CPC H04L 45/20 (2013.01) [G06F 9/45558 (2013.01); H04L 45/122 (2013.01); H04L 45/42 (2013.01); H04L 45/586 (2013.01); H04L 45/745 (2013.01); H04L 63/0245 (2013.01); H04L 69/22 (2013.01); G06F 2009/45587 (2013.01); G06F 2009/45595 (2013.01)] | 20 Claims |
1. A computer-implemented method for pre-filtering traffic in a logical network, comprising:
receiving, by a hypervisor, a packet from a virtual computing instance (VCI);
determining, by the hypervisor, a service path for the packet based on a service table;
setting, by the hypervisor, a pre-filter component as a next hop for the packet based on the service path;
receiving, by the pre-filter component, the packet;
making a determination, by the pre-filter component, of whether the packet requires processing by a security component;
performing, by the pre-filter component, based on the determination, one of:
forwarding the packet to its destination and bypassing the security component; or
forwarding the packet to the security component; and
determining, by the pre-filter component, based on the packet, whether to perform one or more actions to reconfigure the hypervisor to bypass the pre-filter component for subsequent packets in a flow associated with the packet.
|