公开(公告)号：US11516050B2

公开(公告)日：2022-11-29

申请号：US16579743

申请日：2019-09-23

Applicant: Amazon Technologies, Inc.

Inventor： Anoop Dawani ,  Joseph Elmar Magerramov ,  Zachary Brandes ,  Apoorv Mittal ,  Bharadwaj Avva ,  Ryan James Schaefer ,  Kiran Venkat Sayeeram Karpurapu ,  Ajay Jha ,  Steven Bruce Richards ,  Richard H Galliher

IPC: H04L12/46 ,  H04L43/10

Abstract: Technologies are disclosed for monitoring network traffic using traffic mirroring. According to some examples, traffic mirroring allows customers to monitor traffic at different sources within a VPC. For example, a source may be any Elastic Network Interface (ENI) in their VPC, including elastic network interfaces (ENIs) on virtual machine instances, Network Address Translation (NAT) Gateways, Load Balancers, VPC endpoints, Internal Gateways, Transit Gateways, and more. Filters can be utilized to determine the network traffic to mirror. A customer may also configure to monitor real-time traffic with a monitoring appliance of their choice. With traffic mirroring, data traffic may be identified and sent to one or more target devices. Customers may monitor traffic within a VPC for content inspection, forensic analysis, troubleshooting, record keeping, and the like. Using traffic mirroring, customers can replicate VPC traffic, along with full payload data, without installing and managing agents on virtual machine instances.

公开(公告)号：US12095666B1

公开(公告)日：2024-09-17

申请号：US17491263

申请日：2021-09-30

Applicant: Amazon Technologies, Inc.

Inventor： David James Goodell ,  Ethan Joseph Torretta ,  Bharadwaj Avva ,  Joseph Elmar Magerramov ,  Shovan Kumar Das

IPC: H04L45/741 ,  H04L12/46 ,  H04L45/02 ,  H04L45/745

CPC classification number: H04L45/741 ,  H04L12/4641 ,  H04L45/04 ,  H04L45/745

Abstract: A first set of network addresses of a first address family, and a second set of network addresses of a second address family, are assigned to a virtual machine. At a routing device, respective routing information entries for the two sets of network addresses are stored, without storing routing information entries for individual addresses of the sets. A first packet with a destination address within the first set, routed using the routing information entry for the first set, is obtained at the virtual machine. A second packet with a destination address within the second set, routed using the routing information entry for the second set, is obtained at the virtual machine.