公开(公告)号：US09923829B1

公开(公告)日：2018-03-20

申请号：US15010203

申请日：2016-01-29

Applicant: F5 Networks, Inc.

Inventor： Tao Liu ,  Song Bo Zheng

IPC: H04L1/00 ,  H04L12/803 ,  H04L29/06 ,  H04L29/08

CPC classification number: H04L47/125 ,  H04L63/0892 ,  H04L67/1025 ,  H04L67/1029 ,  H04L67/1036 ,  H04L67/28 ,  H04L69/16 ,  H04L69/24 ,  H04W28/08

Abstract: A traffic management device (TMD), system, and processor-readable storage medium directed towards automatically configuring an AAA proxy device (also referred to herein as “the proxy”) to load-balance AAA request messages across a plurality of AAA server devices. In one embodiment the proxy receives an AAA handshake message from an AAA client device. The proxy forwards the handshake message to each of the plurality of server devices and, in reply, receives an AAA handshake response message from each of the plurality of server devices. The proxy extracts attributes from each of the handshake response messages and automatically configures itself based on the extracted attributes. The proxy then load-balances, modifies and/or routes subsequently received AAA request messages based on the extracted attributes.

公开(公告)号：US09887932B1

公开(公告)日：2018-02-06

申请号：US14673159

申请日：2015-03-30

Applicant: Amazon Technologies, Inc.

Inventor： Hardeep Singh Uppal ,  Prashanth Acharya ,  Craig Wesley Howard

IPC: H04L12/911 ,  H04L12/917 ,  H04L12/26 ,  H04L29/12 ,  H04L29/08

CPC classification number: H04L47/76 ,  H04L43/16 ,  H04L61/1511 ,  H04L67/10 ,  H04L67/1036 ,  H04L67/322

Abstract: A system, method, and computer-readable medium for point of presence (POP) based traffic surge detection and mitigation are provided. The system detects a traffic surge for a target group of resources directed at a source POP based on the target group's rank shifts and volume changes among recent time intervals. The system mitigates the detected traffic surge by identifying destination POPs with spare capacity and routing at least a portion of incoming requests for the target group of resources to the destination POPs in accordance with their spare capacities.

公开(公告)号：US20170353544A1

公开(公告)日：2017-12-07

申请号：US15174710

申请日：2016-06-06

Applicant: Verizon Patent and Licensing Inc.

Inventor： Shailan LALA ,  Thomas B. EDGAR ,  Kalanithi SRINIVASAN

IPC: H04L29/08 ,  H04L12/24 ,  H04L12/26 ,  H04L12/703

CPC classification number: H04L67/1036 ,  H04L41/0654 ,  H04L43/0817 ,  H04L43/0876 ,  H04L45/28 ,  H04L47/125 ,  H04L67/1034 ,  H04L69/40

Abstract: A device may monitor a status of a first data center of a group of data centers. The device may determine, based on the status of the first data center, to cause a failover from the first data center to a second data center. The device may cause a domain name server (DNS) configuration, associated with an external DNS, to be and a set of DNS entries, associated with an internal DNS, to be altered to cause a portion of the network traffic, respectively associated with a first network and a second network of the plurality of networks, to be routed the second data center. The device may cause a load balancer configuration to be altered to cause a portion of the network traffic associated with a third network of the plurality of networks to be redirected from the first data center to the second data center.

公开(公告)号：US20170222984A1

公开(公告)日：2017-08-03

申请号：US15486967

申请日：2017-04-13

Applicant: Citrix Systems, Inc.

Inventor： Tushar Kanekar

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/06 ,  H04L29/08

CPC classification number: H04L63/166 ,  H04L9/3268 ,  H04L9/3271 ,  H04L9/3297 ,  H04L63/0464 ,  H04L63/0471 ,  H04L63/0485 ,  H04L63/0823 ,  H04L63/0876 ,  H04L63/101 ,  H04L67/02 ,  H04L67/1002 ,  H04L67/1027 ,  H04L67/1036 ,  H04L67/146 ,  H04L69/162 ,  H04L2209/043 ,  H04L2209/30 ,  H04L2209/56 ,  H04L2209/60 ,  H04L2209/76 ,  H04L2209/80

Abstract: The present invention is directed towards systems and methods for managing SSL session persistence and reuse in a multi-core system. A first core may indicate that an SSL session established by the first core is non-resumable. Responsive to the indication, the core may set an indicator at a location in memory accessible by each core of the multi-core system, the indicator indicating that the SSL session is non-resumable. A second core of the multi-core system may receive a request to reuse the SSL session. The request may include a session identifier of the SSL session. In addition, the session identifier may identify the first core as an establisher of the SSL session. The second core can identify from encoding of the session identifier whether the second core is not the establisher of the SSL session. Responsive to the identification, the second core may determine whether to resume the SSL session.

