公开(公告)号：US11870797B2

公开(公告)日：2024-01-09

申请号：US17962799

申请日：2022-10-10

Applicant: CLOUDFLARE, INC.

Inventor： Derek Chamorro ,  Molly Rose Cinnamon ,  Tom Paseka ,  Nicholas Wondra

IPC: H04L9/40

CPC classification number: H04L63/1425 ,  H04L63/029 ,  H04L63/0236 ,  H04L63/1416 ,  H04L63/20

Abstract: A server of a distributed cloud computing network receives, over a tunnel established between a customer-premises equipment and the compute server, traffic from an Internet-of-Things (IoT) device that is connected to the CPE. The server enforces an egress traffic policy to determine whether the traffic is permitted to be transmitted to the destination. If the traffic is not permitted to be transmitted to the destination, the server drops the traffic. If the traffic is permitted to be transmitted to the destination, the server transmits the traffic to the destination.

公开(公告)号：US11470104B1

公开(公告)日：2022-10-11

申请号：US17698836

申请日：2022-03-18

Applicant: CLOUDFLARE, INC.

Inventor： Derek Chamorro ,  Molly Rose Cinnamon ,  Tom Paseka ,  Nicholas Wondra

IPC: H04L9/40

Abstract: A server of a distributed cloud computing network receives, over a tunnel established between a customer-premises equipment and the compute server, traffic from an Internet-of-Things (IoT) device that is connected to the CPE. The server enforces an egress traffic policy to determine whether the traffic is permitted to be transmitted to the destination. If the traffic is not permitted to be transmitted to the destination, the server drops the traffic. If the traffic is permitted to be transmitted to the destination, the server transmits the traffic to the destination.

公开(公告)号：US11316825B2

公开(公告)日：2022-04-26

申请号：US16883116

申请日：2020-05-26

Applicant: CLOUDFLARE, INC.

Inventor： Dane Orion Knecht ,  John Graham-Cumming ,  Dani Grant ,  Christopher Philip Branch ,  Tom Paseka

IPC: H04L61/2592 ,  H04L61/4511 ,  H04L67/02 ,  H04L67/01 ,  H04L12/46 ,  H04L67/1031 ,  H04L67/10 ,  H04L67/1017 ,  H04L61/5007

Abstract: An edge server of a distributed edge compute and routing service receives a tunnel connection request from a tunnel client residing on an origin server, that requests a tunnel be established between the edge server and the tunnel client. The request identifies the hostname that is to be tunneled. An IP address is assigned for the tunnel. DNS record(s) are added or changed that associate the hostname with the assigned IP address. Routing rules are installed in the edge servers of the distributed edge compute and routing service to reach the edge server for the tunneled hostname. The edge server receives a request for a resource of the tunneled hostname from another edge server that received the request from a client, where the other edge server is not connected to the origin server. The request is transmitted from the edge server to the origin server over the tunnel.

公开(公告)号：US12267346B2

公开(公告)日：2025-04-01

申请号：US18407060

申请日：2024-01-08

Applicant: CLOUDFLARE, INC.

Inventor： Derek Chamorro ,  Molly Rose Cinnamon ,  Tom Paseka ,  Nicholas Wondra

IPC: H04L9/40

Abstract: A server of a distributed cloud computing network receives, over a tunnel established between a customer-premises equipment and the compute server, traffic from an Internet-of-Things (IoT) device that is connected to the CPE. The server enforces an egress traffic policy to determine whether the traffic is permitted to be transmitted to the destination. If the traffic is not permitted to be transmitted to the destination, the server drops the traffic. If the traffic is permitted to be transmitted to the destination, the server transmits the traffic to the destination.

公开(公告)号：US20240163301A1

公开(公告)日：2024-05-16

申请号：US18407060

申请日：2024-01-08

Applicant: CLOUDFLARE, INC.

Inventor： Derek Chamorro ,  Molly Rose Cinnamon ,  Tom Paseka ,  Nicholas Wondra

IPC: H04L9/40

CPC classification number: H04L63/1425 ,  H04L63/0236 ,  H04L63/029 ,  H04L63/1416 ,  H04L63/20

Abstract: A server of a distributed cloud computing network receives, over a tunnel established between a customer-premises equipment and the compute server, traffic from an Internet-of-Things (IoT) device that is connected to the CPE. The server enforces an egress traffic policy to determine whether the traffic is permitted to be transmitted to the destination. If the traffic is not permitted to be transmitted to the destination, the server drops the traffic. If the traffic is permitted to be transmitted to the destination, the server transmits the traffic to the destination.

