公开(公告)号：US09621666B2

公开(公告)日：2017-04-11

申请号：US14448642

申请日：2014-07-31

Applicant: Citrix Systems, Inc.

Inventor： Henk Bots ,  Srikanth Devarajan ,  Saravana Annamalaisami ,  Nicholas Stavrakos ,  Jeff Monks ,  Fred Koopmans ,  Chris Koopmans ,  Kapil Dakhane

IPC: G06F15/16 ,  H04L29/08 ,  G06F17/30 ,  H03M7/30 ,  H04W80/06 ,  H04W8/24

CPC classification number: H04L67/2828 ,  G06F17/30076 ,  G06F17/30902 ,  H03M7/30 ,  H04L67/02 ,  H04L67/06 ,  H04L67/2852 ,  H04L69/04 ,  H04W8/245 ,  H04W80/06

Abstract: Systems and methods for reducing file sizes for files delivered over a network are disclosed. A method comprises receiving a first file comprising sequences of data; creating a hash table having entries corresponding to overlapping sequences of data; receiving a second file comprising sequences of data; comparing each of the sequences of data in the second file to the sequences of data in the hash table to determine sequences of data present in both the first and second files; and creating a third file comprising sequences of data from the second file and representations of locations and lengths of said sequences of data present in both the first and second files.

公开(公告)号：US20160057067A1

公开(公告)日：2016-02-25

申请号：US14463234

申请日：2014-08-19

Applicant: CITRIX SYSTEMS, INC.

Inventor： Ashwin Jagadish ,  Saravana Annamalaisami ,  Muthukumar Shunmugiah ,  Mohit Prakash Saxena

IPC: H04L12/805 ,  H04L12/46

CPC classification number: H04L47/365 ,  H04L12/4641

Abstract: Systems and methods of providing fine grained control over MSS values of transport layer connections. A device intermediary to a plurality of clients and a plurality of servers can identify a first MSS value based on a MTU value of a VLAN interface responsive to a request to establish a transport layer connection. Device determines that a MSS value of the VLAN is less than the first MSS value. Device updates, responsive to the determination, the first MSS value to a second MSS value corresponding to the MSS value of the VLAN. Device determines that an MSS value specified by a profile configured for a virtual server of the device is less than the second MSS value. Device updates the second MSS value to the MSS value of the profile responsive to determining that the MSS value specified by the profile is less than the second MSS value.

Abstract translation: 对传输层连接的MSS值提供细粒度控制的系统和方法。 响应于建立传输层连接的请求，多个客户端和多个服务器的设备中介可以基于VLAN接口的MTU值来识别第一MSS值。 设备确定VLAN的MSS值小于第一个MSS值。 设备更新响应于确定，将第一个MSS值更新为与该VLAN的MSS值对应的第二个MSS值。 设备确定由为设备的虚拟服务器配置的配置文件指定的MSS值小于第二个MSS值。 响应于确定由配置文件指定的MSS值小于第二MSS值，设备将第二MSS值更新为配置文件的MSS值。

公开(公告)号：US20140304401A1

公开(公告)日：2014-10-09

申请号：US14245057

申请日：2014-04-04

Applicant: Citrix Systems, Inc.

Inventor： Ashwin Jagadish ,  Saravana Annamalaisami

IPC: H04L12/26

CPC classification number: H04L41/069 ,  H04L41/0853 ,  H04L41/12 ,  H04L47/125 ,  H04L47/827 ,  H04L47/829

Abstract: The systems and methods of the present solution are directed to collecting log information from multiple nodes in a multi-nodal cluster. Generally, a logging process runs to collect log information from multiple nodes in a multi-nodal cluster, e.g., a cluster of appliances. The logging process collects the log information and merges the collected log information to create a coherent unified log. The logging process may run on a node designated for the purpose. The designated node may be internal or external to the cluster. The logging process determines a topology for the cluster, establishes a communication channel with each active intermediary device identified in the topology, collects log entries from each active intermediary device, each log entry comprising information on network traffic traversing the respective intermediary device, and merges the collected log entries into a unified cluster log comprising information on network traffic traversing the cluster.

Abstract translation: 本解决方案的系统和方法旨在从多节点群集中的多个节点收集日志信息。 通常，记录过程运行以从多节点集群（例如，设备集群）中的多个节点收集日志信息。 日志记录过程收集日志信息并合并收集的日志信息以创建一致的统一日志。 记录过程可以在为此目的指定的节点上运行。 指定的节点可以是集群的内部或外部。 记录过程确定集群的拓扑，与拓扑中标识的每个活动中间设备建立通信通道，从每个活动中间设备收集日志条目，每个日志条目包括穿过相应中间设备的网络流量信息，并合并 将日志条目收集到统一的集群日志中，其中包括穿过集群的网络流量信息。

公开(公告)号：US20140304320A1

公开(公告)日：2014-10-09

申请号：US13858002

申请日：2013-04-06

Applicant: CITRIX SYSTEMS, INC.

