公开(公告)号：US11301281B2

公开(公告)日：2022-04-12

申请号：US16444956

申请日：2019-06-18

Applicant: VMware, Inc.

Inventor： Pierluigi Rolando ,  Kantesh Mundaragi ,  Rahul Mishra ,  Jayant Jain ,  Raju Koganty

IPC: H04L29/08 ,  G06F15/16 ,  G06F11/00 ,  H04L12/741 ,  H04L12/24 ,  H04L12/66 ,  H04L12/26 ,  G06F9/455 ,  H04L45/00 ,  H04L47/125 ,  H04L69/324 ,  H04L69/325 ,  H04L69/321 ,  H04L12/46 ,  H04L47/17 ,  H04L49/25 ,  H04L101/622 ,  H04L41/5054 ,  G06F9/54 ,  H04L45/74 ,  H04L47/19 ,  H04L67/563 ,  H04L41/0803 ,  H04L41/5003 ,  H04L67/1001 ,  H04L67/10 ,  H04L45/586 ,  H04L67/60 ,  H04L45/30 ,  H04L45/745 ,  H04L67/101 ,  H04L41/0816 ,  H04L47/2425 ,  H04L67/51 ,  H04L67/56 ,  H04L49/00 ,  H04L61/2592 ,  H04L41/0806 ,  H04L41/0893

Abstract: Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine. Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).

公开(公告)号：US11153406B2

公开(公告)日：2021-10-19

申请号：US16843913

申请日：2020-04-09

Applicant: VMWARE, INC.

Inventor： Sandesh Sawant ,  Kantesh Mundaragi ,  Stijn Vanveerdeghem

IPC: H04L29/08 ,  H04L12/24

Abstract: Some embodiments of the invention provide a method for monitoring a particular service chain that includes several services to perform on data messages passing through a network. The method provides a user interface to receive a selection of the particular service chain from a plurality of service chains. The particular service chain is implemented by several service paths, each of which includes several service nodes that implement the services of the service chain. The method generates a graphical display of the service paths through the service nodes, and as part of this graphical display, provides operational data relating to operations of the service nodes of the service paths. In some embodiments, the method also provides, as part of the graphical display, operational data relating to operations of individual service path.

公开(公告)号：US20210314248A1

公开(公告)日：2021-10-07

申请号：US16904430

申请日：2020-06-17

Applicant: VMware, Inc.

Inventor： Pierluigi Rolando ,  Jayant Jain ,  Raju Koganty ,  Kantesh Mundaragi ,  Yuxiao Zhang ,  Rahul Mishra

IPC: H04L12/751 ,  H04L12/707 ,  H04L12/24

Abstract: Some embodiments provide a method of performing stateful services that keeps track of changes to states of service nodes to update connection tracker records when necessary. At least one global state value indicating a state of the service nodes is maintained at the edge device. The method generates a record in a connection tracker storage including the current global state value as a flow state value for a first data message in a data message flow. Each time a data message is received for the data message flow, the stored state value (i.e., a flow state value) is compared to the relevant global state value to determine if the stored action may have been updated. After a change in the global state value relevant to the flow the method examines a flow programming table to determine if the flow has been affected by a flow programming instruction(s) that caused the global state value to change.

公开(公告)号：US20210311772A1

公开(公告)日：2021-10-07

申请号：US17352298

申请日：2021-06-19

Applicant: VMware, Inc.

Inventor： Rahul Mishra ,  Camille Lecuyer ,  Saahil Gokhale ,  Rajeev Nair ,  Kantesh Mundaragi ,  Pierluigi Rolando ,  Jayant Jain ,  Raju Koganty

IPC: G06F9/455 ,  H04L12/721 ,  H04L12/803 ,  H04L29/08 ,  H04L12/46 ,  H04L12/801 ,  H04L12/947 ,  H04L29/12 ,  H04L12/24 ,  G06F9/54 ,  H04L12/741 ,  H04L12/713 ,  H04L12/725 ,  H04L12/851 ,  H04L12/935

Abstract: Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine. Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).

公开(公告)号：US20210227041A1

公开(公告)日：2021-07-22

申请号：US16843913

申请日：2020-04-09

Applicant: VMWARE, INC.

