Mechanism for enabling layer two host addresses to be shielded from the switches in a network
First Claim
1. A method performed by a border component situated at a border of a network of switches, comprising:
- receiving by the border component, from a first host, a first packet destined for a first destination host, wherein the first host has a first L2 (layer
2) address and a first L3 (layer
3) address associated therewith, and wherein the first packet includes the first L2 address as a source L2 address for the first packet, and includes the first L3 address as a source L3 address for the first packet;
deriving, by the border component, a first updated packet from the first packet, wherein deriving the first updated packet comprises replacing the first L2 address with a substitute L2 address associated with a communication channel of the border component, thereby making the substitute L2 address the source L2 address for the first updated packet;
sending, by the border component, the first updated packet to the network of switches;
receiving, from a second host, a second packet destined for a second destination host, wherein the second host has a second L2 address and a second L3 address associated therewith, and wherein the second packet includes the second L2 address as a source L2 address for the second packet, and includes the second L3 address as a source L3 address for the second packet;
deriving a second updated packet from the second packet, wherein deriving the second updated packet comprises replacing the second L2 address with the substitute L2 address, thereby making the substitute L2 address the source L2 address for the second updated packet;
sending the second updated packet to the network of switches;
receiving, from the network of switches, a third packet, wherein the third packet includes the first L3 address as a destination L3 address, and includes the substitute L2 address as a destination L2 address;
accessing a data structure, wherein the data structure comprises a first set of information that indicates an association between the first L3 address and the first L2 address;
determining, based at least partially upon the first L3 address in the third packet and the first set of information, that the destination L2 address for the third packet should be the first L2 address;
deriving a third updated packet from the third packet, wherein deriving the third updated packet comprises replacing the substitute L2 address with the first L2 address, thereby making the first L2 address the destination L2 address for the third updated packet;
sending the third updated packet to the first host;
receiving, from the network of switches, a fourth packet, wherein the fourth packet includes the second L3 address as a destination L3 address, and includes the substitute L2 address as a destination L2 address;
accessing the data structure, wherein the data structure comprises a second set of information that indicates an association between the second L3 address and the second L2 address;
determining, based at least partially upon the second L3 address in the fourth packet and the second set of information, that the destination L2 address for the fourth packet should be the second L2 address;
deriving a fourth updated packet from the fourth packet, wherein deriving the fourth updated packet comprises replacing the substitute L2 address with the second L2 address, thereby making the second L2 address the destination L2 address for the fourth updated packet; and
sending the fourth updated packet to the second host.
3 Assignments
0 Petitions
Accused Products
Abstract
A mechanism is disclosed that enables layer two host addresses (e.g. a MAC addresses) to be shielded from a network. In one implementation, the mechanism updates each packet sent by the hosts into the network to indicate that the source layer two (L2) address for that packet is a shared L2 address instead of the actual L2 address of the sending host. By doing so, the mechanism exposes only the shared L2 address to the network, and shields the actual L2 addresses of the hosts from the network. The effect of this is that the switches in the network will need to store only the shared L2 address in their forwarding tables, not the actual L2 addresses of the hosts. By reducing the number of L2 addresses that need to be stored in the forwarding tables of the switches, the mechanism improves the scalability of the network.
