公开(公告)号：US20200382344A1

公开(公告)日：2020-12-03

申请号：US16996551

申请日：2020-08-18

Applicant: Citrix Systems, Inc.

Inventor： Vivekanand Rangaraman ,  Jyotheeswara Rao Kurma ,  Janraj CJ

IPC: H04L12/46

Abstract: The disclosure is directed towards systems and methods for performing service tag switching. A device intermediary to a client and a server receives a packet including a virtual network device identifier tag that identifies a list of functions to be performed on the packet. The device tags the packet with a first service tag identifying a first functional entity of the device to which to route the packet. The device routes the packet to the first functional entity configured to perform a first function. Responsive to the first function being performed, the device selects a subsequent service tag identifying a subsequent functional entity to route the packet. The device tags the packet with the subsequent service tag and routes the packet to the subsequent functional entity. Once all of the list of functions to be performed on the packet have been performed, the device forwards the packet to its destination.

公开(公告)号：US09923818B2

公开(公告)日：2018-03-20

申请号：US14853134

申请日：2015-09-14

Applicant: Citrix Systems, Inc.

Inventor： Janraj CJ ,  Vivekanand Rangaraman

IPC: H04L12/741 ,  H04L12/743 ,  H04L12/46

CPC classification number: H04L45/745 ,  H04L12/4633

Abstract: The present disclosure is directed towards systems and methods of steering packets received by a multi-core device serving as a tunnel endpoint. A device including a plurality of cores identifies a core corresponding to a request to transmit to a destination via a tunnel. The tunnel is established between the first tunnel endpoint and a second tunnel endpoint. The device identifies, from a port allocation table, a source port based on the identified core, a first IP address of the first tunnel endpoint, a second IP address of the second tunnel endpoint and the destination port to steer a response to the request to the identified core. The device modifies a packet of the request to include in an outer header of the packet of the request, a first tuple identifying the first IP address, the second IP address, the destination port and the identified source port.

公开(公告)号：US20170085622A1

公开(公告)日：2017-03-23

申请号：US14862698

申请日：2015-09-23

Applicant: Citrix Systems, Inc.

Inventor： Sandhya Gopinath ,  Kaur Gurpreet ,  Santosh Sahu ,  Janraj CJ

IPC: H04L29/08

CPC classification number: H04L67/06 ,  H04L67/1002 ,  H04L67/28

Abstract: The present disclosure is directed to providing FTP data connections between a client and a server via a multi-core system. Both client-side and server-side data connections are allowed to be served on a core that is the same as a core that has processed the corresponding control connection using at least one of receive side scaling (RSS) filter rules and changes in port allocation logic. In a cluster where control connection and data connection can reach different nodes based on an RSS distribution, the node which has processed the control connection is also allowed to process the corresponding data connection using at least one of RSS filter rules, service registration, changes in port allocation logic and node-to-node (N2N) messages. The systems and methods discussed herein apply to active FTP, passive FTP, and active FTP with a random port in which the server initiates data connection from a non-standard FTP port.

公开(公告)号：US20150036493A1

公开(公告)日：2015-02-05

申请号：US13955517

申请日：2013-07-31

Applicant: Citrix Systems, Inc.

Inventor： Janraj CJ ,  Jyotheesh Rao Kurma

IPC: H04L29/08 ,  H04L12/46

CPC classification number: H04L12/4641 ,  H04L29/08144 ,  H04L47/125 ,  H04L61/103 ,  H04L61/1511

Abstract: The present disclosure relates to methods and systems for providing load balancing for layer 2 devices. A device intermediary to a plurality of clients and a plurality of servers and a plurality of layer 2 devices establishes, for each layer 2 device, a first traffic domain corresponding to ingress traffic received from the plurality of clients and a second traffic domain of the device corresponding to ingress traffic received from the plurality of clients. The device associates a first virtual local area network (VLAN) with the first traffic domain and a second VLAN with the second traffic domain. The device establishes a plurality of services. Each service corresponds to a layer 2 device and includes a corresponding subnet internet protocol (SNIP) address hosted on the device. The device establishes a virtual server to load balance the plurality of services corresponding to each of the plurality of layer 2 devices.

