Software – Charles I. Cook, Michael K. Bugenhagen, Kevin M. McBride, Andrew V. Cook, CenturyLink Intellectual Property LLC
Abstract for “System and Method for Implementing Extension of Customer LAN at Provider Network Service Point”
“Novel tools or techniques may be able to extend customer local area networks (?LANs?) Implementing isolated service overlays on a network. A network service point may be located outside of the demarcation points at each customer premises. This could establish a connection between a service provider network or customer LAN that has been established in a customer premises. This connection allows the system to extend the customer’s LAN between the service point and customer premises. Alternativly, or in addition, the system may establish isolated service overrides across the customer’s LAN, between the network service points and customer premises. Each of these overlays has network traffic that is separate from traffic sent along the other of the isolated service overlays.
Background for “System and Method for Implementing Extension of Customer LAN at Provider Network Service Point”
“Typically, traditional network access devices are?such as conventional residential gateways or?RGs? ), traditional business gateways (?) ), conventional network interface devices (?NIDs?) ) or conventional enhanced NIDs, (?eNIDs). ), optical network terminals that are conventional (?ONTs)? ), standard modems, or the like?provide wide area network (??WAN?) interface and local area network? Interface functions are performed at the customer’s premises. Current standards developing organization (?SDO?) Activities are focused on separating the functionality of access devices into physical and virtual components. However, this is not the solution to turning access devices into virtual network devices (?VNFs?) VNFs are currently only being explored in terms of functions hosted by the service provider network.
“Traditionally, the NID is used to translate LAN addresses into a gateway function that connects to the WAN at customer premises. The?Access? function is achieved by converting WAN addresses to LAN at customer premises. Identified as part of the WAN service (for instance,?Internet Access?). The?cloud?” term has been used in the past. Traditionally,?cloud’ services were located on the Internet Core or the WAN side of Access and were only associated with customers as a standalone service. The WAN/LAN interface functionality is located at customer premises. However, it does not allow for isolation between services or services. This could expose customer or any data being transmitted over the WAN to security and privacy issues.
“There is a need to find more robust and scalable ways to extend customer local area networks (?LANs)” Implementing isolated service overlays on a network and, in particular, methods, systems, apparatus and computer software to implement extension of customer’s LANs at provider network service points and/or implementing separate service overlays between each customer premises and the provider network service points.
“Overview”
“Various embodiments offer tools and techniques to extend customer local area networks (?LANs?) Implementing isolated service overlays on a network and/or their extension. In particular, embodiments relate to methods, systems and apparatus for implementing extended customer LANs at provider network service points and/or isolated service overlays between each customer premises and the provider network service points.
“In different embodiments, a network point that is not located at a demarcation points at any of a plurality customer premises?e.g. located in a service provider network such as at one central office (?CO)? ), a digital subscriber access multiplexer? (?DSLAM?) ), An optical line terminal (??OLT? ), an optical line terminal (?OLT? ), a network interface device (?NID? ), or an enhanced NID? A connection might be established between a service provider network (e.g., wide area network (?)), or an enhanced NID (?eNID? or similar) to a customer’s LAN that has been established in a customer’s premises. This connection allows the system to extend the customer’s LAN to the point between the customer premises and the network service provider. Sometimes, the extension of the customer’s LAN to reach the network service points and customer premises may involve extending the customer’s LAN to reach the customer premises using one or more network functions virtualization (?NFV?) Software-defined networks (?SDNs ?).”)
“Some embodiments of the system may map between the service provider network (i.e. mapping one network to another and/or vice versa), in certain cases via at least one of the following: a router function or mapper function, a programming services backbone (?PSB?) function, a SDN function or a NFV operation, and/or other similar functions. Herein, ?programmable services backbone? Also known as “platform services backbone” “Platform services backbone” is also sometimes used.
“Alternatively, or in addition, the system might create two or more service overlays?” This could include, but is not limited to, two or three of a secure service overlay, one Internet service overlay, or an Internet of Things (IoT)? service overlay, a PSB-service overlay, and a content delivery network?CDN? service overlay, a PSB service overlay, a content delivery network (?CDN?) This allows for complete isolation, security and privacy enforcement, as well as the placement of apps, data and/or content within each overlay 425 and/or any combination thereof, for every customer at each customer premises. One way to establish two or more service overlays between customer premises and network service point might be to create a virtual LAN (??VLAN?) One of two options for establishing the isolated service overlays across the customer LAN between the network service point and customer premises is to establish a virtual LAN (?VLAN?) or a virtual extensibleLAN (??VXLAN?) Each of the two or three isolated service overlays is carried across the customer’s LAN from the network service point to the customer premises. Some embodiments of the WAN include separate overlays that are handled via a broadband network gateway or border network gateway (?BNG?) As they are mapped into a LAN, the gateway and/or border function. On the LAN side, multiple methods and technologies?including, but not limited to, virtual private networks (?VPNs? ), secure shell tunnels and/or similar?may be used to transport the service and extend the WAN overlay into a LAN.
“In some cases mapping between the provider network (and the customer network) might include mapping between each of the two or three isolated service overlays. In some cases this may be done via at least one router function, mapper function or PSB function. A NFV function or SDN function could also be used. Some embodiments allow the system to place at least one firewall, application, or content within any of the two or three isolated service overlays. This will not affect network traffic or network services along the other two or more overlays.
“The implementation at a network service points (i.e. outside the customer premises) of the WAN/LAN interface and/or implementation two or more service overlays allow for, among others, greater agility in the implementation and instantiation new services, improved privacy enforcement with ability to place firewalls or applications in each stream at will, enhanced security, stronger customer control over the LAN/WAN (or both) mapping via PSB or NFV functions, hosting economics through shared central office resources and/or other similar. This is a paradigm shift from a?WAN Access’-type service (such as?Internet Access). This platform-based service is comprised of (in certain embodiments) NFV compute Nodes as well as Gateways at the Central Office, Access and the local LAN switch located at each customer site. The customer controls or owns the resources at the Central Office (or any other network service point(s), outside of the customer premises), as well as all the?WAN? Services have extremely high speed connectivity to customer compute resources in Central Office (or any other network service points(s) outside of customer premises), thus relieving any?access bottlenecks. This eliminates any?access bottlenecks? that might be caused by the traditional WAN/LAN interface at customer premises. Access is now a customer-owned, or customer-controlled, resource. This means that Access can be controlled by the customer to control the network gateway to the Access and the LAN resources at the Access site.
“Various other embodiments provide tools, techniques, and methods for implementing network enhancement gateway functionality. In particular, embodiments relate to methods, systems and apparatus for implementing network enhancement gateway functionality using network function virtualization (?NFV?). Software defined networks (SDNs) and/or network functions virtualization (?NFV?). You can combine the network enhanced gateway functionality with either one or both of the extension of customer local areas networks (?LANs?) Implementation of isolated service overlays on a network and/or extension of customer local area networks (?LANs?)
“In different embodiments, a network switching device that is located within a gateway device might route network traffic towards a host computing device. At least a portion (or all) of the network traffic may be directed to a client device via the switch and via a corresponding port among a plurality client ports. The host computing system chooses one or more virtual networks functions (?VNFs?) based at least partially on the characteristics of at least some of the network traffic directed to the client device. The host computing system then sends the selected VNFs to it via the network switch. Some embodiments allow clients to be VNF-capable, including set-top boxes and local Internet of Things (IoT) devices. Controller, and/or similar. In some embodiments, client devices might be VNF-capable (including but not limited to a set-top box or a local Internet of Things (?IoT?)). The host computing system might then send one or several second VNFs (which might either be the same or based on the selected VNFs) over the network switch and corresponding clients port to the client devices. In some embodiments, the network switch or host computing system is under the control of a NFV entity, and/or a SDN Controller. These controllers provide network enhanced gateway functions to the gateway device. The NFV entity may include at least one of a NFV orchestrator or a network functions virtualization architecture (?NFVI?) in some cases. System, NFV management (?MANO?) System, a NFV management and orchestration (?MANO?) ), a virtual machine? ), a virtual machine (?VM?)
“The network traffic between a network switch and the host computing systems, in some embodiments is at least one among uni-directional, bi-directional, or split-directional traffic that originates at least from one of the plurality or more client ports or one, more, network ports. One or more of the characteristics of received network traffic may include at least one attribute of an Ethernet frame, media access control (?MAC?) or one or both of these. Source addresses, one to more MAC destination addresses and one or several Internet Protocol (?) Source addresses, one to more MAC destination addresses, one of more Internet Protocol (?IP?) addresses, one, more or all of the transmission control protocols (?TCP?) addresses. Source addresses, one to more IP destination addresses, one- or more transmission control protocols (?TCP?) identifiers, one to three network protocol identifiers or one or two action instructions and/or similar.
“Some embodiments of the system include the host computing system and network switch within one gateway device. Alternately, or in addition, the host computer system (or another host computing systems) may be located outside of the gateway device where the network switch is disposed. The gateway device might contain a host port(s), through which the host computing might communicate with the network switch via that host port(s). In some embodiments, the gateway device might include at least one of the following: customer premises equipment (CPE) A router, a switch or network element might be included in the gateway device. A CPE might include at least one optical network terminal (??ONT?) ), a network interface device (?NID? ), an enhanced NID? ), a residential gateway?RG? device, a residential gateway (?RG?) device, a business gateway (?BG?) device, and/or similar.”
“A client device could be, simply by way of an example, one of the following: a tablet computer or smart phone, a smartphone, a mobile gaming device, a laptop, or a desktop, and/or other similar devices. A client device could also include a device from a selection of small form factor pluggables (?SFP) device, an enhanced SFP? (?SFP+?) device, a compact SFP (?CSFP?) Device, a gigabit interface convertor (?GBIC?) device, a gigabit interface converter (?GBIC?) and a universal serial bus. ), and a universal serial bus (?USB?) Some cases might include at least one SFP device, the SFP+ or CSFP device. A SFP router, SFP modem or SFP wireless access point might be included. The USB pluggable device may include a printer, scanner, combination printer/scanner device or an external hard drive. It could also include a camera, keyboard, mouse, drawing interface device, and/or the usual suspects.
“In some embodiments, one or more VNFs provide the clients device with one or many functions, the one(s) comprising at minimum one of an activation, an operation, a deletion, a special function, and a firewall function. An Internet of Things (IoT?)? proxy function, application-related function or operations, administration and management (??OAM?) function, and/or similar. Sometimes, the VNF might be part of the specialized function. According to some embodiments, each client port might include one of the following: a local area network? (?LAN?) port, a WiFi port, or an advanced technology attachment (??ATA?) port, a serial SATA (?SATA?) port, a serial ATA (?SATA?) port, an external SATA (?eSATA?) port, a mini SATA (?mSATA?) port, a SATA Express port, a M.2 port, or a universal serial bus (?USB?) port, and/or similar.”
“The host computing system may include one or more computing centers, but preferably two or three computing cores. In some cases, the host computing system might include at least one computing core that performs functions as a gateway device and at least one computing core that performs hypervisor functions to support VNFs. In some cases, the host computing system may include at least one of an x86 host computer device (?RISC?) or an advanced reduced instruction-set computer (??RISC?) machine (?ARM?) computing device. The network switch may be a virtual network device that uses a VNF network switch to provide network switching functionality. Sometimes, the transceiver may be a virtual transceiver which uses a transceiver VINF to provide transceiver functionality.
“The following detailed description illustrates some exemplary embodiments in greater detail in order to allow one skilled in the art to use such embodiments. These examples are intended only to illustrate the invention and not limit its scope.
“The following description provides a detailed explanation of the various embodiments. However, it will be obvious to those skilled in the art that the invention can be used in other ways. Other instances show certain structures and devices in block diagrams. There are many embodiments described in this document. While different features are assigned to different embodiments of the invention, it should still be understood that features described in one embodiment can be combined with other embodiments. However, not all features or features described in any embodiment of the invention should be considered essential. Other embodiments may also include such features.
“Unless otherwise stated, all numbers used in this application to express quantities, dimensions and so forth should be understood to have been modified in every instance by the term ‘about. Except where otherwise stated, the singular is used in this application. If the application is not specifically stated otherwise, the singular includes the plural. means ?and/or? Except where otherwise stated. The term?includes? is also acceptable. As well as other forms such as ‘includes,? as well as other forms, such as?includes? ?included,? should be considered non-exclusive. Terms such as “element” or “component” should be considered non-exclusive. or ?component? “Comprising both elements and parts that make up one unit as well as elements and parts that make up more than one unit, except where otherwise stated.”
“Various embodiments provide tools that include methods, systems and/or software products. A method could include one or more procedures that can be executed by a computer system. A computer system may be provided with instructions that allow it to execute one or more procedures according to various embodiments. A computer program could also include instructions that can be executed by a computer system and/or a processor to perform these operations. These programs may be encoded on tangible, physical, and/or intransitory computer-readable media (such optical media, magnetic media and/or the similar), in many cases.
“Various embodiments herein, which may include software products, computer-performed methodologies, and/or computers systems, are tangible, concrete improvements in existing technological areas. Certain embodiments can also improve the functionality of equipment and systems (e.g., telecommunications equipment. service provider networks. customer local area networks. network components). For example, enabling the extension of the customer’s LAN to span between customer premises and a network point in the service provider network (i.e. beyond the demarcation line), or by establishing two or more isolated services overlays (including but not limited to isolated service overlays for secure, Internet, IoT and PSB, CDN apps, other services and/or similar) across the customer’s LAN between the network point and customer premises. Particularly, if abstract concepts are present in any of the embodiments, these concepts can be implemented by devices, software systems, or methods that include specific new functionality (e.g. steps or operations such as extending the customer’s LAN to span between customer premises and network service points in the service provider network (i.e. beyond the demarcation line), or establishing two or more isolated service overrides (including but not limited to isolated service overlays to secure data, Internet and IoT, PSB and CDN, apps and customer premises) across the network service to customer LAN from the network service point to the customer premises and customer premises) to provide additional services and/or the combination of these functionalities and/or the like and/or the above conventional computer processing, or the like. These functionalities may produce tangible results that are not dependent on the implementing computer system. For example, they can improve privacy and security by allowing customers to control the mapping of LAN-to WAN and WAN-to LAN via PSB and/or other NFV functions. They also allow for faster implementation and instantiation of new services.
“In one aspect, a method may include establishing, at an external network service point at each customer premises, a connection between the service provider network of a customer local network (?LAN)? The customer LAN is established in a customer premises within the plurality. This could also include extending the customer’s LAN via the connection between service provider network, customer LAN to extend between customer premises and network service point.
“In some cases, the customer LAN can be extended to span between the service point and customer premises using one or more network functions virtualization (?NFV?) Software-defined networks (SDNs?) might be used. Sometimes, the network service point may be at a central office (or a digital subscriber access multiplexer (?)DSLAM). The like. Alternately, or in addition, the network service points might be located at an optical line terminal. A network access point (??NAP?) is another option. ), a network interface device (?NID? ), an enhanced NID? ), or an enhanced NID (?eNID?) Sometimes, the service provider network may be a large area network (?WAN ?).”).
“Some embodiments of the method may also include mapping between the customer LAN and the service provider network (i.e. mapping one network to another and vice versa). Sometimes, mapping between the customer’s LAN and the service provider network might include mapping between the two networks via at least one of the following: a router function or mapper function; a programmable backbone (?PSB?)); function, or a virtualization of network functions (?NFV?) function, a network functions virtualization (?NFV?) function, and/or similar.”
“Merely as an example, some embodiments might also include establishing two or three isolated service overrides across the customer’s LAN between the service point and customer premises. Each of these isolated service overlays has its own network traffic, which is separated from that transmitted by another of the two or several isolated service layers. The two or more isolated service layers might include a secure data overlay, an Internet overlay, or an Internet of Things (IoT) in some cases. service overlay, a backbone for programmable services (?PSB?) service overlay, a programmable services backbone (?PSB?) service overlay, a content delivery network (?CDN?) In some cases, the establishment of two or more service overlays between the network service point (or customer premises) and the customer LAN might involve establishing a virtual LAN? One virtual extensible network (?VLAN?) or one virtual LAN between the customer premises and the network service point might be used to establish these overlays. ), and/or similar, for each of two or more isolated service overlays across customer LAN between network service point (?VXLAN?)
“Another aspect of the system may include a gateway device at customer premises of a plurality customer premises and a networking node at a service point external to each customer premises. A gateway device may include at least one processor and a first-transitory computerreadable medium that is communicatively coupled with the at least 1st processor. The first non-transitory computerreadable medium may contain computer software that contains a first set instructions. This first set causes the gateway to establish a customer’s local area network (?LAN?). Within the customer premises. A network node may include at least one additional processor and a second, non-transitory computer-readable medium that is communicatively coupled with the at least one other processor. The second non-transitory computerreadable medium could contain computer software that contains a second set. These instructions, when executed by at least one of the processors, cause the network node establish a connection between a customer LAN and a service provider network. This allows the customer to connect to the service provider network to extend their LAN to the customer premises.
“In some cases, the extension of the customer’s LAN to extend between the network point and customer premises may involve extending the customer’s LAN between the network point and customer premises using one or more network functions virtualization (?NFV?) Software-defined networks (SDNs?) or central offices. The network service point may be located at a central office, or a digital subscriber access multiplexer (??DSLAM?) in some cases. Alternately, or in addition, the network service points might be located at an optical line terminal. A network access point (??NAP?) is another option. ), a network interface device (?NID? ), an enhanced NID? ), or an enhanced NID (?eNID?) Sometimes, the service provider network may be a large area network (?WAN ?).”).
“Accordingly to some embodiments, the second set instructions, when executed on the at least 1st processor, might further cause a network node map between the service provider network (service provider network) and the customer network via at least one function: a router function or a mapper function. A programmable services backbone? function, or a virtualization of network functions (?NFV?) function, a network functions virtualization (?NFV?) function, and/or similar.”
