US20020023170A1 - Use of active topology protocols, including the spanning tree, for resilient redundant connection of an edge device - Google Patents

Use of active topology protocols, including the spanning tree, for resilient redundant connection of an edge device Download PDF

Info

Publication number
US20020023170A1
US20020023170A1 US09/796,842 US79684201A US2002023170A1 US 20020023170 A1 US20020023170 A1 US 20020023170A1 US 79684201 A US79684201 A US 79684201A US 2002023170 A1 US2002023170 A1 US 2002023170A1
Authority
US
United States
Prior art keywords
network
spanning tree
port
protocol
switches
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US09/796,842
Inventor
Michael Seaman
Vipin Jain
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qwest Communications International Inc
Original Assignee
TELSEON IP SERVICES Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by TELSEON IP SERVICES Inc filed Critical TELSEON IP SERVICES Inc
Priority to US09/796,842 priority Critical patent/US20020023170A1/en
Assigned to TELSEON IP SERVICES, INC. reassignment TELSEON IP SERVICES, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: JAIN, VIPIN, SEAMAN, MICHAEL J.
Publication of US20020023170A1 publication Critical patent/US20020023170A1/en
Assigned to ONFIBER COMMUNICATIONS, INC. reassignment ONFIBER COMMUNICATIONS, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: TELSEON IP SERVICES INC.
Assigned to COMERICA BANK reassignment COMERICA BANK SECURITY AGREEMENT Assignors: INFO-TECH COMMUNICATIONS, ONFIBER CARRIER SERVICES - VIRGINIA, INC., ONFIBER CARRIER SERVICES, INC., ONFIBER COMMUNICATIONS, INC.
Assigned to INFO-TECH COMMUNICATIONS, ONFIBER COMMUNICATIONS, INC., ONFIBER CARRIER SERVICES, INC., ONFIBER CARRIER SERVICES-VIRGINIA, INC. reassignment INFO-TECH COMMUNICATIONS RELEASE BY SECURED PARTY (SEE DOCUMENT FOR DETAILS). Assignors: COMERICA BANK
Assigned to QWEST COMMUNICATIONS INTERNATIONAL INC. reassignment QWEST COMMUNICATIONS INTERNATIONAL INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: ONFIBER COMMUNICATIONS, INC.
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • G06Q30/0601Electronic shopping [e-shopping]