20 Citations
48 Claims
-
1. A method performed by a border component situated at a border of a network of switches, comprising:
-
receiving by the border component, from a first host, a first packet destined for a first destination host, wherein the first host has a first L2 (layer
2) address and a first L3 (layer
3) address associated therewith, and wherein the first packet includes the first L2 address as a source L2 address for the first packet, and includes the first L3 address as a source L3 address for the first packet;deriving, by the border component, a first updated packet from the first packet, wherein deriving the first updated packet comprises replacing the first L2 address with a substitute L2 address associated with a communication channel of the border component, thereby making the substitute L2 address the source L2 address for the first updated packet; sending, by the border component, the first updated packet to the network of switches; receiving, from a second host, a second packet destined for a second destination host, wherein the second host has a second L2 address and a second L3 address associated therewith, and wherein the second packet includes the second L2 address as a source L2 address for the second packet, and includes the second L3 address as a source L3 address for the second packet; deriving a second updated packet from the second packet, wherein deriving the second updated packet comprises replacing the second L2 address with the substitute L2 address, thereby making the substitute L2 address the source L2 address for the second updated packet; sending the second updated packet to the network of switches; receiving, from the network of switches, a third packet, wherein the third packet includes the first L3 address as a destination L3 address, and includes the substitute L2 address as a destination L2 address; accessing a data structure, wherein the data structure comprises a first set of information that indicates an association between the first L3 address and the first L2 address; determining, based at least partially upon the first L3 address in the third packet and the first set of information, that the destination L2 address for the third packet should be the first L2 address; deriving a third updated packet from the third packet, wherein deriving the third updated packet comprises replacing the substitute L2 address with the first L2 address, thereby making the first L2 address the destination L2 address for the third updated packet; sending the third updated packet to the first host; receiving, from the network of switches, a fourth packet, wherein the fourth packet includes the second L3 address as a destination L3 address, and includes the substitute L2 address as a destination L2 address; accessing the data structure, wherein the data structure comprises a second set of information that indicates an association between the second L3 address and the second L2 address; determining, based at least partially upon the second L3 address in the fourth packet and the second set of information, that the destination L2 address for the fourth packet should be the second L2 address; deriving a fourth updated packet from the fourth packet, wherein deriving the fourth updated packet comprises replacing the substitute L2 address with the second L2 address, thereby making the second L2 address the destination L2 address for the fourth updated packet; and sending the fourth updated packet to the second host. - View Dependent Claims (2)
-
-
3. A border component situated at a border of a network of switches, comprising:
-
a communication channel; and a communication manager configured to; receive, from a first host coupled to the communication channel, a first packet destined for a first destination host, wherein the first host has a first L2 (layer
2) address and a first L3 (layer
3) address associated therewith, and wherein the first packet includes the first L2 address as a source L2 address for the first packet, and includes the first L3 address as a source L3 address for the first packet;derive a first updated packet from the first packet, wherein deriving the first updated packet comprises replacing the first L2 address with a substitute L2 address associated with the communication channel, thereby making the substitute L2 address the source L2 address for the first updated packet; send, via the communication channel, the first updated packet to the network of switches; receive, from a second host coupled to the communication channel, a second packet destined for a second destination host, wherein the second host has a second L2 address and a second L3 address associated therewith, and wherein the second packet includes the second L2 address as a source L2 address for the second packet, and includes the second L3 address as a source L3 address for the second packet; derive a second updated packet from the second packet, wherein deriving the second updated packet comprises replacing the second L2 address with the substitute L2 address, thereby making the substitute L2 address the source L2 address for the second updated packet; send, via the communication channel, the second updated packet to the network of switches; receive, from the network of switches via the communication channel, a third packet, wherein the third packet includes the first L3 address as a destination L3 address, and includes the substitute L2 address as a destination L2 address; access a data structure, wherein the data structure comprises a first set of information that indicates an association between the first L3 address and the first L2 address; determine, based at least partially upon the first L3 address in the third packet and the first set of information, that the destination L2 address for the third packet should be the first L2 address; derive a third updated packet from the third packet, wherein deriving the third updated packet comprises replacing the substitute L2 address with the first L2 address, thereby making the first L2 address the destination L2 address for the third updated packet; send, via the communication channel, the third updated packet to the first host; receive, from the network of switches via the communication channel, a fourth packet, wherein the fourth packet includes the second L3 address as a destination L3 address, and includes the substitute L2 address as a destination L2 address; access the data structure, wherein the data structure comprises a second set of information that indicates an association between the second L3 address and the second L2 address; determine, based at least partially upon the second L3 address in the fourth packet and the second set of information, that the destination L2 address for the fourth packet should be the second L2 address; derive a fourth updated packet from the fourth packet, wherein deriving the fourth updated packet comprises replacing the substitute L2 address with the second L2 address, thereby making the second L2 address the destination L2 address for the fourth updated packet; and send, via the communication channel, the fourth updated packet to the second host. - View Dependent Claims (4)
