CPC H04L 63/0236 (2013.01) [H04L 45/74 (2013.01); H04L 61/251 (2013.01); H04L 63/1466 (2013.01)] | 20 Claims |
1. A method, comprising:
receiving, by a network device, Internet protocol version 6 (IPv6) fragments of a flow,
wherein source and/or destination port information is encoded into an identification number of an IPv6 fragment header of each of the IPv6 fragments;
extracting, by the network device, the source and/or destination port information from the IPv6 fragments;
performing, by the network device, a spoof check of the IPv6 fragments;
dropping, by the network device, any of the IPv6 fragments that fail the spoof check, to generate remaining IPv6 fragments;
translating, by the network device, the remaining IPv6 fragments into IP version 4 (IPv4) fragments based on the source and/or destination port information; and
forwarding, by the network device, the IPv4 fragments toward an IPv4 cloud network.
|