Definitions

  • the present invention relates to configuration of edge devices for networks, including broadband communication networks, and more particularly to configuration of networks managed according to an active topology protocol, including the spanning tree protocol.
  • an active topology protocol such as the Spanning Tree Protocol IEEE802.1D.
  • connections between packet switches are sometimes made by point to point links, using for example fiber optic cable, in a ‘redundant, dual-homed, tree like’ topology to facilitate rapid reconfiguration with the minimum loss of service.
  • the revised spanning tree protocol under standardization in IEEE 802.1w is a suitable protocol for establishing the failover rules in the network.
  • the recently completed link aggregation standard, IEEE Std. 802.3ad is another—providing for resiliency of parallel links.
  • the IEEE 802.1 spanning tree provides for redundant connections within a network, where data transmitted from one attachment to the network to another is constrained to follow a loop free path. It reduces the physical topology of the network to an active topology that is both loop free (‘tree’) and fully connected (‘spanning’).
  • Redundant connection of the edge devices to the active topology network creates a possibility of a loop forming through the edge device to maintain the spanning tree.
  • edge devices coupled to the spanning tree network have not participated in the tree, so that they do not become transit nodes for traffic of the network.
  • the selection of one link or another for connection to the interior of a network has been performed by a simple physical layer redundancy scheme that interrogates the health of the links from an edge switch to the network.
  • One link is configured as a primary, or active, link and the secondary link is activated only if the primary fails a simple connectivity test to the remainder of the network, e.g. loss of the transmitted light signal.
  • This invention comprises a method for configuring a network, and a network configured according to such method, providing resilient, redundant connection to an edge device.
  • the system improves on the prior art arrangements, while not allowing the edge device to participate in the active topology of the network managed for example according to a spanning tree protocol, by choosing the active link from the edge device to the network on the basis of the active topology information received by the device, but not allowing it to forward or generate active topology information.
  • This arrangement protects against a failure in the network that causes the switch connected to by the edge device to be separated from the main body of the network, by allowing the edge device to use the active topology information propagated in the network to select a link to the network based upon changes that occur remote from the switch to which it has immediate connection.
  • the method manages the redundant connections of an edge device between a first network and a second network, where the second network is managed according to a spanning tree protocol in which spanning tree configuration messages propagate among switches in the second network.
  • the redundant connections are made via a plurality of ports on the edge device coupled to the second network.
  • monitoring spanning tree configuration messages at least one port of the plurality of ports on the edge device coupled to the second network
  • the active port is selected in a preferred embodiment by selecting a port having a least cost path to a root of the second network according to the spanning tree protocol.
  • the edge device does not propagate, nor generate spanning tree configuration messages.
  • a communication system is provided using technology that has been developed within the communications, enterprise data networking, electronic commerce, and carrier service provider industries.
  • the system is configured to provide service in new ways, supporting secure point-to-multipoint channels, and other connectivity options in a manner particularly complementary to a provisioning process and system described in the above referenced application entitled E-COMMERCE SYSTEM FACILITATING SERVICE NETWORKS INCLUDING BROADBAND COMMUNICATION SERVICE NETWORKS.
  • the network architecture in a preferred embodiment organizes switches into demarcation devices, access switches and interior switches.
  • Demarcation devices also referred to herein as service interface units
  • Each demarcation device supports one or more of service interfaces, identifiable by unique addresses such as Ethernet MAC addresses, by which a customer network is connected to the active topology network, and one or more ‘drops’ that connect to access ports on access switches.
  • Access switches are located on premises physically secured, linked by a communication media of choice, including for example fiber optic cable, to a collocation site in the metropolitan area network.
  • the access switches In addition to access ports coupled to the demarcation devices, the access switches have interior network ports that connect to interior switches at the collocation sites within the network.
  • Interior switches form the heart of the network, typically in collocation sites of the metropolitan area network, having ports coupled to the interior ports of the access switches.
  • the identity of the connected device on a service interface is ascertained by observing packets transmitted by the device at the service interface of the demarcation device.
  • Each packet contains a source address, such as a source MAC address.
  • the MAC address is captured by the service interface and a notification sent to the system managing the network using normal network management protocols.
  • the management system assures itself that the MAC address is unique. Filters are configured on access ports of the access switches to ensure that only packets with source addresses checked in this way are accepted from the attached demarcation device. Similarly only packets from source addresses that are permitted to transmit to the demarcation device are allowed to egress from the access port to the demarcation device.
  • Interior switches do not filter or otherwise constrain connections on the basis of the identities of devices attached to either the transmitting or receiving service interfaces. This allows the active topology maintained by interior switches to scale independently of the number of active connections through the network, and to reconfigure rapidly since information concerning individual connections does not have to be communicated or changed during reconfiguration.
  • demarcation devices can provide for redundant connections to the rest of the network. Selection of one link in preference to another can be achieved by use of the spanning tree or another active topology protocol. However, only traffic that is transmitted by or destined for a given customer is allowed to reach that customer's demarcation device. It is not desirable that a demarcation device act as a transit link in the network, that would be used to ensure full connectivity from one part of the network to another, either during a reconfiguration of the network or while the active topology is stable. Rather the network should partition if there is no connectivity other than through a demarcation devices between the two halves.
  • a range of options is offered to customers to control changes to the source MAC address used on the service interfaces of demarcation devices including automatic configuration, latching of a learnt address, explicit manual configuration, and identification of attempts at intrusion into the network.
  • the system is capable of extension to allow additional security protocols to establish the identity of the connecting system. Once that identity has been established, the MAC address of the transmitting system is used, as described above, to secure connections.
  • Disconnection and reconnection of the device can be detected, even if the same MAC address is used throughout. This protects against attempts to masquerade once a device identity has been established.
  • a foundation of industry standard products and practices in the following areas is used to construct the novel networks, including for one example:
  • Gigabit (or higher) Ethernet packet switching technology to accept and deliver IP data from and to customers, providing a highly reliable service.
  • a set of rules and heuristics is provided for the use and configuration of fiber optic transmission facilities, purchased or leased in ring configurations, as a set of links comprising selected concatenated segments from a set of rings.
  • the resulting configurations have benefits in networks including:
  • a link can comprise logical segments, each consisting for example of a wavelength of light transmitted and received by WDM (wavelength division multiplexing) equipment attached to the physical fiber segment running between two locations on a ring.
  • WDM wavelength division multiplexing
  • Security arrangements for a packet switched data transmission network using LAN switches are provided.
  • the network makes use of packet data switching equipment that is typically used in private data networks. While such equipment has facilities that can be used to construct ad-hoc security arrangements, a systematic approach to security is provided by the present invention.
  • the network ensures that no data is ever delivered to a service interface other than the service interface(s) explicitly authorized by the customer whose network attached equipment transmits the data, and that no data is received on a service interface other than data from the service interface(s) explicitly authorized by the customer whose network attached equipment is receiving the data.
  • the mechanisms that the system uses to ensure such secure delivery include:
  • FIG. 1 is a diagram of a commercial communication service with an Internet based provisioning server according to the present invention.
  • FIG. 2 is a block diagram of a network managed according to an active topology protocol, and including edge devices with resilient, redundant connections to the network, according to the present invention.
  • FIG. 3 is a diagram illustrating an edge device architecture according to the present invention.
  • FIG. 4 shows a network configured according to a spanning tree protocol, with edge devices according to the present invention.
  • FIG. 5 illustrates a redundant switch access service with parallel drops.
  • FIG. 6 illustrates a parallel single tenant access service with two drops coupled to a single access switch.
  • FIG. 7 illustrates a fully redundant single tenant access service according to one aspect of the invention.
  • FIG. 8 illustrates a collocation facility access arrangement for connection to the secure MAN of the present mention.
  • FIG. 9 illustrates another example collocation facility access arrangement.
  • FIG. 10 illustrates a fiber MAN network physically laid out as a ring, and partitioned as segments of the secure MAN of the present invention.
  • FIG. 1 illustrates a communications service example, based on provisioning links among a variety of customers within a secure metropolitan area network MAN.
  • a secure MAN based upon a layer two packet switched protocol, preferably Ethernet, and in which the switches are managed by an active topology protocol such as the spanning tree protocol, is represented by cloud 60 .
  • a number of customers including Internet service provider 61 , outsourcing vendor 62 , “enterprise 1” with a North campus 63 , a West campus 24 , and a South campus 25 , and “enterprise” 2 66 and enterprise 3 67 , are coupled to the secure MAN 60 by appropriate physical and logical interfaces.
  • a provisioning server 71 is coupled to the secure MAN 60 , either using the secure MAN medium or by other communication channels to the switches and other resources in the secure MAN, and facilitates transactions among the customers of the secure MAN 60 for establishing communication channels, such as the virtual connections discussed above, and provisioning of services agreed to by the customers with the resources of the secure MAN 60 .
  • configuring and allocating of services within the secure MAN 60 to support the links among the customers is managed by the provisioning server using a management protocol such as Telnet or SNMP, under which filters and other control data structures in the switches are configured.
  • the provisioning server is available via the Internet to customers and potential customers of the secure MAN 60 , using standard technology.
  • Virtual connection services allow rich connectivity among all customer locations on the secure MAN network. Examples include:
  • a point-to-multipoint virtual connection service 76 connecting an Internet Service Provider to customers.
  • a single customer can have simultaneous intra-enterprise and extra-enterprise communications using the secure MAN, provisioned according to the present invention.
  • Edge devices (not shown) between the customer networks or devices, and the secure MAN support security processes for the MAN, and include redundant connections to switches in the network in a preferred configuration for improved reliability and efficiency.
  • FIG. 2 is a block diagram of a network configured according to the present invention to support point-to-multipoint virtual connections, among a plurality of customers of a public metropolitan area network.
  • the customers have local networks 100 , 101 , 102 , and 103 .
  • Each of the customers includes customer equipment, such as a router (not shown), having unique MAC addresses, connected by a link to a port on a service interface unit.
  • the customer 100 is connected by links 100 - 1 and 100 - 2 to the service interface unit 105 .
  • the customer 100 connected by links 100 - 3 and 100 - 4 to the service interface unit 106 .
  • the customer 101 is connected by link 101 - 1 to the service interface unit 107 .
  • the customer 102 connected by the links 102 - 1 and 102 - 2 to service interface unit 108 .
  • Customer 103 is connected by link 103 - 1 to service interface unit 109 .
  • the service interface units comprise switches at customer premises in which demarcation points for access to the metropolitan area network are established.
  • Each of the links 100 - 1 through 100 - 4 , 101 - 1 , 102 - 1 , 102 - 2 , and 103 - 1 are connected at the customer side to ports on customer devices having unique MAC addresses.
  • the demarcation points for the network can be considered ports on the service interface unit characterized by the unique MAC addresses of the attached customer equipment.
  • the service interface units 105 - 109 are connected by point-to-point links to access switches 110 , 111 , 112 in the network.
  • service interface unit 105 is coupled by links 105 - 1 and 105 - 2 to the access switch 110 .
  • Service interface unit 105 is coupled by the link 105 - 3 to the access switch 111 .
  • Service interface unit 106 is coupled by the link 106 - 1 to the access switch 110 , and by link 106 - 2 to the access switch 111 .
  • Service interface unit 107 is coupled by the link 107 - 1 to the access switch 111 , and by the link 107 - 2 to the access switch 112 .
  • Service interface unit 108 is coupled by the link 108 - 1 to the access switch 111 , and by the link 108 - 2 to the access switch 112 .
  • Service interface unit 109 is coupled by the link 109 - 1 and by the link 109 - 2 to the access switch 112 .
  • the service interface units 105 - 109 are managed so that only one of the links between the service interface units and an access switch in the network is active at anytime.
  • a modified spanning tree protocol is utilized to select the active link as described below.
  • the access switches 110 - 112 are coupled to interior switches of the metropolitan area network 115 .
  • the security arrangements for the virtual channels are deployed in the access switches 110 - 112 via source address filtering based upon the unique MAC addresses of the demarcation points at service interface units in the network.
  • the Rapid Spanning Tree Algorithm assigns one of the following Port Roles to each Bridge Port: Root Port, Designated Port, Alternate Port, or Backup Port.
  • a fifth role, Disabled Port identifies a Port as having no role within the operation of Spanning Tree.
  • Port Role assignments for ports throughout the Bridged Local Area Network are determined by: a) A unique Bridge Identifier associated with each Bridge, b) A Path Cost associated with each Bridge Port, c) A Port Identifier associated with each Bridge Port, as follows.
  • the Bridge with the best Bridge Identifier is selected as the Root Bridge.
  • the unique Bridge Identifier for each Bridge is derived, in part, from the Bridge Address (7.12.5) and, in part, from a manageable priority component (9.2.5).
  • the relative priority of Bridges is determined by the numerical comparison of the unique identifiers, with the lower numerical value indicating the better identifier.
  • Every Bridge has a Root Path Cost associated with it. For the Root Bridge this is zero. For all other Bridges it is the sum of the Path Costs for each Bridge Port receiving frames on the least cost path from the Root Bridge to that Bridge.
  • the Path Cost associated with each Port may be manageable. Additionally, 17.28.2 recommends default values for the Path Costs associated with Ports attached to LANs of specific MAC types and speeds.
  • the Bridge Port on each Bridge receiving the frames on the least cost path from the Root Bridge is assigned the role of Root Port for that Bridge (the Root Bridge does not have a Root Port). If a Bridge has two or more ports with the same least Path Cost sum from the Root, then the port with the best Port Identifier is selected as the Root Port. Part of the Port Identifier is fixed and is different for each Port on a Bridge, and part is a manageable priority component (9.2.7). The relative priority of Ports is determined by the numerical comparison of the unique identifiers, with the lower numerical value indicating the better identifier.
  • Each LAN in the Bridged Local Area Network also has an associated Root Path Cost. This is the Root Path Cost of the lowest cost Bridge with a Bridge Port connected to that LAN. This Bridge is selected as the Designated Bridge for that LAN. If there are two or more Bridges with the same Root Path Cost, then the Bridge with the best priority (least numerical value) is selected as the Designated Bridge. The Bridge Port on the Designated Bridge that is connected to the LAN is assigned the role of Designated Port for that LAN. If the Designated Bridge has two or more ports connected to the LAN, then the Bridge Port with the best priority Port Identifier (least numerical value) is selected as the Designated Port. In a Bridged Local Area Network whose physical topology is stable, i.e. the Rapid Spanning Tree Algorithm has communicated consistent information throughout the network, every LAN has one and only one assigned Designated Port, and every Bridge with the exception of the Root Bridge has a Root Port connected to a LAN.
  • Any operational Bridge Port that is not assigned a Port Role of Root Port or Designated Port is a Backup Port if that Bridge is the Designated Bridge for the attached LAN, and an Alternate Port otherwise.
  • An Alternate Port offers an alternate path in the direction of the Root Bridge to that provided by the Bridge's own Root Port, whereas a Backup Port acts as a backup for the path provided by a Designated Port in the direction of the leaves of the Spanning Tree.
  • Backup Ports exist only where there are two or more connections from a given Bridge to a given LAN; hence, they (and the Designated Ports that they back up) can only exist where two ports are connected together in loopback by a point to point link, or where the Bridge has two or more connections to a shared media LAN segment.
  • IEEE Draft P802.1w/D9 and IEEE Std 802.1D are incorporated by reference as if fully set forth herein, providing examples of spanning tree protocols, and of 802.1 standard spanning tree protocols.
  • the spanning tree protocol (or another active topology protocol) is used on edge devices, which act as an interface between customer equipment and a network executing the active topology protocol, to selected an active connection to the network.
  • the spanning tree protocol is run to select a Root Port, and to use the selected port as the active connection to the network.
  • no packets ingressing at a port coupled to the spanning tree network are allowed to egress at any port coupled to the spanning tree network.
  • Ports coupled to the spanning tree network that are not selected as the active port are placed in blocking state, and provide a backup connection to the spanning tree network. No traffic is allowed to traverse the edge device, except that destined to the customer equipment, or originating in the customer equipment.
  • the edge device, and the customer equipment are therefore protected from becoming a link between portions of the spanning tree network, while taking advantage of the intelligence of the spanning tree protocol to make efficient choices of active links to the network. If the spanning tree costs of the ports change, then the ports coupled to the spanning tree network in the blocking state may be selected as the active port.
  • FIG. 3 illustrates a basic configuration of a network using the modified spanning tree protocol of the present invention.
  • a Metropolitan Area Network 120 includes interior switches 121 and 122 , operating a layer two protocol, such as Gigabit Ethernet, with switches configured using the spanning tree protocol.
  • Access switches 123 and 124 are coupled to the interior switches 121 and 122 by a redundant, route diverse collection of links 125 , 126 , 127 and 128 .
  • the access switches include resources for source address filtering to provide for provisioning of secure communication channels among customers of the network, as described in the above cross-referenced application.
  • Service interface unit 129 is coupled to the access switches by links 131 and 132 . Other service interface units may also be coupled to the access switches 123 and 124 .
  • the access switches and the interior switches participate in the spanning tree, and propagate spanning tree configuration messages, known as BPDUs, to support the dynamic configuration of the switches in the spanning tree network.
  • BPDUs spanning tree configuration messages
  • the service interface unit 129 selects an active link based upon the spanning tree information received from the access switches 123 and 124 .
  • service interface unit 129 selects either link 131 or link 132 as an active link in response to the spanning tree configuration messages received at one or both of the network interfaces coupled to the links 131 and 132 .
  • the service interface unit is configured to prevent any packet ingressing on the links 131 and 132 from egressing on the links 131 and 132 .
  • packets ingressing at a port on the edge device are associated with a port number.
  • the edge device is configured so that the ingress port number is used as a filter to prevent egress of packets on other ports coupled to the spanning tree network.
  • no transit path can be established between the links 131 and 132 . In this manner, traffic from access switch 124 , will not follow the route 136 on link 132 to service interface unit 129 , and on link 131 to access switch 123 in its route to the root of the tree, even if this route 136 would otherwise be the least cost route according to the spanning tree.
  • FIG. 4 shows one example network topology with spanning tree configuration information, according to a preferred embodiment in which the interior switches comprise high speed Ethernet switches in collocation sites in a metropolitan area network.
  • the network includes a plurality of fiber segment extending between collocation sites.
  • the fiber segments are arranged for configuration as a ring, but partitioned and managed according to a spanning tree protocol.
  • the switches P 5 and P 6 correspond to the interior switches 121 and 122 of FIG. 3.
  • the filled circle, unfilled circle, and parallel line markings correspond to the designated port, root port, and alternate port in the blocking state, respectively, according to the spanning tree protocol.
  • the switch P 1 is the root of the tree.
  • the switch P 1 has five designated ports. One designated port is coupled to an alternate port on switch P 3 via an internal link. Another designated port on switch P 1 is coupled to a root port on switch P 2 via a link 2 - 1 . Another designated port on switch P 1 is coupled to a root port on switch P 5 via link 5 - 1 . A fourth designated port on switch P 1 is coupled to a root port on switch P 4 via a link 1 - 4 .
  • a fifth designated port on switch P 1 is coupled to a root port on P 2 via a link 1 - 2 .
  • a designated port on switch P 6 is coupled via a link 6 - 3 to a root port on switch P 3 .
  • a designated port on switch P 5 is coupled to an alternate port on switch P 6 via an internal link.
  • a designated port on switch P 2 is coupled to a root port on switch P 6 via link 2 - 6 .
  • a designated port on switch P 2 is coupled via an internal link to an alternate port on switch P 4 .
  • the access switches 123 and 124 , and the service interface unit 129 have the same reference numerals as used in FIG. 3.
  • Switch P 5 has designated ports coupled via links 125 and 128 to root ports on access switches 123 and 124 respectively.
  • Switch P 6 has designated ports coupled via links 126 and 127 to ports in a blocking state on access switches 123 and 124 , respectively, acting as backup links.
  • the spanning tree configuration information is propagated to the service interface unit 129 , which elects the network interface coupled to link 131 as the active link, and the network interface coupled to link 132 as the backup link. This could be changed for example if the link 125 were broken, making the port coupled to link 126 become selected as the root port on switch 123 .
  • the best route to the root for the service interface unit 129 would change from link 131 to link 132 , in this case; because the route through access switch 124 , and interior switch P 5 to the root P 1 , is a lower cost path than the route through access switch 123 on link 126 , interior switch P 6 , and interior switch P 2 to the root P 1 .
  • FIG. 5 shows configuration of an access service for a spanning tree network according to the present invention, and includes a demarcation device 200 , a secure network switch 201 and customer-owned equipment 202 .
  • the demarcation device 200 supports a plurality of service interfaces to customer equipment in this example.
  • a demarcation device 200 is typically situated between customer-owned equipment and a secure MAN access switch.
  • the demarcation device 200 connects to customer-owned equipment 202 through one or more service interfaces 203 .
  • the demarcation device 200 converts between the physical layer of the drop 204 and that of the service interfaces 203 .
  • the demarcation device 200 also performs surveillance and maintenance functions.
  • the drop 204 will typically use a fiber optic link with at least 1 Gbps bandwidth although other transmission technologies may be used, e.g., high bandwidth wireless transmission.
  • the type of transmission used is transparent to the customer.
  • the service interface 203 is the point at which customer-owned equipment 202 , typically an internet protocol IP or multiprotocol router, is attached. This interface 203 runs IP over 10/100/1000 Mbps Ethernet for example, using either a copper or fiber physical layer. An auto-sensing 10/100 Ethernet service interface may also be used. Also, other higher speed Ethernet technologies could be used.
  • the ‘demarcation devices’ situated on individual customer's premises can provide for redundant connections to the rest of the network. Selection of one link in preference to another can be achieved by use of the spanning tree or a similar protocol. However, only traffic that is transmitted by or destined for a given customer is allowed to reach that customer's demarcation device (a packet switch). It is not desirable that a demarcation device act as a transit link in the network, ensuring full connectivity from one part of the network to another, either during a reconfiguration of the network or while the active topology is stable. Rather the network should partition if there is no other connectivity between the two halves.
  • One embodiment of the secure MAN improves on this prior arrangement, while not allowing the demarcation device to participate in the active topology of the network, by choosing the active link from the demarcation device to the network on the basis of the spanning tree information received by the device, but not allowing it to forward or generate spanning tree information.
  • This arrangement protects against a failure in the network that causes the switch connected to by the demarcation device to be separated from the main body of the network.
  • the access option of FIG. 5 involves use of a redundant switch access service, in which a second drop 210 is connected from the demarcation device 200 to a different secure MAN switch 211 . This is done to maximize diversity. A failure of a drop, the switch, or the switch port will result in data flowing over the drop to be rerouted over the redundant drop in a very short time, e.g., less than 50 ms.
  • the drops will typically reside within the same physical path from the customer premises to the first splice point at which point they will follow diverse physical paths.
  • Parallel single tenant access service is another alternative, as shown in FIG. 6.
  • drops 204 and 212 terminate on the same secure MAN switch 201 .
  • the multiple drops 204 , 212 can be used for load sharing in that data can flow over the drops simultaneously.
  • data flowing over the drop will be rerouted to the other drop in a very short time, e.g., less than 50 ms.
  • the drops will typically reside within the same physical path from the customer premises to the point-of-presence of the first secure MAN switch.
  • Another access service option is fully redundant single tenant access service as illustrated in FIG. 7, including redundant demarcation devices 200 , 220 and redundant switches 204 , 221 with redundant drops 204 , 222 , 223 , 224 for each demarcation device-access switch pair.
  • Fully redundant single tenant access service protects against the same failures that redundant switch single tenant access service does and in addition protects against failure of a demarcation device and the failure of the customer-owned equipment attached to a service interface.
  • Both service interfaces 203 , 225 are activated for customer use but the ability to simultaneously use them will depend on the details of the routing protocol being used by the customer. Similarly the ability of the customer-owned equipment to detect a failure and start using a service interface on the other demarcation device will depend on the details of the routing protocol being used by the customer.
  • the drops will typically reside within the same fiber optic cable from the customer premises to the first splice point at which point they will follow diverse physical paths.
  • each demarcation device is dedicated to a single customer.
  • the secure MAN Services that a customer sees across the service interface is the same no matter which configuration is used.
  • collocation facility access is used as shown in FIGS. 8 and 9.
  • collocation facility access is like multi-tenant access.
  • the secure MAN service provider will have leased space in the facility in which the customer demarcation device is placed.
  • the preferred configuration for a collocation facility is shown in FIG. 8.
  • the demarcation device 320 is in the customer's rack 321 and dual connected back to different switches 322 , 323 located in a secure MAN rack 324 . These connections are effected by Gigabit Ethernet multi-mode fiber cross-connects.
  • the customer-owned equipment connects to the demarcation device with the appropriate Ethernet cable. Additional customers may use the same co-location facility, as shown by demarcation device 324 in rack 325 .
  • the customer may not want to accommodate the demarcation device in his or her rack space.
  • the configuration is that shown in FIG. 9.
  • the demarcation device 330 is in the secure MAN rack and is dual connected to the two switches 331 , 332 in the rack.
  • the customer-owned equipment 333 , 334 is connected to the demarcation device 330 via an appropriate Ethernet cross-connect. In large collocation facilities, this cross-connect will typically be multimode fiber.
  • a demarcation device 330 can be used for supporting multiple customers.
  • Virtual connection service provides the transfer of data between multiple service interfaces.
  • Three kinds of virtual connection services in this example include point-to-point, point-to-multipoint, and multipoint-to-multipoint.
  • IP packet delivered across a service interface is delivered to exactly one other service interface.
  • IP internet protocol
  • other higher layer protocols may be utilized for virtual connections of all types. This service is like a physical wire.
  • Virtual connections among customers in the preferred embodiment are established by Physical Layer (layer 1 ) and data link layer (layer 2 ) contructs.
  • FIG. 10 illustrates a fiber ring network extending around a path of about 20 miles, which is made of bundles of fibers laid in right of ways within a metropolitan area. Segments of the ring are logically partitioned as segments of an ethernet network, configured as a tree, rather than a ring, illustrating a layout according to the present invention other than the cross-connected broken ring. Switches in the tree comprise standard 100 Megabit, Gigabit or higher ethernet switches configured according to the Spanning Tree Protocol, or variations of the Spanning Tree Protocol.
  • switch P 1 is a root of the tree, labeled P 1 , 0, P 1 to indicate that the root of the tree is P 1 , the distance to the root is 0, and the upstream (toward the root) switch is P 1 .
  • the interconnection of the tree can be understood by the upstream links for the switches. Thus there are no upstream links from switch P 1 .
  • Switch P 2 (P 1 ,1,P 1 ) is connected by fibers F 1 and F 2 to switch P 1 .
  • Switch P 3 (P 1 ,2,P 2 ) is connected by fiber F 7 to switch P 2 .
  • Fibers I 1 and I 2 are configured as backup links to switch P 1 from switch P 3 .
  • Switch P 4 is connected by fibers F 3 and F 4 to switch P 1 .
  • Fibers I 3 and I 4 are connected as backup links to switch P 2 from switch P 4 .
  • Switch P 5 is connected by fibers F 5 and F 6 to switch P 1 .
  • Fiber F 8 is connected as a backup link from switch P 5 to switch P 2 .
  • Switch P 6 is connected by fibers F 9 and F 10 to switch P 2 .
  • Fiber F 12 is a backup link from switch P 6 to switch P 5 .
  • Switch P 7 is connected by fiber F 11 to switch P 3 .
  • Fibers I 5 and I 6 act as backup links to switch P 5 from switch P 7 .
  • Switch P 8 is connected by fiber F 13 to switch P 5 .
  • Fibers I 7 and I 8 are connected as backup links from switch P 8 to switch P 6 .
  • the fibers F 1 to F 13 and I 1 to I 8 comprise dark fibers in the fiber ring, which have been partitioned as point to point fiber segments in the tree as shown.
  • fiber of a single ring can be re-used spatially. That is segments of a single ring can be used independently for point-to-point links in the tree.
  • the interior switches are managed according to the spanning tree protocol.
  • edge devices such as the demarcation devices described above, execute the modified spanning tree process to select an active link to the network, without the possibility of becoming a transit link for the interior switches.
  • the present invention provides a system facilitating high data bandwidth interconnection between private networked locations to those who choose not to operate their own facilities. It provides security, performance reporting, and bandwidth management to all its customers. Furthermore, provisioning of connections in the secure MAN is simplified, automatic, and accomplished with very low transaction costs.

