公开(公告)号：US20220321471A1

公开(公告)日：2022-10-06

申请号：US17218039

申请日：2021-03-30

Applicant: Amazon Technologies, Inc.

Inventor： Bashuman Deb ,  Omer Hashmi ,  Thomas Nguyen Spendley ,  Baihu Qian ,  Guru Kannan ,  Shridhar Kulkarni ,  Paul John Tillotson ,  Ramin Ali Dousti ,  Indira Radhika Pulla ,  Yuxin Ren ,  Fahed Hijazi ,  Xiyuan Gou ,  Steve Ge ,  Nicholas Ryan Lombardi ,  Brandon Michael LaRue ,  Jaywant U. Kapadnis ,  Anoop Dawani

IPC: H04L12/713 ,  H04L12/741 ,  H04L29/06 ,  H04L29/08

Abstract: A message indicating an auxiliary task associated with traffic transmitted via a virtual router between a pair of isolated networks is received at an offloading device. A stack multiplexer at the offloading device selects a protocol stack instance to process the message. A result of the auxiliary task is obtained by the multiplexer from the selected protocol stack instance and transmitted to the virtual router, where it is used to transmit a packet between the isolated networks.

公开(公告)号：US20220321470A1

公开(公告)日：2022-10-06

申请号：US17218036

申请日：2021-03-30

Applicant: Amazon Technologies, Inc.

Inventor： Baihu Qian ,  Omer Hashmi ,  Thomas Nguyen Spendley ,  Bashuman Deb ,  Shridhar Kulkarni ,  Paul John Tillotson ,  Ramin Ali Dousti ,  Indira Radhika Pulla ,  Steve Ge ,  Nicholas Ryan Lombardi ,  Nick Matthews ,  Anoop Dawani

IPC: H04L12/713 ,  H04L12/715 ,  H04L12/761

Abstract: An indication of a set of premises between which network traffic is to be routed via a private fiber backbone of a provider network is obtained. Respective virtual routers are configured for a first premise and a second premise, and connectivity is established between the virtual routers and routing information sources at the premises. Contents of at least one network packet originating at the first premise are transmitted to the second premise via the private fiber backbone using routing information obtained at the virtual routers from the routing information source at the second premise.

公开(公告)号：US10785146B2

公开(公告)日：2020-09-22

申请号：US16136142

申请日：2018-09-19

Applicant: Amazon Technologies, Inc.

Inventor： Paul John Tillotson ,  Bashuman Deb ,  Thomas Spendley ,  Omer Hashmi ,  Baihu Qian ,  Alexander Justin Penney

IPC: H04L12/725 ,  H04L12/741 ,  H04L12/747 ,  H04L12/859 ,  H04L12/931 ,  H04L12/46 ,  G06F9/455 ,  H04L12/26

Abstract: An isolated packet processing cell of a packet processing service, comprising an action implementation node and a decision master node, is assigned to an application. An indication of processing rules of the application is transmitted to the decision master node. In response to receiving a particular packet, the action implementation node obtains a representation of an action (which is based on the processing rules) from the decision master node and executes the action.

公开(公告)号：US10742554B2

公开(公告)日：2020-08-11

申请号：US16196709

申请日：2018-11-20

Applicant: Amazon Technologies, Inc.

Inventor： Bashuman Deb ,  Paul John Tillotson ,  Thomas Nguyen Spendley ,  Omer Hashmi ,  Baihu Qian ,  Mohamed Nader Farahat Hassan

IPC: H04L12/741 ,  H04L12/931 ,  H04L12/721 ,  H04L12/751 ,  H04L29/06 ,  G06F9/455 ,  H04L29/08

Abstract: At an action implementation layer of a virtual traffic hub, a packet is obtained from a first isolated network. A first action, generated at a decision making layer of the hub based on a first route table of the hub, is performed, resulting in transmission of at least one network packet to a first destination. In response to a second packet, obtained at the action implementation layer from a source outside the first isolated network, a second action is performed, resulting in transmission of at least one packet to a second destination. The second action is generated based on a second route table of the hub.

公开(公告)号：US20200092193A1

公开(公告)日：2020-03-19

申请号：US16136137

申请日：2018-09-19

Applicant: Amazon Technologies, Inc.

Inventor： Paul John Tillotson ,  Bashuman Deb ,  Thomas Spendley ,  Omer Hashmi ,  Baihu Qian ,  Alexander Justin Penney

IPC: H04L12/715 ,  G06F17/30 ,  H04L12/713 ,  H04L12/851 ,  H04L12/751 ,  H04L29/12

Abstract: Metadata indicating that an action implementation node and a routing decision master node have been assigned to a virtual traffic hub programmatically associated with one or more isolated networks is stored. The routing decision master node determines a first action to be implemented for packets of a network flow using state information of the isolated networks, and provides a representation of a first action to the first action implementation node. Based on performing the first action at the action implementation node, contents of a data packet received from one isolated network are transmitted to another isolated network.

公开(公告)号：US20200092138A1

公开(公告)日：2020-03-19

申请号：US16136133

申请日：2018-09-19

Applicant: Amazon Technologies, Inc.