Abstract translation: 本公开涉及用于为第2层设备提供负载平衡的方法和系统。 对于多个客户机和多个服务器和多个第2层设备的设备中介器为每个第二层设备建立对应于从多个客户端接收的入口业务的第一业务域和设备的第二业务域 对应于从多个客户端接收的入口业务。 该设备将第一虚拟局域网（VLAN）与第一流量域相关联，并将第二VLAN与第二流量域相关联。 该设备建立多个服务。 每个服务对应于第2层设备，并且包括在设备上托管的相应的子网互联网协议（SNIP）地址。 该设备建立虚拟服务器以对与多个第二层设备中的每一个相对应的多个服务进行负载平衡。

公开(公告)号：US20180375686A1

公开(公告)日：2018-12-27

申请号：US16059619

申请日：2018-08-09

Applicant: Citrix Systems, Inc.

Inventor： Vivekanand Rangaraman ,  Jyotheeswara Rao Kurma ,  Janraj CJ

IPC: H04L12/46

CPC classification number: H04L12/4666

Abstract: The disclosure is directed towards systems and methods for performing service tag switching. A device intermediary to a client and a server receives a packet including a virtual network device identifier tag that identifies a list of functions to be performed on the packet. The device tags the packet with a first service tag identifying a first functional entity of the device to which to route the packet. The device routes the packet to the first functional entity configured to perform a first function. Responsive to the first function being performed, the device selects a subsequent service tag identifying a subsequent functional entity to route the packet. The device tags the packet with the subsequent service tag and routes the packet to the subsequent functional entity. Once all of the list of functions to be performed on the packet have been performed, the device forwards the packet to its destination.

公开(公告)号：US09749148B2

公开(公告)日：2017-08-29

申请号：US13955517

申请日：2013-07-31

Applicant: Citrix Systems, Inc.

Inventor： Janraj CJ ,  Jyotheesh Rao Kurma

IPC: H04L12/46 ,  H04L29/12 ,  H04L29/08 ,  H04L12/803

CPC classification number: H04L12/4641 ,  H04L29/08144 ,  H04L47/125 ,  H04L61/103 ,  H04L61/1511

Abstract: The present disclosure relates to methods and systems for providing load balancing for layer 2 devices. A device intermediary to a plurality of clients and a plurality of servers and a plurality of layer 2 devices establishes, for each layer 2 device, a first traffic domain corresponding to ingress traffic received from the plurality of clients and a second traffic domain of the device corresponding to ingress traffic received from the plurality of clients. The device associates a first virtual local area network (VLAN) with the first traffic domain and a second VLAN with the second traffic domain. The device establishes a plurality of services. Each service corresponds to a layer 2 device and includes a corresponding subnet internet protocol (SNIP) address hosted on the device. The device establishes a virtual server to load balance the plurality of services corresponding to each of the plurality of layer 2 devices.

公开(公告)号：US20150124828A1

公开(公告)日：2015-05-07

申请号：US14533737

申请日：2014-11-05

Applicant: Citrix Systems, Inc

Inventor： Janraj CJ ,  Vivekanand Rangaraman ,  Jyotheeshswara Rao Kurma

IPC: H04L12/46 ,  H04L12/741

CPC classification number: H04L45/74 ,  H04L12/4633

Abstract: Systems and methods of the present disclosure relate to allocating ports for packets distributed via a computer network. A packet engine on a core of a multicore device intermediary between a client and a server receives a first packet from the client. The first packet includes an outer header of an encapsulation protocol encapsulating a payload with an inner header. The first packet is directed by a packet distributor of the device to the first core selected based on a first tuple of the outer header. A port allocator of the packet engine determines a source port number to cause the packet distributor to identify the first core based on a second tuple of the inner header. The packet engine modifies the inner header of the payload to include the determined source port number. The device forwards the first packet including the modified inner header to the server.

