公开(公告)号：US20180205669A1

公开(公告)日：2018-07-19

申请号：US15922673

申请日：2018-03-15

Applicant: Cisco Technology, Inc.

Inventor： David W. Chang ,  Abhijit Patra ,  Nagaraj A. Bagepalli

IPC: H04L12/947 ,  H04L12/46 ,  H04L12/18 ,  H04L12/715 ,  H04L29/08

Abstract: According to one aspect, a method includes an Intercloud Fabric Switch (ICS) included in a public cloud and an ICS cluster obtaining a packet, and determining if the packet is obtained from a site-to-site link that links the ICS to an enterprise datacenter. If the packet is obtained from the site-to-site link, it is determined whether the packet is an unknown unicast packet. If the packet is an unknown unicast packet, the packet is dropped, and if not, the packet is provided to an access link that links the ICS to a virtual machine. If the packet is not obtained from the site-to-site link, it is determined whether the packet is obtained from an inter-ICS link that allows the ICS to communicate with the ICS cluster. If the packet is obtained from the inter-ICS link, the packet is dropped if it is an unknown unicast packet.

公开(公告)号：US20170099188A1

公开(公告)日：2017-04-06

申请号：US14876627

申请日：2015-10-06

Applicant: Cisco Technology, Inc.

Inventor： David W. Chang ,  Abhijit Patra ,  Nagaraj A. Bagepalli ,  Dileep Kumar Devireddy

IPC: H04L12/24 ,  H04L29/12 ,  H04W12/06 ,  H04L12/46

Abstract: Network policies can be used to optimize the flow of network traffic between virtual machines (VMs) in a hybrid cloud environment. In an example embodiment, one or more policies can drive a virtual switch controller, a hybrid cloud manager, a hypervisor manager, a virtual switch, or other orchestrator to create one or more direct tunnels that can be utilized by a respective pair of VMs to bypass the virtual switch and enable direct communication between the VMs. The virtual switch can send the VMs network and security policies to ensure that these policies are enforced. The VMs can exchange security credentials in order to establish the direct tunnel. The direct tunnel can be used by the VMs to bypass the virtual switch and allow the VMs to communicate with each other directly.

公开(公告)号：US11604658B2

公开(公告)日：2023-03-14

申请号：US17345882

申请日：2021-06-11

Applicant: Cisco Technology, Inc.

Inventor： David W. Chang ,  Abhijit Patra ,  Nagaraj Bagepalli ,  Dileep Kumar Devireddy ,  Ganesh Sadasivan

IPC: G06F15/16 ,  G06F9/4401 ,  H04L67/10 ,  H04L61/103 ,  H04L12/46 ,  G06F9/455 ,  H04L67/1097 ,  H04L9/40 ,  H04L47/70 ,  H04L45/00 ,  H04L101/622

Abstract: Many hybrid cloud topologies require virtual machines in a public cloud to use a router in a private cloud, even when the virtual machine is transmitting to another virtual machine in the public cloud. Routing data through an enterprise router on the private cloud via the internet is generally inefficient. This problem can be overcome by placing a router within the public cloud that mirrors much of the routing functionality of the enterprise router. A switch configured to intercept address resolution protocol (ARP) request for the enterprise router's address and fabricate a response using the MAC address of the router in the public cloud.

公开(公告)号：US10554620B2

公开(公告)日：2020-02-04

申请号：US14749391

申请日：2015-06-24

Applicant: Cisco Technology, Inc.

Inventor： David W. Chang ,  Abhijit Patra ,  Nagaraj Bagepalli ,  Dileep Kumar Devireddy ,  Ganesh Sadasivan

IPC: G06F15/16 ,  H04L29/12 ,  H04L29/08 ,  H04L12/911

Abstract: Many hybrid cloud topologies require virtual machines in a public cloud to use a router in a private cloud, even when the virtual machine is transmitting to another virtual machine in the public cloud. Routing data through an enterprise router on the private cloud via the internet is generally inefficient. This problem can be overcome by placing a router within the public cloud that mirrors much of the routing functionality of the enterprise router. A switch configured to intercept address resolution protocol (ARP) request for the enterprise router's address and fabricate a response using the MAC address of the router in the public cloud.

公开(公告)号：US10462072B2

公开(公告)日：2019-10-29

申请号：US15922673

申请日：2018-03-15

Applicant: Cisco Technology, Inc.

Inventor： David W. Chang ,  Abhijit Patra ,  Nagaraj A. Bagepalli

IPC: H04L12/947 ,  H04L12/18 ,  H04L12/46 ,  H04L12/715 ,  H04L29/08 ,  H04L12/705 ,  H04L12/24 ,  H04L12/721

Abstract: According to one aspect, a method includes an Intercloud Fabric Switch (ICS) included in a public cloud and an ICS cluster obtaining a packet, and determining if the packet is obtained from a site-to-site link that links the ICS to an enterprise datacenter. If the packet is obtained from the site-to-site link, it is determined whether the packet is an unknown unicast packet. If the packet is an unknown unicast packet, the packet is dropped, and if not, the packet is provided to an access link that links the ICS to a virtual machine. If the packet is not obtained from the site-to-site link, it is determined whether the packet is obtained from an inter-ICS link that allows the ICS to communicate with the ICS cluster. If the packet is obtained from the inter-ICS link, the packet is dropped if it is an unknown unicast packet.

公开(公告)号：US10067780B2

公开(公告)日：2018-09-04

申请号：US14876092

申请日：2015-10-06

Applicant: Cisco Technology, Inc.

Inventor： David W. Chang ,  Rakesh M. Pathak

IPC: G06F9/455 ,  H04L29/08 ,  H04L29/06 ,  H04L12/24 ,  H04L12/26

Abstract: A hybrid cloud solution for securely extending a private cloud or network to a public cloud can be enhanced with tools for evaluating the resources offered by multiple public cloud providers. In an example embodiment, a public cloud evaluation system can be used to create a virtual machine (VM) in a public cloud to serve the function of a public cloud evaluation agent. The public cloud evaluation agent can instantiate one or more VMs and other resources in the public cloud, and configure the VMs and resources to execute performance evaluation software. The results of the performance evaluation software can be transmitted to a private enterprise network, and analyzed to determine whether the public cloud is an optimal public cloud for hosting an enterprise application.

公开(公告)号：US20160352682A1

公开(公告)日：2016-12-01

申请号：US14749391

申请日：2015-06-24

Applicant: Cisco Technology, Inc.

Inventor： David W. Chang ,  Abhijit Patra ,  Nagaraj Bagepalli ,  Dileep Kumar Devireddy ,  Ganesh Sadasivan

IPC: H04L29/12 ,  H04L12/911 ,  H04L29/08

Abstract: Many hybrid cloud topologies require virtual machines in a public cloud to use a router in a private cloud, even when the virtual machine is transmitting to another virtual machine in the public cloud. Routing data through an enterprise router on the private cloud via the internet is generally inefficient. This problem can be overcome by placing a router within the public cloud that mirrors much of the routing functionality of the enterprise router. A switch configured to intercept address resolution protocol (ARP) request for the enterprise router's address and fabricate a response using the MAC address of the router in the public cloud.

Abstract translation: 许多混合云拓扑需要公共云中的虚拟机在私有云中使用路由器，即使虚拟机正在传播到公共云中的另一个虚拟机。 通过互联网在私有云上通过企业路由器路由数据通常效率低下。 通过将路由器放置在公共云中来反映企业路由器的大部分路由功能，可以克服这个问题。 交换机被配置为拦截企业路由器地址的地址解析协议（ARP）请求，并使用公共云中的路由器的MAC地址来制定响应。