“In certain embodiments, the second set instructions might cause the network node, when executed on the at least one other processor, to further establish two or three isolated service overrides across the customer’s LAN between the service point and customer premises. Each of these two or more isolated overlays has network traffic that is separated from traffic sent along the other of the two or several isolated service layers. The two or more isolated service layers might include a secure data overlay, an Internet service layer, or an Internet of Things (IoT) overlay. service overlay, a backbone for programmable services (?PSB?) service overlay, a programmable services backbone (?PSB?) service overlay, a content delivery network (?CDN?) In some cases, the establishment of two or more service overlays between the network service point (or customer premises) and the customer LAN might involve establishing a virtual LAN? One virtual extensible network (?VLAN?) or one virtual LAN between the customer premises and the network service point might be used to establish these overlays. ), and/or similar, for each of two or more isolated service overlays across customer LAN between network service point (?VXLAN?)
“In another aspect, an apparatus may be provided that is at a network point that is not connected to the demarcation points at each customer premises. The apparatus could include at least one processor, and a nontransitory computer-readable medium that is communicatively coupled with the processor. The non-transitory computerreadable medium may contain computer software that contains instructions that when executed by at least one processor causes the apparatus to establish, in the network service point (?LAN), a connection between a provider network and a customer’s local area network. The customer LAN is established in a customer premises.
“In certain cases, the network service points might be located at a central office (or a digital subscriber access multiplexer) (?DSLAM). The like. Some embodiments of the instructions might cause the apparatus to map between a service provider network and a customer LAN via at least one of the following: a router function or mapper function; a programmable backbone (?PSB?)); function, or a virtualization of network functions (?NFV?) Function, a network functions virtualization (?NFV?) function.”
“In some embodiments, the set instructions might cause the apparatus to create two or three isolated service overrides across the customer’s LAN between the network point and customer premises. Each of these two or more isolated overlays has its own network traffic, which is separated from that transmitted by another of the two or several isolated service layers. The two or more isolated service layers might include a secure data overlay, an Internet overlay, or an Internet of Things (IoT) in some cases. service overlay, a backbone for programmable services (?PSB?) service overlay, a programmable services backbone (?PSB?) service overlay, a content delivery network (?CDN?) In some cases, the establishment of two or more service overlays between the customer premises and the network service point might involve establishing a virtualLAN (?VLAN?). One virtual extensible network (?VLAN?) or one virtual LAN between the customer premises and the network service point might be used to establish these overlays. ), and/or similar, for each of two or more isolated service overlays across customer LAN between network service point (?VXLAN?)
Without limiting the scope of the invention, modifications and additions may be made to the described embodiments. While the embodiments discussed above are specific features, the scope includes embodiments with different combinations of features and embodiments which do not include all the features.
“Specific Exemplary Embodiments.”
“Now, let’s look at the embodiments illustrated in the drawings. FIGS. FIGS. 1-14 show some features of the system, method, and apparatus for implementing customer local area networks. 1-14 illustrate some of the features of the method, system, and apparatus for implementing extension customer local area networks (?LANs). Software defined networks (SDNs) and/or extension of customer LANs at a provider network service point(s). As referred to above. FIG. FIG. 1 shows a system to extend customer LANs at provider network service points and/or implement isolated service overlays between provider network service points and each customer premises. FIGS. FIGS. 2A-2C, 6 show some of the specific features (but not limited) of the system, method, and apparatus that are used to extend a customer’s LAN at a provider service point. FIG. FIG. 3 shows specific, but not limited, features of an example system that allows content delivery to customers without affecting Internet service to other customers. FIGS. FIGS. 4, 5, 7 show some of the specific features, but not limited, of the system, method, and apparatus for implementing isolated services overlays between a provider point(s), a customer premises, or each of a plurality, of customer premises. FIGS. FIGS. 8-12 show some of the specific features (but not limited) of the system, method, and apparatus that are used to implement network enhanced gateway functionality. FIGS. FIGS. 13 and 14 show an exemplary system and its implementation. FIGS. 1-14 show various methods, systems and apparatuses. FIGS. 1-14 show examples of various embodiments, each with different components and steps. These can be considered alternative or combined in various embodiments. FIGS. 1-14 show the descriptions of illustrated methods, systems and apparatuses. The illustration of FIGS. 1-14 is for illustration purposes only and should not be taken to limit the range of possible embodiments.
“Foundation 1 is a schematic diagram illustrating a system 100 for implementing extension of a customer LAN at s provider network service point(s) and/or implementing isolated service overlays between a provider network service point(s) and premise, in accordance with various embodiments.” 1. A schematic diagram showing a system 100 to extend a customer’s LAN at a provider point(s), and/or implement isolated service overlays between the provider point(s), and customer premises. This is in accordance with various embodiments.
“In FIG. “In FIG. ), etc. ), industrial customer premises, commercial or business premises, and/or other similar. System 100 may also include at least one gateway device 110, and/or a network device (?NID?) in various embodiments. 115 at each customer premises 105. Sometimes, the gateway device 110 may include at least one residential gateway (?RG?) device, a business gateway?BG?) device, a business gateway (?BG?) device, a modem or router, and/or the similar. One of the NID 115 may include an optical network terminal (??ONT?). ), a copper-fed network interface device (?NID? ), or an enhanced NID? ), or an enhanced NID (?eNID?). In some embodiments the gateway device 110 may be within the customer premises. The NID 115 may be on an exterior wall or telecommunications area/closet. The NID 115 serves as a demarcation line 120. This marks the end or traditional of a public network that is associated with a telecommunications company, network service provider, or customer and the beginning or continuation of a private network. Referring to at least FIGS. 2B, 2C and 6 below show that the demarcation point is no longer a physical mark indicating the end of a public network or the beginning of a private network. These embodiments are described in detail. In some embodiments, the NID 110 and the gateway device 110 might be combined into one device. These devices could be located either within the customer premises or on an exterior wall.
“System 100” might also include, at a central offices (?CO?) 125, at most one programmable service backbone (?PSB?) Node 130. Herein, ?programmable services backbone? Also known as “platform services backbone” It could refer to a network backbone, or a network service backbone, that can be programmable. In some instances, it may also include a virtualization layer infrastructure management (or similar) or SDN (which covers software-defined networking. A digital subscriber line access multiplexer, (?DSLAM?) might be included in System 100. System 100 might also include a digital subscriber line access multiplexer (?DSLAM?) 135 (collectively, ?DSLAM/OLT 135? It could be either a CO-based DSLAM/OLT 135, a that is located within the CO 125, or an external DSLAM/OLT 135, b that is situated between the CO 135 and the plurality customer premises 105. Sometimes, a cable modem termination device (?CMTS?) might be used in lieu of a DSLAM. A cable modem termination system (?CMTS?) might be used in some cases. One or both of the PSB 130 nodes in CO 125 might provide Internet service/other network service to Internet 140 from one or more customer premises 105 via DSLAMs/OLTs 135 or 135, via NIDs 115, and/or via gateway device 110 or the like. The solid line connecting Internet 140 and the NIDs 120 a and 115b is shown by the solid line connecting Internet 140 and the at least one PSB 130 as well as one of DSLAM/OLT 135a or 135/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135/OLTS 135/OLT 135/OLT 135a or 135a or 135/OLT 135/OLT 135/OLT 135/OLT 135/OLT135 a or 135/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135a/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135/OLT 175 a/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135/OLT135 a/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135/OL 135 a/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135 a/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135 a/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135/135 a/OLT 135/135 a/OLT 135/OLT 135/135 a/135 a/35 a/135 a/135 a/OLT 135/135 a/135 a/135 a/135 a/135 a/135 a/135 /135 a/135 a/135 /135 /1
According to some embodiments, system 100 may also include one or more software defined networks (?SDN?) Controllers 145, one, more or all NFV entities 150, and/or both, that provide programmable or virtual network functionalities to network components, such as gateway devices 110, NIDs 115, DSLAMs 135, OLTs 135 and/or other similar items. Each NFV entity may include at least one of a NFV orchestrator or a network functions virtualization architecture (?NFVI?) in some cases. System, a NFV management (?MANO?) System, a NFV management and orchestration (?MANO?) ), a virtual machine?VM? ), a virtual machine (?VM?). 8-11 below.”
“In certain embodiments, system 100 may include an application service provider (ASP?) ASP server(s), 155 might offer at least one of the software applications (?apps?) in some embodiments. One or more of the ASP server(s) 155 that might provide at least one of the software applications (?apps?) One or more SDN controllers 145 or the one or two NFV entities 150 may provide programmable or virtual network functionality to one or both service portal 160 a within CO 125 or 160 b outside CO 125.
“In operation, system 100 might extend a customer’s LAN at a provider service point(s), as described in detail with regard to FIGS. 2A-2C, and 6 below), provide content delivery to customers without affecting Internet service (e.g. high-speed Internet service) for others (as detailed with reference to FIG. 3 below), Implement isolated service overlays between provider network service points and customer premises (as detailed with reference to FIGS. 4, 5, 7 and 7 below), or any combination thereof.
“FIGS. 2A-2C (collectively, ?FIG. 2?) These schematic diagrams illustrate various systems 200, 200 and 200. Implementing an extension of a customer’s LAN at a provider network point(s), according to various embodiments. FIG. FIG. 2A shows a system 200 that has a gateway device (205) at customer premises. This device may be located at customer premises. It establishes (network?) a connection between customer LAN210 and service provider network 215 (in our case, a wide-area network (?WAN?)). 215, but not necessarily a WAN. Gateway device 205 could be one or both of NID 115 and/or gateway device 110 in FIG. 1.”
“In FIG. 2. Dash lines 220 are the relative positions of gateway device 205 and customer LAN 210. These are also the positions of other components of the network (e.g. components in the CO 125 or DSLAM/OLT 135, etc.) as shown in FIG. 1, network node 223 a as shown in FIG. 2B, network Node 225 a shown in FIG. 2C, and similar). FIG. 2A shows that the gateway device 205 might be located at customer premises 105. The customer LAN 210 might also be there (as indicated with the dashed line 220 a). While the WAN 215 might cover a portion of gateway device 205, DSLAM/OLT 13,5, CO 125 and Internet 140 (as indicated in the dashed lines 220 b and 220 c and 220 d). FIG. 2A could represent a convention or traditional state where the customer LAN 210 covers only one customer premises 105, while the WAN 215 (or another service provider network to which the customer LAN 210 connects via gateway device 205) covers a portion the gateway device 205. FIG. 2B is an initial state before extension of the customer’s LAN 210 outside the customer premises.105 (towards the CO 125), according to FIG. 2B and 2C.
“In certain embodiments, the gateway device 205 may provide transmission functions (i.e. transmission from/to WAN 215/from LAN 210), LAN switching function, dynamic host configuration protocol? (?DHCP?)). Functions that automatically assign Internet Protocol (‘IP)? addresses to the LAN so that clients and computing devices can communicate), WAN routing functions and the like.”
“Now, we turn to FIG. 2B, which is system 200? System 200 is the same as FIG. 2A, with the exception of system 200? Further, network node 225 a is located at DSLAM/OLT 135. (which refers external DSLAM/OLT 135. b in FIG. 1) (as indicated with the dashed line 220-b). Network node 225 a extends customer LAN 210 via or using the connection between service provider network (here, WAN 215)?and the customer LAN 210 (to span between network node 225 a, which is located at DSLAM/OLT 135, or external DSLAM/OLT 135, b as shown below). 1) and customer premises 105. The network node (225a) extends the customer’s LAN 210 (which in FIG. 2A only covers the customer premises 105). 2A) extends beyond customer premises 105 (which only spans the customer premises 105 in the embodiment of FIG. 1)). System 200? System 200? 2A.”
“Alternatively, refer to FIG. 2C, system 200? is an alternative to FIG. 2A, system 200? FIG. FIG. 2B also includes network node 2225 b, which is located at CO125 (as indicated with the dashed line 220-c). Network node 215 b extends customer LAN210?via or by using the connection between service provider network (here WAN 215), and customer LAN210?to span between network node 225, which is located at CO125, and customer premises 105. Also, this is similar to network node 215 a in FIG. 2B: The network node 225b extends customer LAN210 (which in FIG.2B’s embodiment only covers customer premises 105). 2A) Beyond the customer premises (105), i.e. beyond the demarcation line (e.g. demarcation points 120 of FIG. 1)).”
“In FIGS. “In the embodiments of FIGS. Functions, and/or similar. What is System 200? System 200 is similar to, if any, system 200 in FIG. 2A or 200? FIG. 2B.”
“FIG. “FIG. for customers other than those listed in FIG. 3, according to various embodiments. FIG. FIG. ), etc. ), industrial customer premises, commercial or business premises, and/or other similar. System 300 may also include at least one gateway device 310, and/or a network device (?NID?) in various embodiments. 315 at each customer’s premises 305. The gateway device 310 may include at least one residential gateway (?RG?) device, a business gateway?BG?) device, a business gateway (?BG?) device, a modem or router, or a virtual gateway (?vG?) One of the NID 315 may include an optical network terminal (??ONT?). ), a copper-fed network interface device (?NID? ), or an enhanced NID? ), or an enhanced NID (?eNID?). In some embodiments, gateway device 310 may be within customer premises. NID 315 may be on an exterior wall or in a telecommunications room/closet. The NID 315 serves as a demarcation mark 320. This marks the end or traditional of a public network that is associated with a telecommunications company, network service provider, and the beginning or private network associated to a customer associated with the particular customer premises. Referring to at least FIGS. 2B and 2C, respectively, as well as FIG. FIG. 6 below, the demarcation line as a physical mark of the end or beginning of the public network is no longer applicable, as shown in detail in the embodiments. In some embodiments, the NID 315 and the gateway device 310 might be combined into one device. They could either be located inside the customer premises or on an exterior wall.
“System 300” might also include one or more DSLAMs/OLTs 335. This could correspond to either one or both of the CO-based DSLAM/OLT 135 a or external DSLAM/OLT 135. b of FIG. 1) and Internet 340. Core network 365 might include one or more of the DSLAMs/OLTs 335, and Internet 340. One or more of the edge switches 370 could include a first edge 370 a (located within core network 365 and being close to customer premises 305), a secondary edge switch 370 b, which is located in core network 365 and being closer to the Internet 340 and further away from customer premises 305), and a tertiary edge switch 370 c, which is located in core network 365 and being close to customer premises 305. However, it may not be as close as the core network 370 a. The core network, which includes at least one edge switch 370 a and two edge switches 370 b, one or more DSLAMs/OLTs 335, and one or both NIDs 315 or 310) is in operation and provides Internet service to customer premises 305 (as indicated with the shared pipes 375 a-375 n).
“System 300 may also include one or more service portals 360 in some embodiments. One or more of the service portals 360 may be communicatively coupled or part of one or more edge switches370. FIG. FIG. 3 shows a service portal 360. It is communicatively coupled with third edge switch370 c. System 300 may also include one or more ASPs 355, or ASP servers 355, that might provide at most one of the following software applications (?apps?) ), media content (e.g. video, audio, video and/or game content and/or data content and/or to customer premises. 305?via the third edge switch370 c, service portal 360 and one or more DSLAMs/OLTs 335, and one or both NID 315a and/or gateway device 315a?to customer premises. 305 a (as shown by the service pipe 388)
“In certain embodiments, service portal 360 may be instantiated within the first edge switch370a using at minimum one of a PSB Virtual Function, a SDN Controller, or a NFV entity. ), and/or similar. The ASP 355 services can be routed in the same manner as shown in FIG. 3. (i.e. by feeding a servicepipe 380 (which might in some cases be embodied in one of the service overlays) along the edge of the core network via service portal 360. 4, 5, and 7) at the edge of core network via service portal 360) The Internet service provided to each customer premises by the network provider is not affected by the ASP service to customer premises 305 a.”
“Although FIG. FIG. 3 shows an ASP or ASP server 355 serving one customer premises 305. However, this illustration is only for convenience and other embodiments can be used. Essentially, an ASP or ASP server 355, or a plurality or all of the ASPs or ASPs 355, might service any number of customer premises 305 a to 305 n in a similar fashion through one or more service portals 360 (and edge switches(es), 370, and DSLAM/OLT(s), 335 as appropriate or desired).
“Customer premises 305 and gateway device 310, NID 315, demarcation points 320, DSLAM/OLT 335, Internet 340 and ASP/ASP server 355, and the service portal 360 may otherwise be identical to customer premises 105 and gateway device 110. 1. System 300 could be similar to, or even identical, system 100 in FIG. 1.”
“FIGS. 4, 5, and 6 are for implementing isolated service overlays. FIG. FIG. 4. A schematic diagram showing a system 400 that implements isolated service overlays between provider network service points and each customer premises. This is in accordance to various embodiments. FIG. FIG. 5 shows a schematic diagram of a 500-user system for implementing isolated service overlays. It is implemented between a provider network point and customer premises in accordance to various embodiments.
“In FIG. System 400 may include one or more virtual premises?Vp? Gateway devices 405 (which could include a first through Nth VP gateway devices 405a-405n and the corresponding one or several virtual networks (?Vn?) gateway devices 405 (which could include a first through Nth Vp gateway devices 405 a-405 n and corresponding one or more virtual networks (?Vn?) System 400 may also include at least one network hub 415. The Vn gateway devices (410 a-410 n) might be located at at least one of the four network hubs 415. This network node 415 could correspond to network node 215 a or 215 b in FIG. 2B and 2C, respectively. Similar to network node 215 a or 215 b, as discussed above in relation to FIG. 2B and 2C: Network node 415 may establish a connection between network node 420 and each customer’s LAN 433. (here, customer LAN430a through customer customer LAN430n), and/or extend each customer’s LAN 435 (via the connection). This will allow the network node 415, which is a network service points, to span between each customer premises (e.g. customer premises 105 in FIGS. 1. and 2.
