Methods and systems for hairpins in virtual networks
First Claim
1. A method for enabling communication between a first processor and a second processor using at least one additional processor separate from the first processor and the second processor, wherein one or more firewalls selectively restrict the communication, the method comprising:
- determining at the first processor, that a hairpin between the first and second processors is required for communicating with the second processor;
determining, at the at least one additional processor, whether the first and second processors mutually consent to enabling the hairpin between the first and second processors;
providing, by the at least one additional processor, to the first processor a first information identifying the hairpin and to the second processor a second information identifying the hairpin, when the at least one additional processor determines that the first and second processors mutually consent to the hairpin;
establishing a first information flow from the first processor to the hairpin based on the provided first information;
establishing a second information flow from the second processor to the hairpin based on the provided second information; and
forwarding, at the hairpin, the first information flow received from the first processor to the second processor such that the communication between the first and second processors is allowed by the one or more firewalls.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems are provided for enabling communication between a first processor and a second processor using at least one additional processor separate from the first and second processors, wherein one or more firewalls selectively restrict the communication. In one embodiment, the additional processor may determine whether the first and second processors mutually consent to enabling a hairpin between the first and second processors. The first processor may be provided with a first information identifying the hairpin and the second processor may be provided with a second information identifying the hairpin, when the additional processor may determine that the first and second processors mutually consent to the hairpin. Moreover, a first information flow may be established from the first processor to the hairpin based on the provided first information, and a second information flow may be established from the second processor to the hairpin based on the provided second information. The hairpin may forward the first information flow received from the first processor to the second processor such that the communication between the first and second processors is allowed by the firewalls.
131 Citations
30 Claims
-
1. A method for enabling communication between a first processor and a second processor using at least one additional processor separate from the first processor and the second processor, wherein one or more firewalls selectively restrict the communication, the method comprising:
-
determining at the first processor, that a hairpin between the first and second processors is required for communicating with the second processor;
determining, at the at least one additional processor, whether the first and second processors mutually consent to enabling the hairpin between the first and second processors;
providing, by the at least one additional processor, to the first processor a first information identifying the hairpin and to the second processor a second information identifying the hairpin, when the at least one additional processor determines that the first and second processors mutually consent to the hairpin;
establishing a first information flow from the first processor to the hairpin based on the provided first information;
establishing a second information flow from the second processor to the hairpin based on the provided second information; and
forwarding, at the hairpin, the first information flow received from the first processor to the second processor such that the communication between the first and second processors is allowed by the one or more firewalls. - View Dependent Claims (2, 3, 4, 5, 6, 16, 24, 25, 26, 27, 28)
-
-
7. A method for enabling communication between a first processor and a second processor using at least one additional processor separate from the first and second processors, wherein one or more firewalls selectively restrict the communication between the first and second processors, said method comprising:
-
receiving, at the at least one additional processor, a first request from the first processor for a hairpin, when the first processor determines that the one or more firewalls restrict the communication between the first and second processors;
receiving, at the at least one additional processor, a second request from the second processor for the hairpin, when the second processor determines that the one or more firewalls restrict the communication between the first and second processors;
authorizing, at the at least one additional processor, a first port at the hairpin and a second port at the hairpin, when each of the first and second processors consents to enabling the hairpin;
allocating the first port for the first processor and the second port for the second processor; and
forwarding, at the hairpin, one or more packets received at the first port from the first processor to the second port such that the communication between the first and second processors is allowed by one or more firewalls. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 17, 18, 19)
-
-
20. A system for enabling communication between a first processor and a second processor using at least one additional processor separate from the first processor and the second processor, wherein one or more firewalls selectively restrict the communication, the system comprising:
-
means for determining, at the first or second processor, that the one or more firewalls restrict the communication between the first and second processors;
means for determining, at the at least one additional processor, whether the first and second processors mutually consent to enabling a hairpin between the first and second processors;
means for providing to the first processor a first information identifying the hairpin and to the second processor a second information identifying the hairpin, when the at least one additional processor determines that the first and second processors mutually consent to the hairpin;
means for establishing a first information flow from the first processor to the hairpin based on the provided first information;
means for establishing a second information flow from the second processor to the hairpin based on the provided second information; and
means for forwarding, at the hairpin, the first information flow received from the first processor to the second processor such that the communication between the first and second processors is allowed by the one or more firewalls.
