公开(公告)号：US20250030663A1

公开(公告)日：2025-01-23

申请号：US18235772

申请日：2023-08-18

Applicant: VMware, Inc.

Inventor： Yang Ding ,  Jiahao Wu ,  Jianjun Shen ,  Lan Luo ,  Akshay Katrekar ,  Guna Singh Bagavath Singh Chidambaram Udhaya Singh

IPC: H04L9/40

Abstract: Techniques associated with exchanging data between clusters are disclosed. A data packet can be received from a first pod in a first cluster of a cluster set that targets a second pod or service in a second cluster of the cluster set. A label identity is determined for the first pod from a table of pods and label identities. The label identity for the first pod is added in a virtual network identifier field of a data packet header. The data packet is communicated from a first virtual switch to the second cluster through a tunnel interface and gateway node. Upon receipt of the data packet, the label identity is extracted from the data packet header, and an ingress rule associated with the label identity can be determined. Access to the second pod is controlled based on the rule.