Abstract

A method for configuring a network, and a network configured according to such method, provide resilient, redundant connection to an edge device. The system, while not allowing the edge device to participate in the active topology of the network, chooses the active link from the edge device to the network on the basis of the spanning tree information received by the device, but does not allow it to forward or generate spanning tree information. The method manages the redundant connections of an edge device between a first network and a second network, where the second network is managed according to a spanning tree protocol in which spanning tree configuration messages propagate among switches in the second network. The redundant connections are made via a plurality of ports on the edge device coupled to the second network. The edge device monitors spanning tree configuration messages at least one port of the plurality of ports on the edge device coupled to the second network; selects a port in the plurality of ports on the edge device coupled to the second network as an active port for traffic between the second network and the edge device, in response to the spanning tree configuration messages; and prevent traffic ingressing at any port coupled to the second network from egressing at any port coupled to the second network. The selected active port is the port having a least cost path to a root of the second network according to the spanning tree protocol.

Description

    PROVISIONAL APPLICATION DATA
  • The present application claims the benefit under 35 U.S.C. §111(b) and 35 U.S.C. §119(e) of the provisional application no. 60/186,470, filed Mar. 2, 2000, entitled BROADBAND SERVICE NETWORK AND E-COMMERCE PROVISIONING SYSTEM, naming inventors Michael Seaman, Vipin Jain, Gary Jaszewski, Bob Klessig, Peter Van Peenen, and David Braginsky.[0001]
    • CONTINUING APPLICATION DATA
  • The present application is a continuation-in-part of co-pending U.S. patent application No. 09/634,566, filed: Aug. 9, 2000, entitled E-COMMERCE SYSTEM FACILITATING SERVICE NETWORKS INCLUDING BROADBAND COMMUNICATION SERVICE NETWORKS, which is incorporated by reference as if fully set forth herein. [0002]
    • BACKGROUND OF THE INVENTION
  • 1. Field of the Invention [0003]
  • The present invention relates to configuration of edge devices for networks, including broadband communication networks, and more particularly to configuration of networks managed according to an active topology protocol, including the spanning tree protocol. [0004]
  • 2. Description of Related Art [0005]
  • In an enterprise data network, devices are often connected into switched networks configured by an active topology protocol, such as the Spanning Tree Protocol IEEE802.1D. In high data rate networks using active topology protocols, connections between packet switches are sometimes made by point to point links, using for example fiber optic cable, in a ‘redundant, dual-homed, tree like’ topology to facilitate rapid reconfiguration with the minimum loss of service. The revised spanning tree protocol under standardization in IEEE 802.1w is a suitable protocol for establishing the failover rules in the network. The recently completed link aggregation standard, IEEE Std. 802.3ad, is another—providing for resiliency of parallel links. These technologies in high bandwidth configurations, are being applied in the metropolitan area network environment as well. [0006]
  • The IEEE 802.1 spanning tree provides for redundant connections within a network, where data transmitted from one attachment to the network to another is constrained to follow a loop free path. It reduces the physical topology of the network to an active topology that is both loop free (‘tree’) and fully connected (‘spanning’). [0007]
  • Redundant connection of the edge devices to the active topology network creates a possibility of a loop forming through the edge device to maintain the spanning tree. Thus in the prior art, edge devices coupled to the spanning tree network, have not participated in the tree, so that they do not become transit nodes for traffic of the network. In the past, the selection of one link or another for connection to the interior of a network, has been performed by a simple physical layer redundancy scheme that interrogates the health of the links from an edge switch to the network. One link is configured as a primary, or active, link and the secondary link is activated only if the primary fails a simple connectivity test to the remainder of the network, e.g. loss of the transmitted light signal. However, this fails to select the best route for the connection to the root of the tree in an active topology, like that provided by the spanning tree. [0008]
  • It is desirable therefore to provide a technique for selecting an active port for connection of an edge device to a spanning tree network or other active topology network, which is easy to configure, scalable and efficient. [0009]
    • SUMMARY
  • This invention comprises a method for configuring a network, and a network configured according to such method, providing resilient, redundant connection to an edge device. The system improves on the prior art arrangements, while not allowing the edge device to participate in the active topology of the network managed for example according to a spanning tree protocol, by choosing the active link from the edge device to the network on the basis of the active topology information received by the device, but not allowing it to forward or generate active topology information. This arrangement protects against a failure in the network that causes the switch connected to by the edge device to be separated from the main body of the network, by allowing the edge device to use the active topology information propagated in the network to select a link to the network based upon changes that occur remote from the switch to which it has immediate connection. [0010]
  • According to one embodiment of the invention, the method manages the redundant connections of an edge device between a first network and a second network, where the second network is managed according to a spanning tree protocol in which spanning tree configuration messages propagate among switches in the second network. The redundant connections are made via a plurality of ports on the edge device coupled to the second network. The method comprises [0011]
  • monitoring spanning tree configuration messages at least one port of the plurality of ports on the edge device coupled to the second network; [0012]
  • selecting a port in the plurality of ports on the edge device coupled to the second network as an active port for traffic between the second network and the edge device, in response to the spanning tree configuration messages; and [0013]
  • preventing traffic ingressing at any port coupled to the second network from egressing at any port coupled to the second network. [0014]
  • The active port is selected in a preferred embodiment by selecting a port having a least cost path to a root of the second network according to the spanning tree protocol. The edge device does not propagate, nor generate spanning tree configuration messages. [0015]
  • According to one aspect of the invention, a communication system is provided using technology that has been developed within the communications, enterprise data networking, electronic commerce, and carrier service provider industries. The system is configured to provide service in new ways, supporting secure point-to-multipoint channels, and other connectivity options in a manner particularly complementary to a provisioning process and system described in the above referenced application entitled E-COMMERCE SYSTEM FACILITATING SERVICE NETWORKS INCLUDING BROADBAND COMMUNICATION SERVICE NETWORKS. [0016]
  • The network architecture in a preferred embodiment organizes switches into demarcation devices, access switches and interior switches. [0017]
  • Demarcation devices (also referred to herein as service interface units) are edge devices typically, but not necessarily, located on a single customer's premises. Each demarcation device supports one or more of service interfaces, identifiable by unique addresses such as Ethernet MAC addresses, by which a customer network is connected to the active topology network, and one or more ‘drops’ that connect to access ports on access switches. [0018]
  • Access switches are located on premises physically secured, linked by a communication media of choice, including for example fiber optic cable, to a collocation site in the metropolitan area network. In addition to access ports coupled to the demarcation devices, the access switches have interior network ports that connect to interior switches at the collocation sites within the network. [0019]
  • Interior switches form the heart of the network, typically in collocation sites of the metropolitan area network, having ports coupled to the interior ports of the access switches. [0020]
  • The identity of the connected device on a service interface is ascertained by observing packets transmitted by the device at the service interface of the demarcation device. Each packet contains a source address, such as a source MAC address. The MAC address is captured by the service interface and a notification sent to the system managing the network using normal network management protocols. The management system assures itself that the MAC address is unique. Filters are configured on access ports of the access switches to ensure that only packets with source addresses checked in this way are accepted from the attached demarcation device. Similarly only packets from source addresses that are permitted to transmit to the demarcation device are allowed to egress from the access port to the demarcation device. [0021]
  • Interior switches do not filter or otherwise constrain connections on the basis of the identities of devices attached to either the transmitting or receiving service interfaces. This allows the active topology maintained by interior switches to scale independently of the number of active connections through the network, and to reconfigure rapidly since information concerning individual connections does not have to be communicated or changed during reconfiguration. [0022]
  • Modification of the spanning tree for resilient redundant connection of an edge device, such as a packet switch positioned as a demarcation device, to a network is provided according to the present invention. In the network, demarcation devices can provide for redundant connections to the rest of the network. Selection of one link in preference to another can be achieved by use of the spanning tree or another active topology protocol. However, only traffic that is transmitted by or destined for a given customer is allowed to reach that customer's demarcation device. It is not desirable that a demarcation device act as a transit link in the network, that would be used to ensure full connectivity from one part of the network to another, either during a reconfiguration of the network or while the active topology is stable. Rather the network should partition if there is no connectivity other than through a demarcation devices between the two halves. [0023]
  • A range of options is offered to customers to control changes to the source MAC address used on the service interfaces of demarcation devices including automatic configuration, latching of a learnt address, explicit manual configuration, and identification of attempts at intrusion into the network. [0024]
  • The system is capable of extension to allow additional security protocols to establish the identity of the connecting system. Once that identity has been established, the MAC address of the transmitting system is used, as described above, to secure connections. [0025]
  • Disconnection and reconnection of the device can be detected, even if the same MAC address is used throughout. This protects against attempts to masquerade once a device identity has been established. [0026]
  • A foundation of industry standard products and practices in the following areas is used to construct the novel networks, including for one example: [0027]
  • Fiber optic transmission technology using WDM (wave division multiplexing) to carry additional bandwidth through the use of many ‘colors’ of light on a single fiber, controlled and [0028]
  • Gigabit (or higher) Ethernet packet switching technology to accept and deliver IP data from and to customers, providing a highly reliable service. [0029]
  • Electronic commerce technology to allow customers and their authorized agents to order, configure, and manage the communications services delivered and to enter into business agreements with other suppliers of services using the system's communication services. [0030]
  • In each of these areas a number of novel practices and inventions support and advance the communications network and services. [0031]
  • Configuration of links and link segments to facilitate rapid reconfiguration of interconnected packet switches is provided in support of the commercial provisioning system. [0032]
  • A set of rules and heuristics is provided for the use and configuration of fiber optic transmission facilities, purchased or leased in ring configurations, as a set of links comprising selected concatenated segments from a set of rings. The resulting configurations have benefits in networks including: [0033]
  • 1) They allow the use of high bandwidth low cost enterprise data packet switching equipment in the collocation facilities, while providing high network availability through the use of rapid reconfiguration with redundant links and switches. [0034]
  • 2) They allow the use of general mesh topologies to support redundancy, rather than restriction to rings or rings with extraordinary interconnection arrangements. [0035]
  • In addition to realizing these topologies by concatenating physical segments from rings, equipment is provided so that a link can comprise logical segments, each consisting for example of a wavelength of light transmitted and received by WDM (wavelength division multiplexing) equipment attached to the physical fiber segment running between two locations on a ring. Electronic switching of the transmitted information stream at each ring node from one wavelength on a segment to another wavelength on the next, or to an attached device, allows for electronic rearrangement of the set of links connected to each packet switch in the network. [0036]
  • Spatial reuse in a packet based data network with a ring topology is accomplished in the preferred network configuration. The network architecture uses packet switches with rapid reconfiguration protocols and VLAN technology to constrain packets that might otherwise be broadcast or flooded to the necessary paths between access ports in the network. Thus a combination of existing standard technologies serves to support the same robust efficient communications goals sought by new non-standard equipment. [0037]
  • Security arrangements for a packet switched data transmission network using LAN switches are provided. The network makes use of packet data switching equipment that is typically used in private data networks. While such equipment has facilities that can be used to construct ad-hoc security arrangements, a systematic approach to security is provided by the present invention. [0038]
  • The network ensures that no data is ever delivered to a service interface other than the service interface(s) explicitly authorized by the customer whose network attached equipment transmits the data, and that no data is received on a service interface other than data from the service interface(s) explicitly authorized by the customer whose network attached equipment is receiving the data. [0039]
  • The mechanisms that the system uses to ensure such secure delivery include: [0040]
  • (a) The organization of switches within the network architecture and the placement of security functions within that architecture. [0041]
  • (b) Assuring a unique identity for each device connected to a service interface anywhere within the network. [0042]
  • (c) Checking that identity at points identified within the network (see a. above) [0043]
  • (d) Ensuring that the identity of each of the customers/parties controlling the assignment of service interfaces and the connections between them is securely known. [0044]
  • (e) Providing for the known delegation of control within the constraints imposed by (d) above.[0045]
    • Other aspects and advantages of the present invention can be seen on review of the figures, the detailed description and the claims, which follow. BRIEF DESCRIPTION OF THE FIGURES
  • FIG. 1 is a diagram of a commercial communication service with an Internet based provisioning server according to the present invention. [0046]
  • FIG. 2 is a block diagram of a network managed according to an active topology protocol, and including edge devices with resilient, redundant connections to the network, according to the present invention. [0047]
  • FIG. 3 is a diagram illustrating an edge device architecture according to the present invention. [0048]
  • FIG. 4 shows a network configured according to a spanning tree protocol, with edge devices according to the present invention. [0049]
  • FIG. 5 illustrates a redundant switch access service with parallel drops. [0050]
  • FIG. 6 illustrates a parallel single tenant access service with two drops coupled to a single access switch. [0051]
  • FIG. 7 illustrates a fully redundant single tenant access service according to one aspect of the invention. [0052]
  • FIG. 8 illustrates a collocation facility access arrangement for connection to the secure MAN of the present mention. [0053]
  • FIG. 9 illustrates another example collocation facility access arrangement. [0054]
  • FIG. 10 illustrates a fiber MAN network physically laid out as a ring, and partitioned as segments of the secure MAN of the present invention.[0055]
    • DETAILED DESCRIPTION
  • FIG. 1 illustrates a communications service example, based on provisioning links among a variety of customers within a secure metropolitan area network MAN. In FIG. 1, a secure MAN based upon a layer two packet switched protocol, preferably Ethernet, and in which the switches are managed by an active topology protocol such as the spanning tree protocol, is represented by [0056] cloud 60. A number of customers, including Internet service provider 61, outsourcing vendor 62, “enterprise 1” with a North campus 63, a West campus 24, and a South campus 25, and “enterprise” 2 66 and enterprise 3 67, are coupled to the secure MAN 60 by appropriate physical and logical interfaces. A provisioning server 71 is coupled to the secure MAN 60, either using the secure MAN medium or by other communication channels to the switches and other resources in the secure MAN, and facilitates transactions among the customers of the secure MAN 60 for establishing communication channels, such as the virtual connections discussed above, and provisioning of services agreed to by the customers with the resources of the secure MAN 60. In one embodiment, configuring and allocating of services within the secure MAN 60 to support the links among the customers, is managed by the provisioning server using a management protocol such as Telnet or SNMP, under which filters and other control data structures in the switches are configured. In this manner, the provisioning server is available via the Internet to customers and potential customers of the secure MAN 60, using standard technology.
  • Virtual connection services allow rich connectivity among all customer locations on the secure MAN network. Examples include: [0057]
  • A mesh connected, multipoint-to-multipoint virtual connection service [0058] 35 dedicated to a single enterprise for connecting campuses together.
  • A point-to-multipoint [0059] virtual connection service 76 connecting an Internet Service Provider to customers.
  • A point-to-point virtual connection service [0060] 77 connecting an enterprise location to an outsourcing vendor.
  • A point-to-point virtual connection service [0061] 78 connecting two enterprises.
  • A single customer can have simultaneous intra-enterprise and extra-enterprise communications using the secure MAN, provisioned according to the present invention. [0062]
  • Edge devices (not shown) between the customer networks or devices, and the secure MAN support security processes for the MAN, and include redundant connections to switches in the network in a preferred configuration for improved reliability and efficiency. [0063]
  • A detailed description of one example of the secure MAN provisioning embodiment is provided in the above referenced application entitled, E-COMMERCE SYSTEM FACILITATING SERVICE NETWORKS INCLUDING BROADBAND COMMUNICATION SERVICE NETWORKS, which is incorporated by reference as if fully set forth herein. [0064]
  • FIG. 2 is a block diagram of a network configured according to the present invention to support point-to-multipoint virtual connections, among a plurality of customers of a public metropolitan area network. The customers have [0065] local networks 100, 101, 102, and 103. Each of the customers includes customer equipment, such as a router (not shown), having unique MAC addresses, connected by a link to a port on a service interface unit. Thus, the customer 100 is connected by links 100-1 and 100-2 to the service interface unit 105. The customer 100 connected by links 100-3 and 100-4 to the service interface unit 106. The customer 101 is connected by link 101-1 to the service interface unit 107. The customer 102 connected by the links 102-1 and 102-2 to service interface unit 108. Customer 103 is connected by link 103-1 to service interface unit 109. The service interface units comprise switches at customer premises in which demarcation points for access to the metropolitan area network are established. Each of the links 100-1 through 100-4, 101-1, 102-1, 102-2, and 103-1 are connected at the customer side to ports on customer devices having unique MAC addresses. Thus the demarcation points for the network can be considered ports on the service interface unit characterized by the unique MAC addresses of the attached customer equipment.
  • The service interface units [0066] 105-109 are connected by point-to-point links to access switches 110, 111, 112 in the network. Thus, service interface unit 105 is coupled by links 105-1 and 105-2 to the access switch 110. Service interface unit 105 is coupled by the link 105-3 to the access switch 111. Service interface unit 106 is coupled by the link 106-1 to the access switch 110, and by link 106-2 to the access switch 111. Service interface unit 107 is coupled by the link 107-1 to the access switch 111, and by the link 107-2 to the access switch 112. Service interface unit 108 is coupled by the link 108-1 to the access switch 111, and by the link 108-2 to the access switch 112. Service interface unit 109 is coupled by the link 109-1 and by the link 109-2 to the access switch 112. The service interface units 105-109 are managed so that only one of the links between the service interface units and an access switch in the network is active at anytime. A modified spanning tree protocol is utilized to select the active link as described below.
  • The access switches [0067] 110-112 are coupled to interior switches of the metropolitan area network 115.
