Virtual inline configuration for a network device

US 9,100,449 B2
Filed: 07/19/2011
Issued: 08/04/2015
Est. Priority Date: 04/25/2006
Status: Active Grant

First Claim

Patent Images

1. A method for processing a packet, destined to a computing device, via a network device coupled in parallel to a router, the method comprising:

receiving, by a network device having a first internet protocol (IP) address and coupled to a plurality of routers, a packet from a first router of the plurality of routers, the packet having a second destination IP address of an intended destination computing device;

identifying, by the network device, the first router of the plurality of routers as the router that diverted the packet to the network device;

preserving, by the network device, the identification of the first router of the plurality of routers as the router that diverted the packet to the network device;

processing, by the network device, the packet while preserving the second destination IP address of the packet to specify the intended destination computing device; and

transmitting, by the network device, the processed packet to the first router for transmission to the intended destination computing device, based on the preserved identification of the first router of the plurality of routers as the router that diverted the packet to the network device, the processed packet transmitted with the second destination internet protocol (IP) address of the intended destination computing device.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A performance enhancing proxy network device is configured to operate in a virtual inline mode, in which selected network traffic is redirected to and through the network device by a router using simple routing policies. In this way, the network device can be coupled to the router in series but can still operate as if it were physically connected inline.

33 Citations

20 Claims

1. A method for processing a packet, destined to a computing device, via a network device coupled in parallel to a router, the method comprising:
- receiving, by a network device having a first internet protocol (IP) address and coupled to a plurality of routers, a packet from a first router of the plurality of routers, the packet having a second destination IP address of an intended destination computing device;
  
  identifying, by the network device, the first router of the plurality of routers as the router that diverted the packet to the network device;
  
  preserving, by the network device, the identification of the first router of the plurality of routers as the router that diverted the packet to the network device;
  
  processing, by the network device, the packet while preserving the second destination IP address of the packet to specify the intended destination computing device; and
  
  transmitting, by the network device, the processed packet to the first router for transmission to the intended destination computing device, based on the preserved identification of the first router of the plurality of routers as the router that diverted the packet to the network device, the processed packet transmitted with the second destination internet protocol (IP) address of the intended destination computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, further comprising receiving, by the network device, the packet having the second destination IP address diverted by the first router via Internet Protocol (IP) layer routing without the first router replacing the second destination IP address of the packet with the first IP address of the network device.
  - 3. The method of claim 2, further comprising diverting, by the first router, the packet according to the second destination IP address of the packet matching a policy based IP routing rule of a set of IP routing rules instead of changing the second destination IP address of the packet to the first IP address of the network device.
  - 4. The method of claim 1, further comprising sending, by the first router, the processed packet to the computing device identified by the second destination IP address.
  - 5. The method of claim 1, wherein preserving the identification of the first router further comprises preserving, by the network device, the selection of the first router from load balancing applied to the plurality of routers.
  - 6. The method of claim 1, further comprising processing, by the network device, the packet by transforming the packet.
  - 7. The method of claim 1, further comprising processing, by the network device, the packet by compressing the packet.
  - 8. The method of claim 1, further comprising receiving, by the network device, the packet diverted by the first router based on one or more of the following:
    - direction, subnet or service.
  - 9. The method of claim 1, wherein the packet is diverted to the network device without the first router changing the destination address of the packet from the second IP address of the intended destination computing device.
  - 10. The method of claim 1, wherein the network device does not change the second destination IP address of the received packet before transmitting the processed packet to the first router.
  - 11. The method of claim 1, wherein receiving the packet from the first router further comprises receiving the packet from the first router as a next hop from the router to the computing device.
  - 12. The method of claim 1, wherein the network device is deployed in a virtual inline configuration.

13. A system for processing a packet, destined to a computing device, via a network device coupled in parallel to a router, the system comprising:
- a network device having a first internet protocol (IP) address, coupled to a plurality of routers, the network device receiving a packet from a first router of the plurality of routers, the packet having a second destination internet protocol (IP) address of an intended destination computing device; and
  
  wherein the network deviceidentifies the first router of the plurality of routers as the router that diverted the packet to the network device,preserves the identification of the first router of the plurality of routers as the router that diverted the packet to the network device,processes the packet while preserving the second destination IP address of the packet to specify the intended destination computing device, andtransmits the processed packet to the first router for transmission to the intended destination computing device based on the preserved identification of the first router of the plurality of routers as the router that diverted the packet to the network device, the processed packet transmitted with the second destination internet protocol (IP) address of the intended destination computing device.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The system of claim 13, wherein the network device receives the packet having the second destination IP address diverted by the first router via Internet Protocol (IP) layer routing without the first router replacing the second destination IP address of the packet with the first IP address of the network device.
  - 15. The system of claim 14, wherein the first router diverts the packet according to the second destination IP address of the packet matching a policy based IP routing rule of a set of IP routing rules instead of changing the second destination IP address of the packet to the first IP address of the network device.
  - 16. The system of claim 13, wherein the first router transmits the processed packet to the computing device identified by the second destination IP address.
  - 17. The system of claim 13, wherein the network device preserves the identification of selection of the first router from load balancing applied to the plurality of routers.
  - 18. The system of claim 13, wherein the network device processes the packet by transforming the packet.
  - 19. The system of claim 13, wherein the network device processes the packet by compressing the packet.
  - 20. The system of claim 13, wherein the network device receives the packet diverted by the first router based on one or more of the following:
    - direction, subnet or service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citrix Systems, Inc. (Cloud Software Group)
Original Assignee
Citrix Systems, Inc. (Cloud Software Group)
Inventors
Budhani, Haseeb, Sutter, Paul G.
Primary Examiner(s)
CHO, HONG SOL

Application Number

US13/186,350
Publication Number

US 20120093156A1
Time in Patent Office

1,477 Days
Field of Search

370/230, 370/252, 370/254, 370/351, 370/389, 370/392, 370/400, 370/401
US Class Current

1/1
CPC Class Codes

H04L 12/56 Packet switching systems

H04L 67/563 Data redirection of data ne...

Virtual inline configuration for a network device

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

33 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Virtual inline configuration for a network device

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others