中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

72 records (took 0.067 seconds)

    Multicast packet handling based on flow cache information
    21.
    发明授权
    Multicast packet handling based on flow cache information 有权

    公开(公告)号:US11570011B2

    公开(公告)日:2023-01-31

    申请号:US17141226

    申请日:2021-01-05

    Applicant: VMware, Inc.

    Inventor: Dexiang Wang Xinhua Hong Yong Wang Yu Ying Jochen Behrens

    IPC: H04L12/28 H04L12/18 H04L67/568

    Abstract: Example methods and systems for multicast packet handling based on flow cache information are described. In one example, a network element may configure flow cache information associated with a multicast flow. The flow cache information may specify a set of actions that is configured based on a sequence of function calls. In response to detecting a multicast packet associated with the multicast flow, fast-path processing may be performed based on the flow cache information. This may include executing a replication action to generate a first packet replica and a second packet replica. First processing action(s) may be executed to process the first packet replica to generate and send a first output packet towards a first multicast destination. Second processing action(s) may be executed to process the second packet replica to generate and send a first output packet towards a second multicast destination.

    MULTI-UPLINK PATH QUALITY AWARE IPSEC
    22.
    发明申请
    MULTI-UPLINK PATH QUALITY AWARE IPSEC 有权

    公开(公告)号:US20220394014A1

    公开(公告)日:2022-12-08

    申请号:US17570363

    申请日:2022-01-06

    Applicant: VMware, Inc.

    Inventor: Yong Wang Awan Kumar Sharma Sourabh Bhattacharya Deepika Solanki Sarthak Ray

    IPC: H04L9/40 H04L45/42 H04L45/24 H04L47/125 H04L45/12

    Abstract: Some embodiments provide a method that collects metrics for one or more paths of a first tunnel implementing a first security association (SA) and for one or more paths of a second tunnel implementing a second SA. The method selects a path based on the collected metrics of the paths of the first and second tunnels. When the selected path belongs to the first tunnel, the method encrypts data transmitted as encrypted payload of the first SA and transmits the encrypted payload in the first tunnel. When the selected path belongs to the second tunnel, the method encrypts data to be transmitted as encrypted payload of the second SA and transmits the encrypted payload in the second tunnel.

    LOAD BALANCING OF VPN TRAFFIC OVER MULTIPLE UPLINKS
    23.
    发明申请
    LOAD BALANCING OF VPN TRAFFIC OVER MULTIPLE UPLINKS 有权

    公开(公告)号:US20220393967A1

    公开(公告)日:2022-12-08

    申请号:US17570365

    申请日:2022-01-06

    Applicant: VMware, Inc.

    Inventor: Deepika Solanki Awan Kumar Sharma Sourabh Bhattacharya Yong Wang Sarthak Ray

    IPC: H04L45/24 H04L45/42 H04L45/12 H04L12/46

    Abstract: Some embodiments provide a method that establishes multiple active uplinks for a VPN session with a VPN peer using a first uplink interface to access a first set of paths and a second uplink interface to access a second set of paths. The method selects a path from a pool of paths by using a hash value derived from data to be transmitted to a peer in the VPN session. The paths in the pool are identified from the first and second sets of paths based on performance metrics. When the selected path is accessible by the first uplink interface, the method transmits the data as an IPsec packet over the first uplink interface. When the selected path is accessible by the second uplink interface, the method transmits the data as an IPsec packet over the second uplink interface, wherein the data is encrypted according to a security association.

    Address resolution handling at logical distributed routers
    24.
    发明授权
    Address resolution handling at logical distributed routers 有权

    公开(公告)号:US11463398B2

    公开(公告)日:2022-10-04

    申请号:US16507045

    申请日:2019-07-10

    Applicant: VMware, Inc.

    Inventor: Jia Yu Xinhua Hong Yong Wang

    IPC: H04L61/103 H04L45/44 H04L45/00 H04L45/745 H04L45/586 H04L101/622

    Abstract: Example methods for a network device to perform address resolution handling. The method may comprise: in response to a first distributed router (DR) port of a first DR instance detecting an address resolution request from a second DR port of a second DR instance, generating a modified address resolution request that is addressed from a first address associated with the first DR port instead of a second address associated with the second DR port. The modified address resolution request may be broadcasted within a logical network that is connected to the first DR instance through network extension. The method may also comprise: in response to detecting an address resolution response that includes protocol-to-hardware address mapping information associated with an endpoint located on the logical network, generating and sending a modified address resolution response towards the second DR port of the second DR instance.

