Multi-Tenant NATting for Segregating Traffic Through a Cloud Service
First Claim
1. An apparatus configured to perform multi-tenant NATting for segregating customer traffic through a cloud service, the apparatus including:
- a memory;
one or more network interfaces;
one or more processors; and
computer program code stored on a non-transitory storage medium, the computer program code including computer-readable instructions operative, when executed, to cause the one or more processors toperform network address translation (NAT) on first and second data packets as they are transmitted between the cloud service and a plurality of subnets, the NAT being performed to translate each of a plurality of first private network IP addresses from the plurality of subnets into a second private network IP address for use within the cloud service after said first data packets are received from the plurality of subnets and to translate the second private network IP address back into a corresponding one of the plurality of first private network IP addresses before said second data packets are sent to the plurality of subnets; and
perform network address and port translation (NAPT) on the first and second data packets as they are transmitted between the cloud service and one or more remote hosts, the NAPT being performed to translate a first public network IP address for the one more remote hosts into the second private network IP address after said second data packets are received from the one or more remote hosts and to translate the second private network IP address into a second public network IP address for the cloud service before sending said first data packets to the one or more remote hosts.
8 Assignments
0 Petitions
Accused Products
Abstract
An apparatus, system, and method for segregating customer traffic through a cloud service are disclosed. The apparatus, system, and method perform network address translation (NAT) on first data packets received from a subnet to translate a first private network IP address into a second private network IP addresses, perform network address and port translation (NAPT) on the first data packets to translate the second private network IP address into a second public network IP address before sending the first data packets to a remote host, perform NAPT on second data packets received from the remote host to translate the second private network IP address back into the first private network IP address, and perform NAT on the second data packets to translate the second private network IP address back into the first private network IP address before sending the second data packets to the subnet.
-
Citations
20 Claims
-
1. An apparatus configured to perform multi-tenant NATting for segregating customer traffic through a cloud service, the apparatus including:
-
a memory; one or more network interfaces; one or more processors; and computer program code stored on a non-transitory storage medium, the computer program code including computer-readable instructions operative, when executed, to cause the one or more processors to perform network address translation (NAT) on first and second data packets as they are transmitted between the cloud service and a plurality of subnets, the NAT being performed to translate each of a plurality of first private network IP addresses from the plurality of subnets into a second private network IP address for use within the cloud service after said first data packets are received from the plurality of subnets and to translate the second private network IP address back into a corresponding one of the plurality of first private network IP addresses before said second data packets are sent to the plurality of subnets; and perform network address and port translation (NAPT) on the first and second data packets as they are transmitted between the cloud service and one or more remote hosts, the NAPT being performed to translate a first public network IP address for the one more remote hosts into the second private network IP address after said second data packets are received from the one or more remote hosts and to translate the second private network IP address into a second public network IP address for the cloud service before sending said first data packets to the one or more remote hosts. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of performing multi-tenant NATting for segregating customer traffic through a cloud service, the method comprising the steps of:
-
performing network address translation (NAT) on first data packets to translate a plurality of different first private network IP addresses into a plurality of different second private network IP addresses, each of the second private network IP addresses being assigned based on a subnet and a first private network IP address from which the corresponding first data packets were received; performing network address and port translation (NAPT) on the first data packets to translate each of the plurality of different second private network IP addresses into a first public network IP address for the cloud service; and sending the NATted and NAPTed first data packets to one or more remote hosts. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification