公开(公告)号：US11843575B2

公开(公告)日：2023-12-12

申请号：US16717009

申请日：2019-12-17

Applicant: Citrix Systems, Inc.

Inventor： Mohit Prakash Saxena

IPC: H04L61/2557 ,  H04L61/2514 ,  H04L61/4511 ,  G06F9/54 ,  H04L9/40

CPC classification number: H04L61/2557 ,  G06F9/54 ,  H04L61/2514 ,  H04L61/4511 ,  H04L63/02

Abstract: The present disclosure is directed towards systems and methods for transmitting data packets to a software container executing on a host computing device. A network service can be enabled within a software container established on the host computing device. A data packet of a request formatted according to the network service can be received via a first port of a first subnetwork assigned to the host computing device. The data packet can be forwarded to a second port assigned to the software container, responsive to a network address translation rule associating the second port assigned to the software container with the first port of the host computing device. The second port can be a port of a second subnetwork assigned to the software container. The data packet can be processed according to the network service within the software container.

公开(公告)号：US10320696B2

公开(公告)日：2019-06-11

申请号：US15443835

申请日：2017-02-27

Applicant: Citrix Systems, Inc.

Inventor： Ashwin Jagadish ,  Saravana Annamalaisami ,  Muthukumar Shunmugiah ,  Mohit Prakash Saxena

IPC: H04L12/805 ,  H04L29/08 ,  H04L12/46

Abstract: Systems and methods of providing fine grained control over MSS values of transport layer connections. A device intermediary to a plurality of clients and a plurality of servers can identify a first MSS value based on a MTU value of a VLAN interface responsive to a request to establish a transport layer connection. Device determines that a MSS value of the VLAN is less than the first MSS value. Device updates, responsive to the determination, the first MSS value to a second MSS value corresponding to the MSS value of the VLAN. Device determines that an MSS value specified by a profile configured for a virtual server of the device is less than the second MSS value. Device updates the second MSS value to the MSS value of the profile responsive to determining that the MSS value specified by the profile is less than the second MSS value.

公开(公告)号：US09894008B2

公开(公告)日：2018-02-13

申请号：US14464585

申请日：2014-08-20

Applicant: Citrix Systems, Inc.

Inventor： Mohit Prakash Saxena ,  Ramanjaneyulu Y Talla ,  Saravana Annamalaisami ,  Ashwin Jagadish ,  Muthukumar Shunmugiah

IPC: H04L12/863 ,  H04L12/935 ,  H04L12/805

CPC classification number: H04L47/6295 ,  H04L47/365 ,  H04L47/628 ,  H04L49/3072

Abstract: This disclosure is directed generally to systems and methods for implementation of Jumbo frames in an existing network stack. In some embodiments, a connection handler of a device receives data having a size greater than an Ethernet frame size. That data includes header data and payload data. The device partitions the data into segments including a first segment and a second segment. The first segment includes the header data and a first portion of the payload data, while the second segment includes a second portion of the payload data. The device stores the first and second segments in first and second network buffers, respectively, of a pool of network buffers. The device forms a packet chain of the first and second network buffers having a size greater than the Ethernet frame size. The device transmits the packet chain via a network connection.

公开(公告)号：US20210399966A1

公开(公告)日：2021-12-23

申请号：US16984575

申请日：2020-08-04

Applicant: Citrix Systems, Inc.

Inventor： Saravanan Jayaraman ,  Mohit Prakash Saxena ,  Jyotheesh Rao Kurma ,  Pulkit Gupta

IPC: H04L12/26 ,  H04L12/823 ,  H04L29/08 ,  H04L12/935

Abstract: Described embodiments provide systems and methods for upgrading user space networking stacks without disruptions to network traffic. A first packet engine can read connection information of existing connections of a second packet engine written to a shared memory region by the second packet engine. The first packet engine can establish one or more virtual connections according to the connection information of existing connections of the second packet engine. Each of the first packet engine and the second packet engine can receive mirrored traffic data. The first packet engine can receive a first packet and determine that the first packet is associated with a virtual connection corresponding to an existing connection of the second packet engine. The first packet engine can drop the first packet responsive to the determination that the first packet is associated with the virtual connection.