公开(公告)号：US09667590B2

公开(公告)日：2017-05-30

申请号：US14144144

申请日：2013-12-30

Applicant: CELLCO PARTNERSHIP

Inventor： Lixia Yan ,  Ho Yin Cheuk ,  Ravikumar Pattabiraman

IPC: G06F15/16 ,  H04L29/12 ,  H04L29/08

CPC classification number: H04L61/1511 ,  H04L61/2007 ,  H04L61/301 ,  H04L61/305 ,  H04L61/6095 ,  H04L67/1002 ,  H04L67/1031 ,  H04L67/1036 ,  H04L67/28

Abstract: Systems and methods for APN-based DNS query resolution for wireless data networks are disclosed. Some implementations include receiving a domain name system (DNS) query for a domain name from a device having a source IP address, the DNS query being associated with an access point name, determining whether the source IP address is within a predetermined IP address range, upon determining the source IP address is within the predetermined IP address range, updating the DNS query to include an updated domain name unique to the predetermined IP address range, forwarding the updated DNS query to a DNS server for resolution, receiving an IP address corresponding to the updated DNS query from the DNS server, the IP address being different from an IP address associated with the DNS query, and providing the device with the IP address corresponding to the updated DNS query.

公开(公告)号：US20160330185A1

公开(公告)日：2016-11-10

申请号：US15148856

申请日：2016-05-06

Applicant: CLOUDFLARE, INC.

Inventor： Daniel Morsing ,  Marek Majkowski ,  Nicholas Thomas Sullivan ,  Olafur Gudmundsson

IPC: H04L29/06 ,  H04L29/12

CPC classification number: H04L63/08 ,  H04L61/1511 ,  H04L63/12 ,  H04L67/10 ,  H04L67/1036 ,  H04L67/42

Abstract: A DNS server receives, from a client device, a DNS query for a resource record type at a domain name. The DNS server determines that the resource record type does not exist at the domain name and generates an answer that indicates that the queried resource record type does not exist at the domain name and also indicates that a plurality of other resource record types exist at the domain name regardless of whether those plurality of other resource record types actually exist at the domain name. The DNS server transmits the generated answer to the client device.

Abstract translation: DNS服务器从客户端设备收到域名下资源记录类型的DNS查询。 DNS服务器确定资源记录类型在域名中不存在，并生成一个答案，该答案表示查询的资源记录类型在域名中不存在，并且还指示域上存在多个其他资源记录类型 不管这些多个其他资源记录类型是否实际存在于域名上。 DNS服务器将生成的答案发送给客户端设备。

公开(公告)号：US09479476B2

公开(公告)日：2016-10-25

申请号：US13419233

申请日：2012-03-13

Applicant: David R. Richardson ,  John Cormie ,  Bradley E. Marshall ,  Elmore Eugene Pope ,  Swaminathan Sivasubramanian

Inventor： David R. Richardson ,  John Cormie ,  Bradley E. Marshall ,  Elmore Eugene Pope ,  Swaminathan Sivasubramanian

IPC: H04L29/06 ,  H04L29/12 ,  H04L29/08

CPC classification number: H04L61/301 ,  H04L29/12066 ,  H04L61/1511 ,  H04L67/1002 ,  H04L67/1036 ,  H04L67/327

Abstract: A system, method and computer-readable medium for request routing. A client request processing a resource identifier for requested content transmits a first DNS query to a content delivery network service provider. The content delivery network service provider transmits an alternative resource identifier in response to the client computing device DNS query. The client computing device then issues a second DNS query to the same content delivery network service provider. The content delivery network service provider can then either resolve the second DNS query with an IP address of a cache component or transmit another alternative resource identifier that will resolve to the content delivery network service provider. The process can repeat with the content delivery network service provider's network until a DNS server resolves a DNS query from the client computing device.

