Source address translation in overlay networks
First Claim
1. A method comprising:
- receiving, at a first access switch in an overlay network, an encapsulated packet from a tunnel endpoint in the overlay network, the encapsulated packet originating from a host associated with the tunnel endpoint and encapsulated at the tunnel endpoint with a first source tunnel endpoint address and a destination tunnel endpoint address of a second access switch in the overlay network;
replacing the first source tunnel endpoint address in the encapsulated packet with a second source tunnel endpoint address of the first access switch to yield a translated packet;
transmitting the translated packet from the first access switch towards the destination tunnel endpoint address; and
recording, in a translation table at the first access switch, an association between the host and the first source tunnel endpoint address;
wherein the second access switch is configured to forward the translated packet to a second tunnel endpoint associated with the second access switch.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods, and non-transitory computer-readable storage media for translating source addresses in an overlay network. An access switch in an overlay network, such as a VXLAN, may receive an encapsulated packet from a tunnel endpoint in the overlay network. The encapsulated packet may originate from a host associated with the tunnel endpoint and be encapsulated at the tunnel endpoint with a first source tunnel endpoint address and a destination tunnel endpoint address. The access switch may replace the first source tunnel endpoint address in the encapsulated packet with a second source tunnel endpoint address of the access switch to yield a translated packet. The access switch may then transmit the translated packet towards the destination tunnel endpoint address.
-
Citations
18 Claims
-
1. A method comprising:
-
receiving, at a first access switch in an overlay network, an encapsulated packet from a tunnel endpoint in the overlay network, the encapsulated packet originating from a host associated with the tunnel endpoint and encapsulated at the tunnel endpoint with a first source tunnel endpoint address and a destination tunnel endpoint address of a second access switch in the overlay network; replacing the first source tunnel endpoint address in the encapsulated packet with a second source tunnel endpoint address of the first access switch to yield a translated packet; transmitting the translated packet from the first access switch towards the destination tunnel endpoint address; and recording, in a translation table at the first access switch, an association between the host and the first source tunnel endpoint address; wherein the second access switch is configured to forward the translated packet to a second tunnel endpoint associated with the second access switch. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
a processor; and a non-transitory computer-readable storage medium having stored therein instructions which, when executed by the processor, cause the processor to perform operations comprising; receiving, at first access switch in an overlay network, an encapsulated packet from a tunnel endpoint in the overlay network, the encapsulated packet originating from a host associated with the tunnel endpoint and encapsulated at the tunnel endpoint with a first source tunnel endpoint address and a destination tunnel endpoint address of a second access switch of the overlay network; replacing the first source tunnel endpoint address in the encapsulated packet with a second source tunnel endpoint address of the first access switch to yield a translated packet; transmitting the translated packet from the first access switch towards the destination tunnel endpoint address; and recording, in a translation table at the first access switch, an association between the host and the first source tunnel endpoint address; wherein the second access switch is configured to forward the translated packet to a second tunnel endpoint associated with the second access switch. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable storage medium having stored therein instructions which, when executed by a processor, cause the processor to perform operations comprising:
-
receiving, at a first access switch in an overlay network, an encapsulated packet being destined for a host, the encapsulated packet having a first destination tunnel endpoint address for the access switch and a destination host address for the host, the first destination tunnel endpoint address provided by a second access switch; determining that the host is associated with a tunnel endpoint by using a translation table that stores an association between the destination host address and a second destination tunnel endpoint address of the tunnel endpoint; replacing the first destination tunnel endpoint address in the encapsulated packet with the second destination tunnel endpoint address to yield a translated packet; transmitting the translated packet from the first access switch to the tunnel endpoint; and recording, in a translation table at the first access switch, an association between the host and the first destination tunnel endpoint address; wherein the second access switch is configured to receive the encapsulated packet from a second tunnel endpoint associated with the second access switch. - View Dependent Claims (16, 17, 18)
-
Specification