公开(公告)号：US11750482B2

公开(公告)日：2023-09-05

申请号：US17334682

申请日：2021-05-28

申请人： Nicira, Inc.

发明人： Alok S. Tiagi ,  Jayant Jain ,  Anirban Sengupta ,  Srinivas Nimmagadda ,  Rick Lund

IPC分类号： G06F15/173 ,  H04L43/04 ,  H04L67/02 ,  H04L69/22 ,  H04L67/1001 ,  H04L43/08 ,  H04L41/5009

CPC分类号： H04L43/04 ,  H04L43/08 ,  H04L67/02 ,  H04L67/1001 ,  H04L69/22 ,  H04L41/5009

摘要： A method of collecting health check metrics for a network is provided. The method, at a deep packet inspector on a physical host in a datacenter, receives a copy of a network packet from a load balancer. The packet includes a plurality of layers. Each layer corresponds to a communication protocol in a plurality of communication protocols. The method identifies an application referenced in the packet. The method analyzes the information in one or more layers of the packet to determine metrics for the source application. The method sends the determined metrics to the load balancer.

公开(公告)号：US11075842B2

公开(公告)日：2021-07-27

申请号：US16427294

申请日：2019-05-30

申请人： Nicira, Inc.

发明人： Jayant Jain ,  Anirban Sengupta ,  Mohan Parthasarathy ,  Allwyn Sequeira ,  Serge Maskalik ,  Rick Lund

IPC分类号： H04L12/803 ,  H04L29/12 ,  H04L12/741 ,  H04L12/707 ,  H04L12/721 ,  H04L29/08 ,  H04L12/911

摘要： Some embodiments provide a novel method for load balancing data messages that are sent by a source compute node (SCN) to one or more different groups of destination compute nodes (DCNs). In some embodiments, the method deploys a load balancer in the source compute node's egress datapath. This load balancer receives each data message sent from the source compute node, and determines whether the data message is addressed to one of the DCN groups for which the load balancer spreads the data traffic to balance the load across (e.g., data traffic directed to) the DCNs in the group. When the received data message is not addressed to one of the load balanced DCN groups, the load balancer forwards the received data message to its addressed destination. On the other hand, when the received data message is addressed to one of load balancer's DCN groups, the load balancer identifies a DCN in the addressed DCN group that should receive the data message, and directs the data message to the identified DCN. To direct the data message to the identified DCN, the load balancer in some embodiments changes the destination address (e.g., the destination IP address, destination port, destination MAC address, etc.) in the data message from the address of the identified DCN group to the address (e.g., the destination IP address) of the identified DCN.

公开(公告)号：US10608887B2

公开(公告)日：2020-03-31

申请号：US15726789

申请日：2017-10-06

申请人： Nicira, Inc.

发明人： Jayant Jain ,  Anirban Sengupta ,  Subrahmanyam Manuguri ,  Rick Lund ,  Alok Tiagi

IPC分类号： H04L12/24 ,  H04L29/06 ,  H04L12/26 ,  H04L29/08 ,  H04L12/931

摘要： Some embodiments provide a method that performs a packet tracing operation for a particular data flow between endpoints of a logical network to generate a representation of logical network components along a path between the endpoints. In response to a selection of at least two of the logical network components, the method automatically generates separate packet capture operations for execution by physical components that implement each of the selected logical network components. The method uses packet header information to correlate packet data from the separate packet capture operations.

公开(公告)号：US10341233B2

公开(公告)日：2019-07-02

申请号：US14815838

申请日：2015-07-31

申请人： Nicira, Inc.

发明人： Jayant Jain ,  Anirban Sengupta ,  Mohan Parthasarathy ,  Allwyn Sequeira ,  Serge Maskalik ,  Rick Lund

IPC分类号： H04L12/741 ,  H04L12/803 ,  H04L12/721 ,  H04L29/08 ,  H04L12/911 ,  H04L12/707 ,  H04L29/12

摘要： Some embodiments provide a novel method for load balancing data messages that are sent by a source compute node (SCN) to one or more different groups of destination compute nodes (DCNs). In some embodiments, the method deploys a load balancer in the source compute node's egress datapath. This load balancer receives each data message sent from the source compute node, and determines whether the data message is addressed to one of the DCN groups for which the load balancer spreads the data traffic to balance the load across (e.g., data traffic directed to) the DCNs in the group. When the received data message is not addressed to one of the load balanced DCN groups, the load balancer forwards the received data message to its addressed destination. On the other hand, when the received data message is addressed to one of load balancer's DCN groups, the load balancer identifies a DCN in the addressed DCN group that should receive the data message, and directs the data message to the identified DCN. To direct the data message to the identified DCN, the load balancer in some embodiments changes the destination address (e.g., the destination IP address, destination port, destination MAC address, etc.) in the data message from the address of the identified DCN group to the address (e.g., the destination IP address) of the identified DCN.

