公开(公告)号：US11570011B2

公开(公告)日：2023-01-31

申请号：US17141226

申请日：2021-01-05

Applicant: VMware, Inc.

Inventor： Dexiang Wang ,  Xinhua Hong ,  Yong Wang ,  Yu Ying ,  Jochen Behrens

IPC: H04L12/28 ,  H04L12/18 ,  H04L67/568

Abstract: Example methods and systems for multicast packet handling based on flow cache information are described. In one example, a network element may configure flow cache information associated with a multicast flow. The flow cache information may specify a set of actions that is configured based on a sequence of function calls. In response to detecting a multicast packet associated with the multicast flow, fast-path processing may be performed based on the flow cache information. This may include executing a replication action to generate a first packet replica and a second packet replica. First processing action(s) may be executed to process the first packet replica to generate and send a first output packet towards a first multicast destination. Second processing action(s) may be executed to process the second packet replica to generate and send a first output packet towards a second multicast destination.

公开(公告)号：US11258655B2

公开(公告)日：2022-02-22

申请号：US16212170

申请日：2018-12-06

Applicant: VMware, Inc.

Inventor： Zhen Mo ,  Dexiang Wang ,  Bin Zan ,  Vijay Ganti ,  Amit Chopra ,  Ruimin Sun

IPC: H04L12/24 ,  G06F9/455

Abstract: A method for managing alarms in a virtual machine environment includes receiving alarm data related to a process and storing the alarm data in a database, where the alarm data comprises one or more features. The method further includes retrieving intended state information for the process and comparing the one more features of the alarm data to the intended state information to determine whether the alarm is an outlier. The method also includes computing a normal score for the alarm if the alarm is not an outlier, and computing an abnormal score for the alarm if the alarm is an outlier. The method also includes sending a notification for the alarm and the computed score.

公开(公告)号：US11252070B2

公开(公告)日：2022-02-15

申请号：US16154729

申请日：2018-10-09

Applicant: VMware, Inc.

Inventor： Dexiang Wang ,  Yong Wang ,  Peng Li ,  Sreeram Ravinoothala ,  Xinghua Hu

IPC: H04L12/26 ,  H04L12/931 ,  G06F9/455 ,  H04L12/715

Abstract: Example methods are provided for a network device to perform adaptive polling in a software-defined networking (SDN) environment. One example method may comprise: operating in a polling mode at a current polling round to detect zero or more packets that require packet processing by the network device. The method may also comprise: determining packet characteristic information associated with multiple polling rounds that include the current polling round and one or more previous polling rounds; and based on the packet characteristic information, determining whether a resource performance condition associated with the network device is satisfied. In response to determination that the resource performance condition is satisfied, the network device may operate in the polling mode at a subsequent polling round; but otherwise, switch from the polling mode to an interrupt mode.

公开(公告)号：US11206212B2

公开(公告)日：2021-12-21

申请号：US16715247

申请日：2019-12-16

Applicant: VMware, Inc.

Inventor： Xinhua Hong ,  Yong Wang ,  Jia Yu ,  Dexiang Wang

IPC: H04L12/713 ,  H04L12/66 ,  H04L12/46 ,  H04L12/931 ,  H04L12/751 ,  H04L12/715

Abstract: The disclosure provides an approach for routing traffic in a network. Embodiments include receiving, by a service router of an edge services gateway (ESG), a packet comprising a virtual network identifier (VNI) and a virtual local area network (VLAN) identifier. Embodiments include sending, by the service router, the packet to a virtual switch of the ESG based on the VNI of the packet. Embodiments include determining, by the virtual switch, a virtual routing and forwarding (VRF) router of the ESG for the packet based on the VLAN identifier. Embodiments include forwarding, by the virtual switch, the packet to the VRF router.

公开(公告)号：US11799784B2

公开(公告)日：2023-10-24

申请号：US17569276

申请日：2022-01-05

Applicant: VMware, Inc.

Inventor： Dexiang Wang ,  Sreeram Kumar Ravinoothala ,  Yong Wang ,  Jerome Catrouillet

IPC: H04L47/2416 ,  H04L47/2425 ,  H04L43/0888 ,  H04L47/122 ,  H04L47/78 ,  H04L47/125

CPC classification number: H04L47/2416 ,  H04L43/0888 ,  H04L47/122 ,  H04L47/125 ,  H04L47/2433 ,  H04L47/781

Abstract: A network system that implements quality of service (QoS) by rate limiting at a logical network entity is provided. The logical network entity includes multiple transport nodes for transporting network traffic in and out of the logical network entity. The system monitors traffic loads of the multiple transport nodes of the logical network entity. The system allocates a local CR and a local BS to each of the multiple transport nodes. The allocated local CR and the local BS are determined based on the CR and BS parameters of the logical network entity and based on the monitored traffic loads. Each transport node of the logical network entity in turn controls an amount of data being processed by the transport node based on a token bucket value that is computed based on the local CR and the local BS of the transport node.

公开(公告)号：US20220376952A1

公开(公告)日：2022-11-24

申请号：US17880899

申请日：2022-08-04

Applicant: VMware, Inc.

Inventor： Dexiang Wang ,  Jia Yu ,  Jayant Jain ,  Mike Parsa ,  Haihua Luo

IPC: H04L12/66 ,  H04L9/40 ,  H04L45/24 ,  H04L49/25

Abstract: Some embodiments of the invention provide novel methods for providing a stateful service at a network edge device (e.g., an NSX edge) that has a plurality of north-facing interfaces (e.g., interfaces to an external network) and a plurality of corresponding south-facing interfaces (e.g., interfaces to a logical network). A set of interfaces on each side of the network edge device for a set of equal cost paths, in some embodiments, are bonded together in the network edge device to correspond to a single interface on either side of a logical bridge including at least one logical switch providing a stateful service implemented by the network edge device. The bond is implemented, in some embodiments, by a bonding module executing on the network edge device that maintains a mapping between ingress and egress interfaces to allow deterministic forwarding through the network edge device in the presence of bonded interfaces.

公开(公告)号：US11082354B2

公开(公告)日：2021-08-03

申请号：US16439689

申请日：2019-06-12

Applicant: VMware, Inc.

Inventor： Dexiang Wang ,  Eduard Serra Miralles ,  Yong Wang ,  Mani Kancherla ,  Binggang Liu

IPC: H04L12/873 ,  H04L12/12

Abstract: Example methods and systems for adaptive polling. One example may comprise operating in a polling mode to poll, from a network interface, zero or more packets that require packet processing by the network device. The method may also comprise: in response to detecting a non-zero polling round, adjusting a polling parameter to delay switching from the polling mode to a sleep mode. The method may further comprise: in response to detecting a zero polling round and determining that a switch condition is satisfied, adjusting a sleep parameter associated with the sleep mode based on traffic characteristic information associated with one or more polling rounds; and switching from the polling mode to the sleep mode in which polling from the network interface is halted based on the sleep parameter.

公开(公告)号：US11411777B2

公开(公告)日：2022-08-09

申请号：US16742633

申请日：2020-01-14

Applicant: VMware, Inc.

Inventor： Dexiang Wang ,  Jia Yu ,  Jayant Jain ,  Mike Parsa ,  Haihua Luo

IPC: H04L12/66 ,  H04L9/40 ,  H04L45/24 ,  H04L49/25

Abstract: Some embodiments of the invention provide novel methods for providing a stateful service at a network edge device (e.g., an NSX edge) that has a plurality of north-facing interfaces (e.g., interfaces to an external network) and a plurality of corresponding south-facing interfaces (e.g., interfaces to a logical network). A set of interfaces on each side of the network edge device for a set of equal cost paths, in some embodiments, are bonded together in the network edge device to correspond to a single interface on either side of a logical bridge including at least one logical switch providing a stateful service implemented by the network edge device. The bond is implemented, in some embodiments, by a bonding module executing on the network edge device that maintains a mapping between ingress and egress interfaces to allow deterministic forwarding through the network edge device in the presence of bonded interfaces.

公开(公告)号：US10860712B2

公开(公告)日：2020-12-08

申请号：US16032349

申请日：2018-07-11

Applicant: VMware, Inc.

Inventor： Zhen Mo ,  Dexiang Wang ,  Bin Zan ,  Vijay Ganti ,  Amit Chopra

IPC: G06F21/55 ,  G06F9/455 ,  G06F21/57

Abstract: A virtual computing instance (VCI) is protected against security threats by a security manager, monitoring a behavior of a VCI over an observation period. The method further includes, storing by the security manager a digital profile in a first database, wherein the digital profile comprises information indicative of the behavior. The method further includes, accessing by a detection system, the digital profile from the first database, and accessing by the detection system, an intended state associated with VCI, wherein the intended state comprises information indicative of a behavior from a second VCI. The method further includes, comparing at least part of the digital profile to the at least part of the intended state. The method further includes, determining by the detection system, that the VCI contains a security threat when information indicative of a behavior in the digital profile is an outlier.

公开(公告)号：US11671358B2

公开(公告)日：2023-06-06

申请号：US17456054

申请日：2021-11-22

Applicant: VMware, Inc.

Inventor： Xinhua Hong ,  Yong Wang ,  Jia Yu ,  Dexiang Wang

IPC: H04L45/586 ,  H04L12/66 ,  H04L12/46 ,  H04L49/354 ,  H04L45/02 ,  H04L45/64

CPC classification number: H04L45/586 ,  H04L12/4645 ,  H04L12/66 ,  H04L45/02 ,  H04L45/64 ,  H04L49/354 ,  H04L12/4633

Abstract: The disclosure provides an approach for routing traffic in a network. Embodiments include receiving, by a service router of an edge services gateway (ESG), a packet comprising a virtual network identifier (VNI) and a virtual local area network (VLAN) identifier. Embodiments include sending, by the service router, the packet to a virtual switch of the ESG based on the VNI of the packet. Embodiments include determining, by the virtual switch, a virtual routing and forwarding (VRF) router of the ESG for the packet based on the VLAN identifier. Embodiments include forwarding, by the virtual switch, the packet to the VRF router.