Mechanism for enabling layer two host addresses to be shielded from the switches in a network

摘要

Methods and systems for shielding layer two host addresses (e.g., MAC addresses) from a network are provided. A border component interposed between a network of switches and multiple local hosts receives from a first local host a first packet destined for a first destination host. The first local host has a first layer 2 (L2) address and a first layer 3 (L3) address associated therewith. The first packet includes the first L2 address as a source L2 address for the first packet, and includes the first L3 address as a source L3 address for the first packet. The border component shields the first L2 address from the network of switches by replacing the source L2 address for the first packet with a substitute L2 address before sending the first packet to the network of switches.

主权项

1. A method performed by a border component interposed between a network of switches and a plurality of local hosts, the method comprising:
receiving, by the border component from a first local host of the plurality of local hosts, a first packet destined for a first destination host, wherein the first local host has a first layer 2 (L2) address and a first layer 3 (L3) address associated therewith, and wherein the first packet includes the first L2 address as a source L2 address for the first packet, and includes the first L3 address as a source L3 address for the first packet; shielding, by the border component, the first L2 address from the network of switches by replacing the source L2 address for the first packet with a substitute L2 address that is shared by the plurality of local hosts; and sending, by the border component, the first packet to the network of switches.