公开(公告)号：US20230130529A1

公开(公告)日：2023-04-27

申请号：US18088562

申请日：2022-12-24

Applicant: VMware, Inc.

Inventor： Dexiang Wang ,  Yong Wang ,  Jerome Catrouillet ,  Sreeram Kumar Ravinoothala

IPC: H04L47/2466 ,  H04L12/66 ,  H04L69/22 ,  H04L9/40 ,  H04L69/326 ,  H04L61/5007

Abstract: Some embodiments provide a method for a gateway datapath that executes on a gateway device to implement logical routers for a set of logical networks and process traffic between the logical networks and an external network. The method receives a data message at the gateway device. To process the data message, the method executes a set of processing stages that includes a processing stage for a particular logical router. As part of the processing stage for the particular logical router, the method (i) uses an access control list (ACL) table to determine whether the data message is subject to rate limiting controls defined for the particular logical router and (ii) only when the data message is subject to rate limiting controls, determines whether to allow the data message according to a rate limiting mechanism for the particular logical router.

公开(公告)号：US11539633B2

公开(公告)日：2022-12-27

申请号：US17008576

申请日：2020-08-31

Applicant: VMware, Inc.

Inventor： Dexiang Wang ,  Yong Wang ,  Jerome Catrouillet ,  Sreeram Ravinoothala

IPC: H04L47/2466 ,  H04L12/66 ,  H04L69/22 ,  H04L9/40 ,  H04L69/326 ,  H04L61/5007 ,  H04L101/686

Abstract: Some embodiments provide a method for a gateway datapath that executes on a gateway device to implement logical routers for a set of logical networks and process traffic between the logical networks and an external network. The method receives a data message at the gateway device. To process the data message, the method executes a set of processing stages that includes a processing stage for a particular logical router. As part of the processing stage for the particular logical router, the method (i) uses an access control list (ACL) table to determine whether the data message is subject to rate limiting controls defined for the particular logical router and (ii) only when the data message is subject to rate limiting controls, determines whether to allow the data message according to a rate limiting mechanism for the particular logical router.

公开(公告)号：US20220393983A1

公开(公告)日：2022-12-08

申请号：US17569276

申请日：2022-01-05

Applicant: VMware, Inc.

Inventor： Dexiang Wang ,  Sreeram Kumar Ravinoothala ,  Yong Wang ,  Jerome Catrouillet

IPC: H04L47/2416 ,  H04L47/2425 ,  H04L47/125 ,  H04L47/122 ,  H04L47/78 ,  H04L43/0888

Abstract: A network system that implements quality of service (QoS) by rate limiting at a logical network entity is provided. The logical network entity includes multiple transport nodes for transporting network traffic in and out of the logical network entity. The system monitors traffic loads of the multiple transport nodes of the logical network entity. The system allocates a local CR and a local BS to each of the multiple transport nodes. The allocated local CR and the local BS are determined based on the CR and BS parameters of the logical network entity and based on the monitored traffic loads. Each transport node of the logical network entity in turn controls an amount of data being processed by the transport node based on a token bucket value that is computed based on the local CR and the local BS of the transport node.

公开(公告)号：US11122065B2

公开(公告)日：2021-09-14

申请号：US16103108

申请日：2018-08-14

Applicant: VMware, Inc.

Inventor： Bin Zan ,  Dexiang Wang ,  Zhen Mo ,  Vijay Ganti

IPC: H04L29/06 ,  G06K9/62

Abstract: Feature vectors are abstracted from data describing application processes. The feature vectors are grouped to define non-anomalous clusters of feature vectors corresponding to normal application behavior. Subsequent feature vectors are considered anomalous if they do not fall within one of the non-anomalous clusters; alerts are issued for anomalous feature vectors. In addition, the subsequent feature vectors may be used to regroup feature vectors to adapt to changes in what constitutes normal application behavior.

公开(公告)号：US20210218600A1

公开(公告)日：2021-07-15

申请号：US16742633

申请日：2020-01-14

Applicant: VMware, Inc.

Inventor： Dexiang Wang ,  Jia Yu ,  Jayant Jain ,  Mike Parsa ,  Haihua Luo

IPC: H04L12/66 ,  H04L12/947 ,  H04L12/707 ,  H04L29/06

Abstract: Some embodiments of the invention provide novel methods for providing a stateful service at a network edge device (e.g., an NSX edge) that has a plurality of north-facing interfaces (e.g., interfaces to an external network) and a plurality of corresponding south-facing interfaces (e.g., interfaces to a logical network). A set of interfaces on each side of the network edge device for a set of equal cost paths, in some embodiments, are bonded together in the network edge device to correspond to a single interface on either side of a logical bridge including at least one logical switch providing a stateful service implemented by the network edge device. The bond is implemented, in some embodiments, by a bonding module executing on the network edge device that maintains a mapping between ingress and egress interfaces to allow deterministic forwarding through the network edge device in the presence of bonded interfaces.

公开(公告)号：US20210191798A1

公开(公告)日：2021-06-24

申请号：US16718707

申请日：2019-12-18

Applicant: VMware, Inc.

Inventor： Kate Zhang ,  Dexiang Wang ,  Michael Hu ,  Tengyuan Ye ,  Eduard Serra Miralles

IPC: G06F11/07 ,  G06F11/34

Abstract: Automated methods and systems described directed to determining a root cause of problem with a system executing in a distributed computing system. Methods and systems train a normal-state model that characterizes a normal state of the system based on normal log files generated by event sources of the system executed under normal or test conditions. Methods and systems use the normal-state model and a log file containing log messages recorded about the time when a problem with the system has been detected to identify log messages that describe a root cause of the problem.

公开(公告)号：US10855519B2

公开(公告)日：2020-12-01

申请号：US16212379

申请日：2018-12-06

Applicant: VMware, Inc.

Inventor： Xinhua Hong ,  Dexiang Wang ,  Sharath Bhat ,  Xinghua Hu ,  Jia Yu

IPC: H04L12/24 ,  H04L12/26 ,  H04L12/18 ,  H04L12/46

Abstract: A computer-implemented method for a media access control (MAC) address synchronization mechanism for a bridge port failover is disclosed. The method comprises: detecting a failover of a previously active bridge node; for each MAC address stored in a MAC-SYNC table: generating a first reverse address resolution protocol (“RARP”) packet having a source MAC address; broadcasting the first RARP message to a virtual extensible LAN (“VXLAN”) switch via a bridge port to register the source MAC address on the bridge port; and storing an association of the MAC address and an identifier of the bridge port in a forwarding table; for each MAC address stored in the forwarding table but not stored in the MAC-SYNC table: generating a second RARP packet with a MAC address to be the source MAC address; causing a physical switch to update a forwarding table maintained by the physical switch; and forwarding traffic via the bridge port.