-
-
5. A method performed by a border component situated at a border of a network of switches, comprising:
-
receiving, by the border component, from a first host, a first request packet requesting a L2 (layer
2) address for a first target host, wherein the first host has a first L2 address and a first L3 (layer
3) address associated therewith, wherein the first target host has a first target L3 address associated therewith, and wherein the first request packet includes the first L2 as a source L2 address, includes the first L3 address as a sending L3 address, includes the first target L3 address as a target L3 address, and includes an indication that the first request packet is to be broadcasted;obtaining, by the border component, the first L2 address and the first L3 address associated with the first host from the first request packet; updating, by the border component, a data structure to include a first set of information indicating an association between the first L3 address and the first L2 address; deriving, by the border component, a first updated request packet from the first request packet, wherein deriving the first updated request packet comprises replacing the first L2 address with a substitute L2 address associated with a communication channel of the border component, thereby making the substitute L2 address the source L2 address for the first updated request packet; sending, by the border component, the first updated request packet to the network of switches to be broadcasted throughout the network of switches; receiving, from a second host, a second request packet requesting a L2 address for a second target host, wherein the second host has a second L2 address and a second L3 address associated therewith, wherein the second target host has a second target L3 address associated therewith and wherein the second request packet includes the second L2 address as a source L2 address, includes the second L3 address as a sending L3 address, includes the second target L3 address as a target L3 address and includes an indication that the second request packet is to be broadcasted; obtaining the second L2 address and the second L3 address associated with the second host from the second request packet; updating the data structure to include a second set of information indicating an association between the second L3 address and the second L2 address; deriving a second updated request packet from the second request packet, wherein deriving the second updated request packet comprises replacing the second L2 address with the substitute L2 address associated with the communication channel of the border component, thereby making the substitute L2 address the source L2 address for the second updated request packet; sending the second updated request packet to the network of switches to be broadcasted throughout the network of switches; receiving, from the network of switches, a first reply packet which is a reply to the first updated request packet, wherein the first reply packet includes the first L3 address, includes the substitute L2 address as a destination L2 address, includes the first target L3 address, and includes a first requested L2 address for the first target host; accessing the data structure; determining, based at least partially upon the first L3 address in the first reply packet and the first set of information in the data structure, that the destination L2 address for the first reply packet should be the first L2 address; deriving a first updated reply packet from the first reply packet, wherein deriving the first updated reply packet comprises replacing the substitute L2 address with the first L2 address, thereby making the first L2 address the destination L2 address for the first updated reply packet; and sending the first updated reply packet to the first host. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
-
-
13. A border component situated at a border of a network of switches, comprising:
-
a communication channel; and a communication manager configured to; receive, from a first host coupled to the communication channel, a first request packet requesting a L2 (layer
2) address for a first target host, wherein the first host has a first L2 address and a first L3 (layer
3) address associated therewith, wherein the first target host has a first target L3 address associated therewith, and wherein the first request packet includes the first L2 address as a source L2 address, includes the first L3 address as a sending L3 address, includes the first target L3 address as a target L3 address, and includes an indication that the first request packet is to be broadcasted;obtain the first L2 address and the first L3 address associated with the first host from the first request packet; update a data structure to include a first set of information indicating an association between the first L3 address and the first L2 address; derive a first updated request packet from the first request packet, wherein deriving the first updated request packet comprises replacing the first L2 address with a substitute L2 address associated with a communication channel of the border component, thereby making the substitute L2 address the source L2 address for the first updated request packet; send, via the communication channel, the first updated request packet to the network of switches to be broadcasted throughout the network of switches; receive, from a second host coupled to the communication channel, a second request packet requesting a L2 address for a second target host, wherein the second host has a second L2 address and a second L3 address associated therewith, wherein the second target host has a second target L3 address associated therewith, and wherein the second request packet includes the second L2 address as a source L2 address, includes the second