公开(公告)号：US20220174041A1

公开(公告)日：2022-06-02

申请号：US17674936

申请日：2022-02-18

Applicant: VMware, Inc.

Inventor： Rishi Kanth Alapati ,  Parasuramji Rajendran ,  Weiming Xu ,  Shireesh Kumar Singh ,  Aditi Vutukuri ,  Anuprem Chalvadi ,  Chidambareswaran Raman ,  Margaret Angeline Petrus

IPC: H04L9/40 ,  H04L41/0806 ,  H04L41/00 ,  H04L61/5007

Abstract: Described herein are systems and methods to manage blacklists and duplicate addresses in software defined networks (SDNs). In one implementation, a method includes, in a control plane and data plane of an SDN environment, obtaining a blacklist for a logical port in the SDN environment. The method further includes deleting realized address bindings in a realized address list for the logical port that match the one or more address bindings in the blacklist and preventing subsequent address bindings that match the one or more address bindings in the blacklist from being added to the realized address list.

公开(公告)号：US11316797B2

公开(公告)日：2022-04-26

申请号：US16043165

申请日：2018-07-24

Applicant: VMware, Inc.

Inventor： Subin Cyriac Mathew ,  Aditya Gajanana Holla ,  Chidambareswaran Raman ,  Senthilkumar Karunakaran

IPC: H04L12/863 ,  H04L12/24 ,  H04L47/6295 ,  H04L41/0813 ,  H04L49/201 ,  H04L12/46 ,  H04L45/64 ,  H04L45/16 ,  G06F9/455

Abstract: Example methods are provided for a host to perform queue filter configuration for multicast packet handling in a software-defined networking (SDN) environment. One example method may comprise the host generating and sending a request to join an outer multicast group address to one or more multicast-enabled network devices; and configuring a queue filter based on the outer multicast group address. In response to detecting an ingress encapsulated multicast packet that includes an outer header addressed to the outer multicast group address, the host may assign the ingress encapsulated multicast packet to a particular NIC queue from the multiple NIC queues based on the queue filter; and retrieving, from the particular NIC queue, the ingress encapsulated multicast packet to generate and send a decapsulated multicast packet to a virtualized computing instance.

公开(公告)号：US11258757B2

公开(公告)日：2022-02-22

申请号：US16746075

申请日：2020-01-17

Applicant: VMware, Inc.

Inventor： Rishi Kanth Alapati ,  Parasuramji Rajendran ,  Weiming Xu ,  Shireesh Kumar Singh ,  Aditi Vutukuri ,  Anuprem Chalvadi ,  Chidambareswaran Raman ,  Margaret Angeline Petrus

IPC: H04L29/06 ,  H04L12/24 ,  H04L29/12 ,  H04L41/0806 ,  H04L41/00 ,  H04L61/5007

Abstract: Described herein are systems and methods to manage blacklists and duplicate addresses in software defined networks (SDNs). In one implementation, a method includes, in a control plane and data plane of an SDN environment, obtaining a blacklist for a logical port in the SDN environment. The method further includes deleting realized address bindings in a realized address list for the logical port that match the one or more address bindings in the blacklist and preventing subsequent address bindings that match the one or more address bindings in the blacklist from being added to the realized address list.

公开(公告)号：US11233824B2

公开(公告)日：2022-01-25

申请号：US16886575

申请日：2020-05-28

Applicant: VMware, Inc.

Inventor： Hongwei Zhu ,  Dileep Devireddy ,  Ganesan Chandrashekhar ,  Feng Gu ,  Sreenivas Duvvuri ,  Chidambareswaran Raman

IPC: H04L29/06 ,  H04L12/755 ,  H04L12/741 ,  H04L29/08 ,  H04L12/721

Abstract: In some embodiments, a method receives, by a first network device, a packet from a first workload that is located in first site. The first site includes stretched networks across a second site and a third site. The packet includes a destination IP address for a device in the second site. The method determines that the destination IP address does not match an eligible route in a routing table. The first workload was migrated from the second site to the first site and is located on a stretched network between the first site and the second site. A site identifier associated with the first workload is determined where the site identifier identifies the second site. The method selects a site policy based on the site identifier and uses the site policy to send the packet through a layer 2 channel to the second network device in the second site.

公开(公告)号：US20210400014A1

公开(公告)日：2021-12-23

申请号：US17466165

申请日：2021-09-03

Applicant: VMware, Inc.

Inventor： Parasuramji Rajendran ,  Rishi Kanth Alapati ,  Shireesh Kumar Singh ,  Aditi Vutukuri ,  Chidambareswaran Raman ,  Margaret Angeline Petrus ,  Anuprem Chalvadi ,  Pallavi Moghe ,  Weiming Xu

IPC: H04L29/12 ,  G06F9/455 ,  H04L12/741 ,  H04L12/715 ,  H04L12/751

Abstract: Described herein are systems and methods to manage Internet Protocol (IP) address discovery in a software defined networking (SDN) environment. In one example, a manager may generate an IP address discovery configuration and pass the IP address discovery configuration to a controller. Once received, the controller may obtain a discovered list from a hypervisor of one or more IP addresses associated with one or more logical ports and update a realized list for the one or more logical ports based on the discovered list and the IP address discovery configuration.

公开(公告)号：US11063872B2

公开(公告)日：2021-07-13

申请号：US16662400

申请日：2019-10-24

Applicant: VMware, Inc.