  • According to the preferred embodiment of the present invention, the security arrangements for the virtual channels are deployed in the access switches [0068] 110-112 via source address filtering based upon the unique MAC addresses of the demarcation points at service interface units in the network.
  • The following excerpt from the IEEE Draft P802.1w/D9, from pages 37-38, provides background concerning operation of one standard spanning tree protocol, known as the Rapid Spanning Tree Algorithm, used for managing an active topology of the network including the access switches and interior switches. [0069]
  • The Rapid Spanning Tree Algorithm assigns one of the following Port Roles to each Bridge Port: Root Port, Designated Port, Alternate Port, or Backup Port. A fifth role, Disabled Port, identifies a Port as having no role within the operation of Spanning Tree. Port Role assignments for ports throughout the Bridged Local Area Network are determined by: a) A unique Bridge Identifier associated with each Bridge, b) A Path Cost associated with each Bridge Port, c) A Port Identifier associated with each Bridge Port, as follows. [0070]
  • The Bridge with the best Bridge Identifier is selected as the Root Bridge. The unique Bridge Identifier for each Bridge is derived, in part, from the Bridge Address (7.12.5) and, in part, from a manageable priority component (9.2.5). The relative priority of Bridges is determined by the numerical comparison of the unique identifiers, with the lower numerical value indicating the better identifier. Every Bridge has a Root Path Cost associated with it. For the Root Bridge this is zero. For all other Bridges it is the sum of the Path Costs for each Bridge Port receiving frames on the least cost path from the Root Bridge to that Bridge. The Path Cost associated with each Port may be manageable. Additionally, 17.28.2 recommends default values for the Path Costs associated with Ports attached to LANs of specific MAC types and speeds. [0071]
  • The Bridge Port on each Bridge receiving the frames on the least cost path from the Root Bridge is assigned the role of Root Port for that Bridge (the Root Bridge does not have a Root Port). If a Bridge has two or more ports with the same least Path Cost sum from the Root, then the port with the best Port Identifier is selected as the Root Port. Part of the Port Identifier is fixed and is different for each Port on a Bridge, and part is a manageable priority component (9.2.7). The relative priority of Ports is determined by the numerical comparison of the unique identifiers, with the lower numerical value indicating the better identifier. [0072]
  • Each LAN in the Bridged Local Area Network also has an associated Root Path Cost. This is the Root Path Cost of the lowest cost Bridge with a Bridge Port connected to that LAN. This Bridge is selected as the Designated Bridge for that LAN. If there are two or more Bridges with the same Root Path Cost, then the Bridge with the best priority (least numerical value) is selected as the Designated Bridge. The Bridge Port on the Designated Bridge that is connected to the LAN is assigned the role of Designated Port for that LAN. If the Designated Bridge has two or more ports connected to the LAN, then the Bridge Port with the best priority Port Identifier (least numerical value) is selected as the Designated Port. In a Bridged Local Area Network whose physical topology is stable, i.e. the Rapid Spanning Tree Algorithm has communicated consistent information throughout the network, every LAN has one and only one assigned Designated Port, and every Bridge with the exception of the Root Bridge has a Root Port connected to a LAN. [0073]
  • Any operational Bridge Port that is not assigned a Port Role of Root Port or Designated Port is a Backup Port if that Bridge is the Designated Bridge for the attached LAN, and an Alternate Port otherwise. An Alternate Port offers an alternate path in the direction of the Root Bridge to that provided by the Bridge's own Root Port, whereas a Backup Port acts as a backup for the path provided by a Designated Port in the direction of the leaves of the Spanning Tree. Backup Ports exist only where there are two or more connections from a given Bridge to a given LAN; hence, they (and the Designated Ports that they back up) can only exist where two ports are connected together in loopback by a point to point link, or where the Bridge has two or more connections to a shared media LAN segment. [0074]
  • NOTE—The distinction between the Alternate and Backup Port Roles does not appear in the Spanning Tree Algorithm and Protocol described in Clause [0075] 8. This distinction is introduced in RSTP in order to make it possible to describe the possibility of rapidly transitioning an Alternate Port to Forwarding on failure of the Root Port.
  • (IEEE Draft P802.1w/D9“Supplement to ISO/IEC 15802-3 (IEEE Std 802. 1D), Information technology—Telecommunications and information exchange between systems—Local and metropolitan area networks—Common specifications—Part 3: Media Access Control (MAC) Bridges: Rapid Reconfiguration,” Sponsor: LAN MAN Standards Committee of the IEEE Computer Society, Jan. 12, 2001, pages 37-38. (numerical references in parenthesis in the quote are to sections of P802.1w/D9)) [0076]
  • IEEE Draft P802.1w/D9 and IEEE Std 802.1D are incorporated by reference as if fully set forth herein, providing examples of spanning tree protocols, and of 802.1 standard spanning tree protocols. [0077]
  • According to the present invention, the spanning tree protocol (or another active topology protocol) is used on edge devices, which act as an interface between customer equipment and a network executing the active topology protocol, to selected an active connection to the network. In this example, the spanning tree protocol is run to select a Root Port, and to use the selected port as the active connection to the network. However, no packets ingressing at a port coupled to the spanning tree network are allowed to egress at any port coupled to the spanning tree network. Ports coupled to the spanning tree network that are not selected as the active port, are placed in blocking state, and provide a backup connection to the spanning tree network. No traffic is allowed to traverse the edge device, except that destined to the customer equipment, or originating in the customer equipment. The edge device, and the customer equipment are therefore protected from becoming a link between portions of the spanning tree network, while taking advantage of the intelligence of the spanning tree protocol to make efficient choices of active links to the network. If the spanning tree costs of the ports change, then the ports coupled to the spanning tree network in the blocking state may be selected as the active port. [0078]
  • FIG. 3 illustrates a basic configuration of a network using the modified spanning tree protocol of the present invention. A [0079] Metropolitan Area Network 120 includes interior switches 121 and 122, operating a layer two protocol, such as Gigabit Ethernet, with switches configured using the spanning tree protocol. Access switches 123 and 124 are coupled to the interior switches 121 and 122 by a redundant, route diverse collection of links 125, 126, 127 and 128. The access switches include resources for source address filtering to provide for provisioning of secure communication channels among customers of the network, as described in the above cross-referenced application. Service interface unit 129 is coupled to the access switches by links 131 and 132. Other service interface units may also be coupled to the access switches 123 and 124.
  • The access switches and the interior switches participate in the spanning tree, and propagate spanning tree configuration messages, known as BPDUs, to support the dynamic configuration of the switches in the spanning tree network. Thus, the best route to the root of the network can change in response to events remote from the [0080] service interface unit 129. The service interface unit 129 selects an active link based upon the spanning tree information received from the access switches 123 and 124. Thus, service interface unit 129 selects either link 131 or link 132 as an active link in response to the spanning tree configuration messages received at one or both of the network interfaces coupled to the links 131 and 132. The service interface unit is configured to prevent any packet ingressing on the links 131 and 132 from egressing on the links 131 and 132. In one embodiment, packets ingressing at a port on the edge device are associated with a port number. The edge device is configured so that the ingress port number is used as a filter to prevent egress of packets on other ports coupled to the spanning tree network. Thus, no transit path can be established between the links 131 and 132. In this manner, traffic from access switch 124, will not follow the route 136 on link 132 to service interface unit 129, and on link 131 to access switch 123 in its route to the root of the tree, even if this route 136 would otherwise be the least cost route according to the spanning tree.
  • FIG. 4 shows one example network topology with spanning tree configuration information, according to a preferred embodiment in which the interior switches comprise high speed Ethernet switches in collocation sites in a metropolitan area network. The network includes a plurality of fiber segment extending between collocation sites. The fiber segments are arranged for configuration as a ring, but partitioned and managed according to a spanning tree protocol. The switches P[0081] 5 and P6 correspond to the interior switches 121 and 122 of FIG. 3.
  • In FIG. 4, the filled circle, unfilled circle, and parallel line markings correspond to the designated port, root port, and alternate port in the blocking state, respectively, according to the spanning tree protocol. In this example, the switch P[0082] 1 is the root of the tree. The switch P1 has five designated ports. One designated port is coupled to an alternate port on switch P3 via an internal link. Another designated port on switch P1 is coupled to a root port on switch P2 via a link 2-1. Another designated port on switch P1 is coupled to a root port on switch P5 via link 5-1. A fourth designated port on switch P1 is coupled to a root port on switch P4 via a link 1-4. A fifth designated port on switch P1 is coupled to a root port on P2 via a link 1-2. A designated port on switch P6 is coupled via a link 6-3 to a root port on switch P3. A designated port on switch P5 is coupled to an alternate port on switch P6 via an internal link. A designated port on switch P2 is coupled to a root port on switch P6 via link 2-6. A designated port on switch P2 is coupled via an internal link to an alternate port on switch P4.
  • The access switches [0083] 123 and 124, and the service interface unit 129 have the same reference numerals as used in FIG. 3. Switch P5 has designated ports coupled via links 125 and 128 to root ports on access switches 123 and 124 respectively. Switch P6 has designated ports coupled via links 126 and 127 to ports in a blocking state on access switches 123 and 124, respectively, acting as backup links. The spanning tree configuration information is propagated to the service interface unit 129, which elects the network interface coupled to link 131 as the active link, and the network interface coupled to link 132 as the backup link. This could be changed for example if the link 125 were broken, making the port coupled to link 126 become selected as the root port on switch 123. The best route to the root for the service interface unit 129 would change from link 131 to link 132, in this case; because the route through access switch 124, and interior switch P5 to the root P1, is a lower cost path than the route through access switch 123 on link 126, interior switch P6, and interior switch P2 to the root P1.
  • FIG. 5 shows configuration of an access service for a spanning tree network according to the present invention, and includes a [0084] demarcation device 200, a secure network switch 201 and customer-owned equipment 202. The demarcation device 200 supports a plurality of service interfaces to customer equipment in this example.
  • A [0085] demarcation device 200 is typically situated between customer-owned equipment and a secure MAN access switch. The demarcation device 200 connects to customer-owned equipment 202 through one or more service interfaces 203. The demarcation device 200 converts between the physical layer of the drop 204 and that of the service interfaces 203. The demarcation device 200 also performs surveillance and maintenance functions.
  • The [0086] drop 204 will typically use a fiber optic link with at least 1 Gbps bandwidth although other transmission technologies may be used, e.g., high bandwidth wireless transmission. The type of transmission used is transparent to the customer.
  • The [0087] service interface 203 is the point at which customer-owned equipment 202, typically an internet protocol IP or multiprotocol router, is attached. This interface 203 runs IP over 10/100/1000 Mbps Ethernet for example, using either a copper or fiber physical layer. An auto-sensing 10/100 Ethernet service interface may also be used. Also, other higher speed Ethernet technologies could be used.
  • In the secure MAN, the ‘demarcation devices’ situated on individual customer's premises can provide for redundant connections to the rest of the network. Selection of one link in preference to another can be achieved by use of the spanning tree or a similar protocol. However, only traffic that is transmitted by or destined for a given customer is allowed to reach that customer's demarcation device (a packet switch). It is not desirable that a demarcation device act as a transit link in the network, ensuring full connectivity from one part of the network to another, either during a reconfiguration of the network or while the active topology is stable. Rather the network should partition if there is no other connectivity between the two halves. [0088]
  • In the past, the simple selection of one link or another for connection to the interior of a network has been performed by a simple physical layer redundancy scheme that interrogates the health of the links from a demarcation device switch to the network. One link is configured as a primary link and the secondary link is activated only if the primary fails a simple connectivity test to the remainder of the network, e.g. loss of the transmitted light signal. [0089]
  • One embodiment of the secure MAN improves on this prior arrangement, while not allowing the demarcation device to participate in the active topology of the network, by choosing the active link from the demarcation device to the network on the basis of the spanning tree information received by the device, but not allowing it to forward or generate spanning tree information. This arrangement protects against a failure in the network that causes the switch connected to by the demarcation device to be separated from the main body of the network. [0090]
  • The access option of FIG. 5 involves use of a redundant switch access service, in which a [0091] second drop 210 is connected from the demarcation device 200 to a different secure MAN switch 211. This is done to maximize diversity. A failure of a drop, the switch, or the switch port will result in data flowing over the drop to be rerouted over the redundant drop in a very short time, e.g., less than 50 ms.
  • In redundant switch single tenant access service, the drops will typically reside within the same physical path from the customer premises to the first splice point at which point they will follow diverse physical paths. [0092]
  • Parallel single tenant access service is another alternative, as shown in FIG. 6. In this case, drops [0093] 204 and 212 terminate on the same secure MAN switch 201. Unlike redundant single tenant access service, the multiple drops 204, 212 can be used for load sharing in that data can flow over the drops simultaneously. In the event of a failure of a drop or the switch port, data flowing over the drop will be rerouted to the other drop in a very short time, e.g., less than 50 ms. In parallel single tenant access service, the drops will typically reside within the same physical path from the customer premises to the point-of-presence of the first secure MAN switch.
  • Another access service option is fully redundant single tenant access service as illustrated in FIG. 7, including [0094] redundant demarcation devices 200, 220 and redundant switches 204, 221 with redundant drops 204, 222, 223, 224 for each demarcation device-access switch pair. Fully redundant single tenant access service protects against the same failures that redundant switch single tenant access service does and in addition protects against failure of a demarcation device and the failure of the customer-owned equipment attached to a service interface. Both service interfaces 203, 225 are activated for customer use but the ability to simultaneously use them will depend on the details of the routing protocol being used by the customer. Similarly the ability of the customer-owned equipment to detect a failure and start using a service interface on the other demarcation device will depend on the details of the routing protocol being used by the customer.
  • In fully redundant single tenant access service, the drops will typically reside within the same fiber optic cable from the customer premises to the first splice point at which point they will follow diverse physical paths. [0095]
  • In both of the above examples, each demarcation device is dedicated to a single customer. In addition, the secure MAN Services that a customer sees across the service interface is the same no matter which configuration is used. [0096]
  • In another situation co-location facility access is used as shown in FIGS. 8 and 9. In some ways collocation facility access is like multi-tenant access. However, the secure MAN service provider will have leased space in the facility in which the customer demarcation device is placed. The preferred configuration for a collocation facility is shown in FIG. 8. The [0097] demarcation device 320 is in the customer's rack 321 and dual connected back to different switches 322, 323 located in a secure MAN rack 324. These connections are effected by Gigabit Ethernet multi-mode fiber cross-connects. The customer-owned equipment connects to the demarcation device with the appropriate Ethernet cable. Additional customers may use the same co-location facility, as shown by demarcation device 324 in rack 325.
  • In some cases, the customer may not want to accommodate the demarcation device in his or her rack space. In this case, the configuration is that shown in FIG. 9. The [0098] demarcation device 330 is in the secure MAN rack and is dual connected to the two switches 331, 332 in the rack. The customer-owned equipment 333, 334 is connected to the demarcation device 330 via an appropriate Ethernet cross-connect. In large collocation facilities, this cross-connect will typically be multimode fiber. A demarcation device 330 can be used for supporting multiple customers.
  • There are other possibilities including a mix of centralized and distributed demarcation a devices. It may also be possible and/or desirable to share a demarcation device among more than one customer. [0099]
  • Once customers have established connections to the secure MAN network, links among them are established using the provisioning system referenced above. Links in this example embodiment are referred to as virtual connections. [0100]
  • Virtual connection service provides the transfer of data between multiple service interfaces. Three kinds of virtual connection services in this example, include point-to-point, point-to-multipoint, and multipoint-to-multipoint. [0101]
  • In point-to-point virtual connections, an internet protocol IP packet delivered across a service interface is delivered to exactly one other service interface. Of course, in addition to IP, other higher layer protocols may be utilized for virtual connections of all types. This service is like a physical wire. [0102]
  • Virtual connections among customers in the preferred embodiment are established by Physical Layer (layer [0103] 1) and data link layer (layer 2) contructs.
  • FIG. 10 illustrates a fiber ring network extending around a path of about 20 miles, which is made of bundles of fibers laid in right of ways within a metropolitan area. Segments of the ring are logically partitioned as segments of an ethernet network, configured as a tree, rather than a ring, illustrating a layout according to the present invention other than the cross-connected broken ring. Switches in the tree comprise standard 100 Megabit, Gigabit or higher ethernet switches configured according to the Spanning Tree Protocol, or variations of the Spanning Tree Protocol. [0104]
  • In FIG. 10, switch P[0105] 1 is a root of the tree, labeled P1, 0, P1 to indicate that the root of the tree is P1, the distance to the root is 0, and the upstream (toward the root) switch is P1. The interconnection of the tree can be understood by the upstream links for the switches. Thus there are no upstream links from switch P1. Switch P2 (P1,1,P1) is connected by fibers F1 and F2 to switch P1. Switch P3 (P1,2,P2) is connected by fiber F7 to switch P2. Fibers I1 and I2 are configured as backup links to switch P1 from switch P3. Switch P4 is connected by fibers F3 and F4 to switch P1. Fibers I3 and I4 are connected as backup links to switch P2 from switch P4. Switch P5 is connected by fibers F5 and F6 to switch P1. Fiber F8 is connected as a backup link from switch P5 to switch P2. Switch P6 is connected by fibers F9 and F10 to switch P2. Fiber F12 is a backup link from switch P6 to switch P5. Switch P7 is connected by fiber F11 to switch P3. Fibers I5 and I6 act as backup links to switch P5 from switch P7. Switch P8 is connected by fiber F13 to switch P5. Fibers I7 and I8 are connected as backup links from switch P8 to switch P6.
  • The fibers F[0106] 1 to F13 and I1 to I8 comprise dark fibers in the fiber ring, which have been partitioned as point to point fiber segments in the tree as shown. Thus, fiber of a single ring can be re-used spatially. That is segments of a single ring can be used independently for point-to-point links in the tree.
  • The interior switches are managed according to the spanning tree protocol. However, edge devices, such as the demarcation devices described above, execute the modified spanning tree process to select an active link to the network, without the possibility of becoming a transit link for the interior switches. [0107]
    • Conclusion
  • The present invention provides a system facilitating high data bandwidth interconnection between private networked locations to those who choose not to operate their own facilities. It provides security, performance reporting, and bandwidth management to all its customers. Furthermore, provisioning of connections in the secure MAN is simplified, automatic, and accomplished with very low transaction costs. [0108]
  • While the present invention is disclosed by reference to the preferred embodiments and examples detailed above, it is to be understood that these examples are intended in an illustrative rather than in a limiting sense. It is contemplated that modifications and combinations will readily occur to those skilled in the art, which modifications and combinations will be within the spirit of the invention and the scope of the appended claims. [0109]