-
-
21. A system for enabling communication between a first processor and a second processor using at least one additional processor separate from the first processor and the second processor, wherein one or more firewalls selectively restrict the communication, the system comprising:
-
at least one memory comprising code that determines, at the first or second processor, that the one or more firewalls restrict the communication between the first processor and the second processor;
code that determines, at the least one additional processor, whether the first and second processors mutually consent to enabling a hairpin between the first and second processors, code that provides to the first processor a first information identifying the hairpin and to the second processor a second information identifying the hairpin, when the at least one additional processor determines that the first and second processors mutually consent to the hairpin, code that establishes a first information flow from the first processor to the hairpin based on the provided first information, code that establishes a second information flow from the second processor to the hairpin based on the provided second information, and code that forwards, at the hairpin, the first information flow received from the first processor to the second processor such that the communication between the first and second processors is allowed by the one or more firewalls; and
at least one processor that executes said code.
-
-
22. A computer program product for enabling communication between a first processor and a second processor using at least one additional processor separate from the first processor and the second processor, wherein one or more firewalls selectively restrict the communication, the computer program product comprising code that, said code comprising:
-
code that determines, at the first or second processor, that the one or more firewalls restrict the communication between the first processor and the second processor;
code that determines, at the least one additional processor, whether the first and second processors mutually consent to enabling a hairpin between the first and second processors;
code that provides to the first processor a first information identifying the hairpin and to the second processor a second information identifying the hairpin, when the at least one additional processor determines that the first and second processors mutually consent to the hairpin;
code that establishes a first information flow from the first processor to the hairpin based on the provided first information;
code that establishes a second information flow from the second processor to the hairpin based on the provided second information;
code that forwards, at the hairpin, the first information flow received from the first processor to the second processor such that the communication between the first and second processors is allowed by the one or more firewalls.
-
-
23. A virtual network comprising:
-
a first processor;
a second processor; and
at least one additional processor, separate from the first processor and the second processor, that enables communication between the first processor and the second processor, wherein one or more firewalls selectively may restrict the communication and the first and second processors detect the restriction, the at least one additional processor further comprising;
means for determining whether the first and second processors mutually consent to enabling a hairpin between the first and second processors, means for providing to the first processor a first information identifying the hairpin and to the second processor a second information identifying the hairpin, when the at least one additional processor determines that the first and second processors mutually consent to the hairpin, means for establishing a first information flow from the first processor to the hairpin based on the provided first information, means for establishing a second information flow from the second processor to the hairpin based on the provided second information, and means for forwarding, at the hairpin, the first information flow received from the first processor to the second processor such that the communication between the first and second processors is allowed by the one or more firewalls.
-
-
29. A method for enabling communication between an originating processor and a destination processor using at least one additional processor separate from the originating processor and the destination processor, the method comprising:
-
determining, at the originating processor, that communication to the destination processor is restricted by one or more firewalls;
determining, at the least one additional processor, whether the originating and destination processors mutually consent to enabling a hairpin between the originating and destination processors;
providing to the originating processor a first information identifying the hairpin and to the destination processor a second information identifying the hairpin, when the at least one additional processor determines that the originating and destination processors mutually consent to the hairpin;
establishing a first information flow from the originating processor to the hairpin based on the provided first information;
establishing a second information flow from the destination processor to the hairpin based on the provided second information; and
forwarding, at the hairpin, the first information flow received from the originating processor to the destination processor such that the communication between the originating and destination processors is allowed by the one or more firewalls. - View Dependent Claims (30)
-
Specification