Abstract translation: 本公开的系统和方法涉及为经由计算机网络分发的分组分配端口。 在客户机和服务器之间的多核设备中介的核心上的分组引擎从客户端接收第一分组。 第一分组包括封装具有内部报头的有效载荷的封装协议的外部报头。 第一分组由设备的分组分发器引导到基于外部报头的第一元组选择的第一核心。 分组引擎的端口分配器确定源端口号，以使分组分配器基于内部报头的第二个元组来识别第一个核心。 分组引擎修改有效负载的内部报头以包括确定的源端口号。 设备将包含修改后的内部头部的第一个包转发到服务器。

公开(公告)号：US10778468B2

公开(公告)日：2020-09-15

申请号：US16059619

申请日：2018-08-09

Applicant: Citrix Systems, Inc.

Inventor： Vivekanand Rangaraman ,  Jyotheeswara Rao Kurma ,  Janraj CJ

IPC: H04L12/46

Abstract: The disclosure is directed towards systems and methods for performing service tag switching. A device intermediary to a client and a server receives a packet including a virtual network device identifier tag that identifies a list of functions to be performed on the packet. The device tags the packet with a first service tag identifying a first functional entity of the device to which to route the packet. The device routes the packet to the first functional entity configured to perform a first function. Responsive to the first function being performed, the device selects a subsequent service tag identifying a subsequent functional entity to route the packet. The device tags the packet with the subsequent service tag and routes the packet to the subsequent functional entity. Once all of the list of functions to be performed on the packet have been performed, the device forwards the packet to its destination.

公开(公告)号：US10200447B2

公开(公告)日：2019-02-05

申请号：US14862698

申请日：2015-09-23

Applicant: Citrix Systems, Inc.

Inventor： Sandhya Gopinath ,  Kaur Gurpreet ,  Santosh Sahu ,  Janraj CJ

IPC: H04L29/08

Abstract: The present disclosure is directed to providing FTP data connections between a client and a server via a multi-core system. Both client-side and server-side data connections are allowed to be served on a core that is the same as a core that has processed the corresponding control connection using at least one of receive side scaling (RSS) filter rules and changes in port allocation logic. In a cluster where control connection and data connection can reach different nodes based on an RSS distribution, the node which has processed the control connection is also allowed to process the corresponding data connection using at least one of RSS filter rules, service registration, changes in port allocation logic and node-to-node (N2N) messages. The systems and methods discussed herein apply to active FTP, passive FTP, and active FTP with a random port in which the server initiates data connection from a non-standard FTP port.

公开(公告)号：US20170078197A1

公开(公告)日：2017-03-16

申请号：US14853134

申请日：2015-09-14

Applicant: Citrix Systems, Inc.

Inventor： Janraj CJ ,  Vivekanand Rangaraman

IPC: H04L12/741 ,  H04L12/46

CPC classification number: H04L45/745 ,  H04L12/4633

Abstract: The present disclosure is directed towards systems and methods of steering packets received by a multi-core device serving as a tunnel endpoint. A device including a plurality of cores identifies a core corresponding to a request to transmit to a destination via a tunnel. The tunnel is established between the first tunnel endpoint and a second tunnel endpoint. The device identifies, from a port allocation table, a source port based on the identified core, a first IP address of the first tunnel endpoint, a second IP address of the second tunnel endpoint and the destination port to steer a response to the request to the identified core. The device modifies a packet of the request to include in an outer header of the packet of the request, a first tuple identifying the first IP address, the second IP address, the destination port and the identified source port.

Abstract translation: 本公开涉及用作用作隧道端点的多核设备接收的分组的系统和方法。 包括多个核的装置通过隧道识别与发送到目的地的请求对应的核心。 隧道建立在第一个隧道端点和第二个隧道端点之间。 该设备从端口分配表中识别基于所识别的核心的源端口，第一隧道端点的第一IP地址，第二隧道端点的第二IP地址和用于引导对该请求的响应的目的地端口 确定的核心。 该设备将请求的分组修改为包括在请求的分组的外部头部中，第一元组标识第一IP地址，第二IP地址，目的地端口和所识别的源端口。