| 发明名称 | Enhanced high availability for group VPN in broadcast environment | ||
| 摘要 | A light-weight resilient mechanism is used to synchronize server secure keying data with member devices in a highly-scalable distributed group virtual private network (VPN). A server device generates an initial secure keying data set, for the VPN, that includes a first version identifier, and sends, to member devices and via point-to-point messages, the secure keying data set. The server device sends, to the member devices, heartbeat push messages including the first version identifier. The server device generates an updated secure keying data set with a second version identifier and sends, to the member devices, a key push message that includes the updated data set. The server device sends, to the member devices, heartbeat push messages including the second version identifier. Member devices may use the first and second version identifiers to confirm that secure keying data sets are current and quickly identify if updates are missed. | ||
| 申请公布号 | US8879734(B2) | 申请公布日期 | 2014.11.04 |
| 申请号 | US201313874053 | 申请日期 | 2013.04.30 |
| 申请人 | Juniper Networks, Inc. | 发明人 | Ng Anthony;Chao Chih-Wei;Melam Nagavenkata Suresh;Maheshwari Nilesh Kumar |
| 分类号 | H04L9/00;H04L9/08;H04L12/26;H04L29/06 | 主分类号 | H04L9/00 |
| 代理机构 | Harrity & Harrity, LLP | 代理人 | Harrity & Harrity, LLP |
| 主权项 | 1. A method comprising: receiving, by a device and from a server device, an initial data set, the initial data set including a first version identifier; monitoring, by the device, heartbeat messages received from the server device; determining, by the device and based on monitoring the heartbeat messages, a number of missed heartbeat messages; determining, by the device, if the number of missed heartbeat messages exceeds a threshold value; determining, by the device and when the number of missed heartbeat messages does not exceed the threshold value, if at least one of the heartbeat messages includes a second version identifier, the first version identifier being different than the second version identifier; receiving, by the device and when the at least one of the heartbeat messages does not include a second version identifier, an updated data set, the updated data set including an updated version identifier; determining, the device and when the updated version identifier is newer than the first version identifier, if the updated version identifier is a particular increment higher than the first version identifier; discarding, by the device and when the updated version identifier is not newer than the first version identifier, the updated data set; and transmitting, by the device and when the updated data set is different than the initial data set, a registration request to the server device. | ||
| 地址 | Sunnyvale CA US | ||