Patent · US Active

VxLAN security implemented using VxLAN membership information at VTEPs

US10171559B2 · kind B2 · utility

3Cited by

1References

18Claims

0Family size

Assignee

Cisco Technology, Inc. · US

Inventors

Feng Cai · Shanghai, CN
Yuxiang Chen · 安丰镇, CN
Danmu Wu · Shanghai, CN
Zhiyong Fang · Chongqing, CN

Key dates

Filing date	Nov 21, 2014
Grant date	Jan 1, 2019
Priority date	—
Expiry date	Jul 2, 2036

Classification

Technology area (CPC H)Electricity
CPC primaryH04L12/4633
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A network device stores a Virtual Extensible Local Area Network (VxLAN) Tunnel Endpoint (VTEP) membership information that associates VxLANs each with a corresponding set of VTEPs authorized to originate VxLAN packets on that VxLAN. The network device receives from a communication network a VxLAN packet that identifies a VxLAN and an originating VTEP. The VTEP compares the originating VTEP to the set of VTEPs associated with the VxLAN in the VTEP membership information that matches the identified VxLAN. If the comparison indicates that the originating VTEP is not included in the set of VTEPs authorized to originate VxLAN packets, the VTEP discards the received VxLAN packet. Otherwise the VTEP further processes the VxLAN packet.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.