公开(公告)号：US10944691B1

公开(公告)日：2021-03-09

申请号：US16742917

申请日：2020-01-15

Applicant: VMware, Inc.

Inventor： Abhishek Raut ,  Kai Su ,  Jianjun Shen ,  Salvatore Orlando ,  Tong Liu ,  Shih-Hao Li

IPC: H04L12/26 ,  H04L12/911

Abstract: Example methods and systems for container-based network policy configuration in a software-defined networking (SDN) environment are disclosed. One example method may comprise: in response to detecting a first request to assign a container-based resource with a first label via a container orchestration system, assigning a logical network element associated with the container-based resource with a second label. The example method may also comprise: in response to detecting a second request to configure a container-based network policy associated with the container-based resource via the container orchestration system, identifying the logical network element by mapping the first label to the second label; and configuring the container-based network policy to be applicable to network traffic that is forwarded via the logical network element.

公开(公告)号：US09432204B2

公开(公告)日：2016-08-30

申请号：US14020369

申请日：2013-09-06

Applicant: VMware, Inc.

Inventor： Jianjun Shen ,  Alexander Tessmer ,  Ram Dular Singh ,  Hua Wang ,  Da Wan

IPC: H04L12/18 ,  H04L12/46 ,  H04L12/761

CPC classification number: H04L12/1886 ,  H04L12/185 ,  H04L12/1854 ,  H04L12/46 ,  H04L12/4641 ,  H04L45/16

Abstract: A novel method of conducting multicast traffic in a network is provided. The network includes multiple endpoints that receive messages from the network and generate messages for the network. The endpoints are located in different segments of the network, each segment including one or more of the endpoints. For a source endpoint to replicate a particular message (e.g., a data packet) for all endpoints belonging to a particular replication group (i.e., multicast group) within the network, the source endpoint replicates the particular message to each endpoint within the source endpoint's own segment and to a proxy endpoint in each of the other segments. Each proxy endpoint in turn replicates the particular message to all endpoints belonging to the particular replication group within the proxy endpoint's own segment.

Abstract translation: 提供了一种在网络中进行组播流量的新颖方法。 网络包括从网络接收消息并为网络生成消息的多个端点。 端点位于网络的不同段中，每个段包括一个或多个端点。 对于源端点来复制属于网络内特定复制组（即多播组）的所有端点的特定消息（例如，数据包），源端点会将特定消息复制到源端点自身的每个端点 段和每个其他段中的代理端点。 每个代理端点反过来将特定消息复制到属于代理端点自身段内特定复制组的所有端点。

公开(公告)号：US20150103679A1

公开(公告)日：2015-04-16

申请号：US14052765

申请日：2013-10-13

Applicant: VMware, Inc.

Inventor： Alexander Tessmer ,  Jianjun Shen

IPC: H04L12/26

CPC classification number: H04L43/0811 ,  H04L43/10 ,  H04L43/50

Abstract: Some embodiments provide a method for a first host machine that hosts a virtual machine connected to a particular logical network. The method receives a command to test connectivity between the first host machine and a set of at least one additional host machine that also host virtual machines on the particular logical network. At the first host machine, the method generates a packet for sending to the set of additional host machines in order to test the connectivity. The method appends to the generated packet (i) information that identifies the particular logical network and (ii) a flag indicating that the packet is for connectivity testing. The method encapsulates the generated packet with tunnel endpoint addresses, including a tunnel endpoint located at the first host machine. The method sends the encapsulated packet from the first host machine to the set of additional host machines according to the tunnel encapsulation.