Inventor： SANDESH SAWANT ,  Kantesh Mundaragi ,  Stijn Vanveerdeghem

IPC: H04L29/08 ,  H04L12/24

Abstract: Some embodiments of the invention provide a method for monitoring a particular service chain that includes several services to perform on data messages passing through a network. The method provides a user interface to receive a selection of the particular service chain from a plurality of service chains. The particular service chain is implemented by several service paths, each of which includes several service nodes that implement the services of the service chain. The method generates a graphical display of the service paths through the service nodes, and as part of this graphical display, provides operational data relating to operations of the service nodes of the service paths. In some embodiments, the method also provides, as part of the graphical display, operational data relating to operations of individual service path.

公开(公告)号：US11042397B2

公开(公告)日：2021-06-22

申请号：US16444826

申请日：2019-06-18

Applicant: VMware, Inc.

Inventor： Rahul Mishra ,  Camille Lecuyer ,  Saahil Gokhale ,  Rajeev Nair ,  Anuprem Chalvadi ,  Yang Ping ,  Kantesh Mundaragi ,  Pierluigi Rolando ,  Jayant Jain ,  Raju Koganty

IPC: G06F9/455 ,  H04L12/721 ,  H04L12/803 ,  H04L29/08 ,  H04L12/46 ,  H04L12/801 ,  H04L12/947 ,  H04L29/12 ,  H04L12/24 ,  G06F9/54 ,  H04L12/741 ,  H04L12/713 ,  H04L12/725 ,  H04L12/851 ,  H04L12/935

Abstract: Some embodiments of the invention provide a method for migrating a machine on a first host computer to a second host computer. At the first host computer, the method gathers a set of service insertion data used by a first service insertion module executing on the first host computer to identify a particular chain of multiple services that a set of multiple service nodes have to perform on a particular data message flow associated with the machine. To the second host computer, the method sends a set of machine configuration data and the set of service insertion data. The second host computer (1) uses the machine configuration data to deploy the machine on the second host computer and (2) uses the gathered set of service insertion data to configure a second service insertion module executing on the second host computer to identify the particular chain of two or more services.

公开(公告)号：US20200274799A1

公开(公告)日：2020-08-27

申请号：US16283665

申请日：2019-02-22

Applicant: VMware, Inc.

Inventor： Rahul Mishra ,  Kantesh Mundaragi ,  Stephen Tan ,  Akhila Naveen ,  Pierluigi Rolando ,  Raju Koganty

IPC: H04L12/713 ,  H04L12/707

Abstract: In an embodiment, a method for a VRF and multi-service insertion on edge gateways is described. In an embodiment, the method comprises: detecting a packet; determining attributes for the packet; based on the attributes, determining whether the attributes match one or more rule attributes of a particular rule in a rule table; in response to determining that the attributes match the one or more rule attributes of a particular rule in the rule table: determining, based on the particular rule, a particular redirection identifier, a particular VRF identifier, a particular next hop, a particular address pair, and a particular BFD status; based on the particular BFD status, determining whether to redirect the packet; and in response to determining to redirect the packet, redirecting the packet toward a service virtual machine from an interface indicated by one of addresses in the particular address pair.

公开(公告)号：US20200274757A1

公开(公告)日：2020-08-27

申请号：US16445035

申请日：2019-06-18

Applicant: VMware, Inc.

Inventor： Pierluigi Rolando ,  Kantesh Mundaragi ,  Rahul Mishra ,  Jayant Jain ,  Raju Koganty ,  Akhila Naveen ,  Fenil Kavathia ,  Yong Feng

IPC: H04L12/24 ,  H04L29/08 ,  G06F9/455

Abstract: Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine. Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).

公开(公告)号：US20200272497A1

公开(公告)日：2020-08-27

申请号：US16445016

申请日：2019-06-18

Applicant: VMware, Inc.

Inventor： Fenil Kavathia ,  Anuprem Chalvadi ,  Yang Ping ,  Akhila Naveen ,  Yong Feng ,  Kantesh Mundaragi ,  Rahul Mishra ,  Pierluigi Rolando ,  Jayant Jain ,  Raju Koganty

IPC: G06F9/455 ,  H04L12/721 ,  H04L12/803 ,  H04L29/08

Abstract: Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine. Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).

公开(公告)号：US20200272494A1

公开(公告)日：2020-08-27

申请号：US16444927

申请日：2019-06-18

Applicant: VMware, Inc.

Inventor： Saahil Gokhale ,  Camille Lecuyer ,  Rajeev Nair ,  Kantesh Mundaragi ,  Rahul Mishra ,  Pierluigi Rolando ,  Jayant Jain ,  Raju Koganty

IPC: G06F9/455 ,  G06F9/54

Abstract: Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine. Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).