Claims (21)

What is claimed is:
1. A method of managing redundant connection of an edge device and a network managed according to an active topology protocol in which active topology configuration messages propagate among switches in the network, and in which a plurality of ports on the edge device are coupled to the network, comprising:
monitoring active topology configuration messages at least one port of the plurality of ports on the edge device coupled to the network;
selecting a port in the plurality of ports on the edge device coupled to the network as an active port for traffic between the network and the edge device, in response to the active topology configuration messages; and
preventing traffic ingressing at any port coupled to the network from egressing at any port coupled to the network.
2. The method of claim 1, wherein the active topology protocol comprises a spanning tree protocol, and the active port is selected by selecting a port which would have a least cost path to a root of the network according to the spanning tree protocol.
3. The method of claim 1, wherein the active topology protocol comprises a spanning tree protocol is compliant with an IEEE 802.1 standard spanning tree protocol.
4. The method of claim 1, including executing a communication protocol for a switched local area network.
5. The method of claim 1, including executing a protocol compliant with an Ethernet standard in the edge device.
6. The method of claim 1, wherein the edge device comprises a service interface unit, the service interface unit having a service interface coupled via a link to a customer device having an unique MAC address.
7. A method of managing redundant connection of an edge device on a network managed according to a spanning tree protocol in which spanning tree configuration messages propagate among switches in the network, and in which a plurality of ports on the edge device are coupled to the network, comprising:
monitoring spanning tree configuration messages at least one port of the plurality of ports on the edge device coupled to the network;
selecting a port in the plurality of ports on the edge device coupled to the network as an active port for traffic between the network and the edge device and another port in the plurality of ports as backup port, in response to the spanning tree configuration messages, wherein the active port is selected by selecting a port which would have a least cost path to a root of the network according to the spanning tree protocol; and
preventing traffic ingressing at the active port coupled to the network from egressing at the backup port coupled to the network.
8. The method of claim 7, wherein the spanning tree protocol is compliant with an IEEE 802.1 standard spanning tree protocol.
9. The method of claim 7, including executing a communication protocol for a switched local area network.
10. The method of claim 7, including executing a protocol compliant with an Ethernet standard in the edge device.
11. The method of claim 7, wherein the edge device comprises a service interface unit, the service interface unit having a service interface coupled via a link to a customer device having an unique MAC address.
12. A communication network, comprising:
a plurality of communication links;
a plurality of switches coupled to the communication links, the switches executing an active topology protocol; and
a plurality of edge devices, at least one edge device in the plurality of edge devices having a port coupled via a link to a customer device, and having a plurality of network interfaces coupled via respective links to a switch or to switches in the plurality of switches, the at least one edge device configured to monitor the active topology protocol to select a network interface in the plurality of network interfaces as an active port for traffic between the switch or switches and the edge device, in response to the active topology protocol; and to prevent traffic ingressing at any network interface in the plurality of network interfaces from egressing at any network interface.
13. The network of claim 12, wherein the active topology protocol comprises a spanning tree protocol, and the active port is selected by selecting a network interface which would have a least cost path to a root of the spanning tree according to the spanning tree protocol.
14. The network of claim 12, wherein the active topology protocol comprises a spanning tree protocol compliant with an IEEE 802.1 standard spanning tree protocol.
15. The network of claim 12, wherein said plurality of switches execute a communication protocol for a switched LAN with multicast capability.
16. The network of claim 12, wherein said plurality of switches execute a protocol compliant with an Ethernet standard.
17. A metropolitan area network, comprising:
a plurality of communication links which traverse a metropolitan area;
a plurality of switches coupled to the communication links, the switches executing a spanning tree protocol, and including access switches and interior switches; and
a plurality of service interface units, at least one service interface unit in the plurality of service interface units having a service interface coupled via a link to a customer device with an unique MAC address, and having a plurality of network interfaces coupled via respective links to an access switch or to access switches in the plurality of switches, the at least one service interface unit configured to monitor spanning tree configuration messages at least one port of the plurality of network interfaces; to select a network interface in the plurality of network interfaces as an active port for traffic between the access switch or switches and the service interface unit in response to the spanning tree configuration messages; and to prevent traffic ingressing at any network interface in the plurality of network interfaces from egressing at any network interface.
18. The network of claim 17, wherein the active port is selected by selecting a network interface which would have a least cost path to a root of the spanning tree according to the spanning tree protocol.
19. The network of claim 17, wherein the spanning tree protocol is compliant with an IEEE 802.1 standard spanning tree protocol.
20. The network of claim 17, wherein said plurality of switches execute a communication protocol for a switched LAN.
21. The network of claim 17, wherein said plurality of switches execute a protocol compliant with an Ethernet standard.
US09/796,842 2000-03-02 2001-03-01 Use of active topology protocols, including the spanning tree, for resilient redundant connection of an edge device Abandoned US20020023170A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US09/796,842 US20020023170A1 (en) 2000-03-02 2001-03-01 Use of active topology protocols, including the spanning tree, for resilient redundant connection of an edge device

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US18647000P 2000-03-02 2000-03-02
US63456600A 2000-08-09 2000-08-09
US09/796,842 US20020023170A1 (en) 2000-03-02 2001-03-01 Use of active topology protocols, including the spanning tree, for resilient redundant connection of an edge device

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US63456600A Continuation-In-Part 2000-03-02 2000-08-09

Publications (1)

Publication Number Publication Date
US20020023170A1 true US20020023170A1 (en) 2002-02-21

Family

ID=26882122

Family Applications (3)

Application Number Title Priority Date Filing Date
US09/796,842 Abandoned US20020023170A1 (en) 2000-03-02 2001-03-01 Use of active topology protocols, including the spanning tree, for resilient redundant connection of an edge device
US09/796,825 Expired - Lifetime US6826158B2 (en) 2000-03-02 2001-03-01 Broadband tree-configured ring for metropolitan area networks
US09/796,922 Abandoned US20020038253A1 (en) 2000-03-02 2001-03-01 Point-to-multipoint virtual circuits for metropolitan area networks

Family Applications After (2)

Application Number Title Priority Date Filing Date
US09/796,825 Expired - Lifetime US6826158B2 (en) 2000-03-02 2001-03-01 Broadband tree-configured ring for metropolitan area networks
US09/796,922 Abandoned US20020038253A1 (en) 2000-03-02 2001-03-01 Point-to-multipoint virtual circuits for metropolitan area networks

Country Status (2)

Country Link
US (3) US20020023170A1 (en)
EP (1) EP1132844A3 (en)

