US 11,757,935 B2
Endpoint security mechanism to detect IP theft on a virtual machine mobility in switch fabric
Govind Prasad Sharma, Union City, CA (US); Eshwar Rao Yedavalli, Fremont, CA (US); Mohammed Javed Asghar, Dublin, CA (US); Ashwath Kumar Chandrasekaran, San Jose, CA (US); Swapnil Mankar, San Jose, CA (US); and Umamaheswararao Karyampudi, Fremont, CA (US)
Assigned to CISCO TECHNOLOGY, INC., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on May 4, 2022, as Appl. No. 17/736,748.
Application 17/736,748 is a division of application No. 16/396,096, filed on Apr. 26, 2019, granted, now 11,368,484.
Prior Publication US 2022/0263865 A1, Aug. 18, 2022
Int. Cl. H04L 9/40 (2022.01); G06F 9/455 (2018.01); H04L 61/103 (2022.01); H04L 101/622 (2022.01)
CPC H04L 63/1483 (2013.01) [G06F 9/45558 (2013.01); H04L 61/103 (2013.01); H04L 63/10 (2013.01); G06F 2009/4557 (2013.01); G06F 2009/45595 (2013.01); H04L 2101/622 (2022.05)] 20 Claims
OG exemplary drawing
1. A method comprising:
receiving, by a first network element in a network fabric, a first request message comprising an endpoint entity identifier associated with an endpoint entity, the first request message being triggered by a second network element in the network fabric receiving a multicast reverse address resolution protocol request;
performing, by the first network element, a lookup in a local database, based on the endpoint entity identifier; and
based on the lookup indicating that the endpoint entity identifier is found in the local database, broadcasting a second request message which is a probe to the endpoint entity so as to trigger an Internet Protocol (IP) address theft validating process by the second network element based on a response to the second request message from the endpoint entity.