L3 address as a sending L3 address, includes the second target L3 address as a target L3 address, and includes an indication that the second request packet is to be broadcasted; obtain the second L2 address and the second L3 address associated with the second host from the second request packet; update the data structure to include a second set of information indicating an association between the second L3 address and the second L2 address; derive a second updated request packet from the second request packet, wherein deriving the second updated request packet comprises replacing the second L2 address with the substitute L2 address associated with the communication channel of the border component, thereby making the substitute L2 address the source L2 address for the second updated request packet; send, via the communication channel, the second updated request packet to the network of switches to be broadcasted throughout the network of switches; receive, from the network of switches via the communication channel, a first reply packet which is a reply to the first updated request packet, wherein the first reply packet includes the first L3 address, includes the substitute L2 address as a destination L2 address, includes the first target L3 address, and includes a first requested L2 address for the first target host; access the data structure; determine, based at least partially upon the first L3 address in the first reply packet and the first set of information in the data structure, that the destination L2 address for the first reply packet should be the first L2 address; derive a first updated reply packet from the first reply packet, wherein deriving the first updated reply packet comprises replacing the substitute L2 address with the first L2 address, thereby making the first L2 address the destination L2 address for the first updated reply packet; and send, via the communication channel, the first updated reply packet to the first host. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
21. A method performed by a border component situated at a border of a network of switches, comprising:
-
receiving, by the border component, from the network of switches via a communication channel, a request packet requesting a L2 (layer
2) address for a target host, wherein the target host has a first target L3 (layer
3) address associated therewith, and wherein the request packet includes a first L2 address as a source L2 address, includes a first L3 address as a sending L3 address, includes the first target L3 address as the L3 address for the target host for which a requested L2 address is being requested, includes an indication as to whether the request packet is a standard or non-standard address request packet, and includes an indication that the request packet is to be broadcasted;determining, by the border component, whether the request packet is a standard address request packet; in response to a determination, by the border component, that the request packet is a standard address request packet; broadcasting, by the border component, the request packet to all hosts coupled to the communication channel; receiving, by the border component, a first reply packet from the target host, wherein the target host has a target host L2 address associated therewith, and wherein the first reply packet includes the first L3 address, includes the first L2 address as a destination address, includes the first target L3 address, includes the target host L2 address as the requested L2 address for the target host, and includes the target host L2 address as a source L2 address; deriving, by the border component, a first updated reply packet from the first reply packet, wherein deriving the first updated reply packet comprises replacing the target host L2 address with a substitute L2 address associated with the communication channel, thereby making the substitute L2 address the requested L2 address for the target host, and making the substitute L2 address the source L2 address for the first updated reply packet; and sending, by the border component, the first updated reply packet to the network of switches via the communication channel; in response to a determination, by the border component, that the request packet is a non-standard address request packet; determining, by the border component, whether the target host is a host that is coupled to the communication channel; in response to a determination that the target host is a host that is coupled to the communication channel, deriving, by the border component, a second reply packet from the request packet, wherein deriving the second reply packet comprises replacing the first L2 address with the substitute L2 address associated with the communication channel, thereby making the substitute L2 address the source L2 address for the second reply packet, inserting substitute L2 address into the second reply packet to represent the requested L2 address for the target host, and making the first L2 address the destination L2 address for the second reply packet; and sending, by the border component, the second reply packet to the network of switches via the communication channel. - View Dependent Claims (22, 23, 24, 25, 26)
-
-
27. A border component situated at a border of a network of switches, comprising:
-
a communication channel; and a communication manager configured to; receive, from the network of switches via the communication channel, a request packet requesting a L2 (layer
2) address for a target host, wherein the target host has a first target L3 (layer