“System 400 could also establish isolated service overlays 425 within WAN 420 or another service provider network 420. FIG. FIG. 4 shows two or more isolated service overlaid 425. These could include, but are not limited to, a secure data overlay, an Internet overlay, or an Internet of Things (IoT) overlay. service overlay, a backbone for programmable services (?PSB?) service overlay, a programmable services backbone (?PSB?) service overlay, a content delivery network (?CDN?) Each of the isolated service overlays has its own network traffic, which is separate from traffic sent along the other two or more overlays. System 400 may also establish two or three isolated service overlays 435 within each customer’s LAN 433. (Here, shown as two or multiple isolated service overlays 430a and two or several isolated service overlays 430n within customer’s LAN 433. Each set of service overlays 450 a-435b and each customer’s LAN 430-430n corresponds to Vp gateway device 405a through 405n). Each Vn gateway device (410 a-405 n) routes and/or maps each one of the two or three isolated service overlays 435, within WAN 420. This is for each customer’s LAN 430-430 n.
“With reference to FIG. 5 might contain a Vn Gateway container 410 within network Node 415. The Vn Gateway Container 410 may contain a router/mapper functionality 505, which might be a VNF (or the like) that is instantiated within Vn Gateway Device 410 using at minimum one of a PSB virtual, a SDN controller or a VNF entity and/or the like. FIG. FIG. 5 shows the icons that are diamond-shaped. The set of icons that are diamond-shaped between the WAN 420 & the Vn Gateway Container 410 represents a gateway function. It represents the place (or overlay for) where the WAN (or Internet?) stops. All functions that are to the right (in FIG. Vn gateway is the edge of the platform. 5 represents the?platform side of the service. A router/mapper function 505 may have a WAN connector 510 that interfaces to WAN 420, and a LAN connector 515 that interfaces to LAN 435. This includes interfacing each one of the isolated service overlays 425-225 within WAN 420 as well as interfacing each of those overlays within each customer LAN 430. Each of the isolated service overlays 425 on the WAN-side might be further mapped by the router/mapper function 505. This could also include interfacing each of the isolated overlays 435 of LAN 430 and each of the 2 or 3 isolated overlays 435 of LAN 430. The router/mapper function 505 could map the secure data overlay 425 on WAN420 with Internet Service Overlay 435 on LAN430, map IoT overlay 425 on WAN420 with Internet Service Overlay 435 at LAN430, Map PSB overlay 425 in WAN420 with PSB overlay 435 at LAN430, Map CDN overlay 425 in WAN420 with CDN overlay 435 from LAN430, Map one or several other service overlays 425 on WAN420 with one of 435 or 435, one or other 435, or map with another service 435 or 435, or 435, or with 435 or 435 or 435 or 435 or 435, or with 435 or 435, or 435 or 435 or 435 or 435 or 435 or 435 or 435, or 435 or 435 or 435 or 435 or 435, 435 or 435, 435 or more service 435 or 435 or more service 425 or more service 435 or 435 or 435 or 435 or 435 LAN 435 435 435 430 or 435 435 430 and 435 430 or more service 435 430 or 430 or 430 or 430 or 430 or 430 or 430 or 430 or 430 or 430 or 430.
“Vn gateway container 410 may also include one or more virtual applications (?Vapp?) in some embodiments. Containers 520 might also include one or several virtual applications (?Vapp?) in some instances. Proxies 525, one to three containers 520, which may include one or two firewalls or firewall Vapp containers 520a, one or several Vapp containers 520b hosting one or multiple authentication, authorization, and accounting (?AAA?) FIG. FIG. 5 shows that the Internet data stream from the Internet overlay 425 might be routed first through a firewall container 520a (as indicated with a dashed-line routing through firewall container 520a), before interfacing with router/mapper function 505 to route/map to the corresponding Internet overlay 435 of customer network 430. The IoT data stream for the IoT overlay 425 might be routed first through a firewall Vapp container 520a (as indicated with a dashed line routing through container 525 a), before interfacing to the router/mapper function 505 to route/map to the appropriate IoT overlay 435 of customer network 430. Similar to the PSB data stream of the PSB overlay 425 of the WAN 420, it might be routed first through an AAA proxy 525 within Vapp container V520 b (as indicated with a long dashed-line routing through Vapp Container 520b), before interfacing to the WAN interface function 505 and routing/mapping the appropriate PSB overlay 435 of customer network 430. Similar to this, the CDN data stream of the CDN overlay 425 might be routed first through CDN Vapp Container 520 d (as indicated with a long dashed line routing through CDN Vapp Container 520.d), before interfacing to the router/mapper functionality 505 and routing/mapping the CDN overlay 435 of customer’s LAN 430.
“If Internet protocol version 4, (?IPv4) is used, mapping between the WAN 420 (i.e. service provider network) and the customer LAN 430 might include mapping between the WAN 420 and the customer LAN 430 using network address translation (?NAT). “If Internet protocol version 4 (?IPv4?) is used, mapping between WAN 420 (i.e. service provider network), and customer LAN 430 could include mapping between the WAN 420, and customer LAN 430 using network adres translation (?NAT) This modifies the network address information in IP packet headers to remap one IP address space to another. The IP datagrams (whose headers must be modified) are currently in transit through the router/mapper 505 of Vn gateway container.410. Alternately, Internet protocol version 6 (“?IPv6”) might be used. If Internet protocol version 6 (?IPv6?) is used, mapping between WAN 420 and customer LAN 430 may include mapping directly between the WAN 420 and customer LAN 430 for each service overlay 425/435. The Vn gateway device (410) might be an Internet router or VxLANmapper that is contained in a container controlling the mapping between the Internet (e.g. Internet 140 of FIGS. 1, 2, or WAN420 and customer LAN 433. The Vn gateway device410 can sometimes add services and applications at any point (i.e. in any service overlay on either the WAN-side or the LAN side) by changing the mappings. Some embodiments of the WAN include separate overlays that are handled via a broadband network gateway (?BNG?) As they are mapped into a LAN, the gateway and/or border function. On the LAN side, multiple methods and technologies?including, but not limited to, virtual private networks (?VPNs? ), secure shell tunnels and/or similar?may be used to transport the service, in order to extend the WAN layer into the LAN.
“In some embodiments, the?platform?” A feature, i.e., a feature of the Vn Gateway or the like, might include?fencing? This could refer to an isolated overlay, secure shell tunnel or VLAN, VXLAN etc. Secure or “fencing off”? Access to a customer’s LAN, so it can be protected. Other flows and network traffic can also be?kept away. It is not possible to do this. It may be desirable, for example, to allow an IoT application to communicate with one IoT sensor and not with all the information available via the Internet. A?who can view? is required in this instance. The?type list of the IoT overlay (or IoT VPN secure shell tunnel, IoT VLAN or IoT VXLAN) It can be used to fence the IoT sensor. An intrusion detection system (?IDS) might be used in certain cases. An intrusion detection system (?IDS? ), which is a software or hardware device that monitors the network or systems for malicious activity and reports on such activities, may be used with the fencing? This feature ensures that only the IoT app communicates with the particular IoT sensor. Otherwise alarms and reports might be triggered by the IDS.
“Components of the system 400 and/or 500 can be wirelessly connected to each other, even though they are not shown in the figures. Wireless speaker systems could be connected to the CDN Vapp container 525 d or the CDN overlay 425 via CDN overlay 435. Wireless backhaul could also be used via the PSB 425 or the PSB 435.
“FIG. “FIG. 6” is a flow diagram that illustrates a method 600 to extend a customer’s LAN at a provider point(s), according to various embodiments. Although the procedures and techniques are shown and described in a particular order, it is important to remember that some procedures can be changed or omitted depending on the scope of different embodiments. FIG. 600 illustrates one possible method. 6. can be implemented using (and in some cases are described below with regard to) the systems 100-200?, 200-200?, 300-400, 500, and 500 of FIGS. 1, 2,B, 2C and 3, 4 and 5 (or parts thereof) can be implemented with any hardware (or software). Each of the FIGS. 100, 200, 200, 300, 400 and 500 can be used in the same way. 1, 2B, 2, 3, 4, 5, and 5, or components thereof, can be operated according to the 600-illustrated method. 6, (e.g. by executing instructions encoded on a computer-readable medium), the systems 100 to 200?, 200 to, 300, 400 and 500 of FIGS. 1, 2B, 2, 3C, 4, and 5 may also be operated in other modes and/or follow other procedures.
“In FIG. “In FIG. Within a customer premises, or a number of customer premises. Alternativly, the customer LAN could have been established elsewhere.
“At block610, method 600 may include establishing, at network service point (e.g. at network node 225) a location at a digital subscriber access multiplexer?DSLAM? or optical line terminal (?) FIG. 135 2B, at network Node 225 b located in a central office. 125 in FIG. 2C (or the like), is a connection between the service provider network network and the customer’s LAN (e.g. a connection between wide-area network (?WAN?)). 215 and customer network 210 of FIG. 2, a connection between WAN 420 of FIGS. 4, 5, or similar. Sometimes, the network service point is not located at a demarcation points (e.g., 120 of FIG. 1, demarcation points 220 a and 320 of FIG. 2, demarcation mark 320 of FIG. 3, or similar) at each of the plurality customer premises (e.g. customer premises 105 of FIGS. 1, and 2, customer premises 355 of FIG. 3. In some cases, the network service points might be located at a central office, a DSLAM, or the like. Alternately, or in addition, the network service points might be located at an OLT, a Network Access Point (?NAP)? ), a network interface device (?NID? ), an enhanced NID? ), or an enhanced NID (?eNID)? Sometimes, the service provider network may be a WAN.
Method 600 could also include extending the customer’s LAN via the connection between service provider network, customer LAN to span between customer premises and network service point (block 615). Some embodiments suggest that extending the customer’s LAN to the point at the customer premises could be done by using one or more network functions virtualization (?NFV?) to extend the customer’s LAN between the point and customer premises. Software-defined networks (SDNs) or network functions virtualization (?NFV?) ), and/or similar.
“Method 600 at block 620 might include mapping between the service provider network (i.e. mapping one network to another and/or vice versa). Some embodiments of mapping between the customer’s LAN and the service provider network might include mapping between the two networks via at least one of the following: a router function or mapper function; a programmable backbone (?PSB?). function, a SDN function or a NFV operation, and/or similar.”
“At block 625 the method 600 may also include establishing two or three isolated service overlays (e.g. isolated service overlays 435 in FIGS. 4, 5, or similar) across the customer’s LAN (e.g. customer LAN 433, FIGS. 4, 5, or similar) between the network service points (e.g. at network node 225 a location at a OLT 135 or DSLAM in FIG. 2B, at network Node 225 b found at a central Office 125 in FIG. 2C, at the network node 415 of FIG. 4, at a virtual gateway or gateway container 415 in FIG. 5 or similar) and customer premises (e.g. customer premises 105 in FIGS. 1, and 2, customer premises, 305 of FIG. 3 or similar), each of the isolated service overlays has its own network traffic. This is in contrast to network traffic sent along the other two or more isolated overlays. By way of an example, some embodiments may include two or more of a secure service overlay, an Internet overlay, or an Internet of Things? service overlay, a PSB-service overlay, and a content delivery system (?CDN?) service overlay, one to three application or app service overlays, each associated with an Application Service Provider, or one or two other service overlays, each associated with a Service Provider, and/or similar.
“In some instances, the establishment of two or more isolated service overlays across a customer LAN between a network service point (network service point) and customer premises might involve establishing one virtual LAN (VLAN?) “In some embodiments, establishing the two or more isolated service overlays across the customer LAN between the network service point and customer premises might involve establishing one of a virtual LAN (?VLAN?) oder a virtual extensible-LAN (?VXLAN?) ”
“FIG. “FIG.7” is a flow diagram that illustrates a method 700 to implement isolated service overlays between provider network service points and customer premises in accordance with various embodiments. Although the procedures and techniques are shown and/or described in an order that is useful for illustration purposes, it should also be noted that some procedures can be changed or omitted depending on the scope of different embodiments. FIG. 700 illustrates one possible method. 7. can be implemented using or with (and in some cases are described below with regard to) the systems 100-200, 200? and 200?, 300, 400 and 500 of FIGS. 1, 2, A, 2B, 2C and 3, 4 and 5 respectively (or parts thereof) may be implemented with any hardware (or software). Each of the FIGS. 100, 200 and 200?, 200 or 200?, 300, 400 and 500 can be used in the same way. 1, 2, A, 2B, 2C and 3, 4, and 5 respectively (or their components) can be operated according to the FIG. 700 illustration. 7, (e.g. by executing instructions encoded on a computer-readable medium), the systems 100 to 200, 200? and 200?, 300, 400 and 500 of FIGS. 1, 2,A, 2B and 2C, 4, and 5, can also be operated according to different modes of operation or perform other suitable procedures.
“In FIG. “In FIG. Within a customer premises, or a number of customer premises. Alternativly, the customer LAN could have been established elsewhere.
“At block 701, method 700 may include establishing, at a service point, a connection among the service provider network network and customer LAN (e.g. a connection between WAN 215, customer LAN 210, of FIG. 2, a connection between WAN 420 (FIG. 430) and customer LAN 430 (FIG. 4, 5, or similar. In some cases, the network service point might be at network node 215 a network access multiplexer (?DSLAM?)). or optical line terminal (??OLT?) FIG. 135 2B, at network Node 225 b which is located at a Central Office 125 in FIG. 2C, or in the service provider network (e.g. wide area network (?WAN)). FIG. 215 2, WAN420 of FIGS. 4, 5, or the similar), and/or other such options. In some embodiments, the network point may be at an edge switch, a central desk, or a DSLAM. Alternately, or in addition, the network service points might be located at an OLT, a Network Access Point (?NAP?) ), a network interface device (?NID? ), or an enhanced NID? ), or an enhanced NID (?eNID?) Sometimes, the service provider network can be referred to as a WAN.
According to some embodiments, the establishment of the connection between service provider network network and customer LAN may include one of the following: Establishing a wireless connection between service provider and customer LAN; establishing an established wired connection between service provider and customer LAN; establishing either a hybrid wireless/wired link between service provider and customer LAN; or establishing backup connection between service provider and customer LAN.
“Method 700 may also include, at block 715 establishing two or multiple isolated service overlays (e.g. isolated service overlays 435 in FIGS. 4, 5, or similar) across the connection between a network service point (e.g. at network node 225 a location at a OLT 135 or DSLAM in FIG. 2B, at network Node 225 b at a Central Office 125 in FIG. 2C, at the network node 415 of FIG. 4, at a virtual gateway or gateway container 415 in FIG. 5 or similar) and customer premises (e.g. customer premises 105 in FIGS. 1, and 2, customer premises, 305 of FIG. 3 or similar), each of the isolated service overlays has its own network traffic. This is in contrast to network traffic sent along the other two or more isolated overlays. By way of an example, some embodiments may include two or more of a secure service overlay, an Internet overlay, or an Internet of Things? service overlay, a PSB-service overlay, and a content delivery system (?CDN?) service overlay, one to three application or app service overlays, each associated with an Application Service Provider, or one to more other service overlays each associated with a Service Provider, and/or similar.”
“In some instances, the establishment of two or more isolated service overlays across a customer LAN between a network service point (network service point) and customer premises might involve establishing one virtual LAN (VLAN?) “In some embodiments, establishing the two or more isolated service overlays across the customer LAN between the network service point and the customer premises might involve establishing one of a virtual LAN (?VLAN?) oder a virtual extensible-LAN (?VXLAN?) ”
“Method 700 at block 725 might include mapping between the service provider network (i.e. mapping one network to another and/or vice versa) Some embodiments may include mapping between the service providers network and customer LANs for each of two or more isolated services overlays. This might be done via at least one of the following: a router function or mapper function; a programmable backbone (?PSB?)); function, a SDN function or a NFV operation, and/or similar.”
“Method 700” could also include selectively placing one of a firewall or an application or content in one or more of two or more isolated services overlays. This would not affect network traffic or service along the other two or three overlays (block 703).
“FIGS. 8A-12 is directed at implementing network enhanced gateway functionality. This is detailed in the ‘023700U.S. Application (which has been included herein by reference in full). The network enhanced gateway functionality (or a network enhanced gate device) that implements such functionality can be used at customer premises. It might correspond to gateway 110 or NID 115 in FIG. 1, gateway 205 (FIG. 2, gateway 310, NID 315 and/or gateway 205 of FIG. 3, virtual premises (?Vp?) Gateway 405 of FIG. 4., and/or the similar, as described above. Alternately, or in addition, the network enhanced portal functionality or the network enhancement gateway device (which implements such function) can be used at any network service point. It might correspond to one of the PSB nodes 130 or DSLAM/OLT 135 or both of these numbers. 1, network node 215 a/or 215 b of FIG. 2, DSLAM/OLT 335, FIG. 3, network node 415, and/or virtual networking (?Vn?) Gateway(s) 410 in FIG. 4, Vn gateway container.410 of FIG. 5, and/or similar, as described in detail below.”
“Follow the instructions to find FIG. 8A shows a schematic diagram that illustrates a system 800 to implement network enhanced gateway functionality in accordance with different embodiments. FIG. 8A shows that system 800 may include a gateway device 805, which could include, but not be limited to, a switch 810 and at least one transceiver, 815, one or more client ports, 820 and/or similar. The gateway device 805 may also include one or several computing systems 825a. In other cases, or in addition, the gateway 805 could contain one or multiple host ports 830 that are communicatively coupled with one or many external computing systems 825b. The computing systems 825a and 825b, as well as the external computing systems 825b, are collectively called?computing system 825?. or?host computing system 825.
