Overlay-based packet steering

US 8,830,834 B2
Filed: 12/21/2011
Issued: 09/09/2014
Est. Priority Date: 12/21/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, on an overlay-based service path, a service-directed packet at a first network device, wherein the service-directed packet comprises a service header and a service overlay tunnel encapsulation;

performing, based on information in the service header, a look-up in a path segment table to locate a next hop adjacency that includes next hop tunnel rewrite information useable to rewrite information in the tunnel encapsulation and identifies a first service node to which the service-directed packet should be forwarded;

forwarding the service-directed packet to the first service node on the overlay-based service path; and

after the first service node applies a service on the service-directed packet, receiving, on the overlay-based service path, the service-directed packet back from the first service node, wherein the service-directed packet received back from the first service node includes a modified service header.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Network topology independent service deployment techniques, referred to as overlay-based packet steering techniques, are provided. In one example, a server destined packet is intercepted by an in-path network device enabled as a service classifier. The service classifier encapsulates the packet and inserts the packet into a service path to a service virtualization endpoint front ending one or more service nodes. In other words, the service virtualization endpoint receives the service-directed packet on an overlay-based service path. The service-directed packet includes a service header and a service overlay tunnel encapsulation. The service virtualization endpoint inspects the service header in the service-directed packet to identify a first service node to which the service-directed packet should be forwarded and, based on the inspection, forwards the service-directed packet, on the overlay-based service path, to the first service node.

134 Citations

30 Claims

1. A method comprising:
- receiving, on an overlay-based service path, a service-directed packet at a first network device, wherein the service-directed packet comprises a service header and a service overlay tunnel encapsulation;
  
  performing, based on information in the service header, a look-up in a path segment table to locate a next hop adjacency that includes next hop tunnel rewrite information useable to rewrite information in the tunnel encapsulation and identifies a first service node to which the service-directed packet should be forwarded;
  
  forwarding the service-directed packet to the first service node on the overlay-based service path; and
  
  after the first service node applies a service on the service-directed packet, receiving, on the overlay-based service path, the service-directed packet back from the first service node, wherein the service-directed packet received back from the first service node includes a modified service header.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein the service-directed packet was intercepted from a network flow intended for a destination device by a service classifier on a second network device and further comprisingidentifying, based on the look-up in the path segment table using information in the modified service header, the destination device as the next destination for the service directed packet;
    - andforwarding the service-directed packet to the destination device.
  - 3. The method of claim 2, further comprising:
    - prior to forwarding the service-directed packet to the destination device, de-encapsulating the service-directed packet.
  - 4. The method of claim 1, wherein the service-directed packet was intercepted by a service classifier on a second network device, and wherein the method further comprises:
    - identifying, based on the look-up in the path segment table using information in the modified service header, the service classifier as the next destination for the service directed packet; and
      
      forwarding the service-directed packet back to the service classifier on the overlay-based service path.
  - 5. The method of claim 1, further comprising:
    - identifying, based on the look-up in the path segment table using information in the modified service header, a second service node as the next destination for the service directed packet; and
      
      forwarding the service-directed packet to the second service node on the overlay-based service path.
  - 6. The method of claim 1, wherein receiving a service-directed packet comprises:
    - receiving a service-directed packet having a layer 2 service overlay tunnel encapsulation.
  - 7. The method of claim 6, wherein forwarding the service-directed packet to the first service node comprises:
    - forwarding the service-directed packet to the first service node with a layer 2 service overlay tunnel encapsulation.
  - 8. The method of claim 6, further comprising:
    - encapsulating the service-directed packet with a layer 3 service overlay tunnel encapsulation; and
      
      forwarding the service-directed packet having the layer 3 service overlay tunnel encapsulation to the first service node.
  - 9. The method of claim 1, wherein receiving a service-directed packet comprises:
    - receiving a service-directed packet having a layer 3 service overlay tunnel encapsulation.
  - 10. The method of claim 9, wherein forwarding the service-directed packet to the first service node comprises:
    - forwarding the service-directed packet to the first service node with a service overlay layer 3 tunnel encapsulation.
  - 11. The method of claim 9, further comprising:
    - encapsulating the service-directed packet to include a layer 2 service overlay tunnel encapsulation; and
      
      forwarding the service-directed packet having the layer 2 service overlay tunnel encapsulation to the first service node.
  - 12. The method of claim 1, wherein performing the look-up in the path segment table based on the information in the service header of the service-directed packet comprises:
    - using a service path identifier (ID) and a sequence number in the service header to perform the look-up in the path forwarding table.