3) address associated therewith, and wherein the request packet includes a first L2 address as a source L2 address, includes a first L3 address as a sending L3 address, includes the first target L3 address as the L3 address for the target host for which a requested L2 address is being requested, includes an indication as to whether the request packet is a standard or non-standard address request packet, and includes an indication that the request packet is to be broadcasted;determine whether the request packet is a standard address request packet; in response to a determination that the request packet is a standard address request packet; broadcast the request packet to all hosts coupled to the communication channel; receive a first reply packet from the target host, wherein the target host has a target host L2 address associated therewith, and wherein the first reply packet includes the first L3 address, includes the first L2 address as a destination address, includes the first target L3 address, includes the target host L2 address as the requested L2 address for the target host, and includes the target host L2 address as a source L2 address; derive a first updated reply packet from the first reply packet, wherein deriving the first updated reply packet comprises replacing the target host L2 address with a substitute L2 address associated with the communication channel, thereby making the substitute L2 address the requested L2 address for the target host, and making the substitute L2 address the source L2 address for the first updated reply packet; and send the first updated reply packet to the network of switches via the communication channel; in response to a determination that the request packet is a non-standard address request packet; determine whether the target host is a host that is coupled to the communication channel; in response to a determination that the target host is a host that is coupled to the communication channel, derive an updated request packet from the request packet, wherein deriving updated request packet comprises including an indication in the updated request packet that the updated request packet is a standard address request packet; send the updated request packet to the target host; receive a second reply packet from the target host, wherein the second reply packet includes the first L3 address, includes the first L2 address as a destination address, includes the first target L3 address, includes the target host L2 address as the requested L2 address for the target host, and includes the target host L2 address as a source L2 address; derive a second updated reply packet from the second reply packet, wherein deriving the second updated reply packet comprises replacing the target host L2 address with the substitute L2 address associated with the communication channel, thereby making substitute L2 address the requested L2 address for the target host, and making the substitute L2 address the source L2 address for the second updated reply packet; and send the second updated reply packet to the network of switches via the communication channel. - View Dependent Claims (28, 29, 30, 31, 32)
-
-
33. A method performed by a border component situated at a border of a network of switches, comprising:
-
receiving, by the border component, from a first host, a first request packet requesting a L2 (layer
2) address for a first target host, wherein the first host has a first L2 address and a first L3 (layer
3) address associated therewith, wherein the first target host has a first target L3 address associated therewith, and wherein the first request packet includes the first L2 address as a source L2 address, includes the first L3 address as a sending L3 address, includes the first target L3 address as a target L3 address, and includes an indication that the first request packet is to be broadcasted;obtaining, by the border component, the first L2 address and the first L3 address associated with the first host from the first request packet; updating, by the border component, a data structure to include a first set of information indicating an association between the first L3 address and the first L2 address; deriving, by the border component, a first updated request packet from the first request packet, wherein deriving the first updated request packet comprises replacing the first L2 address with a substitute L2 address associated with a communication channel of the border component, thereby making the substitute L2 address the source L2 address for the first updated request packet; sending, by the border component, the first updated request packet to the network of switches to be broadcasted throughout the network of switches; wherein the first request packet includes an indication that the first request packet is a standard address request packet, and wherein deriving the first updated request packet further comprises including in the first updated request packet an indication that the first updated request packet is a non-standard address request packet; and receiving, from the first host, a second request packet requesting a L2 address for the first target host, wherein the second request packet includes the first L2 address as a source L2 address, includes the first L3 address as a sending L3 address, includes the first target L3 address as a target L3 address, includes an indication that the second request packet is a standard address request packet, and includes an indication that the second request packet is to be broadcasted; determining that the second request packet is a second request from the first host for a L2 address for the first target host, thereby determining that the first host has not received a reply to the first updated request packet; in response to a determination that the first host has not received a reply to the first updated request packet, deriving a second updated request packet from the second request packet, wherein deriving the second updated request packet comprises replacing the first L2 address with the substitute L2 address associated with the communication channel of the border component, thereby making the substitute L2 address the source L2 address for the second updated request packet, and wherein deriving the second updated request packet does not comprise including an indication in the second updated request packet that the second updated packet is a non-standard address request packet; and sending the second updated request packet to the network of switches to be broadcasted throughout the network of switches. - View Dependent Claims (34, 35, 36, 37, 38)
-
-
39. A border component situated at a border of a network of switches, comprising:
-
a communication channel; and a communication manager configured to; receive, from a first host coupled to the communication channel, a first request packet requesting a L2 (layer
2) address for a first target host, wherein the first host has a first L2 address and a first L3 (layer