公开(公告)号：US10129077B2

公开(公告)日：2018-11-13

申请号：US14841648

申请日：2015-08-31

申请人： Nicira, Inc.

发明人： Jayant Jain ,  Anirban Sengupta ,  Rick Lund ,  Raju Koganty ,  Xinhua Hong ,  Mohan Parthasarathy

IPC分类号： G06F15/16 ,  H04L12/24 ,  H04L29/06 ,  H04L12/803 ,  H04L29/08 ,  H04L12/911 ,  H04L12/58 ,  H04W76/12

摘要： Some embodiments provide novel inline switches that distribute data messages from source compute nodes (SCNs) to different groups of destination service compute nodes (DSCNs). In some embodiments, the inline switches are deployed in the source compute nodes datapaths (e.g., egress datapath). The inline switches in some embodiments are service switches that (1) receive data messages from the SCNs, (2) identify service nodes in a service-node cluster for processing the data messages based on service policies that the switches implement, and (3) use tunnels to send the received data messages to their identified service nodes. Alternatively, or conjunctively, the inline service switches of some embodiments (1) identify service-nodes cluster for processing the data messages based on service policies that the switches implement, and (2) use tunnels to send the received data messages to the identified service-node clusters. The service-node clusters can perform the same service or can perform different services in some embodiments. This tunnel-based approach for distributing data messages to service nodes/clusters is advantageous for seamlessly implementing in a datacenter a cloud-based XaaS model (where XaaS stands for X as a service, and X stands for anything), in which any number of services are provided by service providers in the cloud.

公开(公告)号：US09774537B2

公开(公告)日：2017-09-26

申请号：US14557295

申请日：2014-12-01

申请人： Nicira, Inc.

发明人： Jayant Jain ,  Anirban Sengupta ,  Mohan Parthasarathy ,  Allwyn Sequeira ,  Serge Maskalik ,  Rick Lund

IPC分类号： H04L12/803 ,  H04L29/08 ,  H04L12/721 ,  H04L12/911 ,  H04L12/707 ,  H04L29/12

CPC分类号： H04L47/125 ,  H04L45/24 ,  H04L45/44 ,  H04L47/70 ,  H04L61/2069 ,  H04L61/2521 ,  H04L61/6022 ,  H04L67/1002 ,  H04L67/1017 ,  H04L67/1025 ,  H04L67/1029

摘要： Some embodiments provide a novel method for load balancing data messages that are sent by a source compute node (SCN) to one or more different groups of destination compute nodes (DCNs). In some embodiments, the method deploys a load balancer in the source compute node's egress datapath. This load balancer receives each data message sent from the source compute node, and determines whether the data message is addressed to one of the DCN groups for which the load balancer spreads the data traffic to balance the load across (e.g., data traffic directed to) the DCNs in the group. When the received data message is not addressed to one of the load balanced DCN groups, the load balancer forwards the received data message to its addressed destination. On the other hand, when the received data message is addressed to one of load balancer's DCN groups, the load balancer identifies a DCN in the addressed DCN group that should receive the data message, and directs the data message to the identified DCN. To direct the data message to the identified DCN, the load balancer in some embodiments changes the destination address (e.g., the destination IP address, destination port, destination MAC address, etc.) in the data message from the address of the identified DCN group to the address (e.g., the destination IP address) of the identified DCN.

公开(公告)号：US12068961B2

公开(公告)日：2024-08-20

申请号：US17385809

申请日：2021-07-26

申请人： Nicira, Inc.

