公开(公告)号：US20240388559A1

公开(公告)日：2024-11-21

申请号：US18212674

申请日：2023-06-21

Applicant: VMware, Inc.

Inventor： Quan Tian ,  Jianjun Shen ,  Donghai Han ,  Shuyang Xin ,  Wenqi Qiu

IPC: H04L61/103 ,  H04L9/40

Abstract: Systems and methods for configuring an egress node for an egress pod set comprising one or more pods are provided. The egress pod set may be allocated one or more egress internet protocol (IP) addresses. The egress node may be selected among nodes of a cluster including the one or more pods. The egress node may be configured as the routing destination for an egress IP address selected among the one or more egress internet protocol (IP) addresses.

公开(公告)号：US11606257B2

公开(公告)日：2023-03-14

申请号：US16283823

申请日：2019-02-25

Applicant: VMware, Inc.

Inventor： Da Wan ,  Qi Wu ,  Donghai Han ,  Jianjun Shen ,  Pankaj Thakkar ,  Mengdie Song ,  Haoran Chen

IPC: H04L41/12 ,  H04L41/0803

Abstract: Example methods and systems for a network management entity to perform topology-aware control information dissemination in a software-defined networking (SDN) environment. The method may comprise obtaining group topology information specifying a network group, and a network configuration object that references the network group. The method may also comprise: processing the group topology information to identify, from multiple members of the network group, a first member that is relevant to a first host; and processing the group topology information to identify, from the multiple members, a second member that is irrelevant to the first host. The method may further comprise: generating and sending, to the first host, control information associated with a subset of the network group. The subset may include the first member but exclude the second member.

公开(公告)号：US11570146B2

公开(公告)日：2023-01-31

申请号：US16897704

申请日：2020-06-10

Applicant: VMware, Inc.

Inventor： Danting Liu ,  Jianjun Shen ,  Abhishek Raut ,  Wenfeng Liu ,  Donghai Han

IPC: H04L12/24 ,  H04L29/08 ,  G06F9/455 ,  H04L29/06 ,  G06F9/54 ,  H04L12/803 ,  H04L12/06 ,  G06F15/16 ,  H04L15/16 ,  H04L61/50 ,  H04L49/00 ,  H04L45/42 ,  G06F9/50 ,  H04L9/40 ,  H04L61/103 ,  H04L41/0893 ,  H04L41/18 ,  H04L41/5041 ,  H04L41/50 ,  H04L67/10 ,  H04L12/46 ,  H04L12/66 ,  H04L67/1001

Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.

公开(公告)号：US11500688B2

公开(公告)日：2022-11-15

申请号：US16897715

申请日：2020-06-10

Applicant: VMware, Inc.

Inventor： Danting Liu ,  Jianjun Shen ,  Kai Su ,  Qian Sun ,  Wenfeng Liu ,  Donghai Han

IPC: G06F9/50 ,  H04L49/00 ,  H04L45/42 ,  G06F9/455 ,  G06F9/54 ,  H04L9/40 ,  H04L61/103 ,  H04L41/0893 ,  H04L41/18 ,  H04L41/5041 ,  H04L41/50 ,  H04L67/10 ,  H04L12/46 ,  H04L12/66 ,  H04L61/50 ,  H04L67/1001

Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.

公开(公告)号：US20220321535A1

公开(公告)日：2022-10-06

申请号：US17223731

申请日：2021-04-06

Applicant: VMware, Inc.

Inventor： Li Sun ,  Parasuramji Rajendran ,  Yang Ping ,  Jianjun Shen

IPC: H04L29/06 ,  H04L29/12

Abstract: Some embodiments provide a novel secure method for suppressing address discovery messaging. In some embodiments, the method receives an address discovery record that provides a network address associated with a machine connected to a network. The method then identifies a set of one or more rules for evaluating the received address discovery record to determine whether the address discovery record or its provided network address should be distributed to one or more hosts and/or devices associated with the network. The method then processes the set of rules to determine whether the received address discovery record violates a rule in the set of rules so as to prevent the distribution of its provided network address. When the address discovery record violates a rule, the method discards it in some embodiments. On the other hand, when the address discovery record does not violate any rule in the identified set of rules, the method distributes the address discovery record or its provided network address to one or more hosts and/or devices associated with the network.

公开(公告)号：US20220321495A1

公开(公告)日：2022-10-06

申请号：US17333136

申请日：2021-05-28

Applicant: VMware, Inc.

Inventor： Wenfeng Liu ,  Jianjun Shen ,  Ran Gu ,  Rui Cao ,  Donghai Han

IPC: H04L12/911 ,  H04L12/917 ,  H04L12/24

Abstract: Some embodiments provide a method of tracking errors in a container cluster network overlaying a software defined network (SDN), sometimes referred to as a virtual network. The method sends a request to instantiate a container cluster network object to an SDN manager of the SDN. The method then receives an identifier of a network resource of the SDN for instantiating the container cluster network object. The method associates the identified network resource with the container cluster network object. The method then receives an error message regarding the network resource from the SDN manager. The method identifies the error message as applying to the container cluster network object. The error message, in some embodiments, indicates a failure to initialize the network resource. The container cluster network object may be a namespace, a pod of containers, or a service.

