The approaches described in this section are approaches that could be pursued, but not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated, it should not be assumed that any of the approaches described in this section qualify as prior art merely by virtue of their inclusion in this section. Furthermore, it should not be assumed that any of the approaches described in this section are well-understood, routine, or conventional merely by virtue of their inclusion in this section.
Service chaining in virtualization networks usually means executing a sequence of service functions on a packet before the packet is either forwarded or discarded. The service functions, also referred to as services, may include firewall services, intrusion detection services, intrusion prevention services, load balancing services, and others. Performing a sequence of services on a packet may include determining whether the packet is to be allowed, dropped, or modified. If, after performing on the packet all services in the sequence, the packet is allowed or modified, then the packet is forwarded; otherwise, the packet is dropped.
Executing a sequence of services on a packet usually includes applying the services to the packet in a sequential order—one service from the sequence at the time. In most cases, however, the sequential processing of the packet is time-consuming, and bandwidth-demanding.
It has been shown that in a typical service chaining, packets are either allowed or dropped, but rarely modified. It has been also shown that since the services are applied to a packet sequentially, in some situations the packet processing is inefficient. One of such situations occurs when a packet requires applying several services, and all the services, but the last one, allow the packet while the last service requests dropping the packet. In this situation, applying all the services according to the sequence to eventually drop the packet anyway is inefficient.
Therefore, there is a need for an improved method for servicing packets in virtualization networks that would optimize and speed the packet servicing as well as reduce the servicing bandwidth requirements.