公开(公告)号：US20170230300A1

公开(公告)日：2017-08-10

申请号：US15443835

申请日：2017-02-27

Applicant: Citrix Systems, Inc.

Inventor： Ashwin Jagadish ,  Saravana Annamalaisami ,  Muthukumar Shunmugiah ,  Mohit Prakash Saxena

IPC: H04L12/805 ,  H04L29/08 ,  H04L12/46

CPC classification number: H04L47/365 ,  H04L12/4641 ,  H04L69/326

Abstract: Systems and methods of providing fine grained control over MSS values of transport layer connections. A device intermediary to a plurality of clients and a plurality of servers can identify a first MSS value based on a MTU value of a VLAN interface responsive to a request to establish a transport layer connection. Device determines that a MSS value of the VLAN is less than the first MSS value. Device updates, responsive to the determination, the first MSS value to a second MSS value corresponding to the MSS value of the VLAN. Device determines that an MSS value specified by a profile configured for a virtual server of the device is less than the second MSS value. Device updates the second MSS value to theMSS value of the profile responsive to determining that the MSS value specified by the profile is less than the second MSS value.

公开(公告)号：US20160057067A1

公开(公告)日：2016-02-25

申请号：US14463234

申请日：2014-08-19

Applicant: CITRIX SYSTEMS, INC.

Inventor： Ashwin Jagadish ,  Saravana Annamalaisami ,  Muthukumar Shunmugiah ,  Mohit Prakash Saxena

IPC: H04L12/805 ,  H04L12/46

CPC classification number: H04L47/365 ,  H04L12/4641

Abstract: Systems and methods of providing fine grained control over MSS values of transport layer connections. A device intermediary to a plurality of clients and a plurality of servers can identify a first MSS value based on a MTU value of a VLAN interface responsive to a request to establish a transport layer connection. Device determines that a MSS value of the VLAN is less than the first MSS value. Device updates, responsive to the determination, the first MSS value to a second MSS value corresponding to the MSS value of the VLAN. Device determines that an MSS value specified by a profile configured for a virtual server of the device is less than the second MSS value. Device updates the second MSS value to the MSS value of the profile responsive to determining that the MSS value specified by the profile is less than the second MSS value.

Abstract translation: 对传输层连接的MSS值提供细粒度控制的系统和方法。 响应于建立传输层连接的请求，多个客户端和多个服务器的设备中介可以基于VLAN接口的MTU值来识别第一MSS值。 设备确定VLAN的MSS值小于第一个MSS值。 设备更新响应于确定，将第一个MSS值更新为与该VLAN的MSS值对应的第二个MSS值。 设备确定由为设备的虚拟服务器配置的配置文件指定的MSS值小于第二个MSS值。 响应于确定由配置文件指定的MSS值小于第二MSS值，设备将第二MSS值更新为配置文件的MSS值。

公开(公告)号：US20220360531A1

公开(公告)日：2022-11-10

申请号：US17315799

申请日：2021-05-10

Applicant: Citrix Systems, Inc.

Inventor： Harihara Sudhan ,  Mohit Prakash Saxena ,  Saravanan Jayaraman

IPC: H04L12/803 ,  H04L12/853 ,  H04L12/923 ,  H04L12/911 ,  H04L12/801

Abstract: Systems and methods of vertical auto-scaling a networking stack by adjusting the number of packet engines executing on a device are provided. A device intermediary to clients and servers executes first packet engines to process network traffic of a first set of connections. The device determines to adjust the number of packet engines executing on the device based on trigger parameters. The device activates second packet engines to process network traffic for a second set of connections. The device mirrors the network traffic from the first and second set of connections. The first packet engines reject the traffic from the second connections, and the second packet engines reject the traffic from the first connections. The device deactivates the first packet engines when the first connections timeout.