    Using VTI teaming to achieve load balance and redundancy
    26.
    发明授权
    Using VTI teaming to achieve load balance and redundancy 有权

    公开(公告)号:US11277343B2

    公开(公告)日:2022-03-15

    申请号:US16514647

    申请日:2019-07-17

    Applicant: VMware, Inc.

    Inventor: Yong Wang Jia Yu David Leroy

    IPC: H04L12/803 H04L29/06 H04L47/125

    Abstract: In an embodiment, a computer-implemented method for using virtual tunnel interface teaming to achieve load balance and redundancy in virtual private networks (“VPNs”) is disclosed. In an embodiment, a method comprises: receiving, by a gateway, configuration data from a control plane; based on the configuration data, configuring on the gateway a bonded virtual tunnel interface (“bonded VTI”) having a plurality of slave virtual tunnel interfaces (“slave VTIs”); configuring a plurality of VPN tunnels between the plurality of slave VTIs configured on the gateway and a plurality of slave VTIs configured on a remote gateway; configuring an IPsec VPN tunnel between the bonded VTI configured on the gateway and a corresponding bonded VTI configured on the remote gateway; logically combining the plurality of VPN tunnels into the IPsec VPN tunnel; and enabling communications of IPsec VPN traffic via the IPsec VPN tunnel.

    Adaptive polling in software-defined networking (SDN) environments
    27.
    发明授权
    Adaptive polling in software-defined networking (SDN) environments 有权

    公开(公告)号:US11252070B2

    公开(公告)日:2022-02-15

    申请号:US16154729

    申请日:2018-10-09

    Applicant: VMware, Inc.

    Inventor: Dexiang Wang Yong Wang Peng Li Sreeram Ravinoothala Xinghua Hu

    IPC: H04L12/26 H04L12/931 G06F9/455 H04L12/715

    Abstract: Example methods are provided for a network device to perform adaptive polling in a software-defined networking (SDN) environment. One example method may comprise: operating in a polling mode at a current polling round to detect zero or more packets that require packet processing by the network device. The method may also comprise: determining packet characteristic information associated with multiple polling rounds that include the current polling round and one or more previous polling rounds; and based on the packet characteristic information, determining whether a resource performance condition associated with the network device is satisfied. In response to determination that the resource performance condition is satisfied, the network device may operate in the polling mode at a subsequent polling round; but otherwise, switch from the polling mode to an interrupt mode.

    DETERMINISTIC LOAD BALANCING OF IPSEC PACKET PROCESSING
    29.
    发明申请
    DETERMINISTIC LOAD BALANCING OF IPSEC PACKET PROCESSING 有权

    公开(公告)号:US20210136049A1

    公开(公告)日:2021-05-06

    申请号:US16802580

    申请日:2020-02-27

    Applicant: VMWARE, INC.

    Inventor: Yong Wang Awan Kumar Sharma Manmeet Khurana Shailesh Urhekar Sourabh Bhattacharya

    IPC: H04L29/06 H04L12/741

    Abstract: Certain embodiments described herein are generally directed to systems and methods for deterministic load balancing of processing encapsulated encrypted data packets at a destination tunnel endpoint. For example, certain embodiments described herein relate to configuring a destination tunnel endpoint (TEP) with an encapsulating security payload (ESP) receive side scaling (RSS) mode to assign each incoming packet, received from a certain source endpoint (EP), to a certain RSS queue based on an identifier that is encoded in an SPI value included the packet.

    NETWORK ADDRESS TRANSLATION IN ACTIVE-ACTIVE EDGE CLUSTER
    30.
    发明公开
    NETWORK ADDRESS TRANSLATION IN ACTIVE-ACTIVE EDGE CLUSTER 审中-公开

    公开(公告)号:US20230412495A1

    公开(公告)日:2023-12-21

    申请号:US17845716

    申请日:2022-06-21

    Applicant: VMware, Inc.

    Inventor: Yong Wang Jayant Jain Ganesh Sadasivan Abhishek Goliya

    IPC: H04L45/00 H04L61/256 H04L61/2596

    CPC classification number: H04L45/38 H04L61/256 H04L61/2596

    Abstract: Some embodiments provide a method for forwarding data messages at multiple edge gateways of a logical network that process data messages between the logical network and an external network. At a first edge gateway, the method receives a data message, having an external address as a destination address, from the logical network. Based on the destination address, the method applies a default route to the data message that routes the data message to a second edge gateway and specifies a first output interface of the first edge gateway for the data message. After routing the data message, the method applies a stored NAT entry that (i) modifies a source address of the data message to be a public NAT address associated with the first edge gateway and (ii) redirects the modified data message to a second output interface of the first edge gateway instead of the first output interface.

Patent Agency Ranking