| CPC H04L 61/2567 (2013.01) [H04L 12/4675 (2013.01); H04L 41/0816 (2013.01); H04L 67/1008 (2013.01); H04L 67/1034 (2013.01); H04L 2101/622 (2022.05)] | 16 Claims |
|
1. A method comprising:
providing a plurality of workloads executing in a computing environment including a plurality of computing devices each including a processing device and a memory device;
providing a first node executing in the computing environment, the first node programmed to act as a first gateway between the computing environment and an external network by performing network address translation (NAT), the computing environment being configured to cause the plurality of workloads to communicate with the external network through the first node;
providing a second node executing in the computing environment programmed to act as a second gateway between the computing environment and the external network by performing NAT;
configuring the second node to mirror a NAT state of the first node;
detecting, by the second node, failure of the first node;
creating first interfaces to the plurality of workloads on the first node and creating second interfaces to the plurality of workloads on the second node that are identical to the first interfaces;
in response to detecting failure of the first node, performing by the second node:
configuring the computing environment to cause the plurality of workloads to communicate with the external network through the second node using the second interfaces, the second interfaces being created prior to failure of the first node; and
performing NAT according to the NAT state of the first node;
wherein the first interfaces have media access code (MAC) addresses of the plurality of workloads associated therewith and the second interfaces have the MAC addresses associated therewith; and
wherein the first interfaces are sub-interfaces to a first virtual private network (VPN) connection and the second interfaces are sub-interfaces to a second VPN connection.
|