公开(公告)号：US11929987B1

公开(公告)日：2024-03-12

申请号：US16800816

申请日：2020-02-25

Applicant: Juniper Networks, Inc.

Inventor： Pranavadatta D N ,  Aniket G. Daptari ,  Carlo Contavalli ,  Prasad Miriyala ,  Kiran K N ,  Prasannaa Vengatesan T S ,  Venkatesh Velpula

IPC: H04L9/40 ,  G06F9/455 ,  H04L49/25 ,  H04L61/5007 ,  H04L69/22 ,  H04L69/324 ,  H04L101/622

CPC classification number: H04L63/0272 ,  G06F9/45558 ,  H04L49/25 ,  H04L61/5007 ,  H04L69/22 ,  H04L69/324 ,  G06F2009/45595 ,  H04L2101/622

Abstract: Techniques are disclosed for a network device to preserve packet flow information across bump-in-the-wire (BITW) firewalls. For example, a method comprises receiving, by a network device, a packet. The method also comprises determining, by the network device, that the packet matches a packet flow that is associated with an action to redirect the packet to a firewall configured as a bump-in-the-wire. The method further comprises, in response to the determination: modifying, by the network device, a Media Access Control (MAC) address field of a layer 2 (L2) packet header with a flow identifier of the packet flow; sending, by the network device, the packet to the firewall; receiving, by the network device, the packet from the firewall; and recovering, by the network device, the packet flow by modifying the packet according to the flow identifier in the packet to restore the L2 packet header of the packet.