13. An apparatus comprising:
- a plurality of network interfaces;
  
  a processor coupled to the plurality of network interfaces and configured to;
  
  receive, on an overlay-based service path, a service-directed packet that comprises a service header and a service overlay tunnel encapsulation;
  
  perform, based on information in the service header, a look-up in a path segment table to locate a next hop adjacency that includes next hop tunnel rewrite information useable to rewrite information in the tunnel encapsulation and identifies a first service node to which the service-directed packet should be forwarded;
  
  forward the service-directed packet to the first service node on the overlay-based service path; and
  
  receive, on the overlay-based service path, the service-directed packet back from the first service node after the first service node applies a service on the service-directed packet, wherein the service-directed packet received back from the first service node includes a modified service header.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 14. The apparatus of claim 13, wherein the service-directed packet was intercepted from a network flow intended for a destination device by a service classifier on a second network device and wherein the processor is configured to:
    - identify, based on the look-up in the path segment table using information in the modified service header, the destination device as the next destination for the service directed packet; and
      
      forward the service-directed packet to the destination device.
  - 15. The apparatus of claim 14, wherein the processor is configured to de-encapsulate the service-directed packet prior to forwarding the service-directed packet to the destination device.
  - 16. The apparatus of claim 13, wherein the service-directed packet was intercepted by a service classifier on a second network device, and wherein the processor is configured to:
    - identify, based on the look-up in the path segment table using information in the modified service header, the service classifier as the next destination for the service directed packet; and
      
      forward the service-directed packet back to the service classifier on the overlay-based service path.
  - 17. The apparatus of claim 13, wherein the processor is configured to:
    - identify, based on the look-up in the path segment table using information in the modified service header, a second service node as the next destination for the service directed packet; and
      
      forward the service-directed packet to the second service node on the overlay-based service path.
  - 18. The apparatus of claim 13, wherein the processor is configured to receive a service-directed packet having a layer 2 service overlay tunnel encapsulation.
  - 19. The apparatus of claim 18, wherein the processor is configured to forward the service-directed packet to the first service node with a layer 2 service overlay tunnel encapsulation.
  - 20. The apparatus of claim 18, wherein the processor is configured to encapsulate the service-directed packet with a layer 3 service overlay tunnel encapsulation, and forward the service-directed packet having the layer 3 service overlay tunnel encapsulation to the first service node.
  - 21. The apparatus of claim 13, wherein the processor is configured to receive a service-directed packet having a layer 3 service overlay tunnel encapsulation.
  - 22. The apparatus of claim 21, wherein the processor is configured to forward the service-directed packet to the first service node with a service overlay layer 3 tunnel encapsulation.
  - 23. The apparatus of claim 21, wherein the processor is configured to encapsulate the service-directed packet to include a layer 2 service overlay tunnel encapsulation, and forward the service-directed packet having the layer 2 service overlay tunnel encapsulation to the first service node.
  - 24. The apparatus of claim 13, wherein to perform the look-up in the path segment table based on the information in the service header of the service-directed packet, the processor is configured to:
    - use a service path identifier (ID) and a sequence number in the service header to perform the look-up in the path forwarding table.
  - 25. The apparatus of claim 13, wherein the processor comprises one or more application-specific integrated circuits.
  - 26. The apparatus of claim 13, wherein the processor is configured to execute software in memory to performs its operations.

27. One or more non-transitory computer readable storage media encoded with software comprising computer executable instructions and when the software is executed operable to:
- receive, on an overlay-based service path, a service-directed packet at a first network device, wherein the service-directed packet includes a service header and a service overlay tunnel encapsulation;
  
  perform, based on information in the service header, a look-up in a path segment table, to locate a next hop that includes next hop tunnel rewrite information useable to rewrite information in the tunnel encapsulation and identifies a first service node to which the service-directed packet should be forwarded;
  
  forward the service-directed packet to the first service node on the overlay-based service path; and
  
  receive, on the overlay-based service path, the service-directed packet back from the first service node after the first service node applies a service on the service-directed packet, wherein the service-directed packet received back from the first service node includes a modified service header.
- View Dependent Claims (28, 29, 30)
- - 28. The non-transitory computer readable storage media of claim 27, wherein the service-directed packet was intercepted from a network flow intended for a destination device by a service classifier on a second network device and wherein the computer readable storage media further comprise instructions operable to:
    - identify, based on the look-up in the path segment table using information in the modified service header, the destination device as the next destination for the service directed packet; and
      
      forward the service-directed packet to the destination device after receiving the service-directed packet from the first service node.
  - 29. The non-transitory computer readable storage media of claim 27, wherein the service-directed packet was intercepted by a service classifier on a second network device, and wherein the computer readable storage media further comprise instructions operable to:
    - identify, based on the look-up in the path segment table using information in the modified service header, the service classifier as the next destination for the service directed packet; and
      
      forward the service-directed packet back to the service classifier on the overlay-based service path after receiving the service-directed packet from the first service node.
  - 30. The non-transitory computer readable storage media of claim 27, further comprising instruction operable to:
    - identify, based on the look-up in the path segment table using information in the modified service header, a second service node as the next destination for the service directed packet; and
      
      forward the service-directed packet to the second service node on the overlay-based service path.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Sharma, Govind Prasad, Devireddy, Dileep K.
Primary Examiner(s)
Hsu, Alpus H
Assistant Examiner(s)
Thai, Camquyen

Application Number

US13/332,499
Publication Number

US 20130163594A1
Time in Patent Office

993 Days
Field of Search

370/392, 370/235, 370/338, 370/349, 370/428, 370/469, 709/202, 709/238, 709/246, 455/450, 455/453
US Class Current

370/235
CPC Class Codes

H04L 12/4633   Interconnection of networks...

H04L 45/64   using an overlay routing layer

H04L 45/66   Layer 2 routing, e.g. in Et...

Overlay-based packet steering

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

134 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Overlay-based packet steering

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

134 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links