Media access control address translation in virtualized environments
First Claim
1. A method for transmitting network packets through a network security device, the method comprising:
- receiving, with a network device, a network packet from a first computing device to be sent to a second computing device over a network comprising the network security device and first and second network switches, wherein the network packet comprises a first network interface identifier for identifying the first computing device on the network and a second network interface identifier for identifying the second computing device on the network;
identifying third and fourth network interface identifiers associated with the network device that, when the network packet is transmitted using the third and fourth network interface identifiers, cause the network packet to be transmitted through the network security device;
transmitting the network packet from the network device over the network through the network security device using the third and fourth network interface identifiers, wherein the network packet is transmitted through the first network switch before being transmitted through the network security device, and the network packet is transmitted through the second network switch after being transmitted through the network security device; and
after the network device receives the network packet back from the network security device through the second network switch, transmitting the network packet from the network device to the second computing device using the first and second network interface identifiers.
1 Assignment
0 Petitions
Accused Products
Abstract
A method is provided that transmits network packets through a network security device. The method receives a request to send a network packet from a first computing device to a second computing device over a network that includes the network security device. The network packet includes a first network interface identifier for identifying the first computing device and a second network interface identifier for identifying the second computing device. The method identifies third and fourth network interface identifiers that cause the network packet to be transmitted through the network security device when the network packet is transmitted using the third and fourth network interface identifiers. The method transmits the network packet over the network through the network security device using the third and fourth network interface identifiers. The method transmits the network packet to the second computing device using the first and second network interface identifiers.
35 Citations
32 Claims
-
1. A method for transmitting network packets through a network security device, the method comprising:
-
receiving, with a network device, a network packet from a first computing device to be sent to a second computing device over a network comprising the network security device and first and second network switches, wherein the network packet comprises a first network interface identifier for identifying the first computing device on the network and a second network interface identifier for identifying the second computing device on the network; identifying third and fourth network interface identifiers associated with the network device that, when the network packet is transmitted using the third and fourth network interface identifiers, cause the network packet to be transmitted through the network security device; transmitting the network packet from the network device over the network through the network security device using the third and fourth network interface identifiers, wherein the network packet is transmitted through the first network switch before being transmitted through the network security device, and the network packet is transmitted through the second network switch after being transmitted through the network security device; and after the network device receives the network packet back from the network security device through the second network switch, transmitting the network packet from the network device to the second computing device using the first and second network interface identifiers. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method for transmitting network packets through a network security device, the method comprising:
-
receiving, with a first network device, a network packet from a first computing device to be sent to a second computing device over a network comprising the network security device and first and second network switches, the network packet comprising a first network interface identifier for identifying the first computing device on the network and a second interface identifier for identifying the second computing device on the network; sending, from the first network device, a request for a third network interface identifier and a fourth network interface identifier, wherein the third and fourth network interface identifiers are associated with the first network device; modifying, with the first network device, the network packet to use the third and fourth network interface identifiers when the network packet is transmitted over the network; transmitting the network packet from the first network device over the network through the network security device using the third and fourth network interface identifiers, wherein the network packet is transmitted through the first network switch before being transmitted through the network security device, and the network packet is transmitted through the second network switch to the first network device after being transmitted through the network security device; and transmitting the network packet from the first network device to the second computing device using the first and second network interface identifiers. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A method for communicating network packets through a network security device that is part of a network comprising first and second firewalls, first and second switching devices, and a plurality of computing devices, each switching device coupled to the first and second firewalls and the network security device, the method comprising:
-
at the first firewall, receiving a network packet from a first computing device coupled to the first firewall to be sent to a second computing device coupled to the second firewall, wherein the network packet comprises a first network interface identifier for identifying the first computer on the network and a second network interface identifier for identifying the second computer on the network; at the first firewall, performing a first modification to the network packet by replacing the first network interface identifier with a third network interface identifier and replacing the second network interface identifier with a fourth network interface identifier, wherein the third and fourth network interface identifiers are associated with the first firewall; from the first firewall, transmitting the first modified network packet to the first switching device, wherein the first switching device forwards the first modified network packet through the network security device to the second switching device, wherein the second switching device forwards the first modified network packet to the first firewall; at the first firewall, performing a second modification to the first modified network packet by replacing the third network interface identifier with the first network interface identifier and replacing the fourth network interface identifier with the second network interface identifier; and from the first firewall, transmitting the second modified network packet to the second computing device through the first switching device. - View Dependent Claims (28, 29, 30, 31, 32)
-
Specification