Abstract translation: 一些实施例提供一种用于承载连接到特定逻辑网络的虚拟机的第一主机的方法。 该方法接收用于测试第一主机与一组至少一个附加主机之间的连接的命令，该主机还在特定逻辑网络上托管虚拟机。 在第一台主机上，该方法生成一个数据包，用于发送给一组附加主机，以便测试连接。 该方法附加到生成的分组（i）识别特定逻辑网络的信息，以及（ii）指示分组用于连接测试的标志。 该方法使用隧道端点地址封装生成的数据包，包括位于第一个主机的隧道端点。 该方法根据隧道封装，将封装的数据包从第一台主机发送到另一台主机。

公开(公告)号：US20150103645A1

公开(公告)日：2015-04-16

申请号：US14070448

申请日：2013-11-01

Applicant: VMware, Inc.

Inventor： Jianjun Shen ,  Hua Wang ,  James Joseph Stabile ,  Xuan Zhang

IPC: H04L12/24 ,  H04L12/803

CPC classification number: H04L41/042 ,  G06F9/452 ,  H04L41/0659 ,  H04L45/64 ,  H04L47/125 ,  H04L61/103 ,  H04L61/2015 ,  H04L67/38

Abstract: Some embodiments provide a novel method for distributing control-channel communication load between multiple controllers in a network control system. In some embodiments, the controllers manage physical forwarding elements that forward data between several computing devices (also called hosts or host computers), some or all of which execute one or more virtual machines (VMs). The method of some embodiments distributes a controller assignment list to the host computers. The host computers use this list to identify the controllers with which they need to interact to perform some of the forwarding operations of their associated logical forwarding elements. In some embodiments, agents executing on the host computers (1) review the controller assignment list to identify the appropriate controllers, and (2) establish control channel communications with these controllers to obtain the needed data for effectuating the forwarding operations of their associated physical forwarding elements. These agents in some embodiments are responsible for out-of-band control channel communication with the controllers.

Abstract translation: 一些实施例提供了一种用于在网络控制系统中的多个控制器之间分配控制信道通信负载的新颖方法。 在一些实施例中，控制器管理在多个计算设备（也称为主机或主机计算机）之间转发数据的物理转发元件，其中一些或全部执行一个或多个虚拟机（VM）。 一些实施例的方法将控制器分配列表分发给主计算机。 主计算机使用此列表来识别他们需要进行交互的控制器，以执行其相关联的逻辑转发元件的一些转发操作。 在一些实施例中，在主计算机（1）上执行的代理查看控制器分配列表以识别适当的控制器，以及（2）与这些控制器建立控制信道通信，以获得所需的数据，以实现其相关物理转发的转发操作 元素。 在一些实施例中，这些代理负责与控制器的带外控制信道通信。

公开(公告)号：US20150055651A1

公开(公告)日：2015-02-26

申请号：US14020369

申请日：2013-09-06

Applicant: VMware, Inc.

Inventor： Jianjun Shen ,  Alexander Tessmer ,  Ram Dular Singh ,  Hua Wang ,  Da Wan

IPC: H04L12/18

CPC classification number: H04L12/1886 ,  H04L12/185 ,  H04L12/1854 ,  H04L12/46 ,  H04L12/4641 ,  H04L45/16

Abstract: A novel method of conducting multicast traffic in a network is provided. The network includes multiple endpoints that receive messages from the network and generate messages for the network. The endpoints are located in different segments of the network, each segment including one or more of the endpoints. For a source endpoint to replicate a particular message (e.g., a data packet) for all endpoints belonging to a particular replication group (i.e., multicast group) within the network, the source endpoint replicates the particular message to each endpoint within the source endpoint's own segment and to a proxy endpoint in each of the other segments. Each proxy endpoint in turn replicates the particular message to all endpoints belonging to the particular replication group within the proxy endpoint's own segment.

Abstract translation: 提供了一种在网络中进行组播流量的新颖方法。 网络包括从网络接收消息并为网络生成消息的多个端点。 端点位于网络的不同段中，每个段包括一个或多个端点。 对于源端点来复制属于网络内特定复制组（即多播组）的所有端点的特定消息（例如，数据包），源端点会将特定消息复制到源端点自身的每个端点 段和每个其他段中的代理端点。 每个代理端点反过来将特定消息复制到属于代理端点自身段内特定复制组的所有端点。