Inventor： Varun Taneja ,  Mahesh Mylarappa ,  Saravana Annamalaisami

IPC: H04L29/06

CPC classification number: H04L69/16 ,  H04L47/27 ,  H04L69/326

Abstract: The present disclosure relates to methods and systems for dynamically changing an advertised window for a transport layer connection. A device can receive data from a server destined for an application. The device identifies the size of the application buffer corresponding to the application and advertises the application buffer size as a window size to the server. The device stores the data in the device memory. The device then determines the memory usage by comparing the memory usage to one or more predetermined thresholds. If the device determines that the memory usage is below a first predetermined threshold, the device can implement an aggressive dynamic receive buffering policy in which the device increases the advertised window size by a first increment. If the device determines that the memory usage is above the first threshold and below a second threshold, the device executes a more conservative dynamic receive buffering policy.

Abstract translation: 本公开涉及用于动态地改变传输层连接的通告窗口的方法和系统。 设备可以从发往应用程序的服务器接收数据。 该设备识别与应用程序相对应的应用程序缓冲区的大小，并将应用程序缓冲区大小作为窗口大小通告给服务器。 设备将数据存储在设备存储器中。 然后，设备通过将存储器使用与一个或多个预定阈值进行比较来确定存储器使用。 如果设备确定存储器使用量低于第一预定阈值，则设备可以实现积极的动态接收缓冲策略，其中设备将通告的窗口大小增加第一增量。 如果设备确定存储器使用量高于第一阈值并低于第二阈值，则设备执行更保守的动态接收缓冲策略。

公开(公告)号：US10069677B2

公开(公告)日：2018-09-04

申请号：US14245057

申请日：2014-04-04

Applicant: Citrix Systems, Inc.

Inventor： Ashwin Jagadish ,  Saravana Annamalaisami

IPC: G06F15/16 ,  H04L12/24 ,  H04L12/911 ,  H04L12/803

Abstract: The systems and methods of the present solution are directed to collecting log information from multiple nodes in a multi-nodal cluster. Generally, a logging process runs to collect log information from multiple nodes in a multi-nodal cluster, e.g., a cluster of appliances. The logging process collects the log information and merges the collected log information to create a coherent unified log. The logging process may run on a node designated for the purpose. The designated node may be internal or external to the cluster. The logging process determines a topology for the cluster, establishes a communication channel with each active intermediary device identified in the topology, collects log entries from each active intermediary device, each log entry comprising information on network traffic traversing the respective intermediary device, and merges the collected log entries into a unified cluster log comprising information on network traffic traversing the cluster.

公开(公告)号：US10015039B2

公开(公告)日：2018-07-03

申请号：US14689933

申请日：2015-04-17

Applicant: Citrix Systems, Inc.

Inventor： Saravana Annamalaisami ,  Raveendra Holla ,  Nishant Kumar Jain ,  Sharvari Mithyantha ,  Dhiraj Gedam

IPC: G06F15/177 ,  H04L12/28 ,  H04L12/24 ,  H04L29/08

CPC classification number: H04L41/0213 ,  H04L41/042 ,  H04L41/046 ,  H04L67/10 ,  H04L67/288

Abstract: The present disclosure is directed towards systems and methods for supporting Simple Network Management Protocol (SNMP) request operations over clustered networking devices. The system includes a cluster that includes a plurality of intermediary devices and an SNMP agent executing on a first intermediary device of the plurality of intermediary devices. The SNMP agent receives an SNMP GETNEXT request for an entity. Responsive to receipt of the SNMP GETNEXT request, the SNMP agent requests a next entity from each intermediary device of the plurality of intermediary devices of the cluster. To respond to the SNMP request, the SNMP agent selects a lexicographically minimum entity. The SNMP agent may select the lexicographically minimum entity from a plurality of next entities received via responses from each intermediary device of the plurality of intermediary devices.

公开(公告)号：US20180146015A1

公开(公告)日：2018-05-24

申请号：US15876847

申请日：2018-01-22

Applicant: Citrix Systems, Inc.

Inventor： Saravana Annamalaisami ,  Krishna Khanal ,  Varun Taneja ,  Mahesh Mylarappa

IPC: H04L29/06 ,  H04L12/707 ,  H04L29/08

Abstract: The present invention is directed towards systems and methods for multipath transmission control protocol connection (MPTCP) management. A first device, intermediary between a second device and a third device, may establish a protocol control structure responsive to establishment of a MPTCP session between the first device and the second device. The first device may maintain, via the protocol control structure, an identification of a plurality of subflows comprising transmission control protocol (TCP) connections in the MPTCP session between the first device and the second device. The first device may convert or translate, via the protocol control structure, subflow-specific sequence identifiers of packets transmitted via each of the plurality of subflows, to sequence identifiers unique across the plurality of subflows and identifying related packets from each subflows to be processed at the third device. The third device may receive the packets with the converted sequence identifiers in a single TCP connection.