“In some embodiments, host computing systems 825 may each contain at least one of an x86 or advanced reduced instruction set computer (??RISC?). “In some embodiments, the host computing systems 825 might each comprise at least one of an x86 host computing device or an advanced reduced instruction set computer (?RISC?) computer, and/or similar. In some cases, host computing systems 825 may contain one or more cores, but preferably two or three cores. In some cases, the gateway device might be performed by at least one computing core, and hypervisor functions might be performed by at least one computing core to support virtual network functions (VNFs). Supporting VNFs may include at least one of: configuring VNFs and instantiating VNFs; modifying VNFs; sending VNFs out to specific networks and/or locations; bursting VNFs in specific network and/or locations; removing VNFs form particular network or computing locations; replacing VNFs; and providing complementing VNFs to supplement or enhance the functions of the VNF.
“Accordingly to some embodiments, a switch 810 could communicatively couple with two or more of these components: at least one transceiver (815), the one or multiple client ports 820 and the one, more or all computing systems 825 a, as well as the one, more or all host ports 830 and/or similar. The transceiver 815 may be directly coupled with one or more computing system 825 a in some cases. Each of the plurality client ports 820 may be one of a local network (?LAN?) in some embodiments. port, a WiFi port, or an advanced technology attachment (??ATA?). port, a serial SATA (?SATA?) port, a serial ATA (?SATA?) port, an external SATA (?eSATA?) port, a mini SATA (?mSATA?) port, a SATA Express port, a M.2 port, or a universal serial bus (?USB?) port, and/or similar. The network switch 810 may be either an Ethernet switch, or a LAN switching device that connects to one or more segments of LAN (typically one for WiFi and one each for physical LAN ports and/or similar). The network switch 810 may be either a physical or virtual switch in some instances. The network switch 810 may be a virtual switch that uses a VNF network switch to provide network switching functionality. In some cases, the gateway device 805 may include a dynamic host configuration protocol (??DHCP?) A client/server protocol that assigns Internet Protocol (‘IP?) automatically to clients and servers. addresses to the LAN, so that clients and computing devices can communicate. FIGS. 9-11 show the DHCP. FIGS. 9-11 show the DHCP (depicted as DHCP 910 c and 1010 c respectively). A function can be embodied either as a physical component, or as a Virtual DHCP. In some cases, a DHCP could be a virtual DHCP that uses a DHCP VNF in order to provide DHCP functionality. The transceiver 815 could be a virtual transceiver which uses a transceiver VNF in order to provide transceiver functionality.
“In some cases, system 800 may also include one or more clients devices 835 that can be communicatively connected to switch 810 via one or more of the client ports 820. According to some embodiments, the one or more client devices (835) might include a tablet computer 835a, a smartphone 835b, a mobile device 835c, a portable gaming system 835d, a laptop 835e, a desktop 835f, and/or other similar devices. Sometimes, the client device 835 could include a device 835g. This includes, but is not limited to, a small form pluggable (?SFP?) device, an enhanced SFP(?SFP+?) device, a compact SFP (?CSFP?) Device, a gigabit interface convertor (?GBIC?) ), a universal serial bus (?USB?) ), a universal serial bus (?USB?) One of the SFP devices, the SFP+ or CSFP devices might include at least one SFP network interface (?NID) A SFP router, SFP modem or SFP wireless access point might be included in the minimum one of these devices. One of the USB pluggable devices could include a printer, scanner, combination printer/scanner device or an external hard drive. A keyboard, mouse, drawing interface device, or mobile device would all be possible. Each of these client devices 835 would have a compatible or corresponding one of the client ports 820 that would act as an interface between the client device 835 (or any type of client device) 810 and the network switch 810.
“System 800 may also include network 840a in some cases. This might communicatively pair to the gateway device 805 via at least one transceiver, 815 and could also communicatively connect to the Internet 840b. System 800 could also include one or more network functions virtualizations (?NFV?) System 800 might also include one or more network functions virtualization (?NFV?) entities and/or a logiciell defined network (??SDN?) controller 845. One or more NFV entities may include, but not be limited to, at minimum one of a NFV resources manager 850, a network function virtualization infrastructure (?NFVI?) in some embodiments. system 855, an NFV orchestrator 860 and a NFV management (?MANO?) system 855, a NFV orchestrator 860, a NFV management and orchestration (?MANO?) 875 and/or other NFV entity 880 and/or similar. Some cases might see the inclusion of a virtual machine (?VM?) in other NFV entities 880. A macro orchestrator or domain orchestrator and/or similar might also be included in some cases. FIG. 8A shows how multiple NFV entities could communicatively partner with one another (as shown by dashed lines 885 interconnecting NFV resource manger 850, NFVI 855 and NFV orchestrator860 in FIG. 8).”
“Although FIG. “While FIG. 8A shows the one or two NFV entity(ies), 850-880, as being located within the network 840a, other embodiments may also show the entity(ies), 850-880 distributed between the gateway device 805 and the network. In some cases, the host computing system may host an instantiated network function virtualization infrastructure (?NFVI?) system. The computing system 825 may be registered with the NFV Orchestrator 860 or another NFV entity so that its capabilities can be known to the NFV Orchestrator 860 and/or the VIM 875. In some embodiments, the network switch 801 and the computing system 825 can be under the control of one or more of the NFV entities and/or SDN controller 845 (as indicated in FIG. 890 by the long-dashlines). 8A). SDN controller 845 may use a communication protocol such as OpenFlow to access the forwarding plane of a router or switch over a network.
“In certain instances, at most one of the SFP devices, the SFP+ or the CSFP devices (collectively,?SFPs) might be used. The SFPs could be used on the client side as well as the network side. In this case, the SFPs may interface with the transceiver’s corresponding ports to transfer data or communications to and from the network. 840 a Sometimes, SFPs may terminate a direct fibre or passive optical network (?PON?) in some cases. The physical layer of the network. The SFPs on the client side can be used for connecting the physical layer terminating devices to the gateway device. An SFP can be used in some embodiments in the same way as a USB port.
“An example is that the gateway device 805 may include one of the customer premises equipment (CPE) according to certain embodiments. A router, a switch or network element can be included in the gateway device 805 without limitation. One or more virtual machine-based hosts machines may include, but are not limited to, a kernel-based virtual Machine (?KVM) in some embodiments. ESX-based host machines, ESXi host machines, and/or the similar. The CPE may include at least one optical network terminal (?ONT?) in some cases. ), a network interface device (?NID? ), an enhanced NID? ), a residential gateway?RG? device, a residential gateway (?RG?) device, a business gateway (?BG?) device, which could be either a virtual gateway (?vG?) or a vRG. The gateway device may be located near or at the customer premises of a client device. In some cases, the NID might be a fiber fed terminating device or a copper fed terminating tool, or a combination of fiber-fed and copper fed terminating devices, etc. The gateway device 805 may be an integrated device that terminates both the physical layer access line (e.g., RG or BG) and the gateway. In one box or container. The gateway device 805 or one or more computing system 825 may include, but are not limited to, a VMware Host (which in some instances might consist of a bare metal/plastic hosts or a compute bus onto a node) or a Linux container (as Linux can create a virtual host? ”
“In certain cases, the transceiver (815) might include a network port (e.g. port 915a, 1015a or 1115a, as shown at FIGS. 9-11 or the equivalent. The network port may include, but is not limited to, an SFP port to which an SFP SFP or digital subscriber line (?DSL?) can be connected. Modem SFP may interface, couple, or connect to other modems. DSL Modem SFP may terminate physical DSL technologies in such cases (also known as?xDSL?). Line or similar. Other embodiments of the ONT-SFP may terminate the passive optical network or direct point to-point technologies. Some other types of SFP transceivers may also include a specific type transceiver for wireless transceivers such as 5G transceivers or LTE transceivers and/or the similar, or even cable modem transceivers. Sometimes, the network port may include at least one of the following: one or two optical SFP ports, to which fiber cables can be connected with the corresponding optical ports on an external OST, one or several copper cable-based ports to where copper cables can connect to the corresponding copper cable SFP ports, one or multiple RJ45 ports, to which copper RJ45 cables can connect to the corresponding RJ45 ports on external ONT, or the like.
“Merely to illustrate, in some embodiments the client ports 820 might each have a very fast port that can handle traffic coming from multiple client devices 835. In fact, they must be fast enough in terms network speed to handle all traffic going from the network port (e.g. network DSL port or PON port) through the external host computing device 825 b, to the gateway device 805, to the client devices and vice versa. In some embodiments, the host port 830 handles traffic to and fro the external host computing systems 825 b.
“The network switch 810, located within the gateway device 805, may route network traffic to an 825 host computing system. At least a portion is directed to client devices 835 via the 810 network switch and via a corresponding client 820 from a multitude of client ports 820. The host computing system 825 chooses one or more VNFs based at least partially on the characteristics of at least a portion the network traffic directed to the client device. In certain embodiments, the NFV orchestrator (860) or another NFV entity 850-880 may send one or more selected VNFs to host computing system 825 via the network switch 80. Alternately, or in addition, client devices 835 capable of NFV (including set-top boxes and local Internet of Things (IoT)?) might send the selected one or more VNFs to the host computing system 825 via the network switch 8010. Controllers, IoT Endpoints and/or other devices, the host computing system 825 may send one or several second VNFs to client devices 835 that are NFV-capable (which might be based upon the selected one/more VNFs, or might be different from the selected one/more VNFs). Or provide access to the one/more VNFs via the network switch 810 or corresponding client port 805. One or more of the characteristics of received network traffic may include at least one attribute of an Ethernet frame, one, or more media access controls (?MAC?) in some cases. Source addresses, one to more MAC destination addresses and one or several Internet Protocol (?) Source addresses, one to more MAC destination addresses, one of more Internet Protocol (?IP?) addresses, one, more or all of the transmission control protocols (?TCP?) addresses. Source addresses, one to more IP destination addresses, one- or more transmission control protocols (?TCP?) identifiers, one to three network protocol identifiers or one or two action instructions and/or similar.
“Some embodiments of the above described network switch 810, and host computing system 825 are controlled by a NFV entity 880-880 and/or an SDN controller 845. These entities provide network enhanced gateway functions to the gateway device. In some embodiments, the network traffic between the host computing system 825 and the network switch 810 is at least one from uni-directional, bi-directional, or split-directional network trafic that originates from one or more of the plurality 820 client ports or one or two network ports (which may couple with transceiver 805). The network traffic could be sent unidirectionally from the network side (i.e. from network 840a and received via transceiver 815) to the client side (i.e. to the client device(s), 835 via client ports 820) or vice versa. Or, alternatively or additionally, network traffic could be sent bidirectionally. Some traffic flows from the network to the client, while some traffic flows from the network to the client. Alternately, or additionally, network traffic could be sent in split-directional fashion. This means that the network traffic, or a portion thereof, is replicated and directed towards more than one destination (where destination can be on the client side or at the network side). The network traffic may originate from one or both the client or network side. A particular embodiment or set of embodiments can allow network traffic to flow to/from either the network 840a or the gateway device 805 depending on how the VNF is instantiated on the host computer system 825. A VNF can be used to block certain traffic from entering the gateway device 805 via the network 840a. A VNF could prioritize traffic in any direction. So on. In some cases, the NFV orchestrator (860) can enable or disable the functions of the 810 network switch. The functions of the 810 network switch can be disabled so that the gateway device acts as a legacy or traditional gateway and cannot run VNFs on the 825 a/or 825 B host computing systems. A subscriber-side configuration portal, or similar methods, may be used to enable the network switch to stop functioning and allow the gateway device 805 operate in legacy or traditional mode. The subscriber-side configura portal and similar methods can also be used to enable functions of the 810 network switch so that the 805 gateway device is capable of running VNFs on the 825 a or 825 b host computing systems.
“Merely to give an example, in certain embodiments, customers can either load a VNF onto a host compute platform 825 or download it from the network 840a. A customer might want to filter network traffic before it hits his or her access lines. This would save bandwidth and allow the customer to execute a local VNF after the traffic has passed through the access line. The customer may want to service VNFs from the gateway device 805 along with any other VNFs that are available on the network. Here, ?service chain? Or?service chaining? It could refer to the implementation of multiple VNFs to perform one function. It may be necessary to determine whether service chaining will be required. For example, if one VNF is needed, then no service chaining is required. If so, the system (e.g. one or more NFV entities 850-880), might determine whether service chaining can be done to provide a single network services. This could include, but is not limited to, identifying and locating each VNF that provides sub-functionalities, managing VNFs to allow them to be service chained together and the like If service chaining is necessary and two or more VNFs are service-chainable together to provide one network service, then the VNFs could be service-chained together to create a single network services. One example is that four to five VNFs, regardless of the NFV entity from which they are provided, could be service chained together in order to provide network routing functions. Similar to the above, any number or combination of VNFs from any NFV entity can be service chained together to perform any ordered or desired function. The ‘208, the ‘280 and the ‘309 application, which are already incorporated by reference in their entirety, provide more information about service chaining.
“Accordingly to some embodiments, the NFV entity may be located on either the network or gateway side (e.g. in network 840 a as shown in FIG. 8A), or in the gateway device 805, (not shown in FIG. 8A), in the gateway device 805 (not shown in FIG. 8A). A customer may want to manage his or her device directly. In this case, the portal might be made available to him. The request would be sent to the network, where the VNF controller could respond to it and configure VNFs local to the gateway 805. Alternately, or in addition, the customer may be given tools to configure local VNFs without needing to use a portal. One example is that a VNF, which is a virtual instance of a microprocessor/micro-compute resource (such a Raspberry Pi or similar compute resource), might offer such functionality. It can be loaded by the customer and/or configured when it’s not connected to the internet.
“The gateway device 805, described above, can operate on its own. The network switch 810 serves to provide in-premises connectivity between computing and/or user equipment in customer premises. (i.e. the network switch810 acts as a switch or the like). Large switch connections, such as wide area networks (?WAN), can be made in some embodiments. In some embodiments, large switch connections (e.g., wide area network (?WAN) connections), uplink type connections and/or similar can be added to 810 to serve as a service point for the local device (i.e. the gateway device 805). The gateway device 805 may be represented by a set top box or similar device. A set-top device can also be a client device that couples with the gateway 805 via a clients port 820. Large switch connections can feed all client 835 that are communicatively connected to the gateway 805 (or settop box) via the client ports 805.
“FIG. 8B is a diagram that illustrates an alternative system 800. A method for implementing network enhanced gateway functionality in accordance to various embodiments. FIGS. FIGS. 8A and 8B together are referred to as “FIG. 8.? FIG. 8B is a similar or identical embodiment to FIG. 8A except for system 800 FIG. 8B also includes one or more third-party networks 840c, which are communicatively coupled with one or both network 840a or the Internet 840b. Each of the three or more third-party networks 840c are associated with (i.e. controlled, operated, owned or managed by) a different service provider than the service provider associated to the network 840a. In certain embodiments, at most one third party network (840 a) might replicate, host or instantiate content (i.e. data content, media content and VNFs etc.). That are provided by network 840a or the Internet 840b. The network enhanced gateway device 805 can be serviced in this way (according to the embodiments described above with regard to FIG. 8 and/or the embodiments described below with regard to FIGS. 9-12) can be instantiated by network services that are available on either a private or public cloud by one of two service providers. Virtual private networks (?VPNs?) can allow network traffic to be separated across multiple networks 840. Or other network routing mechanisms. Sometimes, the network 840a and at least one third party network 840c may be located in different parts of the country. If a customer wants to take his or her network enhanced Gateway device overseas, third-party networks 840c may allow the functionality of the network 840a to be made portable.
“The embodiment system 800″ FIG. 8B would function in an identical manner to system 800 of FIG. 8A. The descriptions of various components and functions of system 800 could be applied to the descriptions for system 800’s components and functionalities. FIG. 8B.”
“FIGS. 9-11 show various implementations of network enhanced gateway functionality. FIG. FIG. 9 shows a schematic diagram of a system 900 that implements network enhanced gateway functionality in accordance to various embodiments. System 900 may provide static host connectivity in some embodiments. FIG. FIG. 10 shows a schematic diagram of a system 1000 that implements network enhanced gateway functionality in accordance to various embodiments. In some embodiments, system 1000 might be service-chaining-host-capable. FIG. FIG. 11 shows a schematic diagram of a system 1100 that implements network enhanced gateway functionality in accordance to various embodiments. System 1100 may, according to some embodiments, be used to provide network enhancement gateway functionality. However, it allows for flexible implementation and, thus, can be implemented by service providers as a standard. type of platform or node.”
“Turning towards FIG. “Turning to FIG. device 995 and/or similar. In some embodiments, the network switch 910 might include a network to network interface (?NNI?) or NNI LAN 910 a, a user network interface (?UNI?) UNI LAN 910 a, a user network interface (?UNI?) and a dynamic host setup protocol (??DHCP?) device 910 c.
“In certain embodiments, the transceiver may include a network port 915a that (as mentioned above) might provide physical ports connections. The transceiver 915 may be a virtual component that uses VNFs or similar to provide transceiver functionality. In some cases, the plurality of client ports might include at least one of several LAN ports (920a), one or two Wi-Fi ports (920b), one or multiple port controllers (920c), one or both advanced technology attachments (?ATA?) ports 920 d and one or more universal serial buses (?USB?) ports 920 e and/or similar. Sometimes, one or more ATA ports 920 d may include, but are not limited to, a serial ATA? port, an external SATA? port, an external SATA (?eSATA?) port, a mini SATA (?mSATA?) port, a mini SATA (?mSATA?) port, and/or similar. In some embodiments, the port controller 920 c might control the ATA ports 920 d or the USB ports 920 e. It might also serve as an interface between UNI 910 b and each of the ATA and USB ports 920 d.
“System 900 might further comprise one or more client devices 935 a-935 n (collectively, ?client devices 935? Each of these client devices communicatively couple to one of the client port 920. The network port 915, which communicatively couples to network 940, receives traffic from network 940 to gateway device 905 (and eventually to client device(s), 935), and then sends network traffic back to network 940 via gateway device 905 from client device(s), 935.
