Abstract: A network device may create an encrypted packet and may duplicate the encrypted packet to create a plurality of encrypted packets that includes a first set of encrypted packets that is associated with a first receiving network device and a second set of encrypted packets that is to be associated with a second receiving network device. The network device may modify the second set of encrypted packets by replacing a first virtual destination address in the second set of the plurality of encrypted packets with a second virtual destination address that identifies a virtual tunnel endpoint of the second receiving network device. The network device may encapsulate and may send, based on the first virtual destination address and the second virtual destination address, individual encapsulated encrypted packets to the first receiving network device or the second receiving network device.

Abstract: A device may transmit a packet for communicating via a tunnel. The packet may be associated with a protocol. The device may determine that the packet has been dropped by a security device. The device may selectively encrypt, after determining that the packet has been dropped, the packet using a null encryption for transport layer security (TLS) or a combination of encryption associated with the protocol and TLS encryption to generate an encrypted packet. The device may transmit the encrypted packet for communicating via the tunnel.

Abstract: A network device may create an encrypted packet and may duplicate the encrypted packet to create a plurality of encrypted packets that includes a first set of encrypted packets that is associated with a first receiving network device and a second set of encrypted packets that is to be associated with a second receiving network device. The network device may modify the second set of encrypted packets by replacing a first virtual destination address in the second set of the plurality of encrypted packets with a second virtual destination address that identifies a virtual tunnel endpoint of the second receiving network device. The network device may encapsulate and may send, based on the first virtual destination address and the second virtual destination address, individual encapsulated encrypted packets to the first receiving network device or the second receiving network device.

Abstract: A device may transmit a packet for communicating via a tunnel. The packet may be associated with a protocol. The device may determine that the packet has been dropped by a security device. The device may selectively encrypt, after determining that the packet has been dropped, the packet using a null encryption for transport layer security (TLS) or a combination of encryption associated with the protocol and TLS encryption to generate an encrypted packet. The device may transmit the encrypted packet for communicating via the tunnel.

Abstract: A network node may receive a packet having an inner internet protocol (IP) header and an outer IP header. The inner IP header may be encrypted. A loose source routing (LSR) field of the outer IP header may identify a recipient address. The network node may determine, based on the recipient address identified in the LSR field, a tunnel endpoint associated with a receiving network node. The network node may update the outer IP header of the packet to obtain an updated packet with an updated outer IP header. A source address of the updated outer IP header may be updated to a tunnel endpoint associated with the network node, and the destination address of the updated outer IP header may be updated to a tunnel endpoint associated with the receiving network node. The network node may route the updated packet according to the updated outer IP header.

Abstract: A device may transmit a packet for communicating via a tunnel. The packet may be associated with a protocol. The device may determine that the packet has been dropped by a security device. The device may selectively encrypt, after determining that the packet has been dropped, the packet using a null encryption for transport layer security (TLS) or a combination of encryption associated with the protocol and TLS encryption to generate an encrypted packet. The device may transmit the encrypted packet for communicating via the tunnel.

Abstract: A network device may create an encrypted packet and may duplicate the encrypted packet to create a plurality of encrypted packets that includes a first set of encrypted packets that is associated with a first receiving network device and a second set of encrypted packets that is to be associated with a second receiving network device. The network device may modify the second set of encrypted packets by replacing a first virtual destination address in the second set of the plurality of encrypted packets with a second virtual destination address that identifies a virtual tunnel endpoint of the second receiving network device. The network device may encapsulate and may send, based on the first virtual destination address and the second virtual destination address, individual encapsulated encrypted packets to the first receiving network device or the second receiving network device.

Abstract: A network node may receive a packet having an inner internet protocol (IP) header and an outer IP header. The inner IP header may be encrypted. A loose source routing (LSR) field of the outer IP header may identify a recipient address. The network node may determine, based on the recipient address identified in the LSR field, a tunnel endpoint associated with a receiving network node. The network node may update the outer IP header of the packet to obtain an updated packet with an updated outer IP header. A source address of the updated outer IP header may be updated to a tunnel endpoint associated with the network node, and the destination address of the updated outer IP header may be updated to a tunnel endpoint associated with the receiving network node. The network node may route the updated packet according to the updated outer IP header.

Abstract: A network node may receive a packet having an inner internet protocol (IP) header and an outer IP header. The inner IP header may be encrypted. A loose source routing (LSR) field of the outer IP header may identify a recipient address. The network node may determine, based on the recipient address identified in the LSR field, a tunnel endpoint associated with a receiving network node. The network node may update the outer IP header of the packet to obtain an updated packet with an updated outer IP header. A source address of the updated outer IP header may be updated to a tunnel endpoint associated with the network node, and the destination address of the updated outer IP header may be updated to a tunnel endpoint associated with the receiving network node. The network node may route the updated packet according to the updated outer IP header.