	US 12,231,407 B2
	Logical switch level load balancing of L2VPN traffic
Deepika Solanki, Pune (IN); Yong Wang, San Jose, CA (US); and Sarthak Ray, Pune (IN)
Assigned to VMware LLC, Palo Alto, CA (US)
Filed by VMware LLC, Palo Alto, CA (US)
Filed on Dec. 29, 2021, as Appl. No. 17/564,274.
Claims priority of application No. 202141051017 (IN), filed on Nov. 8, 2021.
Prior Publication US 2023/0143157 A1, May 11, 2023
Int. Cl. H04L 9/40 (2022.01)

CPC H04L 63/029 (2013.01) [H04L 63/0428 (2013.01); H04L 63/162 (2013.01)]

20 Claims

1. A method, comprising:

establishing, at a virtual tunnel interface (VTI) of a local gateway, a plurality of security tunnels with the peer gateway by engaging with the peer gateway in a tunnel creation according to a security protocol, wherein each of the plurality of security tunnels is associated with a different set of one or more layer 2 (L2) segments, and wherein each of the plurality of security tunnels is associated with one or more security associations (SAs) with the peer gateway, wherein each set of one or more L2 segments is associated with an L2 identifier (ID);

after establishing each security tunnel, of the plurality of security tunnels, storing a hash of the L2 ID of the set of one or more L2 segments associated with the security tunnel, and a mapping of the hash to a tunnel ID of the security tunnel;

receiving a packet, at the local gateway, via a first L2 segment;

selecting one of the plurality of security tunnels and an SA associated with the selected security tunnel based on the L2 segment via which the packet was received; and

encrypting and encapsulating the packet based on the selected security tunnel and SA.