“In some embodiments, each one or more of the one/more computing systems (925 a) and/or one or more external computing system 925 b (collectively, “host computing systems” 925?) are controlled by one or both of these controllers. “In some embodiments, each of the one or two computing systems 925 a and/or the one or multiple external computing systems 925 b (collectively, “host computing systems 925”) can be controlled by either one or both SDN controllers 945 or one or more NVF entities 950. These are indicated by long dashe lines 990 connecting each SDN controller(s), 945 with each host computer system 925 and also connecting each one or more other NFV entities 95 with each host system 925
Summary for “System and Method for Implementing Extension of Customer LAN at Provider Network Service Point”
“Typically, traditional network access devices are?such as conventional residential gateways or?RGs? ), traditional business gateways (?) ), conventional network interface devices (?NIDs?) ) or conventional enhanced NIDs, (?eNIDs). ), optical network terminals that are conventional (?ONTs)? ), standard modems, or the like?provide wide area network (??WAN?) interface and local area network? Interface functions are performed at the customer’s premises. Current standards developing organization (?SDO?) Activities are focused on separating the functionality of access devices into physical and virtual components. However, this is not the solution to turning access devices into virtual network devices (?VNFs?) VNFs are currently only being explored in terms of functions hosted by the service provider network.
“Traditionally, the NID is used to translate LAN addresses into a gateway function that connects to the WAN at customer premises. The?Access? function is achieved by converting WAN addresses to LAN at customer premises. Identified as part of the WAN service (for instance,?Internet Access?). The?cloud?” term has been used in the past. Traditionally,?cloud’ services were located on the Internet Core or the WAN side of Access and were only associated with customers as a standalone service. The WAN/LAN interface functionality is located at customer premises. However, it does not allow for isolation between services or services. This could expose customer or any data being transmitted over the WAN to security and privacy issues.
“There is a need to find more robust and scalable ways to extend customer local area networks (?LANs)” Implementing isolated service overlays on a network and, in particular, methods, systems, apparatus and computer software to implement extension of customer’s LANs at provider network service points and/or implementing separate service overlays between each customer premises and the provider network service points.
“Overview”
“Various embodiments offer tools and techniques to extend customer local area networks (?LANs?) Implementing isolated service overlays on a network and/or their extension. In particular, embodiments relate to methods, systems and apparatus for implementing extended customer LANs at provider network service points and/or isolated service overlays between each customer premises and the provider network service points.
“In different embodiments, a network point that is not located at a demarcation points at any of a plurality customer premises?e.g. located in a service provider network such as at one central office (?CO)? ), a digital subscriber access multiplexer? (?DSLAM?) ), An optical line terminal (??OLT? ), an optical line terminal (?OLT? ), a network interface device (?NID? ), or an enhanced NID? A connection might be established between a service provider network (e.g., wide area network (?)), or an enhanced NID (?eNID? or similar) to a customer’s LAN that has been established in a customer’s premises. This connection allows the system to extend the customer’s LAN to the point between the customer premises and the network service provider. Sometimes, the extension of the customer’s LAN to reach the network service points and customer premises may involve extending the customer’s LAN to reach the customer premises using one or more network functions virtualization (?NFV?) Software-defined networks (?SDNs ?).”)
“Some embodiments of the system may map between the service provider network (i.e. mapping one network to another and/or vice versa), in certain cases via at least one of the following: a router function or mapper function, a programming services backbone (?PSB?) function, a SDN function or a NFV operation, and/or other similar functions. Herein, ?programmable services backbone? Also known as “platform services backbone” “Platform services backbone” is also sometimes used.
“Alternatively, or in addition, the system might create two or more service overlays?” This could include, but is not limited to, two or three of a secure service overlay, one Internet service overlay, or an Internet of Things (IoT)? service overlay, a PSB-service overlay, and a content delivery network?CDN? service overlay, a PSB service overlay, a content delivery network (?CDN?) This allows for complete isolation, security and privacy enforcement, as well as the placement of apps, data and/or content within each overlay 425 and/or any combination thereof, for every customer at each customer premises. One way to establish two or more service overlays between customer premises and network service point might be to create a virtual LAN (??VLAN?) One of two options for establishing the isolated service overlays across the customer LAN between the network service point and customer premises is to establish a virtual LAN (?VLAN?) or a virtual extensibleLAN (??VXLAN?) Each of the two or three isolated service overlays is carried across the customer’s LAN from the network service point to the customer premises. Some embodiments of the WAN include separate overlays that are handled via a broadband network gateway or border network gateway (?BNG?) As they are mapped into a LAN, the gateway and/or border function. On the LAN side, multiple methods and technologies?including, but not limited to, virtual private networks (?VPNs? ), secure shell tunnels and/or similar?may be used to transport the service and extend the WAN overlay into a LAN.
“In some cases mapping between the provider network (and the customer network) might include mapping between each of the two or three isolated service overlays. In some cases this may be done via at least one router function, mapper function or PSB function. A NFV function or SDN function could also be used. Some embodiments allow the system to place at least one firewall, application, or content within any of the two or three isolated service overlays. This will not affect network traffic or network services along the other two or more overlays.
“The implementation at a network service points (i.e. outside the customer premises) of the WAN/LAN interface and/or implementation two or more service overlays allow for, among others, greater agility in the implementation and instantiation new services, improved privacy enforcement with ability to place firewalls or applications in each stream at will, enhanced security, stronger customer control over the LAN/WAN (or both) mapping via PSB or NFV functions, hosting economics through shared central office resources and/or other similar. This is a paradigm shift from a?WAN Access’-type service (such as?Internet Access). This platform-based service is comprised of (in certain embodiments) NFV compute Nodes as well as Gateways at the Central Office, Access and the local LAN switch located at each customer site. The customer controls or owns the resources at the Central Office (or any other network service point(s), outside of the customer premises), as well as all the?WAN? Services have extremely high speed connectivity to customer compute resources in Central Office (or any other network service points(s) outside of customer premises), thus relieving any?access bottlenecks. This eliminates any?access bottlenecks? that might be caused by the traditional WAN/LAN interface at customer premises. Access is now a customer-owned, or customer-controlled, resource. This means that Access can be controlled by the customer to control the network gateway to the Access and the LAN resources at the Access site.
“Various other embodiments provide tools, techniques, and methods for implementing network enhancement gateway functionality. In particular, embodiments relate to methods, systems and apparatus for implementing network enhancement gateway functionality using network function virtualization (?NFV?). Software defined networks (SDNs) and/or network functions virtualization (?NFV?). You can combine the network enhanced gateway functionality with either one or both of the extension of customer local areas networks (?LANs?) Implementation of isolated service overlays on a network and/or extension of customer local area networks (?LANs?)
“In different embodiments, a network switching device that is located within a gateway device might route network traffic towards a host computing device. At least a portion (or all) of the network traffic may be directed to a client device via the switch and via a corresponding port among a plurality client ports. The host computing system chooses one or more virtual networks functions (?VNFs?) based at least partially on the characteristics of at least some of the network traffic directed to the client device. The host computing system then sends the selected VNFs to it via the network switch. Some embodiments allow clients to be VNF-capable, including set-top boxes and local Internet of Things (IoT) devices. Controller, and/or similar. In some embodiments, client devices might be VNF-capable (including but not limited to a set-top box or a local Internet of Things (?IoT?)). The host computing system might then send one or several second VNFs (which might either be the same or based on the selected VNFs) over the network switch and corresponding clients port to the client devices. In some embodiments, the network switch or host computing system is under the control of a NFV entity, and/or a SDN Controller. These controllers provide network enhanced gateway functions to the gateway device. The NFV entity may include at least one of a NFV orchestrator or a network functions virtualization architecture (?NFVI?) in some cases. System, NFV management (?MANO?) System, a NFV management and orchestration (?MANO?) ), a virtual machine? ), a virtual machine (?VM?)
“The network traffic between a network switch and the host computing systems, in some embodiments is at least one among uni-directional, bi-directional, or split-directional traffic that originates at least from one of the plurality or more client ports or one, more, network ports. One or more of the characteristics of received network traffic may include at least one attribute of an Ethernet frame, media access control (?MAC?) or one or both of these. Source addresses, one to more MAC destination addresses and one or several Internet Protocol (?) Source addresses, one to more MAC destination addresses, one of more Internet Protocol (?IP?) addresses, one, more or all of the transmission control protocols (?TCP?) addresses. Source addresses, one to more IP destination addresses, one- or more transmission control protocols (?TCP?) identifiers, one to three network protocol identifiers or one or two action instructions and/or similar.
“Some embodiments of the system include the host computing system and network switch within one gateway device. Alternately, or in addition, the host computer system (or another host computing systems) may be located outside of the gateway device where the network switch is disposed. The gateway device might contain a host port(s), through which the host computing might communicate with the network switch via that host port(s). In some embodiments, the gateway device might include at least one of the following: customer premises equipment (CPE) A router, a switch or network element might be included in the gateway device. A CPE might include at least one optical network terminal (??ONT?) ), a network interface device (?NID? ), an enhanced NID? ), a residential gateway?RG? device, a residential gateway (?RG?) device, a business gateway (?BG?) device, and/or similar.”
“A client device could be, simply by way of an example, one of the following: a tablet computer or smart phone, a smartphone, a mobile gaming device, a laptop, or a desktop, and/or other similar devices. A client device could also include a device from a selection of small form factor pluggables (?SFP) device, an enhanced SFP? (?SFP+?) device, a compact SFP (?CSFP?) Device, a gigabit interface convertor (?GBIC?) device, a gigabit interface converter (?GBIC?) and a universal serial bus. ), and a universal serial bus (?USB?) Some cases might include at least one SFP device, the SFP+ or CSFP device. A SFP router, SFP modem or SFP wireless access point might be included. The USB pluggable device may include a printer, scanner, combination printer/scanner device or an external hard drive. It could also include a camera, keyboard, mouse, drawing interface device, and/or the usual suspects.
“In some embodiments, one or more VNFs provide the clients device with one or many functions, the one(s) comprising at minimum one of an activation, an operation, a deletion, a special function, and a firewall function. An Internet of Things (IoT?)? proxy function, application-related function or operations, administration and management (??OAM?) function, and/or similar. Sometimes, the VNF might be part of the specialized function. According to some embodiments, each client port might include one of the following: a local area network? (?LAN?) port, a WiFi port, or an advanced technology attachment (??ATA?) port, a serial SATA (?SATA?) port, a serial ATA (?SATA?) port, an external SATA (?eSATA?) port, a mini SATA (?mSATA?) port, a SATA Express port, a M.2 port, or a universal serial bus (?USB?) port, and/or similar.”
“The host computing system may include one or more computing centers, but preferably two or three computing cores. In some cases, the host computing system might include at least one computing core that performs functions as a gateway device and at least one computing core that performs hypervisor functions to support VNFs. In some cases, the host computing system may include at least one of an x86 host computer device (?RISC?) or an advanced reduced instruction-set computer (??RISC?) machine (?ARM?) computing device. The network switch may be a virtual network device that uses a VNF network switch to provide network switching functionality. Sometimes, the transceiver may be a virtual transceiver which uses a transceiver VINF to provide transceiver functionality.
“The following detailed description illustrates some exemplary embodiments in greater detail in order to allow one skilled in the art to use such embodiments. These examples are intended only to illustrate the invention and not limit its scope.
“The following description provides a detailed explanation of the various embodiments. However, it will be obvious to those skilled in the art that the invention can be used in other ways. Other instances show certain structures and devices in block diagrams. There are many embodiments described in this document. While different features are assigned to different embodiments of the invention, it should still be understood that features described in one embodiment can be combined with other embodiments. However, not all features or features described in any embodiment of the invention should be considered essential. Other embodiments may also include such features.
“Unless otherwise stated, all numbers used in this application to express quantities, dimensions and so forth should be understood to have been modified in every instance by the term ‘about. Except where otherwise stated, the singular is used in this application. If the application is not specifically stated otherwise, the singular includes the plural. means ?and/or? Except where otherwise stated. The term?includes? is also acceptable. As well as other forms such as ‘includes,? as well as other forms, such as?includes? ?included,? should be considered non-exclusive. Terms such as “element” or “component” should be considered non-exclusive. or ?component? “Comprising both elements and parts that make up one unit as well as elements and parts that make up more than one unit, except where otherwise stated.”
“Various embodiments provide tools that include methods, systems and/or software products. A method could include one or more procedures that can be executed by a computer system. A computer system may be provided with instructions that allow it to execute one or more procedures according to various embodiments. A computer program could also include instructions that can be executed by a computer system and/or a processor to perform these operations. These programs may be encoded on tangible, physical, and/or intransitory computer-readable media (such optical media, magnetic media and/or the similar), in many cases.
“Various embodiments herein, which may include software products, computer-performed methodologies, and/or computers systems, are tangible, concrete improvements in existing technological areas. Certain embodiments can also improve the functionality of equipment and systems (e.g., telecommunications equipment. service provider networks. customer local area networks. network components). For example, enabling the extension of the customer’s LAN to span between customer premises and a network point in the service provider network (i.e. beyond the demarcation line), or by establishing two or more isolated services overlays (including but not limited to isolated service overlays for secure, Internet, IoT and PSB, CDN apps, other services and/or similar) across the customer’s LAN between the network point and customer premises. Particularly, if abstract concepts are present in any of the embodiments, these concepts can be implemented by devices, software systems, or methods that include specific new functionality (e.g. steps or operations such as extending the customer’s LAN to span between customer premises and network service points in the service provider network (i.e. beyond the demarcation line), or establishing two or more isolated service overrides (including but not limited to isolated service overlays to secure data, Internet and IoT, PSB and CDN, apps and customer premises) across the network service to customer LAN from the network service point to the customer premises and customer premises) to provide additional services and/or the combination of these functionalities and/or the like and/or the above conventional computer processing, or the like. These functionalities may produce tangible results that are not dependent on the implementing computer system. For example, they can improve privacy and security by allowing customers to control the mapping of LAN-to WAN and WAN-to LAN via PSB and/or other NFV functions. They also allow for faster implementation and instantiation of new services.
“In one aspect, a method may include establishing, at an external network service point at each customer premises, a connection between the service provider network of a customer local network (?LAN)? The customer LAN is established in a customer premises within the plurality. This could also include extending the customer’s LAN via the connection between service provider network, customer LAN to extend between customer premises and network service point.
“In some cases, the customer LAN can be extended to span between the service point and customer premises using one or more network functions virtualization (?NFV?) Software-defined networks (SDNs?) might be used. Sometimes, the network service point may be at a central office (or a digital subscriber access multiplexer (?)DSLAM). The like. Alternately, or in addition, the network service points might be located at an optical line terminal. A network access point (??NAP?) is another option. ), a network interface device (?NID? ), an enhanced NID? ), or an enhanced NID (?eNID?) Sometimes, the service provider network may be a large area network (?WAN ?).”).
“Some embodiments of the method may also include mapping between the customer LAN and the service provider network (i.e. mapping one network to another and vice versa). Sometimes, mapping between the customer’s LAN and the service provider network might include mapping between the two networks via at least one of the following: a router function or mapper function; a programmable backbone (?PSB?)); function, or a virtualization of network functions (?NFV?) function, a network functions virtualization (?NFV?) function, and/or similar.”
“Merely as an example, some embodiments might also include establishing two or three isolated service overrides across the customer’s LAN between the service point and customer premises. Each of these isolated service overlays has its own network traffic, which is separated from that transmitted by another of the two or several isolated service layers. The two or more isolated service layers might include a secure data overlay, an Internet overlay, or an Internet of Things (IoT) in some cases. service overlay, a backbone for programmable services (?PSB?) service overlay, a programmable services backbone (?PSB?) service overlay, a content delivery network (?CDN?) In some cases, the establishment of two or more service overlays between the network service point (or customer premises) and the customer LAN might involve establishing a virtual LAN? One virtual extensible network (?VLAN?) or one virtual LAN between the customer premises and the network service point might be used to establish these overlays. ), and/or similar, for each of two or more isolated service overlays across customer LAN between network service point (?VXLAN?)
“Another aspect of the system may include a gateway device at customer premises of a plurality customer premises and a networking node at a service point external to each customer premises. A gateway device may include at least one processor and a first-transitory computerreadable medium that is communicatively coupled with the at least 1st processor. The first non-transitory computerreadable medium may contain computer software that contains a first set instructions. This first set causes the gateway to establish a customer’s local area network (?LAN?). Within the customer premises. A network node may include at least one additional processor and a second, non-transitory computer-readable medium that is communicatively coupled with the at least one other processor. The second non-transitory computerreadable medium could contain computer software that contains a second set. These instructions, when executed by at least one of the processors, cause the network node establish a connection between a customer LAN and a service provider network. This allows the customer to connect to the service provider network to extend their LAN to the customer premises.
“In some cases, the extension of the customer’s LAN to extend between the network point and customer premises may involve extending the customer’s LAN between the network point and customer premises using one or more network functions virtualization (?NFV?) Software-defined networks (SDNs?) or central offices. The network service point may be located at a central office, or a digital subscriber access multiplexer (??DSLAM?) in some cases. Alternately, or in addition, the network service points might be located at an optical line terminal. A network access point (??NAP?) is another option. ), a network interface device (?NID? ), an enhanced NID? ), or an enhanced NID (?eNID?) Sometimes, the service provider network may be a large area network (?WAN ?).”).
“Accordingly to some embodiments, the second set instructions, when executed on the at least 1st processor, might further cause a network node map between the service provider network (service provider network) and the customer network via at least one function: a router function or a mapper function. A programmable services backbone? function, or a virtualization of network functions (?NFV?) function, a network functions virtualization (?NFV?) function, and/or similar.”
“In certain embodiments, the second set instructions might cause the network node, when executed on the at least one other processor, to further establish two or three isolated service overrides across the customer’s LAN between the service point and customer premises. Each of these two or more isolated overlays has network traffic that is separated from traffic sent along the other of the two or several isolated service layers. The two or more isolated service layers might include a secure data overlay, an Internet service layer, or an Internet of Things (IoT) overlay. service overlay, a backbone for programmable services (?PSB?) service overlay, a programmable services backbone (?PSB?) service overlay, a content delivery network (?CDN?) In some cases, the establishment of two or more service overlays between the network service point (or customer premises) and the customer LAN might involve establishing a virtual LAN? One virtual extensible network (?VLAN?) or one virtual LAN between the customer premises and the network service point might be used to establish these overlays. ), and/or similar, for each of two or more isolated service overlays across customer LAN between network service point (?VXLAN?)
