5
`that can arise when switching NSPs and allows local work(cid:173)
`stations to efficiently communicate amongst themselves on
`their local LAN while also allowing them to communicate
`beyond the CPE through their selected NSP. NAPT, on the
`other hand, allows multiple local addresses used on the LAN 5
`to be mapped to a single global address used beyond the
`CPE. The locally unique IP address is only used to commu(cid:173)
`nicate between the user workstation and the CPE or CO box,
`whichever hosts the DSS mechanism.
`In one embodiment, DHCP is used on the CO box to 10
`obtain an IP address. Each workstation can have a statically
`assigned locally significant IP address that may be used
`when the web application is run. After the service selection
`has been made, then a globally significant IP address is
`requested by a DHCP client on the CO if needed. When a
`connection occurs, the CO gives the CPE the address. The 15
`globally significant IP address may not be needed if the user
`has selected a bridged/private virtual LAN (VLAN) type of
`service. If a globally significant IP is required then the CPE
`tracks it in an locally significant to globally significant IP
`address map.
`In an alternative embodiment, a DHCP server/proxy/relay
`on the CPE or CO box is used to obtain and distribute an IP
`address. The workstations are configured to use DHCP to
`acquire their IP address. When the workstation is booted, it
`sends a DHCP request for an address. The DHCP server
`running on the CPE will assign the workstation a temporary
`address. The user can now run the web based service
`selection application. When the user has made the service
`
`6
`circuit connections 52 and 53 with central office 40, while
`CPE 10 forms virtual circuit connection 51 with central
`office 40. Thus, the link between the CPE and the CO is
`capable of multiple virtual circuits connections and each
`workstation has its own CPE to CO virtual circuit connec(cid:173)
`tion. Note the workstation ID can be discerned by the CPE
`from the protocol headers of the packets used to carry the
`configuration requests, which will be transparent to the end
`user.
`Note that in one embodiment, when there are multiple
`workstations using the same CPE, if they select the same
`service, they are multiplexed onto the same virtual connec(cid:173)
`tion.
`Once a default route has been selected, the CPE maintains
`a list of the end user's default NSP. The list is maintained in
`the CPE with an end station identifier (e.g., a MAC address,
`layer 2 address, layer 3 address, etc.). When the CPE
`receives a communication from a workstation, the CPE
`examines the end station identifier and determines if the end
`user's default NSP has been selected. If so, then the CPE
`retrieves stored information indicating how the virtual cir-
`cuit connection is to be set up for that workstation. In one
`embodiment, there are three distinct ways in which the
`virtual circuit connection is determined, which are according
`25 to a specific non-default IP route, a protocol type, or a
`default.
`The following tables describe the information kept in the
`CPEs for the network such as in FIG. 3 (described below).
`
`20
`
`workstation
`
`internal
`address
`
`subscriber
`vc
`
`wsl
`
`ws2
`
`ws2
`
`L.3
`
`L.2
`
`L.2
`
`1
`
`3
`
`2
`
`service
`
`IS Pl
`
`HQ-IP
`
`ISP2
`
`entry
`type
`
`table
`pointer
`
`IP route
`destination
`
`IP route -- 0
`
`IP route
`
`IP route
`
`Z.O
`
`0
`
`next
`hop
`
`X.10
`
`Z.10
`
`Y.10
`
`external
`address
`
`X.2
`
`Z.1
`
`Y.1
`
`CPE 1 master table
`
`CPE 1 IP table
`
`workstation
`
`internal
`address
`
`subscriber
`vc
`
`ws3
`
`ws3
`
`ws3
`
`L.1
`
`L.1
`
`L.1
`
`2
`
`1
`
`3
`
`service
`
`HQ-IP
`
`ISP2
`
`HQ-IPX
`
`CPE 2 master table
`
`entry
`type
`
`table
`pointer
`
`IP route
`destination
`
`IP route -- Z.O
`IP route -- 0
`
`protocol
`type
`
`next
`hop
`
`Z.10
`
`Y.10
`
`external
`address
`
`Z.2
`
`Y.2
`
`CPE 2 IP table
`
`protocol
`type
`
`Ox8137
`
`CPE 2 protocol
`table
`
`selection, the CPE forces the workstation to change its IP
`addresses from the temporary IP address to a globally
`significant IP address assigned by the selected NSP. Note
`that this removes the need for NAT.
`The capability of service selection per workstation is
`mapped onto multiple virtual circuit connections between
`the CPE and CO. That is, if each workstation selects a
`service, then the CPE associates each workstation with the
`selected virtual circuit connection to the central office 40.
`For example, referring back to FIG. 1, CPE 11 forms virtual
`
`Packets are processed and forwarded based on the infor(cid:173)
`mation in the master forwarding table and its associated
`60 protocol specific tables. A series of comparisons between the
`packet content and the table content will be made to find the
`best match. When the best match is attained, the virtual
`circuit (VC) that will carry the packet is determined and the
`packet will be forwarded on this VC.
`
`65
`
`The master table is the first table accessed when process(cid:173)
`ing an incoming packet. The master table is similar to a
`
`Cisco Systems, Inc.
`Exhibit 1007
`Page 10 of 17
`
`
`
`US 6,748,439 Bl
`
`7
`bridge table since it is indexed by the workstation identifier.
`It is different from a bridge table in the following ways:
`the source workstation identifier is used in the lookup
`multiple entries for the same workstation exist in the table
`the entries are not learned. They are inserted into the table 5
`from the service selection application
`the table entries may point to further more specific
`protocol entries
`Some fields in this table (some other fields are shown for
`descriptive purposes only) are the workstation ID, sub- 10
`scriber VC, entry type and table pointer.
