Abstract: Method for Internet Protocol Payload Compression (IPComp) and Large Send is described. More particularly, a Large Send initiated by a computer is used to trigger an IPComp negotiation. After agreement on IPComp, data blocks for such a Large Send are compressed in accordance with an agreed upon compression algorithm prior to being divided up into smaller blocks, such as being divided by a maximum transmission unit, for sending. To further improve performance, a intelligent network interface with Large Send and IPComp capabilities is used for offloading Large Send and IPComp functions.

Abstract: Method and apparatus for integration of network address translation and source address security, including, but not limited to, determining whether a gateway computer is integrated for network address translation and source address security, is described. A client computer requests a first address from the gateway computer and then requests a second address from the gateway computer. The latter request is done with a different client identifier that is nearly equivalent, except for one bit, to the client identifier used for the prior address request. If the gateway computer is integrated for network address translation and source address security, in response to the latter request a public address will be provided from the gateway computer to the client computer.

Abstract: Method and apparatus for enhanced security for communication over a network, and more particularly to Network Address Translation (NAT) integration Internet Protocol Security (IPSec), is described. A client computer makes a second address request in order to prompt an address server to provide a public address. This address, recorded in a mapping table accessible by a gateway computer. This public address is used as a source address for packets from a client using IPSec. When the gateway computer identifies a packet's source address as one of it's public addresses, NAT is suspended for this packet, and the packet is routed without NAT. Incoming traffic is routed using the mapping table.

Abstract: Method and apparatus for Internet Protocol Security (IPSec) and Network Address Translation (NAT) integration is described. A client obtains a public address from a gateway for IPSec communication. A mapping table is used to form associations between a local address for the client and a destination address for a peer, an Internet Security Association and Key Management Protocol (ISAKMP) Initiator Cookie and a Security Parameters Index associated with communication between the client and the peer. Incoming and outgoing routing may be done at the gateway using the mapping table.

Abstract: Method and apparatus for enhanced security for communication over a network, and more particularly to control of security protocol negotiation to enable multiple clients to establish a virtual private network connection with a same remote address, is described. A mapping table accessible by a gateway computer is used to form associations between a local address for the client and a destination address for a peer and a Security Parameters Index associated with IPSec-protected traffic from the peer. When a packet is received at the gateway from a client it is checked to determine if it is an Internet Key Exchange (IKE) packet, whether an IKE session has already been recorded from this client in the mapping table for the destination address in the IKE packet, whether a Security Parameters Index has been observed in the clear from a remote computer associated with the destination address.

Abstract: A method and system for directing transmission of internetwork packet exchange (IPX) control packets to influence reception of IPX data packets. Specifically, one embodiment of the present invention includes a method for directing transmission of an internetwork packet exchange (IPX) control packet. The method includes the step of determining a primary NIC from a plurality of NICs of a server computer system. Additionally, the method includes the step of recognizing an IPX control packet before the IPX control packet is transmitted over a network. Furthermore, the method includes the step of directing the IPX control packet to be transmitted over the network by the primary NIC.

Abstract: Method and apparatus for Internet Protocol Security (IPSec) and Network Address Translation (NAT) integration is described. A client obtains a public address from a gateway for IPSec communication. A mapping table is used to form associations between a local address for the client and a destination address for a peer, an Internet Security Association and Key Management Protocol (ISAKMP) Initiator Cookie and a Security Parameters Index associated with communication between the client and the peer. Incoming and outgoing routing may be done at the gateway using the mapping table.

Abstract: Method and apparatus for enhanced security for communication over a network, and more particularly to Network Address Translation (NAT) integration Internet Protocol Security (IPSec), is described. A client computer makes a second address request in order to prompt an address server to provide a public address. This address, recorded in a mapping table accessible by a gateway computer. This public address is used as a source address for packets from a client using IPSec. When the gateway computer identifies a packet's source address as one of it's public addresses, NAT is suspended for this packet, and the packet is routed without NAT. Incoming traffic is routed using the mapping table.

Abstract: Method and apparatus for integration of network address translation and source address security, including, but not limited to, determining whether a gateway computer is integrated for network address translation and source address security, is described. A client computer requests a first address from the gateway computer and then requests a second address from the gateway computer. The latter request is done with a different client identifier that is nearly equivalent, except for one bit, to the client identifier used for the prior address request. If the gateway computer is integrated for network address translation and source address security, in response to the latter request a public address will be provided from the gateway computer to the client computer.

Abstract: Method and apparatus for enhanced security for communication over a network, and more particularly to control of security protocol negotiation to enable multiple clients to establish a virtual private network connection with a same remote address, is described. A mapping table accessible by a gateway computer is used to form associations between a local address for the client and a destination address for a peer and a Security Parameters Index associated with IPSec-protected traffic from the peer. When a packet is received at the gateway from a client it is checked to determine if it is an Internet Key Exchange (IKE) packet, whether an IKE session has already been recorded from this client in the mapping table for the destination address in the IKE packet, whether a Security Parameters Index has been observed in the clear from a remote computer associated with the destination address.

Abstract: A method to send and receive data packets over a network of computer systems (e.g., a plurality of virtual local area networks [VLANs] compliant with the IEEE 802.1Q standard) using a server computer system adapted to have a plurality of network interface cards (NICs) coupled thereto. An outgoing data packet is addressed using a first media access control (MAC) address, wherein the first MAC address is a virtual MAC address representing the plurality of NICs. A NIC is selected from the plurality of NICs using a load balancing scheme. The functionality of the selected NIC is verified using a fault tolerance scheme. The first MAC address in the outgoing data packet is replaced with a second MAC address, wherein the second MAC address represents the selected NIC. The outgoing data packet is then transmitted using the selected NIC. For an incoming data packet received at one of the plurality of NICs, the existing MAC address in the incoming data packet is replaced with the first MAC address.