Some embodiments described can solve the problem of identification of applications in the physical network (or the underlay) for the tunnel encapsulated traffic from the end host device (e.g. a virtual machine (VM) or standalone host or server). This can allow underlay nodes (e.g. switches, routers) to have the visibility into the application being transported thereby providing underlay nodes with the capability to do application specific processing, e.g., analytics, class of service (cos), policy control etc. Such embodiments may not require deep packet inspection of tunneled packets on the underlay nodes and the application identification can be completely user controlled, i.e., user can choose to enable only certain applications in the network for the identification and subsequent analytics collection purposes.
Since overlay networks can involve some type of tunnel encapsulations, e.g., Generic Routing Encapsulation (GRE), Network Virtualization using Generic Routing Encapsulation (NVGRE), Virtual Extensible Local Area Network (VxLAN), etc., when an end device application traffic (i.e., the payload) is encapsulated with overlay encapsulation and sent over the physical network (the underlay), the underlay nodes (e.g., switches, routers) can lose the visibility into the type of application traffic being carried inside the tunnel header unless the nodes do the expensive operation of deep packet inspection on the packet. In absence of any application specific knowledge corresponding to the flows being transported through, underlay nodes are not required to do the application tracking or analytics in the physical network for the particular application(s), e.g., application specific cos policies, policy control, analytics collection can be difficult in the underlay nodes. Hence, this disclosure describes a method to solve the application identification problem on the underlay nodes in a layer-3 network.
One known solution is to identify the application ID in which the underlay networks have relied upon doing a deep packet inspection on every node in the path from the source to the destination. The problem with the deep packet inspection solutions are that 1) these are expensive operations, e.g., increased processing time or require new hardware, to do on a per-packet basis on every node involved in the path from the source to the destination, 2) the existing hardware in the network has to be capable of doing deep packet inspection otherwise hardware upgrade in the network is typically needed.