Systems and Methods for Tunneling Network Traffic to Apply Network Functions

Organization Name

GOOGLE LLC

Inventor(s)

Arivudainambi Appachi Gounder of Cupertino CA (US)

Bolei Fu of San Jose CA (US)

Stephen Stuart of Los Altos Hills CA (US)

Zhiwei Cen of San Jose CA (US)

Systems and Methods for Tunneling Network Traffic to Apply Network Functions - A simplified explanation of the abstract

This abstract first appeared for US patent application 17552574 titled 'Systems and Methods for Tunneling Network Traffic to Apply Network Functions

Simplified Explanation

The patent application describes a system and method for applying network functions to a packet received by a network switch from a host. The packet can be configured with desired network functions such as security settings, traffic path control, or policy enforcement before being transmitted to a target destination.

• The system includes a network switch and a network controller.
• Packets from hosts enter the network switch through network ports.
• The packet is then tunneled and transmitted to a server insertion to add a service identifier.
• The packet with the service modifier is transmitted to a service block over the network.
• The service block applies specific network functions to the packets.
• The packet with the specific network functions is then routed to the target destination with the desired network functions.

Potential Applications

• Network security: The system can apply security settings to packets to protect against unauthorized access or threats.
• Traffic management: The system can control the path and flow of network traffic to optimize performance and reduce congestion.
• Policy enforcement: The system can enforce specific policies or rules on packets to ensure compliance with regulations or organizational guidelines.

Problems Solved

• Lack of flexibility: The system allows for the customization of network functions on a per-packet basis, providing more flexibility in network management.
• Inefficient packet processing: By applying network functions to packets before transmission, the system reduces the need for additional processing at the target destination, improving efficiency.

Benefits

• Enhanced network security: The ability to apply security settings to packets ensures a higher level of protection against potential threats.
• Improved network performance: By controlling traffic flow and optimizing packet routing, the system can enhance network performance and reduce congestion.
• Customizable network management: The system allows for the customization of network functions, providing greater control and adaptability to specific requirements.

Original Abstract Submitted

The systems and methods described herein provide a mechanism to apply network functions to a packet. The packet received by a network switch from a host may be configured so that the packet may be transmitted and forwarded to a target destination with desired network function, such as desired security settings, traffic path control or policy enforcement. In one example, the system may include a network switch and a network controller. The packet from hosts may enter the network switch through network ports (Px). The packet may then be tunneled and further transmitted to a server insertion to add a service identifier for the packet. The packet with the service modifier is then transmitted to a service block over the network. The service block may apply specific network functions to be processed or already processed to the packets. Subsequently, the packet with the specific network functions may then routes to the target destination with the desired network functions