公开(公告)号：US20230239266A1

公开(公告)日：2023-07-27

申请号：US17581357

申请日：2022-01-21

Applicant: Google LLC

Inventor： Mukta Gupta ,  Alok Kumar ,  Gargi Adhav ,  Yuquan Jiang ,  Aakash Bhushan Arora ,  Shijeesh Nharappadath Sankaranathan ,  Marco Leogrande ,  Salomon Sonny Ben-Shimon

IPC: H04L61/256 ,  H04L61/5007 ,  H04L61/2517 ,  G06F9/455

CPC classification number: H04L61/256 ,  H04L61/2007 ,  H04L61/2517 ,  G06F9/45558 ,  G06F2009/45595 ,  G06F2009/4557

Abstract: Aspects of the disclosure provide for a proxyless NAT infrastructure with dynamic port allocation. A proxyless NAT infrastructure is configured to perform NAT between a network of virtual machines (VMs) and a device external to the network, without a device, such as a NAT server or a router, acting as a proxy. A system can include a control plane for provisioning VMs of a network, including configuring each VM to perform NAT and initially assigning a number of ports for communicating with other devices. The control plane maintains a feedback loop—receiving data characterizing port usage and network traffic at ports allocated to the various VMs and scaling the port allocation for each VM based on the received data. The control plane can allocate additional ports as determined to be needed by a VM, and later retrieve the ports to be reused for other VMs.

公开(公告)号：US11799822B2

公开(公告)日：2023-10-24

申请号：US17581357

申请日：2022-01-21

Applicant: Google LLC

Inventor： Mukta Gupta ,  Alok Kumar ,  Gargi Adhav ,  Yuquan Jiang ,  Aakash Bhushan Arora ,  Shijeesh Nharappadath Sankaranathan ,  Marco Leogrande ,  Salomon Sonny Ben-Shimon

IPC: H04L61/256 ,  G06F9/455 ,  H04L61/2517 ,  H04L61/5007

CPC classification number: H04L61/256 ,  G06F9/45558 ,  H04L61/2517 ,  H04L61/5007 ,  G06F2009/4557 ,  G06F2009/45595

Abstract: Aspects of the disclosure provide for a proxyless NAT infrastructure with dynamic port allocation. A proxyless NAT infrastructure is configured to perform NAT between a network of virtual machines (VMs) and a device external to the network, without a device, such as a NAT server or a router, acting as a proxy. A system can include a control plane for provisioning VMs of a network, including configuring each VM to perform NAT and initially assigning a number of ports for communicating with other devices. The control plane maintains a feedback loop-receiving data characterizing port usage and network traffic at ports allocated to the various VMs and scaling the port allocation for each VM based on the received data. The control plane can allocate additional ports as determined to be needed by a VM, and later retrieve the ports to be reused for other VMs.

公开(公告)号：US20230123734A1

公开(公告)日：2023-04-20

申请号：US17970073

申请日：2022-10-20

Applicant: Google LLC

Inventor： Eli Oxman ,  Salomon Sonny Ben-Shimon ,  Anshuman Gupta ,  Alok Kumar ,  Ittai Balaban ,  Benjamin John Benardos ,  Sameer Adhikari ,  Mukta Gupta ,  Anjin Guo ,  Pierre-Emmanuel Ettori ,  Noam Lampert ,  Uday Ramakrishna Naik ,  Jesse Louis Alpert ,  Ines Clara Envid Lazaro ,  Uri Goren ,  Ariel Waizel

IPC: H04L61/256 ,  H04L12/46

Abstract: Establishing proxy-less connectivity from logically isolated virtual private clouds (VPC)within a cloud environment without the use of VPN or VPC peering is provided. Establishing a service attachment in one VPC, related to a service which is to be accessed, and a service endpoint in another VPC allows for private communication between the two networks without exposing the service to other VPCs in the cloud environment.