-
1.发明公开公开(公告)号:US20240129273A1
公开(公告)日:2024-04-18
申请号:US18392521
申请日:2023-12-21
申请人: CLOUDFLARE, INC.
发明人: Marek Przemyslaw Majkowski , Braden Michael Ehrat , Sergi Isasi , Dane Orion Knecht , Dina Kozlov , Rustam Xing Lalkaka , Eric Reeves , Oliver Zi-gang Yu
IPC分类号: H04L61/5007
CPC分类号: H04L61/5007
摘要: A map of IP addresses of a distributed cloud computing network to one or more groupings is stored. The IP addresses are anycast IP addresses for which compute servers of the distributed cloud computing network share. These IP addresses are to be used as source IP addresses when transmitting traffic to destinations external to the cloud computing network. The map is made available to external destinations. Traffic is received at the distributed cloud computing network that is destined to an external destination. An IP address is selected based on the characteristic(s) applicable for the traffic and the map. The distributed cloud computing network transmits the traffic to the external destination using the selected IP address.
-
公开(公告)号:US11546374B2
公开(公告)日:2023-01-03
申请号:US16908518
申请日:2020-06-22
申请人: CLOUDFLARE, INC.
IPC分类号: H04L9/40 , H04L67/288 , H04L69/325 , H04L67/01 , H04L67/63
摘要: A server receives internet traffic from a client device. The server is one of multiple servers of a distributed cloud computing network which are each associated with a set of server identity(ies) including a server/data center certification identity. The server processes, at layer 3, the internet traffic including participating in a layer 3 DDoS protection service. If the traffic is not dropped by the layer 3 DDoS protection service, further processing is performed. The server determines whether it is permitted to process the traffic at layers 5-7 including whether it is associated with a server/data center certification identity that meets a selected criteria for the destination of the internet traffic. If the server does not meet the criteria, it transmits the traffic to another one of the multiple servers for processing the traffic at layers 5-7.
-
3.发明申请公开(公告)号:US20220417211A1
公开(公告)日:2022-12-29
申请号:US17903828
申请日:2022-09-06
申请人: CLOUDFLARE, INC.
发明人: Marek Przemyslaw Majkowski , Braden Michael Ehrat , Sergi Isasi , Dane Orion Knecht , Dina Kozlov , Rustam Xing Lalkaka , Eric Reeves , Oliver Zi-gang Yu
IPC分类号: H04L61/5007
摘要: A map of IP addresses of a distributed cloud computing network to one or more groupings is stored. The IP addresses are anycast IP addresses for which compute servers of the distributed cloud computing network share. These IP addresses are to be used as source IP addresses when transmitting traffic to destinations external to the cloud computing network. The map is made available to external destinations. Traffic is received at the distributed cloud computing network that is destined to an external destination. An IP address is selected based on the characteristic(s) applicable for the traffic and the map. The distributed cloud computing network transmits the traffic to the external destination using the selected IP address.
-
4.发明公开公开(公告)号:US20240179026A1
公开(公告)日:2024-05-30
申请号:US18434031
申请日:2024-02-06
申请人: CLOUDFLARE, INC.
发明人: Nicholas Alexander Wondra , Achiel Paul van der Mandele , Alexander Forster , Eric Reeves , Joaquin Madruga , Rustam Xing Lalkaka , Marek Przemyslaw Majkowski
IPC分类号: H04L12/46 , H04L101/618
CPC分类号: H04L12/4633 , H04L2101/618
摘要: A GRE tunnel is configured between multiple computing devices of a distributed cloud computing network and a single origin router of the origin network. The GRE tunnel has a first GRE endpoint that has an IP address that is shared among the computing devices of the distribute cloud computing network and a second GRE endpoint that has a publicly routable IP address of the origin router. A first computing device receives an IP packet from a client that is destined to an origin server. The first computing device processes the received IP packet and encapsulates the IP packet inside an outer packet to generate a GRE encapsulated packet whose source address is the first GRE endpoint and the destination address is the second GRE endpoint. The GRE encapsulated packet is transmitted over the GRE tunnel to the single origin router.
-
公开(公告)号:US11895149B2
公开(公告)日:2024-02-06
申请号:US18071484
申请日:2022-11-29
申请人: CLOUDFLARE, INC.
IPC分类号: H04L9/40 , H04L67/288 , H04L69/325 , H04L67/01 , H04L67/63
CPC分类号: H04L63/1458 , H04L63/1416 , H04L63/1425 , H04L67/01 , H04L67/288 , H04L67/63 , H04L69/325
摘要: A server receives internet traffic from a client device. The server is one of multiple servers of a distributed cloud computing network which are each associated with a set of server identity(ies) including a server/data center certification identity. The server processes, at layer 3, the internet traffic including participating in a layer 3 DDoS protection service. If the traffic is not dropped by the layer 3 DDoS protection service, further processing is performed. The server determines whether it is permitted to process the traffic at layers 5-7 including whether it is associated with a server/data center certification identity that meets a selected criteria for the destination of the internet traffic. If the server does not meet the criteria, it transmits the traffic to another one of the multiple servers for processing the traffic at layers 5-7.