Inventor： Paul John Tillotson ,  Bashuman Deb ,  Thomas Spendley ,  Omer Hashmi ,  Baihu Qian ,  Alexander Justin Penney

IPC: H04L12/46 ,  H04L29/12 ,  H04L12/851 ,  H04L12/931 ,  G06F9/455

Abstract: Configuration operations to enable connectivity, using a virtual traffic hub, between a plurality of isolated networks including a first isolated network with a first private address range, are initiated. The hub includes a plurality of nodes including a decision master node responsible for determining routing actions for packets received at the hub. At the decision master node, a translation mapping is obtained for a second private address range of a second isolated network, which overlaps with the first private address range. At a particular node of the hub, using the mapping, a header of a network packet received from the second isolated network and directed to a destination outside the second isolated network is modified.

公开(公告)号：US20240187332A1

公开(公告)日：2024-06-06

申请号：US18537691

申请日：2023-12-12

Applicant: Amazon Technologies, Inc.

Inventor： Paul John Tillotson ,  Bashuman Deb ,  Thomas Spendley ,  Omer Hashmi ,  Baihu Qian ,  Alexander Justin Penney

IPC: H04L45/02 ,  H04L12/46 ,  H04L45/302 ,  H04L47/2483

CPC classification number: H04L45/04 ,  H04L12/4633 ,  H04L45/306 ,  H04L47/2483 ,  H04L2212/00

Abstract: Metadata indicating that a virtual traffic hub enabling connectivity between a plurality of isolated networks has been established is stored. A determination is made that a first entry of a first isolated network attached to the hub is to be represented in a second routing table of a second isolated network attached to the hub, e.g., to enable network packets originating at resources of the second isolated network to be transmitted via the hub to the first isolated network. A new entry corresponding to the first entry is included in the second routing table.

公开(公告)号：US11855893B2

公开(公告)日：2023-12-26

申请号：US17456548

申请日：2021-11-24

Applicant: Amazon Technologies, Inc.

Inventor： Anoop Dawani ,  Bashuman Deb ,  Baihu Qian ,  Omer Hashmi ,  Nick Matthews ,  Shridhar Kulkarni ,  Thomas Nguyen Spendley ,  Steve Ge ,  Justin Lin Hsieh ,  Guru Kannan ,  Alok Mishra

IPC: H04L45/745 ,  H04L12/66 ,  H04L12/46

CPC classification number: H04L45/745 ,  H04L12/4641 ,  H04L12/66

Abstract: Systems and methods are provided for management of network segments that cross geographic regions and/or other types of network divisions in a cloud-based network environment. A cloud-based network provider's geographically-dispersed network infrastructure may serve as the core of a client's private wide area network, and the client may define isolated segments to which other networks (virtual private clouds, virtual private networks, etc.) may be attached. The various segments may remain logically isolated from each other even when implemented across some or all of the same regions—and using the same physical and/or virtual routing components—as other segments of the same client and/or other clients.

公开(公告)号：US11831600B2

公开(公告)日：2023-11-28

申请号：US17091995

申请日：2020-11-06

Applicant: Amazon Technologies, Inc.

Inventor： Paul John Tillotson ,  Bashuman Deb ,  Thomas Spendley ,  Omer Hashmi ,  Baihu Qian ,  Alexander Justin Penney

IPC: H04L61/4511 ,  H04L41/12 ,  H04L12/46 ,  H04L61/3015 ,  G06F9/455 ,  H04L47/2483

CPC classification number: H04L61/4511 ,  G06F9/45558 ,  H04L12/4645 ,  H04L41/12 ,  H04L47/2483 ,  H04L61/3025 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: Connectivity is enabled between a first and second isolated network using a virtual traffic hub that includes a decision master node responsible for determining a routing action for a packet received at the hub. At the hub, a determination is made that a particular domain name system (DNS) message being directed to a first resource in the first isolated network is to include an indication of a second resource in the second isolated network. The second resource is assigned a network address within a private address range of the second isolated network, which overlaps with a private address range being used in the first isolated network. The hub causes a transformed version of the network address to be included in the DNS message delivered to the first resource.

公开(公告)号：US11799755B2

公开(公告)日：2023-10-24

申请号：US17456549

申请日：2021-11-24

Applicant: Amazon Technologies, Inc.

Inventor： Anoop Dawani ,  Bashuman Deb ,  Baihu Qian ,  Omer Hashmi ,  Nick Matthews ,  Shridhar Kulkarni ,  Thomas Nguyen Spendley ,  Indira Radhika Pulla ,  David Jonathan Adams ,  Nicholas Ryan Lombardi ,  Brandon Michael LaRue ,  Aaron Scott DeBruin ,  Ramin Ali Dousti

IPC: H04L45/00 ,  H04L45/02 ,  H04L45/302 ,  H04L45/44 ,  H04L9/40 ,  H04L45/50 ,  H04L45/021 ,  H04L41/0895 ,  H04L49/00

CPC classification number: H04L45/04 ,  H04L45/02 ,  H04L45/306 ,  H04L45/44 ,  H04L45/566 ,  H04L41/0895 ,  H04L45/021 ,  H04L45/507 ,  H04L49/3009 ,  H04L63/0272

Abstract: Systems and methods are provided for management of network segments that cross geographic regions and/or other types of network divisions in a cloud-based network environment. Gateway may manage traffic across regions using routing metadata that includes a segment identifier. The gateways may also signal their routes across regions based on segment data, and implement the signaled routes using segment-based routing policies. Route selection may be performed using optimization data.