“In another aspect, an apparatus may be provided that is at a network point that is not connected to the demarcation points at each customer premises. The apparatus could include at least one processor, and a nontransitory computer-readable medium that is communicatively coupled with the processor. The non-transitory computerreadable medium may contain computer software that contains instructions that when executed by at least one processor causes the apparatus to establish, in the network service point (?LAN), a connection between a provider network and a customer’s local area network. The customer LAN is established in a customer premises.
“In certain cases, the network service points might be located at a central office (or a digital subscriber access multiplexer) (?DSLAM). The like. Some embodiments of the instructions might cause the apparatus to map between a service provider network and a customer LAN via at least one of the following: a router function or mapper function; a programmable backbone (?PSB?)); function, or a virtualization of network functions (?NFV?) Function, a network functions virtualization (?NFV?) function.”
“In some embodiments, the set instructions might cause the apparatus to create two or three isolated service overrides across the customer’s LAN between the network point and customer premises. Each of these two or more isolated overlays has its own network traffic, which is separated from that transmitted by another of the two or several isolated service layers. The two or more isolated service layers might include a secure data overlay, an Internet overlay, or an Internet of Things (IoT) in some cases. service overlay, a backbone for programmable services (?PSB?) service overlay, a programmable services backbone (?PSB?) service overlay, a content delivery network (?CDN?) In some cases, the establishment of two or more service overlays between the customer premises and the network service point might involve establishing a virtualLAN (?VLAN?). One virtual extensible network (?VLAN?) or one virtual LAN between the customer premises and the network service point might be used to establish these overlays. ), and/or similar, for each of two or more isolated service overlays across customer LAN between network service point (?VXLAN?)
Without limiting the scope of the invention, modifications and additions may be made to the described embodiments. While the embodiments discussed above are specific features, the scope includes embodiments with different combinations of features and embodiments which do not include all the features.
“Specific Exemplary Embodiments.”
“Now, let’s look at the embodiments illustrated in the drawings. FIGS. FIGS. 1-14 show some features of the system, method, and apparatus for implementing customer local area networks. 1-14 illustrate some of the features of the method, system, and apparatus for implementing extension customer local area networks (?LANs). Software defined networks (SDNs) and/or extension of customer LANs at a provider network service point(s). As referred to above. FIG. FIG. 1 shows a system to extend customer LANs at provider network service points and/or implement isolated service overlays between provider network service points and each customer premises. FIGS. FIGS. 2A-2C, 6 show some of the specific features (but not limited) of the system, method, and apparatus that are used to extend a customer’s LAN at a provider service point. FIG. FIG. 3 shows specific, but not limited, features of an example system that allows content delivery to customers without affecting Internet service to other customers. FIGS. FIGS. 4, 5, 7 show some of the specific features, but not limited, of the system, method, and apparatus for implementing isolated services overlays between a provider point(s), a customer premises, or each of a plurality, of customer premises. FIGS. FIGS. 8-12 show some of the specific features (but not limited) of the system, method, and apparatus that are used to implement network enhanced gateway functionality. FIGS. FIGS. 13 and 14 show an exemplary system and its implementation. FIGS. 1-14 show various methods, systems and apparatuses. FIGS. 1-14 show examples of various embodiments, each with different components and steps. These can be considered alternative or combined in various embodiments. FIGS. 1-14 show the descriptions of illustrated methods, systems and apparatuses. The illustration of FIGS. 1-14 is for illustration purposes only and should not be taken to limit the range of possible embodiments.
“Foundation 1 is a schematic diagram illustrating a system 100 for implementing extension of a customer LAN at s provider network service point(s) and/or implementing isolated service overlays between a provider network service point(s) and premise, in accordance with various embodiments.” 1. A schematic diagram showing a system 100 to extend a customer’s LAN at a provider point(s), and/or implement isolated service overlays between the provider point(s), and customer premises. This is in accordance with various embodiments.
“In FIG. “In FIG. ), etc. ), industrial customer premises, commercial or business premises, and/or other similar. System 100 may also include at least one gateway device 110, and/or a network device (?NID?) in various embodiments. 115 at each customer premises 105. Sometimes, the gateway device 110 may include at least one residential gateway (?RG?) device, a business gateway?BG?) device, a business gateway (?BG?) device, a modem or router, and/or the similar. One of the NID 115 may include an optical network terminal (??ONT?). ), a copper-fed network interface device (?NID? ), or an enhanced NID? ), or an enhanced NID (?eNID?). In some embodiments the gateway device 110 may be within the customer premises. The NID 115 may be on an exterior wall or telecommunications area/closet. The NID 115 serves as a demarcation line 120. This marks the end or traditional of a public network that is associated with a telecommunications company, network service provider, or customer and the beginning or continuation of a private network. Referring to at least FIGS. 2B, 2C and 6 below show that the demarcation point is no longer a physical mark indicating the end of a public network or the beginning of a private network. These embodiments are described in detail. In some embodiments, the NID 110 and the gateway device 110 might be combined into one device. These devices could be located either within the customer premises or on an exterior wall.
“System 100” might also include, at a central offices (?CO?) 125, at most one programmable service backbone (?PSB?) Node 130. Herein, ?programmable services backbone? Also known as “platform services backbone” It could refer to a network backbone, or a network service backbone, that can be programmable. In some instances, it may also include a virtualization layer infrastructure management (or similar) or SDN (which covers software-defined networking. A digital subscriber line access multiplexer, (?DSLAM?) might be included in System 100. System 100 might also include a digital subscriber line access multiplexer (?DSLAM?) 135 (collectively, ?DSLAM/OLT 135? It could be either a CO-based DSLAM/OLT 135, a that is located within the CO 125, or an external DSLAM/OLT 135, b that is situated between the CO 135 and the plurality customer premises 105. Sometimes, a cable modem termination device (?CMTS?) might be used in lieu of a DSLAM. A cable modem termination system (?CMTS?) might be used in some cases. One or both of the PSB 130 nodes in CO 125 might provide Internet service/other network service to Internet 140 from one or more customer premises 105 via DSLAMs/OLTs 135 or 135, via NIDs 115, and/or via gateway device 110 or the like. The solid line connecting Internet 140 and the NIDs 120 a and 115b is shown by the solid line connecting Internet 140 and the at least one PSB 130 as well as one of DSLAM/OLT 135a or 135/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135/OLTS 135/OLT 135/OLT 135a or 135a or 135/OLT 135/OLT 135/OLT 135/OLT 135/OLT135 a or 135/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135a/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135/OLT 175 a/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135/OLT135 a/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135/OL 135 a/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135 a/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135 a/OLT 135/OLT 135/OLT 135/OLT 135/OLT 135/135 a/OLT 135/135 a/OLT 135/OLT 135/135 a/135 a/35 a/135 a/135 a/OLT 135/135 a/135 a/135 a/135 a/135 a/135 a/135 /135 a/135 a/135 /135 /1
According to some embodiments, system 100 may also include one or more software defined networks (?SDN?) Controllers 145, one, more or all NFV entities 150, and/or both, that provide programmable or virtual network functionalities to network components, such as gateway devices 110, NIDs 115, DSLAMs 135, OLTs 135 and/or other similar items. Each NFV entity may include at least one of a NFV orchestrator or a network functions virtualization architecture (?NFVI?) in some cases. System, a NFV management (?MANO?) System, a NFV management and orchestration (?MANO?) ), a virtual machine?VM? ), a virtual machine (?VM?). 8-11 below.”
“In certain embodiments, system 100 may include an application service provider (ASP?) ASP server(s), 155 might offer at least one of the software applications (?apps?) in some embodiments. One or more of the ASP server(s) 155 that might provide at least one of the software applications (?apps?) One or more SDN controllers 145 or the one or two NFV entities 150 may provide programmable or virtual network functionality to one or both service portal 160 a within CO 125 or 160 b outside CO 125.
“In operation, system 100 might extend a customer’s LAN at a provider service point(s), as described in detail with regard to FIGS. 2A-2C, and 6 below), provide content delivery to customers without affecting Internet service (e.g. high-speed Internet service) for others (as detailed with reference to FIG. 3 below), Implement isolated service overlays between provider network service points and customer premises (as detailed with reference to FIGS. 4, 5, 7 and 7 below), or any combination thereof.
“FIGS. 2A-2C (collectively, ?FIG. 2?) These schematic diagrams illustrate various systems 200, 200 and 200. Implementing an extension of a customer’s LAN at a provider network point(s), according to various embodiments. FIG. FIG. 2A shows a system 200 that has a gateway device (205) at customer premises. This device may be located at customer premises. It establishes (network?) a connection between customer LAN210 and service provider network 215 (in our case, a wide-area network (?WAN?)). 215, but not necessarily a WAN. Gateway device 205 could be one or both of NID 115 and/or gateway device 110 in FIG. 1.”
“In FIG. 2. Dash lines 220 are the relative positions of gateway device 205 and customer LAN 210. These are also the positions of other components of the network (e.g. components in the CO 125 or DSLAM/OLT 135, etc.) as shown in FIG. 1, network node 223 a as shown in FIG. 2B, network Node 225 a shown in FIG. 2C, and similar). FIG. 2A shows that the gateway device 205 might be located at customer premises 105. The customer LAN 210 might also be there (as indicated with the dashed line 220 a). While the WAN 215 might cover a portion of gateway device 205, DSLAM/OLT 13,5, CO 125 and Internet 140 (as indicated in the dashed lines 220 b and 220 c and 220 d). FIG. 2A could represent a convention or traditional state where the customer LAN 210 covers only one customer premises 105, while the WAN 215 (or another service provider network to which the customer LAN 210 connects via gateway device 205) covers a portion the gateway device 205. FIG. 2B is an initial state before extension of the customer’s LAN 210 outside the customer premises.105 (towards the CO 125), according to FIG. 2B and 2C.
“In certain embodiments, the gateway device 205 may provide transmission functions (i.e. transmission from/to WAN 215/from LAN 210), LAN switching function, dynamic host configuration protocol? (?DHCP?)). Functions that automatically assign Internet Protocol (‘IP)? addresses to the LAN so that clients and computing devices can communicate), WAN routing functions and the like.”
“Now, we turn to FIG. 2B, which is system 200? System 200 is the same as FIG. 2A, with the exception of system 200? Further, network node 225 a is located at DSLAM/OLT 135. (which refers external DSLAM/OLT 135. b in FIG. 1) (as indicated with the dashed line 220-b). Network node 225 a extends customer LAN 210 via or using the connection between service provider network (here, WAN 215)?and the customer LAN 210 (to span between network node 225 a, which is located at DSLAM/OLT 135, or external DSLAM/OLT 135, b as shown below). 1) and customer premises 105. The network node (225a) extends the customer’s LAN 210 (which in FIG. 2A only covers the customer premises 105). 2A) extends beyond customer premises 105 (which only spans the customer premises 105 in the embodiment of FIG. 1)). System 200? System 200? 2A.”
“Alternatively, refer to FIG. 2C, system 200? is an alternative to FIG. 2A, system 200? FIG. FIG. 2B also includes network node 2225 b, which is located at CO125 (as indicated with the dashed line 220-c). Network node 215 b extends customer LAN210?via or by using the connection between service provider network (here WAN 215), and customer LAN210?to span between network node 225, which is located at CO125, and customer premises 105. Also, this is similar to network node 215 a in FIG. 2B: The network node 225b extends customer LAN210 (which in FIG.2B’s embodiment only covers customer premises 105). 2A) Beyond the customer premises (105), i.e. beyond the demarcation line (e.g. demarcation points 120 of FIG. 1)).”
“In FIGS. “In the embodiments of FIGS. Functions, and/or similar. What is System 200? System 200 is similar to, if any, system 200 in FIG. 2A or 200? FIG. 2B.”
“FIG. “FIG. for customers other than those listed in FIG. 3, according to various embodiments. FIG. FIG. ), etc. ), industrial customer premises, commercial or business premises, and/or other similar. System 300 may also include at least one gateway device 310, and/or a network device (?NID?) in various embodiments. 315 at each customer’s premises 305. The gateway device 310 may include at least one residential gateway (?RG?) device, a business gateway?BG?) device, a business gateway (?BG?) device, a modem or router, or a virtual gateway (?vG?) One of the NID 315 may include an optical network terminal (??ONT?). ), a copper-fed network interface device (?NID? ), or an enhanced NID? ), or an enhanced NID (?eNID?). In some embodiments, gateway device 310 may be within customer premises. NID 315 may be on an exterior wall or in a telecommunications room/closet. The NID 315 serves as a demarcation mark 320. This marks the end or traditional of a public network that is associated with a telecommunications company, network service provider, and the beginning or private network associated to a customer associated with the particular customer premises. Referring to at least FIGS. 2B and 2C, respectively, as well as FIG. FIG. 6 below, the demarcation line as a physical mark of the end or beginning of the public network is no longer applicable, as shown in detail in the embodiments. In some embodiments, the NID 315 and the gateway device 310 might be combined into one device. They could either be located inside the customer premises or on an exterior wall.
“System 300” might also include one or more DSLAMs/OLTs 335. This could correspond to either one or both of the CO-based DSLAM/OLT 135 a or external DSLAM/OLT 135. b of FIG. 1) and Internet 340. Core network 365 might include one or more of the DSLAMs/OLTs 335, and Internet 340. One or more of the edge switches 370 could include a first edge 370 a (located within core network 365 and being close to customer premises 305), a secondary edge switch 370 b, which is located in core network 365 and being closer to the Internet 340 and further away from customer premises 305), and a tertiary edge switch 370 c, which is located in core network 365 and being close to customer premises 305. However, it may not be as close as the core network 370 a. The core network, which includes at least one edge switch 370 a and two edge switches 370 b, one or more DSLAMs/OLTs 335, and one or both NIDs 315 or 310) is in operation and provides Internet service to customer premises 305 (as indicated with the shared pipes 375 a-375 n).
“System 300 may also include one or more service portals 360 in some embodiments. One or more of the service portals 360 may be communicatively coupled or part of one or more edge switches370. FIG. FIG. 3 shows a service portal 360. It is communicatively coupled with third edge switch370 c. System 300 may also include one or more ASPs 355, or ASP servers 355, that might provide at most one of the following software applications (?apps?) ), media content (e.g. video, audio, video and/or game content and/or data content and/or to customer premises. 305?via the third edge switch370 c, service portal 360 and one or more DSLAMs/OLTs 335, and one or both NID 315a and/or gateway device 315a?to customer premises. 305 a (as shown by the service pipe 388)
“In certain embodiments, service portal 360 may be instantiated within the first edge switch370a using at minimum one of a PSB Virtual Function, a SDN Controller, or a NFV entity. ), and/or similar. The ASP 355 services can be routed in the same manner as shown in FIG. 3. (i.e. by feeding a servicepipe 380 (which might in some cases be embodied in one of the service overlays) along the edge of the core network via service portal 360. 4, 5, and 7) at the edge of core network via service portal 360) The Internet service provided to each customer premises by the network provider is not affected by the ASP service to customer premises 305 a.”
“Although FIG. FIG. 3 shows an ASP or ASP server 355 serving one customer premises 305. However, this illustration is only for convenience and other embodiments can be used. Essentially, an ASP or ASP server 355, or a plurality or all of the ASPs or ASPs 355, might service any number of customer premises 305 a to 305 n in a similar fashion through one or more service portals 360 (and edge switches(es), 370, and DSLAM/OLT(s), 335 as appropriate or desired).
“Customer premises 305 and gateway device 310, NID 315, demarcation points 320, DSLAM/OLT 335, Internet 340 and ASP/ASP server 355, and the service portal 360 may otherwise be identical to customer premises 105 and gateway device 110. 1. System 300 could be similar to, or even identical, system 100 in FIG. 1.”
“FIGS. 4, 5, and 6 are for implementing isolated service overlays. FIG. FIG. 4. A schematic diagram showing a system 400 that implements isolated service overlays between provider network service points and each customer premises. This is in accordance to various embodiments. FIG. FIG. 5 shows a schematic diagram of a 500-user system for implementing isolated service overlays. It is implemented between a provider network point and customer premises in accordance to various embodiments.
“In FIG. System 400 may include one or more virtual premises?Vp? Gateway devices 405 (which could include a first through Nth VP gateway devices 405a-405n and the corresponding one or several virtual networks (?Vn?) gateway devices 405 (which could include a first through Nth Vp gateway devices 405 a-405 n and corresponding one or more virtual networks (?Vn?) System 400 may also include at least one network hub 415. The Vn gateway devices (410 a-410 n) might be located at at least one of the four network hubs 415. This network node 415 could correspond to network node 215 a or 215 b in FIG. 2B and 2C, respectively. Similar to network node 215 a or 215 b, as discussed above in relation to FIG. 2B and 2C: Network node 415 may establish a connection between network node 420 and each customer’s LAN 433. (here, customer LAN430a through customer customer LAN430n), and/or extend each customer’s LAN 435 (via the connection). This will allow the network node 415, which is a network service points, to span between each customer premises (e.g. customer premises 105 in FIGS. 1. and 2.