公开(公告)号：US11949647B2

公开(公告)日：2024-04-02

申请号：US17728407

申请日：2022-04-25

Applicant: CLOUDFLARE, INC.

Inventor： Dane Orion Knecht ,  John Graham-Cumming ,  Dani Grant ,  Christopher Philip Branch ,  Tom Paseka

IPC: H04L61/2592 ,  H04L12/46 ,  H04L61/4511 ,  H04L67/01 ,  H04L67/02 ,  H04L67/10 ,  H04L67/1017 ,  H04L67/1031 ,  H04L61/5007

CPC classification number: H04L61/2592 ,  H04L12/4633 ,  H04L12/4641 ,  H04L61/4511 ,  H04L67/01 ,  H04L67/02 ,  H04L67/10 ,  H04L67/1017 ,  H04L67/1031 ,  H04L61/5007

Abstract: A tunnel is established between a first edge server of a distributed edge compute and routing service and a tunnel client residing on an origin server. Routing rules are installed in the edge servers of the distributed edge compute and routing service to reach the first edge server. The routing rules are based at least in part on traffic information gathered from processing other traffic that traverses the distributed edge compute and routing service. A request for content served by the origin server through the tunnel is received at a second edge server of the distributed edge compute and routing service. A path from the second edge server to the first edge server is determined based on the routing rules. The request is transmitted on the determined path. The first edge server receives the request and transmits the request to the origin server over the tunnel.

公开(公告)号：US20230300158A1

公开(公告)日：2023-09-21

申请号：US17962799

申请日：2022-10-10

Applicant: CLOUDFLARE, INC.

Inventor： Derek Chamorro ,  Molly Rose Cinnamon ,  Tom Paseka ,  Nicholas Wondra

IPC: H04L9/40

CPC classification number: H04L63/1425 ,  H04L63/1416 ,  H04L63/20 ,  H04L63/029 ,  H04L63/0236

Abstract: A server of a distributed cloud computing network receives, over a tunnel established between a customer-premises equipment and the compute server, traffic from an Internet-of-Things (IoT) device that is connected to the CPE. The server enforces an egress traffic policy to determine whether the traffic is permitted to be transmitted to the destination. If the traffic is not permitted to be transmitted to the destination, the server drops the traffic. If the traffic is permitted to be transmitted to the destination, the server transmits the traffic to the destination.

公开(公告)号：US10666613B2

公开(公告)日：2020-05-26

申请号：US16160294

申请日：2018-10-15

Applicant: CLOUDFLARE, INC.

Inventor： Dane Orion Knecht ,  John Graham-Cumming ,  Dani Grant ,  Christopher Philip Branch ,  Tom Paseka

IPC: H04L29/12 ,  H04L29/08 ,  H04L29/06 ,  H04L12/46

Abstract: An edge server of a distributed edge compute and routing service receives a tunnel connection request from a tunnel client residing on an origin server, that requests a tunnel be established between the edge server and the tunnel client. The request identifies the hostname that is to be tunneled. An IP address is assigned for the tunnel. DNS record(s) are added or changed that associate the hostname with the assigned IP address. Routing rules are installed in the edge servers of the distributed edge compute and routing service to reach the edge server for the tunneled hostname. The edge server receives a request for a resource of the tunneled hostname from another edge server that received the request from a client, where the other edge server is not connected to the origin server. The request is transmitted from the edge server to the origin server over the tunnel.

公开(公告)号：US10104039B1

公开(公告)日：2018-10-16

申请号：US15719537

申请日：2017-09-28

Applicant: Cloudflare, Inc.

Inventor： Dane Orion Knecht ,  John Graham-Cumming ,  Dani Grant ,  Christopher Philip Branch ,  Tom Paseka

IPC: H04L29/12 ,  H04L29/08 ,  H04L12/46 ,  H04W28/02 ,  H04L29/06

Abstract: An edge server of a distributed edge compute and routing service receives a tunnel connection request from a tunnel client residing on an origin server, that requests a tunnel be established between the edge server and the tunnel client. The request identifies the hostname that is to be tunneled. An IP address is assigned for the tunnel. DNS record(s) are added or changed that associate the hostname with the assigned IP address. Routing rules are installed in the edge servers of the distributed edge compute and routing service to reach the edge server for the tunneled hostname. The edge server receives a request for a resource of the tunneled hostname from another edge server that received the request from a client, where the other edge server is not connected to the origin server. The request is transmitted from the edge server to the origin server over the tunnel.