	US 12,107,834 B2
	Multi-uplink path quality aware IPsec
Yong Wang, Sunnyvale, CA (US); Awan Kumar Sharma, Pune (IN); Sourabh Bhattacharya, Pune (IN); Deepika Solanki, Pune (IN); and Sarthak Ray, Pune (IN)
Assigned to VMware LLC, Palo Alto, CA (US)
Filed by VMware LLC, Palo Alto, CA (US)
Filed on Jan. 6, 2022, as Appl. No. 17/570,363.
Claims priority of application No. 202141025317 (IN), filed on Jun. 7, 2021.
Prior Publication US 2022/0394014 A1, Dec. 8, 2022
Int. Cl. G06F 9/00 (2018.01); H04L 9/40 (2022.01); H04L 29/06 (2006.01); H04L 45/12 (2022.01); H04L 45/24 (2022.01); H04L 45/42 (2022.01); H04L 47/125 (2022.01)

CPC H04L 63/029 (2013.01) [H04L 45/123 (2013.01); H04L 45/24 (2013.01); H04L 45/42 (2013.01); H04L 47/125 (2013.01); H04L 63/0435 (2013.01); H04L 63/20 (2013.01)]

20 Claims

1. A method comprising:

collecting metrics for one or more paths of a first tunnel implementing a first security association (SA) and for one or more paths of a second tunnel implementing a second SA;

providing load balancing over a plurality of paths, the load balancing avoiding choosing from multiple SAs;

selecting a path based on the collected metrics of the paths of the first and second tunnels;

when the selected path belongs to the first tunnel, encrypting data transmitted as a first encrypted payload of the first SA and transmitting the first encrypted payload in the first tunnel; and

when the selected path belongs to the second tunnel, encrypting data for transmitting as a second encrypted payload of the second SA and transmitting the second encrypted payload in the second tunnel.