“System 400 could also establish isolated service overlays 425 within WAN 420 or another service provider network 420. FIG. FIG. 4 shows two or more isolated service overlaid 425. These could include, but are not limited to, a secure data overlay, an Internet overlay, or an Internet of Things (IoT) overlay. service overlay, a backbone for programmable services (?PSB?) service overlay, a programmable services backbone (?PSB?) service overlay, a content delivery network (?CDN?) Each of the isolated service overlays has its own network traffic, which is separate from traffic sent along the other two or more overlays. System 400 may also establish two or three isolated service overlays 435 within each customer’s LAN 433. (Here, shown as two or multiple isolated service overlays 430a and two or several isolated service overlays 430n within customer’s LAN 433. Each set of service overlays 450 a-435b and each customer’s LAN 430-430n corresponds to Vp gateway device 405a through 405n). Each Vn gateway device (410 a-405 n) routes and/or maps each one of the two or three isolated service overlays 435, within WAN 420. This is for each customer’s LAN 430-430 n.
“With reference to FIG. 5 might contain a Vn Gateway container 410 within network Node 415. The Vn Gateway Container 410 may contain a router/mapper functionality 505, which might be a VNF (or the like) that is instantiated within Vn Gateway Device 410 using at minimum one of a PSB virtual, a SDN controller or a VNF entity and/or the like. FIG. FIG. 5 shows the icons that are diamond-shaped. The set of icons that are diamond-shaped between the WAN 420 & the Vn Gateway Container 410 represents a gateway function. It represents the place (or overlay for) where the WAN (or Internet?) stops. All functions that are to the right (in FIG. Vn gateway is the edge of the platform. 5 represents the?platform side of the service. A router/mapper function 505 may have a WAN connector 510 that interfaces to WAN 420, and a LAN connector 515 that interfaces to LAN 435. This includes interfacing each one of the isolated service overlays 425-225 within WAN 420 as well as interfacing each of those overlays within each customer LAN 430. Each of the isolated service overlays 425 on the WAN-side might be further mapped by the router/mapper function 505. This could also include interfacing each of the isolated overlays 435 of LAN 430 and each of the 2 or 3 isolated overlays 435 of LAN 430. The router/mapper function 505 could map the secure data overlay 425 on WAN420 with Internet Service Overlay 435 on LAN430, map IoT overlay 425 on WAN420 with Internet Service Overlay 435 at LAN430, Map PSB overlay 425 in WAN420 with PSB overlay 435 at LAN430, Map CDN overlay 425 in WAN420 with CDN overlay 435 from LAN430, Map one or several other service overlays 425 on WAN420 with one of 435 or 435, one or other 435, or map with another service 435 or 435, or 435, or with 435 or 435 or 435 or 435 or 435, or with 435 or 435, or 435 or 435 or 435 or 435 or 435 or 435 or 435, or 435 or 435 or 435 or 435 or 435, 435 or 435, 435 or more service 435 or 435 or more service 425 or more service 435 or 435 or 435 or 435 or 435 LAN 435 435 435 430 or 435 435 430 and 435 430 or more service 435 430 or 430 or 430 or 430 or 430 or 430 or 430 or 430 or 430 or 430 or 430.
“Vn gateway container 410 may also include one or more virtual applications (?Vapp?) in some embodiments. Containers 520 might also include one or several virtual applications (?Vapp?) in some instances. Proxies 525, one to three containers 520, which may include one or two firewalls or firewall Vapp containers 520a, one or several Vapp containers 520b hosting one or multiple authentication, authorization, and accounting (?AAA?) FIG. FIG. 5 shows that the Internet data stream from the Internet overlay 425 might be routed first through a firewall container 520a (as indicated with a dashed-line routing through firewall container 520a), before interfacing with router/mapper function 505 to route/map to the corresponding Internet overlay 435 of customer network 430. The IoT data stream for the IoT overlay 425 might be routed first through a firewall Vapp container 520a (as indicated with a dashed line routing through container 525 a), before interfacing to the router/mapper function 505 to route/map to the appropriate IoT overlay 435 of customer network 430. Similar to the PSB data stream of the PSB overlay 425 of the WAN 420, it might be routed first through an AAA proxy 525 within Vapp container V520 b (as indicated with a long dashed-line routing through Vapp Container 520b), before interfacing to the WAN interface function 505 and routing/mapping the appropriate PSB overlay 435 of customer network 430. Similar to this, the CDN data stream of the CDN overlay 425 might be routed first through CDN Vapp Container 520 d (as indicated with a long dashed line routing through CDN Vapp Container 520.d), before interfacing to the router/mapper functionality 505 and routing/mapping the CDN overlay 435 of customer’s LAN 430.
“If Internet protocol version 4, (?IPv4) is used, mapping between the WAN 420 (i.e. service provider network) and the customer LAN 430 might include mapping between the WAN 420 and the customer LAN 430 using network address translation (?NAT). “If Internet protocol version 4 (?IPv4?) is used, mapping between WAN 420 (i.e. service provider network), and customer LAN 430 could include mapping between the WAN 420, and customer LAN 430 using network adres translation (?NAT) This modifies the network address information in IP packet headers to remap one IP address space to another. The IP datagrams (whose headers must be modified) are currently in transit through the router/mapper 505 of Vn gateway container.410. Alternately, Internet protocol version 6 (“?IPv6”) might be used. If Internet protocol version 6 (?IPv6?) is used, mapping between WAN 420 and customer LAN 430 may include mapping directly between the WAN 420 and customer LAN 430 for each service overlay 425/435. The Vn gateway device (410) might be an Internet router or VxLANmapper that is contained in a container controlling the mapping between the Internet (e.g. Internet 140 of FIGS. 1, 2, or WAN420 and customer LAN 433. The Vn gateway device410 can sometimes add services and applications at any point (i.e. in any service overlay on either the WAN-side or the LAN side) by changing the mappings. Some embodiments of the WAN include separate overlays that are handled via a broadband network gateway (?BNG?) As they are mapped into a LAN, the gateway and/or border function. On the LAN side, multiple methods and technologies?including, but not limited to, virtual private networks (?VPNs? ), secure shell tunnels and/or similar?may be used to transport the service, in order to extend the WAN layer into the LAN.
“In some embodiments, the?platform?” A feature, i.e., a feature of the Vn Gateway or the like, might include?fencing? This could refer to an isolated overlay, secure shell tunnel or VLAN, VXLAN etc. Secure or “fencing off”? Access to a customer’s LAN, so it can be protected. Other flows and network traffic can also be?kept away. It is not possible to do this. It may be desirable, for example, to allow an IoT application to communicate with one IoT sensor and not with all the information available via the Internet. A?who can view? is required in this instance. The?type list of the IoT overlay (or IoT VPN secure shell tunnel, IoT VLAN or IoT VXLAN) It can be used to fence the IoT sensor. An intrusion detection system (?IDS) might be used in certain cases. An intrusion detection system (?IDS? ), which is a software or hardware device that monitors the network or systems for malicious activity and reports on such activities, may be used with the fencing? This feature ensures that only the IoT app communicates with the particular IoT sensor. Otherwise alarms and reports might be triggered by the IDS.
“Components of the system 400 and/or 500 can be wirelessly connected to each other, even though they are not shown in the figures. Wireless speaker systems could be connected to the CDN Vapp container 525 d or the CDN overlay 425 via CDN overlay 435. Wireless backhaul could also be used via the PSB 425 or the PSB 435.
“FIG. “FIG. 6” is a flow diagram that illustrates a method 600 to extend a customer’s LAN at a provider point(s), according to various embodiments. Although the procedures and techniques are shown and described in a particular order, it is important to remember that some procedures can be changed or omitted depending on the scope of different embodiments. FIG. 600 illustrates one possible method. 6. can be implemented using (and in some cases are described below with regard to) the systems 100-200?, 200-200?, 300-400, 500, and 500 of FIGS. 1, 2,B, 2C and 3, 4 and 5 (or parts thereof) can be implemented with any hardware (or software). Each of the FIGS. 100, 200, 200, 300, 400 and 500 can be used in the same way. 1, 2B, 2, 3, 4, 5, and 5, or components thereof, can be operated according to the 600-illustrated method. 6, (e.g. by executing instructions encoded on a computer-readable medium), the systems 100 to 200?, 200 to, 300, 400 and 500 of FIGS. 1, 2B, 2, 3C, 4, and 5 may also be operated in other modes and/or follow other procedures.
“In FIG. “In FIG. Within a customer premises, or a number of customer premises. Alternativly, the customer LAN could have been established elsewhere.
“At block610, method 600 may include establishing, at network service point (e.g. at network node 225) a location at a digital subscriber access multiplexer?DSLAM? or optical line terminal (?) FIG. 135 2B, at network Node 225 b located in a central office. 125 in FIG. 2C (or the like), is a connection between the service provider network network and the customer’s LAN (e.g. a connection between wide-area network (?WAN?)). 215 and customer network 210 of FIG. 2, a connection between WAN 420 of FIGS. 4, 5, or similar. Sometimes, the network service point is not located at a demarcation points (e.g., 120 of FIG. 1, demarcation points 220 a and 320 of FIG. 2, demarcation mark 320 of FIG. 3, or similar) at each of the plurality customer premises (e.g. customer premises 105 of FIGS. 1, and 2, customer premises 355 of FIG. 3. In some cases, the network service points might be located at a central office, a DSLAM, or the like. Alternately, or in addition, the network service points might be located at an OLT, a Network Access Point (?NAP)? ), a network interface device (?NID? ), an enhanced NID? ), or an enhanced NID (?eNID)? Sometimes, the service provider network may be a WAN.
Method 600 could also include extending the customer’s LAN via the connection between service provider network, customer LAN to span between customer premises and network service point (block 615). Some embodiments suggest that extending the customer’s LAN to the point at the customer premises could be done by using one or more network functions virtualization (?NFV?) to extend the customer’s LAN between the point and customer premises. Software-defined networks (SDNs) or network functions virtualization (?NFV?) ), and/or similar.
“Method 600 at block 620 might include mapping between the service provider network (i.e. mapping one network to another and/or vice versa). Some embodiments of mapping between the customer’s LAN and the service provider network might include mapping between the two networks via at least one of the following: a router function or mapper function; a programmable backbone (?PSB?). function, a SDN function or a NFV operation, and/or similar.”
“At block 625 the method 600 may also include establishing two or three isolated service overlays (e.g. isolated service overlays 435 in FIGS. 4, 5, or similar) across the customer’s LAN (e.g. customer LAN 433, FIGS. 4, 5, or similar) between the network service points (e.g. at network node 225 a location at a OLT 135 or DSLAM in FIG. 2B, at network Node 225 b found at a central Office 125 in FIG. 2C, at the network node 415 of FIG. 4, at a virtual gateway or gateway container 415 in FIG. 5 or similar) and customer premises (e.g. customer premises 105 in FIGS. 1, and 2, customer premises, 305 of FIG. 3 or similar), each of the isolated service overlays has its own network traffic. This is in contrast to network traffic sent along the other two or more isolated overlays. By way of an example, some embodiments may include two or more of a secure service overlay, an Internet overlay, or an Internet of Things? service overlay, a PSB-service overlay, and a content delivery system (?CDN?) service overlay, one to three application or app service overlays, each associated with an Application Service Provider, or one or two other service overlays, each associated with a Service Provider, and/or similar.
“In some instances, the establishment of two or more isolated service overlays across a customer LAN between a network service point (network service point) and customer premises might involve establishing one virtual LAN (VLAN?) “In some embodiments, establishing the two or more isolated service overlays across the customer LAN between the network service point and customer premises might involve establishing one of a virtual LAN (?VLAN?) oder a virtual extensible-LAN (?VXLAN?) ”
“FIG. “FIG.7” is a flow diagram that illustrates a method 700 to implement isolated service overlays between provider network service points and customer premises in accordance with various embodiments. Although the procedures and techniques are shown and/or described in an order that is useful for illustration purposes, it should also be noted that some procedures can be changed or omitted depending on the scope of different embodiments. FIG. 700 illustrates one possible method. 7. can be implemented using or with (and in some cases are described below with regard to) the systems 100-200, 200? and 200?, 300, 400 and 500 of FIGS. 1, 2, A, 2B, 2C and 3, 4 and 5 respectively (or parts thereof) may be implemented with any hardware (or software). Each of the FIGS. 100, 200 and 200?, 200 or 200?, 300, 400 and 500 can be used in the same way. 1, 2, A, 2B, 2C and 3, 4, and 5 respectively (or their components) can be operated according to the FIG. 700 illustration. 7, (e.g. by executing instructions encoded on a computer-readable medium), the systems 100 to 200, 200? and 200?, 300, 400 and 500 of FIGS. 1, 2,A, 2B and 2C, 4, and 5, can also be operated according to different modes of operation or perform other suitable procedures.
“In FIG. “In FIG. Within a customer premises, or a number of customer premises. Alternativly, the customer LAN could have been established elsewhere.
“At block 701, method 700 may include establishing, at a service point, a connection among the service provider network network and customer LAN (e.g. a connection between WAN 215, customer LAN 210, of FIG. 2, a connection between WAN 420 (FIG. 430) and customer LAN 430 (FIG. 4, 5, or similar. In some cases, the network service point might be at network node 215 a network access multiplexer (?DSLAM?)). or optical line terminal (??OLT?) FIG. 135 2B, at network Node 225 b which is located at a Central Office 125 in FIG. 2C, or in the service provider network (e.g. wide area network (?WAN)). FIG. 215 2, WAN420 of FIGS. 4, 5, or the similar), and/or other such options. In some embodiments, the network point may be at an edge switch, a central desk, or a DSLAM. Alternately, or in addition, the network service points might be located at an OLT, a Network Access Point (?NAP?) ), a network interface device (?NID? ), or an enhanced NID? ), or an enhanced NID (?eNID?) Sometimes, the service provider network can be referred to as a WAN.
According to some embodiments, the establishment of the connection between service provider network network and customer LAN may include one of the following: Establishing a wireless connection between service provider and customer LAN; establishing an established wired connection between service provider and customer LAN; establishing either a hybrid wireless/wired link between service provider and customer LAN; or establishing backup connection between service provider and customer LAN.
“Method 700 may also include, at block 715 establishing two or multiple isolated service overlays (e.g. isolated service overlays 435 in FIGS. 4, 5, or similar) across the connection between a network service point (e.g. at network node 225 a location at a OLT 135 or DSLAM in FIG. 2B, at network Node 225 b at a Central Office 125 in FIG. 2C, at the network node 415 of FIG. 4, at a virtual gateway or gateway container 415 in FIG. 5 or similar) and customer premises (e.g. customer premises 105 in FIGS. 1, and 2, customer premises, 305 of FIG. 3 or similar), each of the isolated service overlays has its own network traffic. This is in contrast to network traffic sent along the other two or more isolated overlays. By way of an example, some embodiments may include two or more of a secure service overlay, an Internet overlay, or an Internet of Things? service overlay, a PSB-service overlay, and a content delivery system (?CDN?) service overlay, one to three application or app service overlays, each associated with an Application Service Provider, or one to more other service overlays each associated with a Service Provider, and/or similar.”
“In some instances, the establishment of two or more isolated service overlays across a customer LAN between a network service point (network service point) and customer premises might involve establishing one virtual LAN (VLAN?) “In some embodiments, establishing the two or more isolated service overlays across the customer LAN between the network service point and the customer premises might involve establishing one of a virtual LAN (?VLAN?) oder a virtual extensible-LAN (?VXLAN?) ”
“Method 700 at block 725 might include mapping between the service provider network (i.e. mapping one network to another and/or vice versa) Some embodiments may include mapping between the service providers network and customer LANs for each of two or more isolated services overlays. This might be done via at least one of the following: a router function or mapper function; a programmable backbone (?PSB?)); function, a SDN function or a NFV operation, and/or similar.”
“Method 700” could also include selectively placing one of a firewall or an application or content in one or more of two or more isolated services overlays. This would not affect network traffic or service along the other two or three overlays (block 703).
“FIGS. 8A-12 is directed at implementing network enhanced gateway functionality. This is detailed in the ‘023700U.S. Application (which has been included herein by reference in full). The network enhanced gateway functionality (or a network enhanced gate device) that implements such functionality can be used at customer premises. It might correspond to gateway 110 or NID 115 in FIG. 1, gateway 205 (FIG. 2, gateway 310, NID 315 and/or gateway 205 of FIG. 3, virtual premises (?Vp?) Gateway 405 of FIG. 4., and/or the similar, as described above. Alternately, or in addition, the network enhanced portal functionality or the network enhancement gateway device (which implements such function) can be used at any network service point. It might correspond to one of the PSB nodes 130 or DSLAM/OLT 135 or both of these numbers. 1, network node 215 a/or 215 b of FIG. 2, DSLAM/OLT 335, FIG. 3, network node 415, and/or virtual networking (?Vn?) Gateway(s) 410 in FIG. 4, Vn gateway container.410 of FIG. 5, and/or similar, as described in detail below.”
“Follow the instructions to find FIG. 8A shows a schematic diagram that illustrates a system 800 to implement network enhanced gateway functionality in accordance with different embodiments. FIG. 8A shows that system 800 may include a gateway device 805, which could include, but not be limited to, a switch 810 and at least one transceiver, 815, one or more client ports, 820 and/or similar. The gateway device 805 may also include one or several computing systems 825a. In other cases, or in addition, the gateway 805 could contain one or multiple host ports 830 that are communicatively coupled with one or many external computing systems 825b. The computing systems 825a and 825b, as well as the external computing systems 825b, are collectively called?computing system 825?. or?host computing system 825.
“In some embodiments, host computing systems 825 may each contain at least one of an x86 or advanced reduced instruction set computer (??RISC?). “In some embodiments, the host computing systems 825 might each comprise at least one of an x86 host computing device or an advanced reduced instruction set computer (?RISC?) computer, and/or similar. In some cases, host computing systems 825 may contain one or more cores, but preferably two or three cores. In some cases, the gateway device might be performed by at least one computing core, and hypervisor functions might be performed by at least one computing core to support virtual network functions (VNFs). Supporting VNFs may include at least one of: configuring VNFs and instantiating VNFs; modifying VNFs; sending VNFs out to specific networks and/or locations; bursting VNFs in specific network and/or locations; removing VNFs form particular network or computing locations; replacing VNFs; and providing complementing VNFs to supplement or enhance the functions of the VNF.
