CPC H04L 45/50 (2013.01) [H04L 12/4633 (2013.01); H04L 45/28 (2013.01); H04L 45/42 (2013.01); H04L 45/566 (2013.01); H04L 45/74 (2013.01); H04L 45/741 (2013.01); H04L 69/22 (2013.01)] | 20 Claims |
15. A system, comprising:
a processor;
a non-transitory computer readable media storing instructions which are programmed to cause the processor to perform operations comprising:
receive, at an egress node located downstream from an ingress node, a first data packet with Segment Routing over an IPv6 dataplane (SRv6) encapsulation, the first data packet being associated with from a source application to a destination application;
remove the SRv6 encapsulation from the first data packet;
forward the unencapsulated first data packet to the destination application in response to content in the SRv6 encapsulation indicating that a first policy was applied at the ingress node;
in response to the content in the SRv6 encapsulation indicating that the first policy was not applied at the ingress node:
apply a second policy to the unencapsulated first data packet;
forward the unencapsulated first data packet to the destination application in response to the second policy allowing forwarding of the unencapsulated first data packet; and
drop the unencapsulated first data packet in response to the second policy prohibiting forwarding of the unencapsulated first data packet.
|