公开(公告)号：US20210314300A1

公开(公告)日：2021-10-07

申请号：US16897627

申请日：2020-06-10

Applicant: VMware, Inc.

Inventor： Jianjun Shen ,  Danting Liu ,  Yang Liu

IPC: H04L29/06

Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML, files.

公开(公告)号：US20210314239A1

公开(公告)日：2021-10-07

申请号：US16897652

申请日：2020-06-10

Applicant: VMware, Inc.

Inventor： Jianjun Shen ,  Kai Su ,  Danting Liu ,  Yang Liu

IPC: H04L12/24 ,  H04L29/08 ,  G06F9/54 ,  H04L29/06 ,  G06F9/455

Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.

公开(公告)号：US20150172165A1

公开(公告)日：2015-06-18

申请号：US14133528

申请日：2013-12-18

Applicant: VMware, Inc.

Inventor： Alexander Tessmer ,  Jianjun Shen ,  Hua Wang ,  Rahul Korivi Subramaniyam

IPC: H04L12/751 ,  H04L12/18

CPC classification number: H04L45/02 ,  H04L12/1886 ,  H04L12/462 ,  H04L12/4633 ,  H04L12/4641

Abstract: A novel method for fully utilizing the multicast or broadcast capability of a physical network is provided. The method identifies segments of the network within which broadcast traffic, multicast traffic, or traffic to unknown recipients (BUM traffic) is allowed or enabled. The identified segment encompasses parts of the network that the BUM traffic is able reach while excluding parts of the network nodes that the BUM traffic is unable to reach. Each identified segment includes network nodes that are interconnected by physical network hardware that supports BUM traffic. The method identifies multiple BUM traffic segments in a given network that each supports its own BUM traffic. The different BUM traffic segments are interconnected by physical network hardware that does not support BUM network traffic. Each identified segment is assigned an identifier that uniquely distinguishes the identified segment from other identified segments.

Abstract translation: 提供了一种充分利用物理网络的多播或广播能力的新颖方法。 该方法识别允许或启用广播流量，组播流量或到未知接收者（BUM流量）的流量的网络段。 识别的段包含BUM业务能够到达的网络的部分，同时排除BUM业务无法到达的部分网络节点。 每个识别的段包括通过支持BUM业务的物理网络硬件互连的网络节点。 该方法识别给定网络中的每个支持其自己的BUM流量的多个BUM流量段。 不同的BUM流量段通过不支持BUM网络流量的物理网络硬件互连。 为每个标识的段分配一个标识符，其将所识别的段与其他识别的段唯一区分开。

公开(公告)号：US20150103661A1

公开(公告)日：2015-04-16

申请号：US14070451

申请日：2013-11-01

Applicant: VMware, Inc.

Inventor： Jianjun Shen ,  Hua Wang ,  James Joseph Stabile ,  Xuan Zhang

IPC: H04L12/24 ,  H04L12/803

CPC classification number: H04L41/042 ,  G06F9/452 ,  H04L41/0659 ,  H04L45/64 ,  H04L47/125 ,  H04L61/103 ,  H04L61/2015 ,  H04L67/38

Abstract: Some embodiments provide a novel method for distributing control-channel communication load between multiple controllers in a network control system. In some embodiments, the controllers manage physical forwarding elements that forward data between several computing devices (also called hosts or host computers), some or all of which execute one or more virtual machines (VMs). The method of some embodiments distributes a controller assignment list to the host computers. The host computers use this list to identify the controllers with which they need to interact to perform some of the forwarding operations of their associated logical forwarding elements. In some embodiments, agents executing on the host computers (1) review the controller assignment list to identify the appropriate controllers, and (2) establish control channel communications with these controllers to obtain the needed data for effectuating the forwarding operations of their associated physical forwarding elements. These agents in some embodiments are responsible for out-of-band control channel communication with the controllers.

Abstract translation: 一些实施例提供了一种用于在网络控制系统中的多个控制器之间分配控制信道通信负载的新颖方法。 在一些实施例中，控制器管理在多个计算设备（也称为主机或主机计算机）之间转发数据的物理转发元件，其中一些或全部执行一个或多个虚拟机（VM）。 一些实施例的方法将控制器分配列表分发给主计算机。 主计算机使用此列表来识别他们需要进行交互的控制器，以执行其相关联的逻辑转发元件的一些转发操作。 在一些实施例中，在主计算机（1）上执行的代理查看控制器分配列表以识别适当的控制器，以及（2）与这些控制器建立控制信道通信，以获得所需的数据，以实现其相关物理转发的转发操作 元素。 在一些实施例中，这些代理负责与控制器的带外控制信道通信。