“Accordingly to some embodiments, a switch 810 could communicatively couple with two or more of these components: at least one transceiver (815), the one or multiple client ports 820 and the one, more or all computing systems 825 a, as well as the one, more or all host ports 830 and/or similar. The transceiver 815 may be directly coupled with one or more computing system 825 a in some cases. Each of the plurality client ports 820 may be one of a local network (?LAN?) in some embodiments. port, a WiFi port, or an advanced technology attachment (??ATA?). port, a serial SATA (?SATA?) port, a serial ATA (?SATA?) port, an external SATA (?eSATA?) port, a mini SATA (?mSATA?) port, a SATA Express port, a M.2 port, or a universal serial bus (?USB?) port, and/or similar. The network switch 810 may be either an Ethernet switch, or a LAN switching device that connects to one or more segments of LAN (typically one for WiFi and one each for physical LAN ports and/or similar). The network switch 810 may be either a physical or virtual switch in some instances. The network switch 810 may be a virtual switch that uses a VNF network switch to provide network switching functionality. In some cases, the gateway device 805 may include a dynamic host configuration protocol (??DHCP?) A client/server protocol that assigns Internet Protocol (‘IP?) automatically to clients and servers. addresses to the LAN, so that clients and computing devices can communicate. FIGS. 9-11 show the DHCP. FIGS. 9-11 show the DHCP (depicted as DHCP 910 c and 1010 c respectively). A function can be embodied either as a physical component, or as a Virtual DHCP. In some cases, a DHCP could be a virtual DHCP that uses a DHCP VNF in order to provide DHCP functionality. The transceiver 815 could be a virtual transceiver which uses a transceiver VNF in order to provide transceiver functionality.
“In some cases, system 800 may also include one or more clients devices 835 that can be communicatively connected to switch 810 via one or more of the client ports 820. According to some embodiments, the one or more client devices (835) might include a tablet computer 835a, a smartphone 835b, a mobile device 835c, a portable gaming system 835d, a laptop 835e, a desktop 835f, and/or other similar devices. Sometimes, the client device 835 could include a device 835g. This includes, but is not limited to, a small form pluggable (?SFP?) device, an enhanced SFP(?SFP+?) device, a compact SFP (?CSFP?) Device, a gigabit interface convertor (?GBIC?) ), a universal serial bus (?USB?) ), a universal serial bus (?USB?) One of the SFP devices, the SFP+ or CSFP devices might include at least one SFP network interface (?NID) A SFP router, SFP modem or SFP wireless access point might be included in the minimum one of these devices. One of the USB pluggable devices could include a printer, scanner, combination printer/scanner device or an external hard drive. A keyboard, mouse, drawing interface device, or mobile device would all be possible. Each of these client devices 835 would have a compatible or corresponding one of the client ports 820 that would act as an interface between the client device 835 (or any type of client device) 810 and the network switch 810.
“System 800 may also include network 840a in some cases. This might communicatively pair to the gateway device 805 via at least one transceiver, 815 and could also communicatively connect to the Internet 840b. System 800 could also include one or more network functions virtualizations (?NFV?) System 800 might also include one or more network functions virtualization (?NFV?) entities and/or a logiciell defined network (??SDN?) controller 845. One or more NFV entities may include, but not be limited to, at minimum one of a NFV resources manager 850, a network function virtualization infrastructure (?NFVI?) in some embodiments. system 855, an NFV orchestrator 860 and a NFV management (?MANO?) system 855, a NFV orchestrator 860, a NFV management and orchestration (?MANO?) 875 and/or other NFV entity 880 and/or similar. Some cases might see the inclusion of a virtual machine (?VM?) in other NFV entities 880. A macro orchestrator or domain orchestrator and/or similar might also be included in some cases. FIG. 8A shows how multiple NFV entities could communicatively partner with one another (as shown by dashed lines 885 interconnecting NFV resource manger 850, NFVI 855 and NFV orchestrator860 in FIG. 8).”
“Although FIG. “While FIG. 8A shows the one or two NFV entity(ies), 850-880, as being located within the network 840a, other embodiments may also show the entity(ies), 850-880 distributed between the gateway device 805 and the network. In some cases, the host computing system may host an instantiated network function virtualization infrastructure (?NFVI?) system. The computing system 825 may be registered with the NFV Orchestrator 860 or another NFV entity so that its capabilities can be known to the NFV Orchestrator 860 and/or the VIM 875. In some embodiments, the network switch 801 and the computing system 825 can be under the control of one or more of the NFV entities and/or SDN controller 845 (as indicated in FIG. 890 by the long-dashlines). 8A). SDN controller 845 may use a communication protocol such as OpenFlow to access the forwarding plane of a router or switch over a network.
“In certain instances, at most one of the SFP devices, the SFP+ or the CSFP devices (collectively,?SFPs) might be used. The SFPs could be used on the client side as well as the network side. In this case, the SFPs may interface with the transceiver’s corresponding ports to transfer data or communications to and from the network. 840 a Sometimes, SFPs may terminate a direct fibre or passive optical network (?PON?) in some cases. The physical layer of the network. The SFPs on the client side can be used for connecting the physical layer terminating devices to the gateway device. An SFP can be used in some embodiments in the same way as a USB port.
“An example is that the gateway device 805 may include one of the customer premises equipment (CPE) according to certain embodiments. A router, a switch or network element can be included in the gateway device 805 without limitation. One or more virtual machine-based hosts machines may include, but are not limited to, a kernel-based virtual Machine (?KVM) in some embodiments. ESX-based host machines, ESXi host machines, and/or the similar. The CPE may include at least one optical network terminal (?ONT?) in some cases. ), a network interface device (?NID? ), an enhanced NID? ), a residential gateway?RG? device, a residential gateway (?RG?) device, a business gateway (?BG?) device, which could be either a virtual gateway (?vG?) or a vRG. The gateway device may be located near or at the customer premises of a client device. In some cases, the NID might be a fiber fed terminating device or a copper fed terminating tool, or a combination of fiber-fed and copper fed terminating devices, etc. The gateway device 805 may be an integrated device that terminates both the physical layer access line (e.g., RG or BG) and the gateway. In one box or container. The gateway device 805 or one or more computing system 825 may include, but are not limited to, a VMware Host (which in some instances might consist of a bare metal/plastic hosts or a compute bus onto a node) or a Linux container (as Linux can create a virtual host? ”
“In certain cases, the transceiver (815) might include a network port (e.g. port 915a, 1015a or 1115a, as shown at FIGS. 9-11 or the equivalent. The network port may include, but is not limited to, an SFP port to which an SFP SFP or digital subscriber line (?DSL?) can be connected. Modem SFP may interface, couple, or connect to other modems. DSL Modem SFP may terminate physical DSL technologies in such cases (also known as?xDSL?). Line or similar. Other embodiments of the ONT-SFP may terminate the passive optical network or direct point to-point technologies. Some other types of SFP transceivers may also include a specific type transceiver for wireless transceivers such as 5G transceivers or LTE transceivers and/or the similar, or even cable modem transceivers. Sometimes, the network port may include at least one of the following: one or two optical SFP ports, to which fiber cables can be connected with the corresponding optical ports on an external OST, one or several copper cable-based ports to where copper cables can connect to the corresponding copper cable SFP ports, one or multiple RJ45 ports, to which copper RJ45 cables can connect to the corresponding RJ45 ports on external ONT, or the like.
“Merely to illustrate, in some embodiments the client ports 820 might each have a very fast port that can handle traffic coming from multiple client devices 835. In fact, they must be fast enough in terms network speed to handle all traffic going from the network port (e.g. network DSL port or PON port) through the external host computing device 825 b, to the gateway device 805, to the client devices and vice versa. In some embodiments, the host port 830 handles traffic to and fro the external host computing systems 825 b.
“The network switch 810, located within the gateway device 805, may route network traffic to an 825 host computing system. At least a portion is directed to client devices 835 via the 810 network switch and via a corresponding client 820 from a multitude of client ports 820. The host computing system 825 chooses one or more VNFs based at least partially on the characteristics of at least a portion the network traffic directed to the client device. In certain embodiments, the NFV orchestrator (860) or another NFV entity 850-880 may send one or more selected VNFs to host computing system 825 via the network switch 80. Alternately, or in addition, client devices 835 capable of NFV (including set-top boxes and local Internet of Things (IoT)?) might send the selected one or more VNFs to the host computing system 825 via the network switch 8010. Controllers, IoT Endpoints and/or other devices, the host computing system 825 may send one or several second VNFs to client devices 835 that are NFV-capable (which might be based upon the selected one/more VNFs, or might be different from the selected one/more VNFs). Or provide access to the one/more VNFs via the network switch 810 or corresponding client port 805. One or more of the characteristics of received network traffic may include at least one attribute of an Ethernet frame, one, or more media access controls (?MAC?) in some cases. Source addresses, one to more MAC destination addresses and one or several Internet Protocol (?) Source addresses, one to more MAC destination addresses, one of more Internet Protocol (?IP?) addresses, one, more or all of the transmission control protocols (?TCP?) addresses. Source addresses, one to more IP destination addresses, one- or more transmission control protocols (?TCP?) identifiers, one to three network protocol identifiers or one or two action instructions and/or similar.
“Some embodiments of the above described network switch 810, and host computing system 825 are controlled by a NFV entity 880-880 and/or an SDN controller 845. These entities provide network enhanced gateway functions to the gateway device. In some embodiments, the network traffic between the host computing system 825 and the network switch 810 is at least one from uni-directional, bi-directional, or split-directional network trafic that originates from one or more of the plurality 820 client ports or one or two network ports (which may couple with transceiver 805). The network traffic could be sent unidirectionally from the network side (i.e. from network 840a and received via transceiver 815) to the client side (i.e. to the client device(s), 835 via client ports 820) or vice versa. Or, alternatively or additionally, network traffic could be sent bidirectionally. Some traffic flows from the network to the client, while some traffic flows from the network to the client. Alternately, or additionally, network traffic could be sent in split-directional fashion. This means that the network traffic, or a portion thereof, is replicated and directed towards more than one destination (where destination can be on the client side or at the network side). The network traffic may originate from one or both the client or network side. A particular embodiment or set of embodiments can allow network traffic to flow to/from either the network 840a or the gateway device 805 depending on how the VNF is instantiated on the host computer system 825. A VNF can be used to block certain traffic from entering the gateway device 805 via the network 840a. A VNF could prioritize traffic in any direction. So on. In some cases, the NFV orchestrator (860) can enable or disable the functions of the 810 network switch. The functions of the 810 network switch can be disabled so that the gateway device acts as a legacy or traditional gateway and cannot run VNFs on the 825 a/or 825 B host computing systems. A subscriber-side configuration portal, or similar methods, may be used to enable the network switch to stop functioning and allow the gateway device 805 operate in legacy or traditional mode. The subscriber-side configura portal and similar methods can also be used to enable functions of the 810 network switch so that the 805 gateway device is capable of running VNFs on the 825 a or 825 b host computing systems.
“Merely to give an example, in certain embodiments, customers can either load a VNF onto a host compute platform 825 or download it from the network 840a. A customer might want to filter network traffic before it hits his or her access lines. This would save bandwidth and allow the customer to execute a local VNF after the traffic has passed through the access line. The customer may want to service VNFs from the gateway device 805 along with any other VNFs that are available on the network. Here, ?service chain? Or?service chaining? It could refer to the implementation of multiple VNFs to perform one function. It may be necessary to determine whether service chaining will be required. For example, if one VNF is needed, then no service chaining is required. If so, the system (e.g. one or more NFV entities 850-880), might determine whether service chaining can be done to provide a single network services. This could include, but is not limited to, identifying and locating each VNF that provides sub-functionalities, managing VNFs to allow them to be service chained together and the like If service chaining is necessary and two or more VNFs are service-chainable together to provide one network service, then the VNFs could be service-chained together to create a single network services. One example is that four to five VNFs, regardless of the NFV entity from which they are provided, could be service chained together in order to provide network routing functions. Similar to the above, any number or combination of VNFs from any NFV entity can be service chained together to perform any ordered or desired function. The ‘208, the ‘280 and the ‘309 application, which are already incorporated by reference in their entirety, provide more information about service chaining.
“Accordingly to some embodiments, the NFV entity may be located on either the network or gateway side (e.g. in network 840 a as shown in FIG. 8A), or in the gateway device 805, (not shown in FIG. 8A), in the gateway device 805 (not shown in FIG. 8A). A customer may want to manage his or her device directly. In this case, the portal might be made available to him. The request would be sent to the network, where the VNF controller could respond to it and configure VNFs local to the gateway 805. Alternately, or in addition, the customer may be given tools to configure local VNFs without needing to use a portal. One example is that a VNF, which is a virtual instance of a microprocessor/micro-compute resource (such a Raspberry Pi or similar compute resource), might offer such functionality. It can be loaded by the customer and/or configured when it’s not connected to the internet.
“The gateway device 805, described above, can operate on its own. The network switch 810 serves to provide in-premises connectivity between computing and/or user equipment in customer premises. (i.e. the network switch810 acts as a switch or the like). Large switch connections, such as wide area networks (?WAN), can be made in some embodiments. In some embodiments, large switch connections (e.g., wide area network (?WAN) connections), uplink type connections and/or similar can be added to 810 to serve as a service point for the local device (i.e. the gateway device 805). The gateway device 805 may be represented by a set top box or similar device. A set-top device can also be a client device that couples with the gateway 805 via a clients port 820. Large switch connections can feed all client 835 that are communicatively connected to the gateway 805 (or settop box) via the client ports 805.
“FIG. 8B is a diagram that illustrates an alternative system 800. A method for implementing network enhanced gateway functionality in accordance to various embodiments. FIGS. FIGS. 8A and 8B together are referred to as “FIG. 8.? FIG. 8B is a similar or identical embodiment to FIG. 8A except for system 800 FIG. 8B also includes one or more third-party networks 840c, which are communicatively coupled with one or both network 840a or the Internet 840b. Each of the three or more third-party networks 840c are associated with (i.e. controlled, operated, owned or managed by) a different service provider than the service provider associated to the network 840a. In certain embodiments, at most one third party network (840 a) might replicate, host or instantiate content (i.e. data content, media content and VNFs etc.). That are provided by network 840a or the Internet 840b. The network enhanced gateway device 805 can be serviced in this way (according to the embodiments described above with regard to FIG. 8 and/or the embodiments described below with regard to FIGS. 9-12) can be instantiated by network services that are available on either a private or public cloud by one of two service providers. Virtual private networks (?VPNs?) can allow network traffic to be separated across multiple networks 840. Or other network routing mechanisms. Sometimes, the network 840a and at least one third party network 840c may be located in different parts of the country. If a customer wants to take his or her network enhanced Gateway device overseas, third-party networks 840c may allow the functionality of the network 840a to be made portable.
“The embodiment system 800″ FIG. 8B would function in an identical manner to system 800 of FIG. 8A. The descriptions of various components and functions of system 800 could be applied to the descriptions for system 800’s components and functionalities. FIG. 8B.”
“FIGS. 9-11 show various implementations of network enhanced gateway functionality. FIG. FIG. 9 shows a schematic diagram of a system 900 that implements network enhanced gateway functionality in accordance to various embodiments. System 900 may provide static host connectivity in some embodiments. FIG. FIG. 10 shows a schematic diagram of a system 1000 that implements network enhanced gateway functionality in accordance to various embodiments. In some embodiments, system 1000 might be service-chaining-host-capable. FIG. FIG. 11 shows a schematic diagram of a system 1100 that implements network enhanced gateway functionality in accordance to various embodiments. System 1100 may, according to some embodiments, be used to provide network enhancement gateway functionality. However, it allows for flexible implementation and, thus, can be implemented by service providers as a standard. type of platform or node.”
“Turning towards FIG. “Turning to FIG. device 995 and/or similar. In some embodiments, the network switch 910 might include a network to network interface (?NNI?) or NNI LAN 910 a, a user network interface (?UNI?) UNI LAN 910 a, a user network interface (?UNI?) and a dynamic host setup protocol (??DHCP?) device 910 c.
“In certain embodiments, the transceiver may include a network port 915a that (as mentioned above) might provide physical ports connections. The transceiver 915 may be a virtual component that uses VNFs or similar to provide transceiver functionality. In some cases, the plurality of client ports might include at least one of several LAN ports (920a), one or two Wi-Fi ports (920b), one or multiple port controllers (920c), one or both advanced technology attachments (?ATA?) ports 920 d and one or more universal serial buses (?USB?) ports 920 e and/or similar. Sometimes, one or more ATA ports 920 d may include, but are not limited to, a serial ATA? port, an external SATA? port, an external SATA (?eSATA?) port, a mini SATA (?mSATA?) port, a mini SATA (?mSATA?) port, and/or similar. In some embodiments, the port controller 920 c might control the ATA ports 920 d or the USB ports 920 e. It might also serve as an interface between UNI 910 b and each of the ATA and USB ports 920 d.
“System 900 might further comprise one or more client devices 935 a-935 n (collectively, ?client devices 935? Each of these client devices communicatively couple to one of the client port 920. The network port 915, which communicatively couples to network 940, receives traffic from network 940 to gateway device 905 (and eventually to client device(s), 935), and then sends network traffic back to network 940 via gateway device 905 from client device(s), 935.
“In some embodiments, each one or more of the one/more computing systems (925 a) and/or one or more external computing system 925 b (collectively, “host computing systems” 925?) are controlled by one or both of these controllers. “In some embodiments, each of the one or two computing systems 925 a and/or the one or multiple external computing systems 925 b (collectively, “host computing systems 925”) can be controlled by either one or both SDN controllers 945 or one or more NVF entities 950. These are indicated by long dashe lines 990 connecting each SDN controller(s), 945 with each host computer system 925 and also connecting each one or more other NFV entities 95 with each host system 925
Click here to view the patent on Google Patents.