`The workstation ID is the primary key in the master table
`and is used to identify the list of entries that may be used to
`forward the packet. The order of the entries in the table is
`significant for entries with the same workstation ID. In one 15
`embodiment, the entries will be processed in the order that
`they appear in the table (e.g., early entries have higher
`priority) and the first entry which is a complete match will
`be chosen.
`The subscriber VC is the virtual circuit between the CPE
`and CO which will be used to carry the traffic classified by
`this table entry. The entry type describes the table entry type
`that the table pointer points at and the code which should be
`used to process the entry.
`The IP table contains information used to direct IP and
`ARP packets to their proper VC. This is essentially a IP route
`table that is specific to an end user. The IP table includes
`fields for the IP route destination, next hop, and external
`address, which are as follows:
`IP route destination-this field is used to direct IP packets
`to their proper VC. The destination IP address in the
`packet is compared to this field after the subnet mask is
`applied;
`next hop-this field is used to direct ARP requests to their
`proper VC. The workstation sends an ARP request for 35
`the next hop. This may be either the final destination if
`in the same subnet, or the router the workstation is
`using to reach the destination; and
`external address-this field is used if NAT is required by
`the subscriber to communicate with the specified ser- 40
`vice.
`The protocol type table is used to handle protocol type
`entries and allows traffic of a specific protocol to be directed
`to a specified VC. In one embodiment, there is only one field
`in the protocol type table-the protocol type.
`In one embodiment, the CPE makes bridging and IP
`routing decisions and the CO only switches the traffic to the
`NSP. The NSP equipment may bridge or route the traffic.
`In another embodiment, multiple simultaneous sessions.
`FIG. 3 illustrates multiple sessions occurring. In this
`manner, a user can actually choose to have some of his or her
`traffic go in one direction and some of this traffic to go in
`other directions. For example, suppose a user decides to
`have his or her email sent through a connection with a
`service provider that is inexpensive but slow. The user wants
`his or her email to go through this provider because the
`provider is really cheap. However, for a video conference,
`the service connection may be very expensive, so the user
`will access this service only on occasion. In one
`embodiment, the user can, on a per application basis, deter- 60
`mine the route different types of traffic. The user can select
`that his or her general traffic will go through a slow link,
`while determining that video conference traffic uses an
`expensive path with very good performance. Thus, DSS
`described herein may be used, not only per work station, but 65
`even on a per application basis, to allow a user to decide
`where the particular traffic path is for specific types of traffic.
`
`50
`
`8
`FIG. 3 shows an embodiment where each workstation can
`have multiple simultaneous services. In one embodiment,
`the traffic is handled via a combination of layer 2 and 3
`processing. The CO will do standard layer 2 switching. The
`NSP equipment may bridge or route the traffic.
`There are two modes in which dynamic address assign(cid:173)
`ment will work with this mode of service selection. When
`local/private IP addresses are used on the workstations, a
`DHCP server of the NSP assigns the dynamic IP address to
`the DHCP client on the CPE device. The local/private IP
`addresses may be either be static or handed out by a local
`DHCP server. When global IP addresses are used with
`DHCP, then the CPE and CO acts as relay agents to relay the
`real global address from the NSP to the workstation. If it is
`necessary for the workstation to communicate via IP before
`it gets a global address, such as when it runs the service
`selection mechanism, then the CPE gives the workstation a
`local/temporary IP address.
`In one embodiment, the CPE uses NAT to translate the
`20 local/private IP addresses used in the CPE into global IP
`addresses. Referring to FIG. 3, workstation WSl is using a
`single service with a global IP address assigned to it,
`workstation WS2 has two services, and workstation WS3
`has three services. Workstations WS2 and WS3 are using
`25 local/private IP addresses. The CPE knows when to translate
`the addresses and which global IP address to use based on
`information from the central office. When user selects a
`service, all the connection information that is configured in
`the central office corresponding to that user utilizing that
`30 service is sent down from the central office to the CPE and
`forms a record that is used at runtime. The information may
`include, for example, the type of address translation, types
`of operation modes. In one embodiment, the connection is
`facilitated by subscriber and service applications described
`in greater detail below. Note that the term subscriber has
`been used to refer to a user in the context of the present
`invention.
`
`Subscriber and Service Applications
`
`Subscriber and Service Applications (SSAs) allow users
`to provision and configure both subscribers and services.
`This facilitates dynamic service selection because the SSA
`stores a list of services one can select and the subscriber
`profiles. Specifically, in one embodiment, a process for
`45 selecting a service comprises defining a subscriber, defining
`a service, and creating a connect that unites the two together.
`The following description discloses one embodiment of a
`technique for associating the users and services. In this
`manner, a connection may be provided from multiple sub(cid:173)
`scribers to multiple services over any given media.
`Services are typically connected to the uplink interfaces
`(e.g., A1M, Frame relay, Ethernet, etc.) on a CO. Users of a
`workstations, or subscribers, are connected to the LAN side
`55 of a CPE, while the uplink side of the CPE is connected to
`a line card interface (e.g., xDSL, etc.) on a CPE or a CO.
`In one embodiment, there are two subscriber service
`applications: an internal application and an external appli(cid:173)
`cation. The internal application, SSA resides within the CPE
`or CO. The external application(s) is any external
`application, PC based, H1ML or JAVA, which is used to
`provision, manage and connect a subscriber or service
`profile.Aset of CLI commands is also supported to allow the
`user to configure the service and subscriber information
`directly into