Static routes for policy-based VPN
US10938788B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 12, 2018 |
| Grant date | Mar 2, 2021 |
| Priority date | — |
| Expiry date | Sep 5, 2039 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/164
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Some embodiments provide a method for configuring a gateway datapath that processes data messages between a logical network implemented in a datacenter and an external network. The method receives configuration data including security policy rules for a logical router implemented by the datapath that indicate whether to apply a security protocol to certain data messages transmitted from a particular interface of the logical router. The method identifies a particular security policy rule that applies to data messages that (i) have a destination address in a set of destination addresses and (ii) meet at least one additional criteria. The method generates a static route, for a routing table used by the datapath to implement the logical router, that routes data messages with destination addresses in the set of destination addresses to the particular interface. The datapath applies the security policy rules for data messages transmitted from the particular interface.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.