CPC H04L 49/15 (2013.01) [G06F 9/45533 (2013.01); G06F 9/45558 (2013.01); G06F 9/5072 (2013.01); G06F 11/008 (2013.01); G06F 11/07 (2013.01); G06F 11/0709 (2013.01); G06F 11/0793 (2013.01); G06F 11/1438 (2013.01); G06F 11/1482 (2013.01); G06F 11/2035 (2013.01); G06F 11/3433 (2013.01); G06F 15/177 (2013.01); H04L 9/0819 (2013.01); H04L 9/3213 (2013.01); H04L 12/4633 (2013.01); H04L 12/4641 (2013.01); H04L 12/66 (2013.01); H04L 41/044 (2013.01); H04L 41/0806 (2013.01); H04L 41/12 (2013.01); H04L 41/20 (2013.01); H04L 45/38 (2013.01); H04L 45/72 (2013.01); H04L 45/74 (2013.01); H04L 47/32 (2013.01); H04L 49/25 (2013.01); H04L 49/70 (2013.01); H04L 61/256 (2013.01); H04L 61/2514 (2013.01); H04L 61/2521 (2013.01); H04L 61/2539 (2013.01); H04L 61/2592 (2013.01); H04L 63/0209 (2013.01); H04L 63/029 (2013.01); H04L 63/0236 (2013.01); H04L 63/0263 (2013.01); H04L 63/0272 (2013.01); H04L 63/0428 (2013.01); H04L 63/062 (2013.01); H04L 63/20 (2013.01); H04L 67/10 (2013.01); H04L 67/1097 (2013.01); G06F 2009/4557 (2013.01); G06F 2009/45595 (2013.01); H04L 47/125 (2013.01); H04L 61/5014 (2022.05); H04L 2209/24 (2013.01); H04L 2212/00 (2013.01)] | 18 Claims |
1. A method comprising:
at a first data compute node (DCN) configured to execute a gateway first forwarding element for a logical network within a datacenter:
receiving a data packet from a second forwarding element executing on a second DCN in the datacenter, wherein (i) the data packet has a first network address associated with an application executing on the second DCN as its source address, (ii) the second forwarding element performs a first set of operations on the data packet before sending the data packet to a host computer on which the first DCN executes and (iii) a network controller distributes logical network configuration data to configure the first and second forwarding elements;
performing a second set of operations on the data packet according to a logical network configuration for the gateway first forwarding element, the second set of operations comprising translating the first network address to a second network address allocated to the logical network by an administrator of the datacenter; and
sending the data packet to a third forwarding element configured by the administrator of the datacenter, wherein (i) the network controller does not have access to the third forwarding element and other administrator-configured forwarding elements of the datacenter and (ii) the third forwarding element performs a third set of operations on the data packet before sending the data packet to a destination external to the datacenter, the third set of operations comprising translating the second network address to a public third network address.
|