Inventor： Subin Cyriac Mathew ,  Sami Boutros ,  Stephen Tan ,  Senthilkumar Karunakaran ,  Chidambareswaran Raman

IPC: H04L12/18 ,  H04L12/46 ,  H04L12/24 ,  H04L29/08 ,  H04L12/803 ,  H04L12/801 ,  H04L12/733 ,  H04L12/66

Abstract: The disclosure provides an approach for reducing congestion within a network, the network comprising a plurality of subnets, the plurality of subnets comprising a plurality of host machines and a plurality of virtual computing instances (VCIs) running on the plurality of host machines. Embodiments include receiving, by an edge services gateway (ESG) of a first subnet of the plurality of subnets, membership information for a group identifying a subset of the plurality of host machines. Embodiments include receiving a multicast packet directed to the group and selecting from the plurality of host machines, a replicator host machine for the multicast packet. Embodiments include sending, to the replicator host machine, the multicast packet along with metadata indicating that the replicator host machine is to replicate the multicast packet to remaining host machines of the subset of the plurality of host machines identified in the membership information for the group.

公开(公告)号：US11038717B2

公开(公告)日：2021-06-15

申请号：US16566350

申请日：2019-09-10

Applicant: VMware, Inc.

Inventor： Mansi Babbar ,  Subin Cyriac Mathew ,  Chidambareswaran Raman

IPC: H04L12/46 ,  H04L29/12 ,  G06F9/455 ,  H04L29/06

Abstract: In an embodiment, a computer-implemented method provides mechanisms for identifying a source location in a service chaining topology. In an embodiment, a method comprises: determining, at an egress interface of a host that hosts a virtual machine (“VM”), whether a service plane MAC address (“spmac”) in a packet header of a packet, provided to the egress interface, is the same as an inner destination MAC address in the packet; in response to determining that the spmac in the packet header of the packet, provided to the egress interface, is the same as the inner destination MAC address in the packet: encapsulating the packet with a destination virtual tunnel endpoint (“VTEP”) address retrieved from a mapping of VTEP-labels onto VTEP addresses; and causing providing the packet from the egress interface of the host that hosts the VM to a source host that hosts a source guest virtual machine (“GVM”).

公开(公告)号：US09294524B2

公开(公告)日：2016-03-22

申请号：US14108277

申请日：2013-12-16

Applicant: VMware, Inc.

Inventor： Chidambareswaran Raman

IPC: G06F15/16 ,  H04L29/06 ,  G06F9/455 ,  G06F9/54

CPC classification number: H04L45/04 ,  G06F9/45533 ,  G06F9/541 ,  G06F2009/45595 ,  H04L45/586 ,  H04L65/403

Abstract: A method for creating a set of virtual machines on a public datacenter. The method, from a first network controller of a private network, commands a second network controller of the public datacenter to create the virtual machines. The method, from the first network controller of the private network, communicates with the second network controller of the public datacenter to determine a type of the second network controller. When the first network controller includes instructions for using application programming interfaces (APIs) of the type of the second network controller, the method uses the APIs to set up a VLAN for the set of virtual machines in order to allow the virtual machines of the set of virtual machines to communicate securely with each other without sending the communications through the private network. In some embodiments, the VLAN is a private VLAN (PVLAN).

Abstract translation: 在公共数据中心上创建一组虚拟机的方法。 该方法从私有网络的第一网络控制器命令公共数据中心的第二网络控制器来创建虚拟机。 来自专用网络的第一网络控制器的方法与公共数据中心的第二网络控制器进行通信，以确定第二网络控制器的类型。 当第一个网络控制器包含使用第二个网络控制器类型的应用编程接口（API）的指令时，该方法使用API​​为该组虚拟机设置一个VLAN，以便允许该组的虚拟机 的虚拟机彼此安全地通信，而不通过专用网络发送通信。 在一些实施例中，VLAN是专用VLAN（PVLAN）。

公开(公告)号：US20240031291A1

公开(公告)日：2024-01-25

申请号：US17871994

申请日：2022-07-25

Applicant: VMware, Inc.

Inventor： Subin Cyriac Mathew ,  Prerit Rodney ,  Chidambareswaran Raman

IPC: H04L47/125 ,  H04L12/46

CPC classification number: H04L47/125 ,  H04L12/4633

Abstract: Some embodiments provide a method of forwarding data messages between source and destination host computers that execute source and destination machines. At a source computer on which a source machine for a data message flow executes, the method in some embodiments identifies a source tunnel endpoint group (TEPG) associated with the source machine. For the flow, the method selects one TEP of the TEPG as the source TEP. The method then uses the selected source TEP to forward the flow to the destination computer on which the destination machine executes.

公开(公告)号：US11831468B2

公开(公告)日：2023-11-28

申请号：US17345636

申请日：2021-06-11

Applicant: VMware, Inc.

Inventor： Mansi Babbar ,  Subin Cyriac Mathew ,  Chidambareswaran Raman

IPC: H04L12/46 ,  G06F9/455 ,  H04L69/22 ,  H04L101/622

CPC classification number: H04L12/4633 ,  G06F9/45545 ,  H04L12/4641 ,  H04L69/22 ,  G06F2009/45595 ,  H04L2101/622

Abstract: In an embodiment, a computer-implemented method provides mechanisms for identifying a source location in a service chaining topology. In an embodiment, a method comprises: determining, at an egress interface of a host that hosts a virtual machine (“VM”), whether a service plane MAC address (“spmac”) in a packet header of a packet, provided to the egress interface, is the same as an inner destination MAC address in the packet; in response to determining that the spmac in the packet header of the packet, provided to the egress interface, is the same as the inner destination MAC address in the packet: encapsulating the packet with a destination virtual tunnel endpoint (“VTEP”) address retrieved from a mapping of VTEP-labels onto VTEP addresses; and causing providing the packet from the egress interface of the host that hosts the VM to a source host that hosts a source guest virtual machine (“GVM”).