Media access control address translation in virtualized environments
First Claim
1. A network device for transmitting network packets through a network security device, the network device comprising a processor configured to:
- receive a network packet from a first computing device to be sent to a second computing device over a network comprising the network security device and first and second network switches, wherein the network packet comprises a first network interface identifier for identifying the first computing device on the network and a second network interface identifier for identifying the second computing device on the network;
identify third and fourth network interface identifiers associated with the network device that, when the network packet is transmitted using the third and fourth network interface identifiers, cause the network packet to be transmitted through the network security device;
transmit the network packet from the network device over the network through the network security device using the third and fourth network interface identifiers, wherein the network packet is transmitted through the first network switch before being transmitted through the network security device, and the network packet is transmitted through the second network switch after being transmitted through the network security device; and
after the network device receives the network packet back from the network security device through the second network switch, transmit the network packet from the network device to the second computing device using the first and second network interface identifiers.
0 Assignments
0 Petitions
Accused Products
Abstract
A method and a network device are provided to transmit network packets through a network security device. The method, performed by the network device, receives a request to send a network packet from a first computing device to a second computing device over a network that includes the network device and the network security device. The network packet includes a first network interface identifier for identifying the first computing device and a second network interface identifier for identifying the second computing device. The method identifies third and fourth network interface identifiers that cause the network packet to be transmitted through the network security device. The method transmits the network packet over the network through the network security device using the third and fourth network interface identifiers. The method transmits the network packet to the second computing device using the first and second network interface identifiers.
37 Citations
20 Claims
-
1. A network device for transmitting network packets through a network security device, the network device comprising a processor configured to:
-
receive a network packet from a first computing device to be sent to a second computing device over a network comprising the network security device and first and second network switches, wherein the network packet comprises a first network interface identifier for identifying the first computing device on the network and a second network interface identifier for identifying the second computing device on the network; identify third and fourth network interface identifiers associated with the network device that, when the network packet is transmitted using the third and fourth network interface identifiers, cause the network packet to be transmitted through the network security device; transmit the network packet from the network device over the network through the network security device using the third and fourth network interface identifiers, wherein the network packet is transmitted through the first network switch before being transmitted through the network security device, and the network packet is transmitted through the second network switch after being transmitted through the network security device; and after the network device receives the network packet back from the network security device through the second network switch, transmit the network packet from the network device to the second computing device using the first and second network interface identifiers. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A network device for transmitting network packets through a network security device, the network device comprising a processor configured to:
-
receive a network packet from a first computing device to be sent to a second computing device over a network comprising the network security device and first and second network switches, the network packet comprising a first network interface identifier for identifying the first computing device on the network and a second interface identifier for identifying the second computing device on the network; send a request for a third network interface identifier and a fourth network interface identifier, wherein the third and fourth network interface identifiers are associated with the network device; modify the network packet to use the third and fourth network interface identifiers when the network packet is transmitted over the network; transmit the network packet from the network device over the network through the network security device using the third and fourth network interface identifiers, wherein the network packet is transmitted through the first network switch before being transmitted through the network security device, and the network packet is transmitted through the second network switch to the network device after being transmitted through the network security device; and transmit the network packet from the network device to the second computing device using the first and second network interface identifiers. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A first firewall for communicating network packets through a network security device that is part of a network comprising first and second firewalls, first and second switching devices, and a plurality of computing devices, each switching device coupled to the first and second firewalls and the network security device, the first firewall comprising a processor configured to:
-
receive a network packet from a first computing device coupled to the first firewall to be sent to a second computing device coupled to the second firewall, wherein the network packet comprises a first network interface identifier for identifying the first computing device on the network and a second network interface identifier for identifying the second computing device on the network; perform a first modification to the network packet by replacing the first network interface identifier with a third network interface identifier and replacing the second network interface identifier with a fourth network interface identifier, wherein the third and fourth network interface identifiers are associated with the first firewall; transmit the first modified network packet to the first switching device, wherein the first switching device forwards the first modified network packet through the network security device to the second switching device, wherein the second switching device forwards the first modified network packet to the first firewall; perform a second modification to the first modified network packet by replacing the third network interface identifier with the first network interface identifier and replacing the fourth network interface identifier with the second network interface identifier; and transmit the second modified network packet to the second computing device through the first switching device. - View Dependent Claims (17, 18, 19, 20)
-
Specification