US2012008505A1PendingUtilityA1
Packet tunneling
Est. expiryMar 1, 2027(~0.6 yrs left)· nominal 20-yr term from priority
H04L 12/4633H04L 12/66
46
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
Network devices, systems, and methods are provided for packet processing. One network device includes a network chip having a number of network ports for the device. The network chip includes logic to select original data packets, based on a set of criteria, received from or destined to a particular port on the device and to tunnel the selected data packets to a second network device having a different destination address to that of the selected data packets.
Claims
exact text as granted — not AI-modified1 - 20 . (canceled)
21 . A network appliance comprising:
logic to:
receive a packet that has been tunnel encapsulated by a network device, wherein the tunnel encapsulation caused the packet to be diverted from a path to an original destination to the network appliance by the network device;
decapsulate the tunnel encapsulated packet; and
process the decapsulated packet to determine information about the decapsulated packet.
22 . The network appliance according to claim 21 , wherein the packet is to be received through a path in a network that is not in-line with the path to the original destination.
23 . The network appliance according to claim 21 , wherein the logic is further to:
tunnel encapsulate the packet following processing of the decapsulated packet; and communicate the tunnel encapsulated packet back to the network device over a tunnel
24 . The network appliance according to claim 21 , wherein the logic is further to:
process the decapsulated packet by detecting whether the decapsulated packet comprises a suspicious packet based upon the determined information about the decapsulated packet.
25 . The network appliance according to claim 21 , wherein the logic is further to:
process the decapsulated packet by detecting whether the decapsulated packet comprises an unwanted network intrusion or activity based upon the determined information about the decapsulated packet.
26 . The network appliance according to claim 21 , wherein the logic is further to:
process the decapsulated packet by performing an accounting operation based upon the determined information about the decapsulated packet.
27 . The network appliance according to claim 21 , wherein the logic is further to:
process the decapsulated packet by performing a diagnostic operation based upon the determined information about the decapsulated packet.
28 . A network, comprising:
a network appliance having ports to receive and transmit data packets; a network device having ports to receive data packets from a network client and ports to transmit data packets into the network, wherein said network device is to tunnel encapsulate selected data packets to secure tunnel the selected data packets to the network appliance instead of sending the selected data packets to an original media access control (MAC) destination address of the data packets; and wherein the network appliance comprises logic to:
receive the tunnel encapsulated packet from the network device;
decapsulate the encapsulated packet; and
process the decapsulated packet to determine information about the decapsulated packet.
29 . The network according to claim 28 , wherein the network appliance is to receive the tunnel encapsulated packet through a path in the network that is not in-line with a path of the original MAC destination address of the data packets.
30 . The network according to claim 28 , wherein the logic is further to:
tunnel encapsulate the packet following performance of packet processing; and transmit the tunnel encapsulated packet back to the network device over a tunnel
31 . The network according to claim 28 , wherein the logic is further to:
process the decapsulated packet by detecting whether the decapsulated packet comprises a suspicious packet based upon the determined information about the decapsulated packet.
32 . The network according to claim 28 , wherein the logic is further to:
process the decapsulated packet by detecting whether the decapsulated packet comprises an unwanted network intrusion or activity based upon the determined information about the decapsulated packet.
33 . The network according to claim 28 , wherein the logic is further to:
process the decapsulated packet by performing an accounting operation based upon the determined information about the decapsulated packet.
34 . The network according to claim 28 , wherein the logic is further to:
process the decapsulated packet by performing a diagnostic operation based upon the determined information about the decapsulated packet.
35 . A method for processing packets, said method comprising:
receiving, in a network appliance, a packet that has been tunnel encapsulated by a network device, wherein the tunnel encapsulation caused the packet to be diverted from a path to an original destination to the network appliance by the network device, and wherein a tunnel between the network appliance and the network device is not in-line with the path to the original destination; decapsulating the encapsulated packet; and processing, by a processor, the decapsulated packet to determine information about the decapsulated packet.
36 . The method according to claim 35 , further comprising:
tunnel encapsulating the packet following processing of the decapsulated packet; and transmitting the tunnel encapsulated packet back to the network device over a tunnel
37 . The method according to claim 35 , wherein processing the decapsulated packet further comprises processing the decapsulated packet by detecting whether the decapsulated packet comprises a suspicious packet.
38 . The method according to claim 35 , wherein processing the decapsulated packet further comprises processing the decapsulated packet by detecting whether the decapsulated packet comprises an unwanted network intrusion or activity.
39 . The method according to claim 35 , wherein processing the decapsulated packet further comprises processing the decapsulated packet by performing an accounting operation based upon the determined information about the decapsulated packet.
40 . The method according to claim 35 , wherein processing the decapsulated packet further comprises processing the decapsulated packet by performing a diagnostic operation based upon the determined information about the decapsulated packet.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.