Cited By (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020009092A1 (en) * 2000-03-02 2002-01-24 Seaman Michael J. Broadband tree-configured ring for metropolitan area networks
US20030043736A1 (en) * 2001-09-04 2003-03-06 Gonda Rumi Sheryar Method for supporting SDH/SONET APS on ethernet
US20030180047A1 (en) * 2000-05-22 2003-09-25 Winston Way Fully protected broadcast and select all optical network
US20030229807A1 (en) * 2002-05-14 2003-12-11 The Research Foundation Of State University Of New York, University At Buffalo Segment protection scheme for a network
US20040098510A1 (en) * 2002-11-15 2004-05-20 Ewert Peter M. Communicating between network processors
US20040105455A1 (en) * 2002-08-29 2004-06-03 Seaman Michael John Automatic edge port and one way connectivity detection with rapid reconfiguration for shared media in spanning tree configured bridged Local Area Networks
US20050050220A1 (en) * 2003-08-26 2005-03-03 Alcatel Selective transmission rate limiter for rapid spanning tree protocol
US20050254448A1 (en) * 2002-05-08 2005-11-17 Haitao Tang Distribution scheme for distributing information in a network
US20050286908A1 (en) * 2004-06-15 2005-12-29 Way Winston I Optical communication using duobinary modulation
US20060007869A1 (en) * 2004-07-09 2006-01-12 Fujitsu Limited Method for preventing control packet loop and bridge apparatus using the method
US20060092862A1 (en) * 2000-09-11 2006-05-04 Benedetto Marco D STP root guard
US20060123428A1 (en) * 2003-05-15 2006-06-08 Nantasket Software, Inc. Network management system permitting remote management of systems by users with limited skills
US20060171302A1 (en) * 2005-02-03 2006-08-03 Cisco Technology, Inc. Data transmission in a network comprising bridges
WO2006119375A2 (en) * 2005-05-02 2006-11-09 Opvista, Incorporated Multiple interconnected broadcast and select optical ring networks with revertible protection switch
US20060269295A1 (en) * 2000-05-22 2006-11-30 Opvista Incorporated, A California Corporation Optical double sideband modulation technique with increased spectral efficiency
US7154861B1 (en) * 2002-04-22 2006-12-26 Extreme Networks Method and system for a virtual local area network to span multiple loop free network topology domains
US20060291378A1 (en) * 2005-06-28 2006-12-28 Alcatel Communication path redundancy protection systems and methods
US20070076635A1 (en) * 2005-09-16 2007-04-05 Cisco Technology, Inc. Mechanism to implement a layer 2 gateway
US20070086332A1 (en) * 2005-10-13 2007-04-19 Way Winston I Optical ring networks using circulating optical probe in protection switching with automatic reversion
KR100723883B1 (en) 2005-12-07 2007-05-31 한국전자통신연구원 Root switch in ethernet network and method for mapping switch to a unique identifier by using the same
US20080250137A1 (en) * 2007-04-09 2008-10-09 International Business Machines Corporation System and method for intrusion prevention high availability fail over
GB2449178A (en) * 2007-05-11 2008-11-12 Boeing Co Dynamic switching to a redundant bridge by a node using bridge protoccol data unit (BPDU) messages and the rapid spanning tree protocol (RSTP)
US20080279096A1 (en) * 2007-05-11 2008-11-13 Sullivan Michael J Lightweight node based network redundancy solution leveraging rapid spanning tree protocol (rstp)
US7602706B1 (en) * 2003-05-15 2009-10-13 Cisco Technology, Inc. Inter-ring protection for shared packet rings
US7680031B1 (en) * 2002-04-26 2010-03-16 Redback Networks Inc. Method and apparatus for load balancing and protecting data traffic in an optical ring
US20100097926A1 (en) * 2008-10-21 2010-04-22 Liquid Computing Corporation Methods and systems for providing network access redundancy
US7773883B1 (en) 2007-05-04 2010-08-10 Vello Systems, Inc. Single-fiber optical ring networks based on optical double sideband modulation
US20100322263A1 (en) * 2009-06-18 2010-12-23 Nortel Networks Limoted Method and Apparatus for Implementing Control of Multiple Physically Dual Homed Devices
US20110007741A1 (en) * 2004-10-22 2011-01-13 Cisco Technology, Inc. Forwarding table reduction and multipath network forwarding
US20110158641A1 (en) * 2009-12-08 2011-06-30 Vello Systems, Inc. Subchannel Photonic Routing, Switching and Protection with Simplified Upgrades of WDM Optical Networks
US20110206203A1 (en) * 2010-02-22 2011-08-25 Vello Systems, Inc. Subchannel security at the optical layer
US8175458B2 (en) 2007-07-17 2012-05-08 Vello Systems, Inc. Optical ring networks having node-to-node optical communication channels for carrying data traffic
US20130003550A1 (en) * 2011-06-29 2013-01-03 Broadcom Corporation System and Method for Priority Based Flow Control Between Nodes
US8542999B2 (en) 2011-02-01 2013-09-24 Vello Systems, Inc. Minimizing bandwidth narrowing penalties in a wavelength selective switch optical network
US8792352B2 (en) 2005-10-11 2014-07-29 Cisco Technology, Inc. Methods and devices for backward congestion notification
US8804529B2 (en) 2007-08-21 2014-08-12 Cisco Technology, Inc. Backward congestion notification
US8842694B2 (en) 2004-10-22 2014-09-23 Cisco Technology, Inc. Fibre Channel over Ethernet
US11025527B2 (en) * 2019-07-22 2021-06-01 Dell Products L.P. Topology change processing in bridged networks using a spanning tree protocol
US11950140B2 (en) 2021-10-25 2024-04-02 Dell Products Lp System and method for providing device management and network management at an edge device

Families Citing this family (131)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6963575B1 (en) * 2000-06-07 2005-11-08 Yipes Enterprise Services, Inc. Enhanced data switching/routing for multi-regional IP over fiber network
US6934262B1 (en) * 2000-08-26 2005-08-23 Cisco Technology, Inc. Method and apparatus for restricting the assignment of VLANs
US7133410B2 (en) * 2001-02-12 2006-11-07 Tellabs Operations, Inc. Method and system for designing ring-based telecommunications networks
US7283494B2 (en) * 2001-04-18 2007-10-16 Skypilot Networks, Inc. Network channel access protocol-interference and load adaptive
GB2377118B (en) * 2001-06-27 2003-06-25 3Com Corp Method and apparatus for determining unmanaged network devices in the topology of a network
US7054264B2 (en) * 2001-07-24 2006-05-30 Corrigent Systems Ltd. Interconnect and gateway protection in bidirectional ring networks
US7145878B2 (en) * 2001-07-27 2006-12-05 Corrigent Systems Ltd. Avoiding overlapping segments in transparent LAN services on ring-based networks
US7061859B2 (en) * 2001-08-30 2006-06-13 Corrigent Systems Ltd. Fast protection in ring topologies
US20030048501A1 (en) * 2001-09-12 2003-03-13 Michael Guess Metropolitan area local access service system
AU2002340023A1 (en) 2001-09-24 2003-04-07 Rumi Sheryar Gonda Method for supporting ethernet mac circuits
US7283478B2 (en) * 2001-11-28 2007-10-16 Corrigent Systems Ltd. Traffic engineering in bi-directional ring networks
US7177946B1 (en) * 2001-12-06 2007-02-13 Cisco Technology, Inc. Optimal sync for rapid spanning tree protocol
EP3401794A1 (en) * 2002-01-08 2018-11-14 Seven Networks, LLC Connection architecture for a mobile network
GB0200838D0 (en) * 2002-01-15 2002-03-06 Xchangepoint Holdings Ltd Virtual local area network interconnection
US7751409B1 (en) * 2002-03-20 2010-07-06 Oracle America, Inc. Logical service domains for enabling network mobility
US7529180B1 (en) * 2002-03-29 2009-05-05 Marvell International Ltd. Switch failover for aggregated data communication links
US7489867B1 (en) * 2002-05-06 2009-02-10 Cisco Technology, Inc. VoIP service over an ethernet network carried by a DWDM optical supervisory channel
JP4032816B2 (en) * 2002-05-08 2008-01-16 株式会社日立製作所 Storage network topology management system
US7941558B2 (en) * 2002-06-04 2011-05-10 Alcatel-Lucent Usa Inc. Loop elimination in a communications network
US7346709B2 (en) * 2002-08-28 2008-03-18 Tellabs Operations, Inc. Methods for assigning rings in a network
US8463947B2 (en) * 2002-08-28 2013-06-11 Tellabs Operations, Inc. Method of finding rings for optimal routing of digital information
KR100456674B1 (en) * 2002-11-09 2004-11-10 한국전자통신연구원 Method and apparatus for determining communication path on network using spanning tree and detecting circuits
JP3799010B2 (en) * 2002-12-19 2006-07-19 アンリツ株式会社 Mesh network bridge
US7917468B2 (en) 2005-08-01 2011-03-29 Seven Networks, Inc. Linking of personal information management data
US7853563B2 (en) 2005-08-01 2010-12-14 Seven Networks, Inc. Universal data aggregation
US8468126B2 (en) 2005-08-01 2013-06-18 Seven Networks, Inc. Publishing data in an information community
US8867333B2 (en) * 2003-03-31 2014-10-21 Alcatel Lucent Restoration path calculation considering shared-risk link groups in mesh networks
US7643408B2 (en) * 2003-03-31 2010-01-05 Alcatel-Lucent Usa Inc. Restoration time in networks
US8296407B2 (en) * 2003-03-31 2012-10-23 Alcatel Lucent Calculation, representation, and maintenance of sharing information in mesh networks
US7689693B2 (en) * 2003-03-31 2010-03-30 Alcatel-Lucent Usa Inc. Primary/restoration path calculation in mesh networks based on multiple-cost criteria
US7646706B2 (en) * 2003-03-31 2010-01-12 Alcatel-Lucent Usa Inc. Restoration time in mesh networks
US20040202185A1 (en) * 2003-04-14 2004-10-14 International Business Machines Corporation Multiple virtual local area network support for shared network adapters
US7376832B2 (en) 2003-04-21 2008-05-20 International Business Machines Corporation Distributed method, system and computer program product for establishing security in a publish/subscribe data processing broker network
US7558844B1 (en) 2003-05-06 2009-07-07 Juniper Networks, Inc. Systems and methods for implementing dynamic subscriber interfaces
US7336605B2 (en) 2003-05-13 2008-02-26 Corrigent Systems, Inc. Bandwidth allocation for link aggregation
US8078756B2 (en) * 2003-06-03 2011-12-13 Cisco Technology, Inc. Computing a path for an open ended uni-directional path protected switched ring
US7596595B2 (en) * 2003-06-18 2009-09-29 Utah State University Efficient unicast-based multicast tree construction and maintenance for multimedia transmission
US20050141523A1 (en) * 2003-12-29 2005-06-30 Chiang Yeh Traffic engineering scheme using distributed feedback
US8718057B1 (en) * 2004-01-20 2014-05-06 Nortel Networks Limited Ethernet LAN service enhancements
US8111612B2 (en) * 2004-04-02 2012-02-07 Alcatel Lucent Link-based recovery with demand granularity in mesh networks
US7418000B2 (en) * 2004-06-03 2008-08-26 Corrigent Systems Ltd. Automated weight calculation for packet networks
US7733812B2 (en) * 2004-06-07 2010-06-08 Alcatel Method for enabling multipoint network services over a ring topology network
US7330431B2 (en) * 2004-09-03 2008-02-12 Corrigent Systems Ltd. Multipoint to multipoint communication over ring topologies
GB2418326B (en) * 2004-09-17 2007-04-11 Hewlett Packard Development Co Network vitrualization
US7958208B2 (en) * 2004-09-22 2011-06-07 At&T Intellectual Property I, L.P. System and method for designing a customized switched metro Ethernet data network
WO2006045102A2 (en) * 2004-10-20 2006-04-27 Seven Networks, Inc. Method and apparatus for intercepting events in a communication system
US8010082B2 (en) 2004-10-20 2011-08-30 Seven Networks, Inc. Flexible billing architecture
US7974223B2 (en) 2004-11-19 2011-07-05 Corrigent Systems Ltd. Virtual private LAN service over ring networks
US7706781B2 (en) 2004-11-22 2010-04-27 Seven Networks International Oy Data security in a mobile e-mail service
FI117152B (en) 2004-12-03 2006-06-30 Seven Networks Internat Oy E-mail service provisioning method for mobile terminal, involves using domain part and further parameters to generate new parameter set in list of setting parameter sets, if provisioning of e-mail service is successful
US7877703B1 (en) 2005-03-14 2011-01-25 Seven Networks, Inc. Intelligent rendering of information in a limited display environment
US7768932B2 (en) * 2005-04-13 2010-08-03 Hewlett-Packard Development Company, L.P. Method for analyzing a system in a network
US7796742B1 (en) 2005-04-21 2010-09-14 Seven Networks, Inc. Systems and methods for simplified provisioning
US8438633B1 (en) 2005-04-21 2013-05-07 Seven Networks, Inc. Flexible real-time inbox access
US7957276B2 (en) 2005-04-28 2011-06-07 Telcordia Licensing Company, Llc Call admission control and preemption control over a secure tactical network
WO2006136660A1 (en) 2005-06-21 2006-12-28 Seven Networks International Oy Maintaining an ip connection in a mobile network
US7792017B2 (en) * 2005-06-24 2010-09-07 Infinera Corporation Virtual local area network configuration for multi-chassis network element
US8069166B2 (en) 2005-08-01 2011-11-29 Seven Networks, Inc. Managing user-to-user contact with inferred presence information
JP4283792B2 (en) * 2005-08-29 2009-06-24 富士通株式会社 Band control method and transmission apparatus
US7933237B2 (en) 2005-12-23 2011-04-26 Telcordia Licensing Company, Llc Ensuring quality of service of communications in networks
US7983150B2 (en) 2006-01-18 2011-07-19 Corrigent Systems Ltd. VPLS failure protection in ring networks
US7769395B2 (en) * 2006-06-20 2010-08-03 Seven Networks, Inc. Location-based operations and messaging
US7808931B2 (en) 2006-03-02 2010-10-05 Corrigent Systems Ltd. High capacity ring communication network
US8274989B1 (en) * 2006-03-31 2012-09-25 Rockstar Bidco, LP Point-to-multipoint (P2MP) resilience for GMPLS control of ethernet
US7593400B2 (en) 2006-05-19 2009-09-22 Corrigent Systems Ltd. MAC address learning in a distributed bridge
US9250972B2 (en) * 2006-06-19 2016-02-02 International Business Machines Corporation Orchestrated peer-to-peer server provisioning
US7760668B1 (en) 2006-06-20 2010-07-20 Force 10 Networks, Inc. Self-reconfiguring spanning tree
US20080001717A1 (en) * 2006-06-20 2008-01-03 Trevor Fiatal System and method for group management
US7660303B2 (en) 2006-08-22 2010-02-09 Corrigent Systems Ltd. Point-to-multipoint functionality in a bridged network
US8340110B2 (en) 2006-09-15 2012-12-25 Trapeze Networks, Inc. Quality of service provisioning for wireless networks
US7903586B2 (en) * 2006-11-01 2011-03-08 Alcatel Lucent Ring rapid multiple spanning tree protocol system and method
KR20080082830A (en) * 2007-03-09 2008-09-12 삼성전자주식회사 Flushing processing unit and method of switching device in network for using spanning tree protocol
US8693494B2 (en) 2007-06-01 2014-04-08 Seven Networks, Inc. Polling
US8805425B2 (en) 2007-06-01 2014-08-12 Seven Networks, Inc. Integrated messaging
US8385355B1 (en) * 2007-11-07 2013-02-26 Brixham Solutions Ltd E-Trees over MPLS and PBB-TE networks
CN100534024C (en) * 2007-11-26 2009-08-26 中控科技集团有限公司 Industry ethernet based fault processing method, system and a switching arrangement
US8364181B2 (en) 2007-12-10 2013-01-29 Seven Networks, Inc. Electronic-mail filtering for mobile devices
US9002828B2 (en) 2007-12-13 2015-04-07 Seven Networks, Inc. Predictive content delivery
US8793305B2 (en) 2007-12-13 2014-07-29 Seven Networks, Inc. Content delivery to a mobile device from a content service
US8107921B2 (en) 2008-01-11 2012-01-31 Seven Networks, Inc. Mobile virtual network operator
US8862657B2 (en) 2008-01-25 2014-10-14 Seven Networks, Inc. Policy based content service
US20090193338A1 (en) 2008-01-28 2009-07-30 Trevor Fiatal Reducing network and battery consumption during content delivery and playback
US7995488B2 (en) * 2008-02-29 2011-08-09 Telefonaktiebolaget L M Ericsson (Publ) Connectivity fault management for ethernet tree (E-Tree) type services
US8787947B2 (en) 2008-06-18 2014-07-22 Seven Networks, Inc. Application discovery on mobile devices
US8078158B2 (en) 2008-06-26 2011-12-13 Seven Networks, Inc. Provisioning applications for a mobile device
US8909759B2 (en) 2008-10-10 2014-12-09 Seven Networks, Inc. Bandwidth measurement
CN102714611B (en) * 2010-01-29 2016-04-27 惠普发展公司,有限责任合伙企业 The configuration of network link in virtual connection environment
WO2011126889A2 (en) 2010-03-30 2011-10-13 Seven Networks, Inc. 3d mobile user interface with configurable workspace management
US8838783B2 (en) 2010-07-26 2014-09-16 Seven Networks, Inc. Distributed caching for resource and mobile network traffic management
GB2500333B (en) 2010-07-26 2014-10-08 Seven Networks Inc Mobile application traffic optimization
US9077630B2 (en) 2010-07-26 2015-07-07 Seven Networks, Inc. Distributed implementation of dynamic wireless traffic policy
US9043433B2 (en) 2010-07-26 2015-05-26 Seven Networks, Inc. Mobile network traffic coordination across multiple applications
US9330196B2 (en) 2010-11-01 2016-05-03 Seven Networks, Llc Wireless traffic management system cache optimization using http headers
US8484314B2 (en) 2010-11-01 2013-07-09 Seven Networks, Inc. Distributed caching in a wireless network of content delivered for a mobile application over a long-held request
WO2012061437A1 (en) 2010-11-01 2012-05-10 Michael Luna Cache defeat detection and caching of content addressed by identifiers intended to defeat cache
GB2499534B (en) 2010-11-01 2018-09-19 Seven Networks Llc Caching adapted for mobile application behavior and network conditions
US9060032B2 (en) 2010-11-01 2015-06-16 Seven Networks, Inc. Selective data compression by a distributed traffic management system to reduce mobile data traffic and signaling traffic
WO2012060995A2 (en) 2010-11-01 2012-05-10 Michael Luna Distributed caching in a wireless network of content delivered for a mobile application over a long-held request
US8326985B2 (en) 2010-11-01 2012-12-04 Seven Networks, Inc. Distributed management of keep-alive message signaling for mobile network resource conservation and optimization
US8843153B2 (en) 2010-11-01 2014-09-23 Seven Networks, Inc. Mobile traffic categorization and policy for network use optimization while preserving user experience
US8166164B1 (en) 2010-11-01 2012-04-24 Seven Networks, Inc. Application and network-based long poll request detection and cacheability assessment therefor
GB2495463B (en) 2010-11-22 2013-10-09 Seven Networks Inc Aligning data transfer to optimize connections established for transmission over a wireless network
GB2500327B (en) 2010-11-22 2019-11-06 Seven Networks Llc Optimization of resource polling intervals to satisfy mobile device requests
GB2501416B (en) 2011-01-07 2018-03-21 Seven Networks Llc System and method for reduction of mobile network traffic used for domain name system (DNS) queries
WO2012145533A2 (en) 2011-04-19 2012-10-26 Seven Networks, Inc. Shared resource and virtual resource management in a networked environment
GB2504037B (en) 2011-04-27 2014-12-24 Seven Networks Inc Mobile device which offloads requests made by a mobile application to a remote entity for conservation of mobile device and network resources
WO2012149434A2 (en) 2011-04-27 2012-11-01 Seven Networks, Inc. Detecting and preserving state for satisfying application requests in a distributed proxy and cache system
WO2013015994A1 (en) 2011-07-27 2013-01-31 Seven Networks, Inc. Monitoring mobile application activities for malicious traffic on a mobile device
US9692732B2 (en) 2011-11-29 2017-06-27 Amazon Technologies, Inc. Network connection automation
US8868753B2 (en) 2011-12-06 2014-10-21 Seven Networks, Inc. System of redundantly clustered machines to provide failover mechanisms for mobile traffic management and network resource conservation
US8934414B2 (en) 2011-12-06 2015-01-13 Seven Networks, Inc. Cellular or WiFi mobile traffic optimization based on public or private network destination
WO2013086447A1 (en) 2011-12-07 2013-06-13 Seven Networks, Inc. Radio-awareness of mobile device for sending server-side control signals using a wireless network optimized transport protocol
US9009250B2 (en) 2011-12-07 2015-04-14 Seven Networks, Inc. Flexible and dynamic integration schemas of a traffic management system with various network operators for network traffic alleviation
US8861354B2 (en) 2011-12-14 2014-10-14 Seven Networks, Inc. Hierarchies and categories for management and deployment of policies for distributed wireless traffic optimization
EP2792188B1 (en) 2011-12-14 2019-03-20 Seven Networks, LLC Mobile network reporting and usage analytics system and method using aggregation of data in a distributed traffic optimization system
US9832095B2 (en) 2011-12-14 2017-11-28 Seven Networks, Llc Operation modes for mobile traffic optimization and concurrent management of optimized and non-optimized traffic
GB2499306B (en) 2012-01-05 2014-10-22 Seven Networks Inc Managing user interaction with an application on a mobile device
WO2013116856A1 (en) 2012-02-02 2013-08-08 Seven Networks, Inc. Dynamic categorization of applications for network access in a mobile network
US9326189B2 (en) 2012-02-03 2016-04-26 Seven Networks, Llc User as an end point for profiling and optimizing the delivery of content and data in a wireless network
US8812695B2 (en) 2012-04-09 2014-08-19 Seven Networks, Inc. Method and system for management of a virtual network connection without heartbeat messages
US10263899B2 (en) 2012-04-10 2019-04-16 Seven Networks, Llc Enhanced customer service for mobile carriers using real-time and historical mobile application and traffic or optimization data associated with mobile devices in a mobile network
US8817598B2 (en) * 2012-04-19 2014-08-26 Cisco Technology, Inc. Hardware based convergence for a ring network
WO2014011216A1 (en) 2012-07-13 2014-01-16 Seven Networks, Inc. Dynamic bandwidth adjustment for browsing or streaming activity in a wireless network based on prediction of user behavior when interacting with mobile applications
US9161258B2 (en) 2012-10-24 2015-10-13 Seven Networks, Llc Optimized and selective management of policy deployment to mobile clients in a congested network to prevent further aggravation of network congestion
US9307493B2 (en) 2012-12-20 2016-04-05 Seven Networks, Llc Systems and methods for application management of mobile device radio state promotion and demotion
US9241314B2 (en) 2013-01-23 2016-01-19 Seven Networks, Llc Mobile device with application or context aware fast dormancy
US8874761B2 (en) 2013-01-25 2014-10-28 Seven Networks, Inc. Signaling optimization in a wireless network for traffic utilizing proprietary and non-proprietary protocols
US8750123B1 (en) 2013-03-11 2014-06-10 Seven Networks, Inc. Mobile device equipped with mobile network congestion recognition to make intelligent decisions regarding connecting to an operator network
US9065765B2 (en) 2013-07-22 2015-06-23 Seven Networks, Inc. Proxy server associated with a mobile carrier for enhancing mobile traffic management in a mobile network
US11563806B1 (en) * 2019-05-17 2023-01-24 R-Stor, Inc. Content distribution network system and method
CN113645114A (en) * 2021-08-13 2021-11-12 广汽丰田汽车有限公司 Network failure prevention system, network management method, vehicle, and storage medium

Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4872157A (en) * 1988-03-31 1989-10-03 American Telephone And Telegraph Company, At&T Bell Laboratories Architecture and organization of a high performance metropolitan area telecommunications packet network
US4872158A (en) * 1988-03-31 1989-10-03 American Telephone And Telegraph Company, At&T Bell Laboratories Distributed control rapid connection circuit switch
US5081621A (en) * 1988-04-05 1992-01-14 Hitachi, Ltd. Method and apparatus for controlling data communication on a multi-network
US5517498A (en) * 1993-09-20 1996-05-14 International Business Machines Corporation Spatial reuse of bandwidth on a ring network
US5757795A (en) * 1996-04-25 1998-05-26 Compaq Computer Corporation Method and apparatus for hashing addresses in a network switch
US5881131A (en) * 1993-11-16 1999-03-09 Bell Atlantic Network Services, Inc. Analysis and validation system for provisioning network related facilities
US5935209A (en) * 1996-09-09 1999-08-10 Next Level Communications System and method for managing fiber-to-the-curb network elements
US6085238A (en) * 1996-04-23 2000-07-04 Matsushita Electric Works, Ltd. Virtual LAN system
US6084858A (en) * 1997-01-29 2000-07-04 Cabletron Systems, Inc. Distribution of communication load over multiple paths based upon link utilization
US6094687A (en) * 1998-01-17 2000-07-25 Fore Systems, Inc. System and method for connecting source nodes and destination nodes regarding efficient quality of services route determination using connection profiles
US6262977B1 (en) * 1998-08-28 2001-07-17 3Com Corporation High availability spanning tree with rapid reconfiguration
US6304575B1 (en) * 1998-08-31 2001-10-16 Cisco Technology, Inc. Token ring spanning tree protocol
US6515969B1 (en) * 1999-03-01 2003-02-04 Cisco Technology, Inc. Virtual local area network membership registration protocol for multiple spanning tree network environments
US6535490B1 (en) * 1999-03-04 2003-03-18 3Com Corporation High availability spanning tree with rapid reconfiguration with alternate port selection
US6629149B1 (en) * 1999-08-17 2003-09-30 At&T Corp. Network system and method
US6628624B1 (en) * 1998-12-09 2003-09-30 Cisco Technology, Inc. Value-added features for the spanning tree protocol

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB9401092D0 (en) * 1994-01-21 1994-03-16 Newbridge Networks Corp A network management system
US5742604A (en) * 1996-03-28 1998-04-21 Cisco Systems, Inc. Interswitch link mechanism for connecting high-performance network switches
EP0844755B1 (en) * 1996-08-27 2007-10-03 Nippon Telegraph And Telephone Corporation Trunk transmission network
US5923659A (en) * 1996-09-20 1999-07-13 Bell Atlantic Network Services, Inc. Telecommunications network
US6157647A (en) * 1996-11-06 2000-12-05 3Com Corporation Direct addressing between VLAN subnets
AU729166B2 (en) * 1996-12-06 2001-01-25 Telcordia Technologies, Inc. Inter-ring cross-connect for survivable multi-wavelength optical communication networks
US5940376A (en) * 1997-01-29 1999-08-17 Cabletron Systems, Inc. Method and apparatus to establish a tap-point in a switched network using self-configuring switches having distributed configuration capabilities
US6041057A (en) * 1997-03-24 2000-03-21 Xylan Corporation Self-configuring ATM network
US6331983B1 (en) * 1997-05-06 2001-12-18 Enterasys Networks, Inc. Multicast switching
US6061335A (en) * 1997-07-24 2000-05-09 At&T Corp Method for designing SONET ring networks suitable for local access
US6295146B1 (en) * 1998-01-14 2001-09-25 Mci Communications Corporation System and method for sharing a spare channel among two or more optical ring networks
US6674727B1 (en) * 1998-11-30 2004-01-06 Cisco Technology, Inc. Distributed ring protocol and database
US6373826B1 (en) * 1998-12-15 2002-04-16 Nortel Networks Limited Spanning tree algorithm
US6707789B1 (en) * 1998-12-18 2004-03-16 At&T Corp. Flexible SONET ring with integrated cross-connect system
EP1132844A3 (en) * 2000-03-02 2002-06-05 Telseon IP Services Inc. E-commerce system facilitating service networks including broadband communication service networks
US6744769B1 (en) * 2000-10-19 2004-06-01 Nortel Networks Limited Path provisioning on ring-based networks

Patent Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4872157A (en) * 1988-03-31 1989-10-03 American Telephone And Telegraph Company, At&T Bell Laboratories Architecture and organization of a high performance metropolitan area telecommunications packet network
US4872158A (en) * 1988-03-31 1989-10-03 American Telephone And Telegraph Company, At&T Bell Laboratories Distributed control rapid connection circuit switch
US5081621A (en) * 1988-04-05 1992-01-14 Hitachi, Ltd. Method and apparatus for controlling data communication on a multi-network
US5517498A (en) * 1993-09-20 1996-05-14 International Business Machines Corporation Spatial reuse of bandwidth on a ring network
US5881131A (en) * 1993-11-16 1999-03-09 Bell Atlantic Network Services, Inc. Analysis and validation system for provisioning network related facilities
US6085238A (en) * 1996-04-23 2000-07-04 Matsushita Electric Works, Ltd. Virtual LAN system
US5757795A (en) * 1996-04-25 1998-05-26 Compaq Computer Corporation Method and apparatus for hashing addresses in a network switch
US5935209A (en) * 1996-09-09 1999-08-10 Next Level Communications System and method for managing fiber-to-the-curb network elements
US6084858A (en) * 1997-01-29 2000-07-04 Cabletron Systems, Inc. Distribution of communication load over multiple paths based upon link utilization
US6094687A (en) * 1998-01-17 2000-07-25 Fore Systems, Inc. System and method for connecting source nodes and destination nodes regarding efficient quality of services route determination using connection profiles
US6262977B1 (en) * 1998-08-28 2001-07-17 3Com Corporation High availability spanning tree with rapid reconfiguration
US6304575B1 (en) * 1998-08-31 2001-10-16 Cisco Technology, Inc. Token ring spanning tree protocol
US6628624B1 (en) * 1998-12-09 2003-09-30 Cisco Technology, Inc. Value-added features for the spanning tree protocol
US6515969B1 (en) * 1999-03-01 2003-02-04 Cisco Technology, Inc. Virtual local area network membership registration protocol for multiple spanning tree network environments
US6535490B1 (en) * 1999-03-04 2003-03-18 3Com Corporation High availability spanning tree with rapid reconfiguration with alternate port selection
US6629149B1 (en) * 1999-08-17 2003-09-30 At&T Corp. Network system and method