发明人： Jayant Jain ,  Anirban Sengupta ,  Mohan Parthasarathy ,  Allwyn Sequeira ,  Serge Maskalik ,  Rick Lund

IPC分类号： H04L47/125 ,  H04L45/24 ,  H04L45/44 ,  H04L47/70 ,  H04L67/1001 ,  H04L67/1017 ,  H04L67/1025 ,  H04L67/1029 ,  H04L61/2521 ,  H04L61/5069 ,  H04L101/622

CPC分类号： H04L47/125 ,  H04L45/24 ,  H04L45/44 ,  H04L47/70 ,  H04L67/1001 ,  H04L67/1017 ,  H04L67/1025 ,  H04L67/1029 ,  H04L61/2521 ,  H04L61/5069 ,  H04L2101/622

摘要： Some embodiments provide a novel method for load balancing data messages that are sent by a source compute node (SCN) to one or more different groups of destination compute nodes (DCNs). In some embodiments, the method deploys a load balancer in the source compute node's egress datapath. This load balancer receives each data message sent from the source compute node, and determines whether the data message is addressed to one of the DCN groups for which the load balancer spreads the data traffic to balance the load across (e.g., data traffic directed to) the DCNs in the group. When the received data message is not addressed to one of the load balanced DCN groups, the load balancer forwards the received data message to its addressed destination. On the other hand, when the received data message is addressed to one of load balancer's DCN groups, the load balancer identifies a DCN in the addressed DCN group that should receive the data message, and directs the data message to the identified DCN. To direct the data message to the identified DCN, the load balancer in some embodiments changes the destination address (e.g., the destination IP address, destination port, destination MAC address, etc.) in the data message from the address of the identified DCN group to the address (e.g., the destination IP address) of the identified DCN.

公开(公告)号：US20230370348A1

公开(公告)日：2023-11-16

申请号：US18227302

申请日：2023-07-28

申请人： Nicira, Inc.

发明人： Alok S. Tiagi ,  Jayant Jain ,  Anirban Sengupta ,  Srinivas Nimmagadda ,  Rick Lund

IPC分类号： H04L43/04 ,  H04L67/02 ,  H04L69/22 ,  H04L67/1001 ,  H04L43/08

CPC分类号： H04L43/04 ,  H04L43/08 ,  H04L67/02 ,  H04L67/1001 ,  H04L69/22 ,  H04L41/5009

摘要： A method of collecting health check metrics for a network is provided. The method, at a deep packet inspector on a physical host in a datacenter, receives a copy of a network packet from a load balancer. The packet includes a plurality of layers. Each layer corresponds to a communication protocol in a plurality of communication protocols. The method identifies an application referenced in the packet. The method analyzes the information in one or more layers of the packet to determine metrics for the source application. The method sends the determined metrics to the load balancer.

公开(公告)号：US11025514B2

公开(公告)日：2021-06-01

申请号：US14994661

申请日：2016-01-13

申请人： Nicira, Inc.

发明人： Alok S. Tiagi ,  Jayant Jain ,  Anirban Sengupta ,  Srinivas Nimmagadda ,  Rick Lund

IPC分类号： H04L12/26 ,  H04L29/08 ,  H04L29/06 ,  H04L12/24

摘要： A method of collecting health check metrics for a network is provided. The method, at a deep packet inspector on a physical host in a datacenter, receives a copy of a network packet from a load balancer. The packet includes a plurality of layers. Each layer corresponds to a communication protocol in a plurality of communication protocols. The method identifies an application referenced in the packet. The method analyzes the information in one or more layers of the packet to determine metrics for the source application. The method sends the determined metrics to the load balancer.

公开(公告)号：US10530750B2

公开(公告)日：2020-01-07

申请号：US15378313

申请日：2016-12-14

申请人： Nicira, Inc.

发明人： Jayant Jain ,  Kausum Kumar ,  Anirban Sengupta ,  Rick Lund ,  Jingmin Zhou

IPC分类号： H04L29/06

摘要： The technology disclosed herein enables the enforcement of firewall policies based on high level identification strings. In a particular embodiment, a method provides receiving a first reply from a first identification system directed to a requestor system. In response to determining that the first identification system comprises an identification system trusted by the firewall, the method provides inspecting at least one packet included in the first reply to identify a first network address therein associated with a first high level identification string. The method further provides updating a data structure comprising allowed network addresses with the first network address and, after updating the data structure with the first network address, allowing at least one packet from the requestor system directed to a first destination at the first network address to traverse the firewall system based on the data structure.