公开(公告)号：US11533372B2

公开(公告)日：2022-12-20

申请号：US17219705

申请日：2021-03-31

Applicant: Google LLC

Inventor： Sonny Ben-Shimon ,  Uri Goren ,  Daniel Berkovitch ,  Ittai Balaban ,  Alok Kumar ,  Parveen Patel ,  Pierre-emmanuel Ettori ,  Anshuman Gupta ,  Idan Brown ,  Noam Lampert

IPC: H04L29/06 ,  H04L67/141 ,  H04L69/326 ,  H04L5/00 ,  H04L67/56

Abstract: A method for a proxyless protocol includes intercepting, from a client, a first Transmission Control Protocol (TCP) connection request requesting to establish a TCP connection between the client and a proxy for routing data to a destination server. The request includes client information and a first sequence number. The method also includes transmitting, to the destination server, a second TCP connection request to establish a TCP connection between the client and the destination server. The second request includes a second sequence number less than the first sequence number. The method also includes intercepting, from the destination server, an acknowledgment message indicating acknowledgment of the second TCP connection request. The method also includes transmitting, to the destination server, a proxy protocol header message with the client information. The method also includes generating a new acknowledgment message using the first TCP connection request and transmitting, to the client, the new acknowledgment message.

公开(公告)号：US20230379191A1

公开(公告)日：2023-11-23

申请号：US17859558

申请日：2022-07-07

Applicant: Google LLC

Inventor： Anshuman Gupta ,  Pavlin Radoslavov ,  Kannan Sattainathan ,  Alok Kumar ,  Yossi Richter

IPC: H04L12/66 ,  H04L67/10 ,  H04L45/74

CPC classification number: H04L12/66 ,  H04L67/10 ,  H04L45/74

Abstract: The present disclosure provides for full mesh connectivity between all endpoints in a VPC, including virtual machines, load balancers, routers, interconnects, virtual private networks, etc. Connectivity may be extended to on-premises devices, such as those connected via VPN and Interconnects. The connectivity is high performance, reliable, and secure.

公开(公告)号：US11799822B2

公开(公告)日：2023-10-24

申请号：US17581357

申请日：2022-01-21

Applicant: Google LLC

Inventor： Mukta Gupta ,  Alok Kumar ,  Gargi Adhav ,  Yuquan Jiang ,  Aakash Bhushan Arora ,  Shijeesh Nharappadath Sankaranathan ,  Marco Leogrande ,  Salomon Sonny Ben-Shimon

IPC: H04L61/256 ,  G06F9/455 ,  H04L61/2517 ,  H04L61/5007

CPC classification number: H04L61/256 ,  G06F9/45558 ,  H04L61/2517 ,  H04L61/5007 ,  G06F2009/4557 ,  G06F2009/45595

Abstract: Aspects of the disclosure provide for a proxyless NAT infrastructure with dynamic port allocation. A proxyless NAT infrastructure is configured to perform NAT between a network of virtual machines (VMs) and a device external to the network, without a device, such as a NAT server or a router, acting as a proxy. A system can include a control plane for provisioning VMs of a network, including configuring each VM to perform NAT and initially assigning a number of ports for communicating with other devices. The control plane maintains a feedback loop-receiving data characterizing port usage and network traffic at ports allocated to the various VMs and scaling the port allocation for each VM based on the received data. The control plane can allocate additional ports as determined to be needed by a VM, and later retrieve the ports to be reused for other VMs.

公开(公告)号：US20230164021A1

公开(公告)日：2023-05-25

申请号：US17532207

申请日：2021-11-22

Applicant: Google LLC

Inventor： Benjamin John Benardos ,  Anshuman Gupta ,  Alok Kumar ,  Anjin Guo ,  Ujjwal Jain

IPC: H04L12/24 ,  H04L29/06

CPC classification number: H04L41/042 ,  H04L63/08

Abstract: Aspects of the disclosure are directed to a software defined network (SDN) having a sharded control plane. The SDN may include a host device and a sharded control plane. The sharded control plane may include a first controller and a second controller sharded by one or more dimensions. The first controller and the second controller may be configured to process requests received from the first host device based on their respective sharded one or more dimensions. The one or more dimensions may be networks or functions.

公开(公告)号：US11870855B2

公开(公告)日：2024-01-09

申请号：US18058019

申请日：2022-11-22

Applicant: Google LLC

Inventor： Sonny Ben-Shimon ,  Uri Goren ,  Daniel Berkovitch ,  Ittai Balaban ,  Alok Kumar ,  Parveen Patel ,  Pierre-emmanuel Ettori ,  Anshuman Gupta ,  Idan Brown ,  Noam Lampert

IPC: H04L29/08 ,  H04L67/141 ,  H04L67/56 ,  H04L5/00 ,  H04L69/326

CPC classification number: H04L67/141 ,  H04L5/0055 ,  H04L67/56 ,  H04L69/326

Abstract: A method for a proxyless protocol includes intercepting, from a client, a first Transmission Control Protocol (TCP) connection request requesting to establish a TCP connection between the client and a proxy for routing data to a destination server. The request includes client information and a first sequence number. The method also includes transmitting, to the destination server, a second TCP connection request to establish a TCP connection between the client and the destination server. The second request includes a second sequence number less than the first sequence number. The method also includes intercepting, from the destination server, an acknowledgment message indicating acknowledgment of the second TCP connection request. The method also includes transmitting, to the destination server, a proxy protocol header message with the client information. The method also includes generating a new acknowledgment message using the first TCP connection request and transmitting, to the client, the new acknowledgment message.