Cited By (72)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020009092A1 (en) * 2000-03-02 2002-01-24 Seaman Michael J. Broadband tree-configured ring for metropolitan area networks
US6826158B2 (en) * 2000-03-02 2004-11-30 Onfiber Communications, Inc. Broadband tree-configured ring for metropolitan area networks
US20060275034A9 (en) * 2000-05-22 2006-12-07 Winston Way Fully protected broadcast and select all optical network
US20030180047A1 (en) * 2000-05-22 2003-09-25 Winston Way Fully protected broadcast and select all optical network
US20060269295A1 (en) * 2000-05-22 2006-11-30 Opvista Incorporated, A California Corporation Optical double sideband modulation technique with increased spectral efficiency
US7515833B2 (en) 2000-05-22 2009-04-07 Opvista Incorporated Optical double sideband modulation technique with increased spectral efficiency
US7499647B2 (en) 2000-05-22 2009-03-03 Opvista Incorporated Fully protected broadcast and select all optical network
US7545757B2 (en) * 2000-09-11 2009-06-09 Cisco Technolohy, Inc. STP root guard
US20060092862A1 (en) * 2000-09-11 2006-05-04 Benedetto Marco D STP root guard
US20080259786A1 (en) * 2001-09-04 2008-10-23 Rumi Sheryar Gonda System and method for supporting sdh/sonet aps on ethernet
US7746768B2 (en) 2001-09-04 2010-06-29 Rumi Sheryar Gonda System and method for supporting SDH/SONET APS on ethernet
US7394758B2 (en) 2001-09-04 2008-07-01 Rumi Sheryar Gonda Method for supporting SDH/SONET APS on Ethernet
US20030043736A1 (en) * 2001-09-04 2003-03-06 Gonda Rumi Sheryar Method for supporting SDH/SONET APS on ethernet
US7154861B1 (en) * 2002-04-22 2006-12-26 Extreme Networks Method and system for a virtual local area network to span multiple loop free network topology domains
US7680031B1 (en) * 2002-04-26 2010-03-16 Redback Networks Inc. Method and apparatus for load balancing and protecting data traffic in an optical ring
US20050254448A1 (en) * 2002-05-08 2005-11-17 Haitao Tang Distribution scheme for distributing information in a network
US8023435B2 (en) * 2002-05-08 2011-09-20 Nokia Corporation Distribution scheme for distributing information in a network
US7398321B2 (en) * 2002-05-14 2008-07-08 The Research Foundation Of Suny Segment protection scheme for a network
US20030229807A1 (en) * 2002-05-14 2003-12-11 The Research Foundation Of State University Of New York, University At Buffalo Segment protection scheme for a network
US20040105455A1 (en) * 2002-08-29 2004-06-03 Seaman Michael John Automatic edge port and one way connectivity detection with rapid reconfiguration for shared media in spanning tree configured bridged Local Area Networks
US20040098510A1 (en) * 2002-11-15 2004-05-20 Ewert Peter M. Communicating between network processors
US20060123428A1 (en) * 2003-05-15 2006-06-08 Nantasket Software, Inc. Network management system permitting remote management of systems by users with limited skills
US7602706B1 (en) * 2003-05-15 2009-10-13 Cisco Technology, Inc. Inter-ring protection for shared packet rings
US20050050220A1 (en) * 2003-08-26 2005-03-03 Alcatel Selective transmission rate limiter for rapid spanning tree protocol
US7324461B2 (en) 2003-08-26 2008-01-29 Alcatel Lucent Selective transmission rate limiter for rapid spanning tree protocol
US7577367B2 (en) 2004-06-15 2009-08-18 Op Vista Incorporated Optical communication using duobinary modulation
US20050286908A1 (en) * 2004-06-15 2005-12-29 Way Winston I Optical communication using duobinary modulation
US20060007869A1 (en) * 2004-07-09 2006-01-12 Fujitsu Limited Method for preventing control packet loop and bridge apparatus using the method
US8582467B2 (en) * 2004-07-09 2013-11-12 Fujitsu Limited Method for preventing control packet looping and bridge apparatus using the method
US9246834B2 (en) 2004-10-22 2016-01-26 Cisco Technology, Inc. Fibre channel over ethernet
US20110007741A1 (en) * 2004-10-22 2011-01-13 Cisco Technology, Inc. Forwarding table reduction and multipath network forwarding
US8532099B2 (en) * 2004-10-22 2013-09-10 Cisco Technology, Inc. Forwarding table reduction and multipath network forwarding
US8842694B2 (en) 2004-10-22 2014-09-23 Cisco Technology, Inc. Fibre Channel over Ethernet
US20060171302A1 (en) * 2005-02-03 2006-08-03 Cisco Technology, Inc. Data transmission in a network comprising bridges
US20060275035A1 (en) * 2005-05-02 2006-12-07 Way Winston I Multiple interconnected broadcast and select optical ring networks with revertible protection switch
WO2006119375A3 (en) * 2005-05-02 2007-10-11 Opvista Inc Multiple interconnected broadcast and select optical ring networks with revertible protection switch
WO2006119375A2 (en) * 2005-05-02 2006-11-09 Opvista, Incorporated Multiple interconnected broadcast and select optical ring networks with revertible protection switch
US20060291378A1 (en) * 2005-06-28 2006-12-28 Alcatel Communication path redundancy protection systems and methods
US9203731B2 (en) * 2005-09-16 2015-12-01 Cisco Technology, Inc. Mechanism to implement a layer 2 gateway
US20070076635A1 (en) * 2005-09-16 2007-04-05 Cisco Technology, Inc. Mechanism to implement a layer 2 gateway
US8792352B2 (en) 2005-10-11 2014-07-29 Cisco Technology, Inc. Methods and devices for backward congestion notification
US20070086332A1 (en) * 2005-10-13 2007-04-19 Way Winston I Optical ring networks using circulating optical probe in protection switching with automatic reversion
US8139476B2 (en) 2005-10-13 2012-03-20 Vello Systems, Inc. Optical ring networks using circulating optical probe in protection switching with automatic reversion
KR100723883B1 (en) 2005-12-07 2007-05-31 한국전자통신연구원 Root switch in ethernet network and method for mapping switch to a unique identifier by using the same
US7836360B2 (en) * 2007-04-09 2010-11-16 International Business Machines Corporation System and method for intrusion prevention high availability fail over
US20080250137A1 (en) * 2007-04-09 2008-10-09 International Business Machines Corporation System and method for intrusion prevention high availability fail over
US7773883B1 (en) 2007-05-04 2010-08-10 Vello Systems, Inc. Single-fiber optical ring networks based on optical double sideband modulation
US20080279096A1 (en) * 2007-05-11 2008-11-13 Sullivan Michael J Lightweight node based network redundancy solution leveraging rapid spanning tree protocol (rstp)
GB2449178A (en) * 2007-05-11 2008-11-12 Boeing Co Dynamic switching to a redundant bridge by a node using bridge protoccol data unit (BPDU) messages and the rapid spanning tree protocol (RSTP)
GB2449178B (en) * 2007-05-11 2009-09-23 Boeing Co Lightweight node based network redundancy solution leveraging rapid spanning tree protocol (RSTP)
US7792056B2 (en) * 2007-05-11 2010-09-07 The Boeing Company Lightweight node based network redundancy solution leveraging rapid spanning tree protocol (RSTP)
US8175458B2 (en) 2007-07-17 2012-05-08 Vello Systems, Inc. Optical ring networks having node-to-node optical communication channels for carrying data traffic
US8804529B2 (en) 2007-08-21 2014-08-12 Cisco Technology, Inc. Backward congestion notification
US9237034B2 (en) * 2008-10-21 2016-01-12 Iii Holdings 1, Llc Methods and systems for providing network access redundancy
US20100097926A1 (en) * 2008-10-21 2010-04-22 Liquid Computing Corporation Methods and systems for providing network access redundancy
US9979678B2 (en) 2008-10-21 2018-05-22 Iii Holdings 1, Llc Methods and systems for providing network access redundancy
US20100322263A1 (en) * 2009-06-18 2010-12-23 Nortel Networks Limoted Method and Apparatus for Implementing Control of Multiple Physically Dual Homed Devices
US8649259B2 (en) 2009-06-18 2014-02-11 Rockstar Consortium Us Lp Method and apparatus for implementing control of multiple physically dual homed devices
US8184648B2 (en) * 2009-06-18 2012-05-22 Rockstar Bidco, LP Method and apparatus for implementing control of multiple physically dual homed devices
US8744262B2 (en) 2009-12-08 2014-06-03 Vello Systems, Inc. Optical subchannel routing, protection switching and security
US10972209B2 (en) 2009-12-08 2021-04-06 Snell Holdings, Llc Subchannel photonic routing, switching and protection with simplified upgrades of WDM optical networks
US9054832B2 (en) 2009-12-08 2015-06-09 Treq Labs, Inc. Management, monitoring and performance optimization of optical networks
US10630418B2 (en) 2009-12-08 2020-04-21 Snell Holdings, Llc Optical subchannel routing, protection switching and security
US20110158641A1 (en) * 2009-12-08 2011-06-30 Vello Systems, Inc. Subchannel Photonic Routing, Switching and Protection with Simplified Upgrades of WDM Optical Networks
US9485050B2 (en) 2009-12-08 2016-11-01 Treq Labs, Inc. Subchannel photonic routing, switching and protection with simplified upgrades of WDM optical networks
US8705741B2 (en) 2010-02-22 2014-04-22 Vello Systems, Inc. Subchannel security at the optical layer
US20110206203A1 (en) * 2010-02-22 2011-08-25 Vello Systems, Inc. Subchannel security at the optical layer
US8542999B2 (en) 2011-02-01 2013-09-24 Vello Systems, Inc. Minimizing bandwidth narrowing penalties in a wavelength selective switch optical network
US9124524B2 (en) * 2011-06-29 2015-09-01 Broadcom Corporation System and method for priority based flow control between nodes
US20130003550A1 (en) * 2011-06-29 2013-01-03 Broadcom Corporation System and Method for Priority Based Flow Control Between Nodes
US11025527B2 (en) * 2019-07-22 2021-06-01 Dell Products L.P. Topology change processing in bridged networks using a spanning tree protocol
US11950140B2 (en) 2021-10-25 2024-04-02 Dell Products Lp System and method for providing device management and network management at an edge device

Also Published As

Publication number Publication date
US20020009092A1 (en) 2002-01-24
EP1132844A3 (en) 2002-06-05
EP1132844A2 (en) 2001-09-12
US20020038253A1 (en) 2002-03-28
US6826158B2 (en) 2004-11-30

Similar Documents

Publication Publication Date Title
US20020023170A1 (en) Use of active topology protocols, including the spanning tree, for resilient redundant connection of an edge device
US8854975B2 (en) Scaling OAM for point-to-point trunking
US6963575B1 (en) Enhanced data switching/routing for multi-regional IP over fiber network
KR101503629B1 (en) Differential forwarding in address-based carrier networks
US7872991B2 (en) Methods and systems for providing MPLS-based layer-2 virtual private network services
US7272137B2 (en) Data stream filtering apparatus and method
EP1974485B1 (en) Vpls failure protection in ring networks
RU2530338C2 (en) Prepared connection based on state of communication lines of providers (plsb) with routed redundancy
US7152115B2 (en) Virtual private networks
US8687519B2 (en) Forced medium access control (MAC) learning in bridged ethernet networks
US7986619B2 (en) Packet network system
KR20070095374A (en) Connection-oriented communications scheme for connection-less communications traffic
CN102273138A (en) Inter-network carrier Ethernet service protection
US20070121664A1 (en) Method and system for double data rate transmission
JP5295273B2 (en) Data stream filtering apparatus and method
US20090279551A1 (en) Vertical integration of network management for ethernet and the optical transport
WO2008053145A1 (en) Ethernet p-cycle protection scheme
Forouzan Local area networks
US20070121619A1 (en) Communications distribution system
US7715429B2 (en) Interconnect system for supply chain management of virtual private network services
JP7243202B2 (en) Network management device, method and program
JP2004032633A (en) System and method for monitoring transmission network

Legal Events

Date Code Title Description
AS Assignment

Owner name: TELSEON IP SERVICES, INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:SEAMAN, MICHAEL J.;JAIN, VIPIN;REEL/FRAME:011584/0864

Effective date: 20010228

AS Assignment

Owner name: ONFIBER COMMUNICATIONS, INC., COLORADO

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:TELSEON IP SERVICES INC.;REEL/FRAME:013374/0513

Effective date: 20020731

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION

AS Assignment

Owner name: COMERICA BANK, MICHIGAN

Free format text: SECURITY AGREEMENT;ASSIGNORS:ONFIBER COMMUNICATIONS, INC.;ONFIBER CARRIER SERVICES - VIRGINIA, INC.;INFO-TECH COMMUNICATIONS;AND OTHERS;REEL/FRAME:017379/0215

Effective date: 20051006

AS Assignment

Owner name: ONFIBER CARRIER SERVICES, INC., TEXAS

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:COMERICA BANK;REEL/FRAME:018847/0033

Effective date: 20070202

Owner name: ONFIBER CARRIER SERVICES-VIRGINIA, INC., TEXAS

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:COMERICA BANK;REEL/FRAME:018847/0033

Effective date: 20070202

Owner name: INFO-TECH COMMUNICATIONS, TEXAS

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:COMERICA BANK;REEL/FRAME:018847/0033

Effective date: 20070202

Owner name: ONFIBER COMMUNICATIONS, INC., TEXAS

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:COMERICA BANK;REEL/FRAME:018847/0033

Effective date: 20070202

AS Assignment

Owner name: QWEST COMMUNICATIONS INTERNATIONAL INC., COLORADO

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:ONFIBER COMMUNICATIONS, INC.;REEL/FRAME:019781/0759

Effective date: 20070830