3) address associated therewith, wherein the first target host has a first target L3 address associated therewith, and wherein the first request packet includes the first L2 address as a source L2 address, includes the first L3 address as a sending L3 address, includes the first target L3 address as a target L3 address, and includes an indication that the first request packet is to be broadcasted;obtain the first L2 address and the first L3 address associated with the first host from the first request packet; update a data structure to include a first set of information indicating an association between the first L3 address and the first L2 address; derive a first updated request packet from the first request packet, wherein deriving the first updated request packet comprises replacing the first L2 address with a substitute L2 address associated with a communication channel of the border component, thereby making the substitute L2 address the source L2 address for the first updated request packet; send, via the communication channel, the first updated request packet to the network of switches to be broadcasted throughout the network of switches; wherein the first request packet includes an indication that the first request packet is a standard address request packet, and wherein deriving the first updated request packet further comprises including in the first updated request packet an indication that the first updated request packet is a non-standard address request packet; receive, from the first host coupled to the communication channel, a second request packet requesting a L2 address for the first target host, wherein the second request packet includes the first L2 address as a source L2 address, includes the first L3 address as a sending L3 address, includes the first target L3 address as a target L3 address, includes an indication that the second request packet is a standard address request packet, and includes an indication that the second request packet is to be broadcasted; determine that the second request packet is a second request from the first host for a L2 address for the first target host, thereby determining that the first host has not received a reply to the first updated request packet; derive, in response to a determination that the first host has not received a reply to the first updated request packet, a second updated request packet from the second request packet, wherein deriving the second updated request packet comprises replacing the first L2 address with the substitute L2 address associated with the communication channel of the border component, thereby making the substitute L2 address the source L2 address for the second updated request packet, and wherein deriving the second updated request packet does not comprise including an indication in the second updated request packet that the second updated packet is a non-standard address request packet; and send, via the communication channel, the second updated request packet to the network of switches to be broadcasted throughout the network of switches. - View Dependent Claims (40, 41, 42, 43, 44)
-
-
45. A method performed by a border component situated at a border of a network of switches, comprising:
-
receiving, by the border component from the network of switches via a communication channel, a request packet requesting a L2 (layer
2) address for a target host, wherein the target host has a first target L3 (layer
3) address associated therewith, and wherein the request packet includes a first L2 address as a source L2 address, includes a first L3 address as a sending L3 address, includes the first target L3 address as the L3 address for the target host for which a requested L2 address is being requested, includes an indication as to whether the request packet is a standard or non-standard address request packet, and includes an indication that the request packet is to be broadcasted;determining, by the border component, whether the request packet is a standard address request packet; in response to a determination, by the border component, that the request packet is a standard address request packet; broadcasting, by the border component, the request packet to all hosts coupled to the communication channel; receiving, by the border component, a first reply packet from the target host, wherein the target host has a target host L2 address associated therewith, and wherein the first reply packet includes the first L3 address, includes the first L2 address as a destination address, includes the first target L3 address, includes the target host L2 address as the requested L2 address for the target host, and includes the target host L2 address as a source L2 address; deriving, by the border component, a first updated reply packet from the first reply packet, wherein deriving the first updated reply packet comprises replacing the target host L2 address with a substitute L2 address associated with the communication channel, thereby making the substitute L2 address the requested L2 address for the target host, and making the substitute L2 address the source L2 address for the first updated reply packet; and sending, by the border component, the first updated reply packet to the network of switches via the communication channel; in response to a determination, by the border component, that the request packet is a non-standard address request packet; determining, by the border component, whether the target host is a host that is coupled to the communication channel; in response to a determination, by the border component, that the target host is a host that is coupled to the communication channel, deriving an updated request packet from the request packet, wherein deriving the updated request packet comprises including an indication in the updated request packet that the updated request packet is a standard address request packet; sending, by the border component, the updated request packet to the target host; receiving, by the border component, a second reply packet from the target host, wherein the second reply packet includes the first L3 address, includes the first L2 address as a destination address, includes the first target L3 address, includes the target host L2 address as the requested L2 address for the target host, and includes the target host L2 address as a source L2 address; deriving, by the border component, a second updated reply packet from the second reply packet, wherein deriving the second updated reply packet comprises replacing the target host L2 address with the substitute L2 address associated with the communication channel, thereby making the substitute L2 address the requested L2 address for the target host, and making the substitute L2 address the source L2 address for the second updated reply packet; and sending, by the border component, the second updated reply packet to the network of switches via the communication channel. - View Dependent Claims (46, 47, 48)
-
Specification