18347459. FINE-GRAINED ROLE-BASED SEGMENTATION IN OVERLAY NETWORK (HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP)
FINE-GRAINED ROLE-BASED SEGMENTATION IN OVERLAY NETWORK
Organization Name
HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP
Inventor(s)
Saumya Dikshit of Bengaluru (IN)
Balaji Sankaran of Bengaluru (IN)
Badrish Havaralu Rama Chandra Adiga of Bengaluru (IN)
FINE-GRAINED ROLE-BASED SEGMENTATION IN OVERLAY NETWORK
This abstract first appeared for US patent application 18347459 titled 'FINE-GRAINED ROLE-BASED SEGMENTATION IN OVERLAY NETWORK
Original Abstract Submitted
A system for facilitating segmentation by a first switch of an overlay tunnel fabric is provided. During operation, the system can receive a route update packet for the fabric. The packet can be based on a control plane that allows the exchange of route information via the tunnel and can include a first media access control (MAC) address learned at a second switch and a first role identifier of a first role. The first role can indicate a level of access granted to a first device associated with the first MAC address. The system can store the first MAC address and the first role identifier in a local address data structure. Upon receiving a packet from the first device, the system can then determine, based on the first role identifier and a first segmentation policy, whether a local device is allowed to receive the packet from the first device.