公开(公告)号：US11477102B2

公开(公告)日：2022-10-18

申请号：US16984575

申请日：2020-08-04

Applicant: Citrix Systems, Inc.

Inventor： Saravanan Jayaraman ,  Mohit Prakash Saxena ,  Jyotheesh Rao Kurma ,  Pulkit Gupta

IPC: H04L43/0876 ,  H04L49/00 ,  H04L67/143 ,  H04L47/32 ,  H04L45/00 ,  H04L45/586 ,  H04L41/082 ,  H04L41/08 ,  H04L41/084

Abstract: Described embodiments provide systems and methods for upgrading user space networking stacks without disruptions to network traffic. A first packet engine can read connection information of existing connections of a second packet engine written to a shared memory region by the second packet engine. The first packet engine can establish one or more virtual connections according to the connection information of existing connections of the second packet engine. Each of the first packet engine and the second packet engine can receive mirrored traffic data. The first packet engine can receive a first packet and determine that the first packet is associated with a virtual connection corresponding to an existing connection of the second packet engine. The first packet engine can drop the first packet responsive to the determination that the first packet is associated with the virtual connection.

公开(公告)号：US20180205652A1

公开(公告)日：2018-07-19

申请号：US15406264

申请日：2017-01-13

Applicant: Citrix Systems, Inc.

Inventor： Mohit Prakash Saxena

IPC: H04L12/741 ,  H04L12/725 ,  H04L29/12

Abstract: The present disclosure is directed towards systems and methods for transmitting data packets to a software container executing on a host computing device. A network service can be enabled within a software container established on the host computing device. A data packet of a request formatted according to the network service can be received via a first port of a first subnetwork assigned to the host computing device. The data packet can be forwarded to a second port assigned to the software container, responsive to a network address translation rule associating the second port assigned to the software container with the first port of the host computing device. The second port can be a port of a second subnetwork assigned to the software container. The data packet can be processed according to the network service within the software container.

公开(公告)号：US20160057070A1

公开(公告)日：2016-02-25

申请号：US14464585

申请日：2014-08-20

Applicant: Citrix Systems, Inc.

Inventor： Mohit Prakash Saxena ,  Ramanjaneyulu Y. Talla ,  Saravana Annamalaisami ,  Ashwin Jagadish ,  Muthukumar Shunmugiah

IPC: H04L12/863 ,  H04L12/805

CPC classification number: H04L47/6295 ,  H04L47/365 ,  H04L47/628 ,  H04L49/3072

Abstract: This disclosure is directed generally to systems and methods for implementation of Jumbo frames in an existing network stack. In some embodiments, a connection handler of a device receives data having a size greater than an Ethernet frame size. That data includes header data and payload data. The device partitions the data into segments including a first segment and a second segment. The first segment includes the header data and a first portion of the payload data, while the second segment includes a second portion of the payload data. The device stores the first and second segments in first and second network buffers, respectively, of a pool of network buffers. The device forms a packet chain of the first and second network buffers having a size greater than the Ethernet frame size. The device transmits the packet chain via a network connection.

Abstract translation: 本公开一般涉及用于在现有网络堆栈中实现巨型帧的系统和方法。 在一些实施例中，设备的连接处理器接收尺寸大于以太网帧大小的数据。 该数据包括报头数据和有效载荷数据。 该设备将数据分割成包括第一段和第二段的段。 第一段包括报头数据和有效载荷数据的第一部分，而第二段包括有效载荷数据的第二部分。 该设备将第一和第二段分别存储在网络缓冲器池的第一和第二网络缓冲器中。 该设备形成具有大于以太网帧大小的大小的第一和第二网络缓冲器的分组链。 该设备通过网络连接传输分组链。