Stateful packet forwarding in a firewall cluster
US7107609B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 20, 2001 |
| Grant date | Sep 12, 2006 |
| Priority date | — |
| Expiry date | Oct 16, 2023 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0254
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method is disclosed for processing data using multiple interconnected firewall devices. A connection is initiated between an internal host and an external network, through a home firewall device. A separate, receiving firewall device may then receive a data packet for the internal host as part of a flow. The receiving device attempts to determine the home device for the packet. The receiving device sends a multicast to all other firewall devices in the firewall cluster. The multicast includes the data packet and information about the receiving device. The home device receives the multicast and responds, indicating that it is the home device. The home device extracts the data packet from the multicast and forwards it to the internal host. The receiving device stores the response information along with other forwarding information that is used to automatically forward to the home device subsequent data packets for the flow.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.