-
公开(公告)号:US11894947B2
公开(公告)日:2024-02-06
申请号:US18067713
申请日:2022-12-18
申请人: CLOUDFLARE, INC.
发明人: Nicholas Alexander Wondra , Achiel Paul van der Mandele , Alexander Forster , Eric Reeves , Joaquin Madruga , Rustam Xing Lalkaka , Marek Przemyslaw Majkowski
IPC分类号: H04L12/46 , H04L101/618
CPC分类号: H04L12/4633 , H04L2101/618
摘要: A GRE tunnel is configured between multiple computing devices of a distributed cloud computing network and a single origin router of the origin network. The GRE tunnel has a first GRE endpoint that has an IP address that is shared among the computing devices of the distribute cloud computing network and a second GRE endpoint that has a publicly routable IP address of the origin router. A first computing device receives an IP packet from a client that is destined to an origin server. The first computing device processes the received IP packet and encapsulates the IP packet inside an outer packet to generate a GRE encapsulated packet whose source address is the first GRE endpoint and the destination address is the second GRE endpoint. The GRE encapsulated packet is transmitted over the GRE tunnel to the single origin router.
-
公开(公告)号:US20240244078A1
公开(公告)日:2024-07-18
申请号:US18433010
申请日:2024-02-05
申请人: CLOUDFLARE, INC.
IPC分类号: H04L9/40 , H04L67/01 , H04L67/288 , H04L67/63 , H04L69/325
CPC分类号: H04L63/1458 , H04L63/1416 , H04L63/1425 , H04L67/01 , H04L67/288 , H04L67/63 , H04L69/325
摘要: A server receives internet traffic from a client device. The server is one of multiple servers of a distributed cloud computing network which are each associated with a set of server identity(ies) including a server/data center certification identity. The server processes, at layer 3, the internet traffic including participating in a layer 3 DDoS protection service. If the traffic is not dropped by the layer 3 DDoS protection service, further processing is performed. The server determines whether it is permitted to process the traffic at layers 5-7 including whether it is associated with a server/data center certification identity that meets a selected criteria for the destination of the internet traffic. If the server does not meet the criteria, it transmits the traffic to another one of the multiple servers for processing the traffic at layers 5-7.
-
公开(公告)号:US20230087129A1
公开(公告)日:2023-03-23
申请号:US18071484
申请日:2022-11-29
申请人: CLOUDFLARE, INC.
IPC分类号: H04L9/40 , H04L67/288 , H04L69/325 , H04L67/01 , H04L67/63
摘要: A server receives internet traffic from a client device. The server is one of multiple servers of a distributed cloud computing network which are each associated with a set of server identity(ies) including a server/data center certification identity. The server processes, at layer 3, the internet traffic including participating in a layer 3 DDoS protection service. If the traffic is not dropped by the layer 3 DDoS protection service, further processing is performed. The server determines whether it is permitted to process the traffic at layers 5-7 including whether it is associated with a server/data center certification identity that meets a selected criteria for the destination of the internet traffic. If the server does not meet the criteria, it transmits the traffic to another one of the multiple servers for processing the traffic at layers 5-7.
-
公开(公告)号:US20220006671A1
公开(公告)日:2022-01-06
申请号:US17481177
申请日:2021-09-21
申请人: CLOUDFLARE, INC.
发明人: Nicholas Alexander Wondra , Achiel Paul van der Mandele , Alexander Forster , Eric Reeves , Joaquin Madruga , Rustam Xing Lalkaka , Marek Przemyslaw Majkowski
摘要: A GRE tunnel is configured between multiple computing devices of a distributed cloud computing network and a single origin router of the origin network. The GRE tunnel has a first GRE endpoint that has an IP address that is shared among the computing devices of the distribute cloud computing network and a second GRE endpoint that has a publicly routable IP address of the origin router. A first computing device receives an IP packet from a client that is destined to an origin server. The first computing device processes the received IP packet and encapsulates the IP packet inside an outer packet to generate a GRE encapsulated packet whose source address is the first GRE endpoint and the destination address is the second GRE endpoint. The GRE encapsulated packet is transmitted over the GRE tunnel to the single origin router.
-
公开(公告)号:US20210400081A1
公开(公告)日:2021-12-23
申请号:US16908518
申请日:2020-06-22
申请人: CLOUDFLARE, INC.
摘要: A server receives internet traffic from a client device. The server is one of multiple servers of a distributed cloud computing network which are each associated with a set of server identity(ies) including a server/data center certification identity. The server processes, at layer 3, the internet traffic including participating in a layer 3 DDoS protection service. If the traffic is not dropped by the layer 3 DDoS protection service, further processing is performed. The server determines whether it is permitted to process the traffic at layers 5-7 including whether it is associated with a server/data center certification identity that meets a selected criteria for the destination of the internet traffic. If the server does not meet the criteria, it transmits the traffic to another one of the multiple servers for processing the traffic at layers 5-7.
-
-
-
-
-
-
-
-
-
搜索结果
17 条记录 (耗时 0.016 秒)