Abstract translation: 用于请求路由的系统，方法和计算机可读介质。 处理所请求内容的资源标识符的客户端请求向内容传送网络服务提供商发送第一DNS查询。 内容传送网络服务提供商响应于客户端计算设备DNS查询传输替代资源标识符。 客户端计算设备然后向相同的内容传送网络服务提供商发出第二DNS查询。 然后，内容传送网络服务提供商可以用缓存组件的IP地址来解析第二DNS查询，或者传送将解析到内容传送网络服务提供商的另一备用资源标识符。 该过程可以与内容传递网络服务提供商的网络重复，直到DNS服务器从客户端计算设备解析DNS查询。

公开(公告)号：US20160308961A1

公开(公告)日：2016-10-20

申请号：US15100691

申请日：2014-12-27

Applicant: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED

Inventor： Ming RAO

IPC: H04L29/08

CPC classification number: H04L67/1036 ,  H04L67/1012 ,  H04L67/1029

Abstract: A network system for allocating service nodes to a user terminal to login a network may comprises a gateway node, a plurality of service nodes, a sampling terminal, a gateway node, and a login node. The system may receive service nodes information of the plurality of service nodes from the sampling terminal; obtain from the sampling terminal network quality sampling data associating with each of the plurality of service nodes; identify the gateway node corresponding to the sampling terminal; select a plurality of candidate service nodes from the plurality of service nodes based on the network quality sampling data; obtain network quality parameters between each of the plurality of candidate service node and the gateway node; select a target service node from the plurality of candidate service nodes based on the network quality sampling data and the candidate node network quality parameters; and allocate the target service node to the gateway node.

Abstract translation: 用于向用户终端分配服务节点以登录网络的网络系统可以包括网关节点，多个服务节点，采样终端，网关节点和登录节点。 系统可以从采样终端接收多个业务节点的业务节点信息; 从所述采样终端网络获取与所述多个服务节点中的每一个相关联的质量采样数据; 识别与采样终端对应的网关节点; 基于所述网络质量采样数据从所述多个服务节点中选择多个候选服务节点; 获取所述多个候选服务节点和所述网关节点中的每一个之间的网络质量参数; 基于所述网络质量抽样数据和所述候选节点网络质量参数，从所述多个候选服务节点中选择目标服务节点; 并将目标服务节点分配给网关节点。

公开(公告)号：US20160277497A1

公开(公告)日：2016-09-22

申请号：US14660479

申请日：2015-03-17

Applicant: Panzura, Inc.

Inventor： Greig W. Bannister ,  John Richard Taylor

IPC: H04L29/08 ,  H04L29/06

CPC classification number: H04L67/1097 ,  H04L61/103 ,  H04L61/2007 ,  H04L61/6022 ,  H04L61/6068 ,  H04L63/0272 ,  H04L67/1036

Abstract: The disclosed embodiments disclose techniques for facilitating access to a remote cloud service via a cloud controller for a distributed filesystem. Two or more cloud controllers collectively manage distributed filesystem data that is stored in the cloud storage systems; the cloud controllers ensure data consistency for the stored data, and each cloud controller caches portions of the distributed filesystem. During operation, a cloud controller detects a request from a co-located client to access a network address that is in the same subnet of their local network. The cloud controller determines that the network address is associated with the remote cloud service (which executes in a cloud storage environment) and forwards the request to the remote cloud service.

Abstract translation: 所公开的实施例公开了通过用于分布式文件系统的云控制器来促进对远程云服务的访问的技术。 两个或多个云控制器共同管理存储在云存储系统中的分布式文件系统数据; 云控制器确保存储数据的数据一致性，并且每个云控制器缓存部分分布式文件系统。 在操作期间，云控制器检测来自同位置客户端的访问与其本地网络在同一子网中的网络地址的请求。 云控制器确定网络地址与远程云服务（在云存储环境中执行）相关联，并将请求转发到远程云服务。

公开(公告)号：US09450880B2

公开(公告)日：2016-09-20

申请号：US14881737

申请日：2015-10-13

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Ramsundar Janakiraman ,  Avinash Sridharan ,  Ravinder Verma ,  Prasad Palkar

IPC: H04L12/851 ,  H04L29/06 ,  H04L29/08 ,  H04L12/743

CPC classification number: H04L47/2433 ,  H04L45/7457 ,  H04L67/1036 ,  H04L69/22

Abstract: According to one embodiment, a method comprises an operation of determining whether an ingress control message is locally terminated control traffic on a digital device prior to the ingress control message being forwarded to a hardware processor of the digital device for processing. A priority is assigned to the ingress control message based on information within the ingress control message, if the ingress control message is determined to be locally terminated control logic.

Abstract translation: 根据一个实施例，一种方法包括在入口控制消息被转发到数字设备的硬件处理器以进行处理之前，确定进入控制消息是否本地终止在数字设备上控制业务的操作。 如果入口控制消息被确定为本地终止控制逻辑，则基于入口控制消息内的信息将优先级分配给入口控制消息。