公开(公告)号：US20230123734A1

公开(公告)日：2023-04-20

申请号：US17970073

申请日：2022-10-20

Applicant: Google LLC

Inventor： Eli Oxman ,  Salomon Sonny Ben-Shimon ,  Anshuman Gupta ,  Alok Kumar ,  Ittai Balaban ,  Benjamin John Benardos ,  Sameer Adhikari ,  Mukta Gupta ,  Anjin Guo ,  Pierre-Emmanuel Ettori ,  Noam Lampert ,  Uday Ramakrishna Naik ,  Jesse Louis Alpert ,  Ines Clara Envid Lazaro ,  Uri Goren ,  Ariel Waizel

IPC: H04L61/256 ,  H04L12/46

Abstract: Establishing proxy-less connectivity from logically isolated virtual private clouds (VPC)within a cloud environment without the use of VPN or VPC peering is provided. Establishing a service attachment in one VPC, related to a service which is to be accessed, and a service endpoint in another VPC allows for private communication between the two networks without exposing the service to other VPCs in the cloud environment.

公开(公告)号：US20230239266A1

公开(公告)日：2023-07-27

申请号：US17581357

申请日：2022-01-21

Applicant: Google LLC

Inventor： Mukta Gupta ,  Alok Kumar ,  Gargi Adhav ,  Yuquan Jiang ,  Aakash Bhushan Arora ,  Shijeesh Nharappadath Sankaranathan ,  Marco Leogrande ,  Salomon Sonny Ben-Shimon

IPC: H04L61/256 ,  H04L61/5007 ,  H04L61/2517 ,  G06F9/455

CPC classification number: H04L61/256 ,  H04L61/2007 ,  H04L61/2517 ,  G06F9/45558 ,  G06F2009/45595 ,  G06F2009/4557

Abstract: Aspects of the disclosure provide for a proxyless NAT infrastructure with dynamic port allocation. A proxyless NAT infrastructure is configured to perform NAT between a network of virtual machines (VMs) and a device external to the network, without a device, such as a NAT server or a router, acting as a proxy. A system can include a control plane for provisioning VMs of a network, including configuring each VM to perform NAT and initially assigning a number of ports for communicating with other devices. The control plane maintains a feedback loop—receiving data characterizing port usage and network traffic at ports allocated to the various VMs and scaling the port allocation for each VM based on the received data. The control plane can allocate additional ports as determined to be needed by a VM, and later retrieve the ports to be reused for other VMs.

公开(公告)号：US20220321667A1

公开(公告)日：2022-10-06

申请号：US17219705

申请日：2021-03-31

Applicant: Google LLC

Inventor： Sonny Ben-Shimon ,  Uri Goren ,  Daniel Berkovitch ,  Ittai Balaban ,  Alok Kumar ,  Parveen Patel ,  Pierre-Emmanuel Ettori ,  Anshu Gupta ,  Idan Brown ,  Noam Lampert

IPC: H04L29/08 ,  H04L5/00

Abstract: A method for a proxyless protocol includes intercepting, from a client, a first Transmission Control Protocol (TCP) connection request requesting to establish a TCP connection between the client and a proxy for routing data to a destination server. The request includes client information and a first sequence number. The method also includes transmitting, to the destination server, a second TCP connection request to establish a TCP connection between the client and the destination server. The second request includes a second sequence number less than the first sequence number. The method also includes intercepting, from the destination server, an acknowledgment message indicating acknowledgment of the second TCP connection request. The method also includes transmitting, to the destination server, a proxy protocol header message with the client information. The method also includes generating a new acknowledgment message using the first TCP connection request and transmitting, to the client, the new acknowledgment message.

公开(公告)号：US20230164064A1

公开(公告)日：2023-05-25

申请号：US17535181

申请日：2021-11-24

Applicant: Google LLC

Inventor： Brian Matthew Fahs ,  Marco Aurelio Paganini ,  James Alexander Docauer ,  Rüdiger Sonderfeld ,  Yossi Richter ,  Vijay Tinnanur ,  Howard I. Cannon ,  Alok Kumar ,  Daniel Thomas Rowles

IPC: H04L12/703 ,  H04L12/707 ,  H04L12/24

CPC classification number: H04L45/28 ,  H04L45/22 ,  H04L41/5009

Abstract: The disclosed technology consolidates the switch over of dynamic routes to a centralized location, wherein the dynamic routes are tied to the data plane itself. Detection of a health failure within a primary route allows the cloud network and the associated virtual network stack to transfer packet routing to a pre-programmed or configured secondary route.

公开(公告)号：US20230092318A1

公开(公告)日：2023-03-23

申请号：US18058019

申请日：2022-11-22

Applicant: Google LLC

Inventor： Sonny Ben-Shimon ,  Uri Goren ,  Daniel Berkovitch ,  Ittai Balaban ,  Alok Kumar ,  Parveen Patel ,  Pierre-emmanuel Ettori ,  Anshuman Gupta ,  Idan Brown ,  Noam Lampert

IPC: H04L67/141 ,  H04L67/56 ,  H04L5/00 ,  H04L69/326

Abstract: A method for a proxyless protocol includes intercepting, from a client, a first Transmission Control Protocol (TCP) connection request requesting to establish a TCP connection between the client and a proxy for routing data to a destination server. The request includes client information and a first sequence number. The method also includes transmitting, to the destination server, a second TCP connection request to establish a TCP connection between the client and the destination server. The second request includes a second sequence number less than the first sequence number. The method also includes intercepting, from the destination server, an acknowledgment message indicating acknowledgment of the second TCP connection request. The method also includes transmitting, to the destination server, a proxy protocol header message with the client information. The method also includes generating a new acknowledgment message using the first TCP connection request and transmitting, to the client, the new acknowledgment message.