公开(公告)号：US20170195292A1

公开(公告)日：2017-07-06

申请号：US14985827

申请日：2015-12-31

申请人： Son Pham ,  Donald Krall ,  Venkateswara Adusumilli ,  Edward Lopez ,  Neil Huynh

发明人： Son Pham ,  Donald Krall ,  Venkateswara Adusumilli ,  Edward Lopez ,  Neil Huynh

IPC分类号： H04L29/06 ,  H04L12/947 ,  H04L12/935 ,  H04L12/24

CPC分类号： H04L63/0245 ,  H04L41/0893 ,  H04L41/20 ,  H04L49/25 ,  H04L49/30 ,  H04L63/0263

摘要： Systems and methods for an SDN switch that provides service group chaining for sequentially serving multiple network security devices are provided. According to one embodiment, a packet received by the switch is processed by a first FPU based on a first set of rules and forwarded conditionally to a first security device. The packet is security processed, including dropping it or forwarding it to an egress port or forwarding it to a second FPU. When forwarded to the second FPU, the packet is processed based on a second set of rules by forwarding it to a second security device or dropping it or forwarding it to the egress port. When forwarded to the second security device, the packet is security processed, including dropping it or forwarding it to the egress port or conditionally forwarding it to a third FPU to be sequentially forwarded to a third security device.

公开(公告)号：US20170195254A1

公开(公告)日：2017-07-06

申请号：US14985811

申请日：2015-12-31

申请人： Son Pham ,  Donald Krall ,  Venkateswara Adusumilli ,  Edward Lopez ,  Neil Huynh

发明人： Son Pham ,  Donald Krall ,  Venkateswara Adusumilli ,  Edward Lopez ,  Neil Huynh

IPC分类号： H04L12/947 ,  H04L12/24 ,  H04L29/06 ,  H04L12/935 ,  H04L12/741

CPC分类号： H04L49/25 ,  H04L41/0896 ,  H04L43/026 ,  H04L43/028 ,  H04L43/04 ,  H04L45/745 ,  H04L49/30 ,  H04L69/22

摘要： Systems and methods for an SDN switch that provides application-based conditional forwarding and session-aware load balancing are provided. According to one embodiment, a packet is received at an input port of a Software Defined Networking (SDN) switch. The packet is forwarded by the SDN switch to a first flow processing unit (FPU) of multiple FPUs of the SDN switch. The first FPU determines whether the packet is to be tracked. And, if so, the received packet is transmitted to a second FPU of the SDN switch; otherwise, the packet is transmitted to a third FPU of the SDN switch. When the packet is received at the second FPU, the packet is conditionally forwarded by the SDN switch to an application device. When the packet is received at the third FPU, the packet is conditionally forwarded to an output port or dropped.