公开(公告)号：US09706004B2

公开(公告)日：2017-07-11

申请号：US13858010

申请日：2013-04-06

Applicant: Citrix Systems, Inc.

Inventor： Mahesh Mylarappa ,  Meghashree Iyengar ,  Saravana Annamalaisami ,  Rajesh Joshi

IPC: H04L29/08 ,  G06F11/30 ,  H04L12/26

CPC classification number: H04L67/2819 ,  G06F11/006 ,  G06F11/3006 ,  G06F11/3089 ,  G06F11/3409 ,  G06F11/3419 ,  G06F11/3433 ,  G06F11/3495 ,  G06F2201/875 ,  G06F2201/88 ,  H04L43/026 ,  H04L43/06 ,  H04L43/08 ,  H04L67/2804

Abstract: The present disclosure is directed towards systems and methods for application performance measurement. A device may receive a first document for transmission to a client, comprising instructions for the client to transmit a request for an embedded object. A flow monitor executed the device may generate a unique identification associated with the first document, the unique identification identifying a first access of the first document, and transmit the first document and unique identification to the client. The device may receive, from the client, a request for the embedded object comprising the unique identification, and transmit, to a server, the request for the embedded object at a transmit time. The device may receive, from the server, the embedded object at a receipt time, and may transmit a performance record comprising an identification of the object, the server, the transmit time, the receipt time, and the unique identification to a data collector.

公开(公告)号：US09369368B2

公开(公告)日：2016-06-14

申请号：US14244315

申请日：2014-04-03

Applicant: Citrix Systems, Inc.

Inventor： Krishna Khanal ,  Shekhar Chandra ,  Saravana Annamalaisami

IPC: H04L1/00 ,  H04L12/26

CPC classification number: H04L43/12 ,  H04L43/02 ,  H04L43/04

Abstract: The present solution relates to systems and methods for capturing and consolidating packet tracing in a cluster system. A multi-nodal cluster processing network traffic contains multiple nodes each handling some of the processing. A node may initially receive a flow and transfer processing of the flow to another node for processing. A flow may therefore pass from one node to another, from two nodes to many nodes. In some instances, it is helpful to generate a trace of a flow. For example, in debugging a network communication flow, a trace of the flow through the cluster can be helpful. Each node has a packet engine (“PE”) which processes data packets and can, when trace is enabled, generate a trace file for the packets processed at the respective node. A trace aggregator merges these distinct trace files into an aggregate trace for the cluster.

Abstract translation: 本解决方案涉及在集群系统中捕获和合并数据包跟踪的系统和方法。 多节点群集处理网络流量包含多个节点，每个节点处理一些处理。 节点可以初始地接收流并且将流的传送处理转移到另一个节点进行处理。 因此，流可以从一个节点传递到另一个节点，从两个节点到多个节点。 在某些情况下，生成流的踪迹是有帮助的。 例如，在调试网络通信流程中，通过集群的流程的跟踪可能是有帮助的。 每个节点具有处理数据分组的分组引擎（“PE”），并且当启用跟踪时，可以为在相应节点处理的分组生成跟踪文件。 跟踪聚合器将这些不同的跟踪文件合并到集群的聚合跟踪中。

公开(公告)号：US09246940B2

公开(公告)日：2016-01-26

申请号：US14245533

申请日：2014-04-04

Applicant: Citrix Systems, Inc.

Inventor： Krishna Khanal ,  Saravana Annamalaisami ,  Mahesh Mylarappa

IPC: G06F12/14 ,  H04L29/06

CPC classification number: H04L63/1466 ,  H04L63/0428

Abstract: The present solution is directed to systems and methods for synchronizing a random seed value among a plurality of multi-core nodes in a cluster of nodes for generating a cookie signature. The cookie signature may be used for protection from SYN flood attacks. A cluster of nodes comprises one master node and one or more other nodes. Each node comprises one master core and one or more other cores. A random number is generated at the master core of the master node. The random number is synchronized across every other core. The random number is used to generated a secret key value that is attached in the encoded initial sequence number of a SYN-ACK packet. If the responding ACK packet does not contain the secret key value, then the ACK packet is dropped.

Abstract translation: 本解决方案涉及用于在节点簇中的多个多核节点之间同步随机种子值以产生Cookie签名的系统和方法。 Cookie签名可用于防止SYN Flood攻击。 一组节点包括一个主节点和一个或多个其他节点。 每个节点包括一个主核和一个或多个其他核。 在主节点的主核心处生成随机数。 随机数在每隔一个核心上同步。 随机数用于产生附加在SYN-ACK分组的经编码的初始序列号中的秘密密钥值。 如果响应的ACK分组不包含密钥值，则ACK分组被丢弃。