×

Apparatus and method for inssec packet generation

  • US 10,454,928 B2
  • Filed: 10/25/2016
  • Issued: 10/22/2019
  • Est. Priority Date: 10/25/2016
  • Status: Active Grant
First Claim
Patent Images

1. An apparatus that generates an encrypted Virtual Extensible Local Area Network (VxLAN) packet for layer-2 data center interconnect, the apparatus comprising:

  • a hardware network interface unit to send and receive packets from a network, wherein at least one of the received packets is a VxLAN based packet that at least includes;

    a Media Access Control (MAC) header, an Internet Protocol (IP) Header, either a User Datagram Protocol (UDP) header or a Transmission Control Protocol (TCP) header, a VxLAN header, a payload data, and a cyclic redundancy check (CRC);

    a processor coupled to the hardware network interface unit, wherein the processor transforms the VxLAN packet into an encrypted VxLAN packet by at least performing the steps comprising;

    encrypting the payload data of the VxLAN packet via a form of Media Access Control Security (MACSec);

    inserting a MACSec header after the UDP or TCP header of the VxLAN packet; and

    inserting an integrity check value (ICV) between the encrypted payload and the CRC of the VAAN packet, wherein the ICV is configured to cover, so as to be derived as an integrity checksum of, at least the MACSec header and the encrypted payload but not a MAC address of the MAC header.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×