BigPatents India

The invention comprises three extensions of the IEEE 802.1Q VLAN bridge model. The first extension is the cryptographic separation of VLANs (28, 29) over trunk links (16). A LAN segment type referred to as an encapsulated LAN segment is introduced. All frames on such a segment are encapsulated according to an encryption and authentication code scheme. The second extension is the division of a trunk port into inbound (20, 21) and outbound ports (33, 32). The third extension is a protocol that automatically infers for each outbound port in a bridged VLAN (p3, p4), a set of LAN segment types for the port that minimizes the number of transfers between encapsulated and unencapsulated segments required to transport a frame in the bridged VLAN . (FIG. - 2)