公开(公告)号：US11856041B2

公开(公告)日：2023-12-26

申请号：US17231366

申请日：2021-04-15

Applicant: Netskope, Inc.

Inventor： Umesh Bangalore Muniyappa ,  Ravi Ithal

IPC: H04L9/00 ,  H04L65/613 ,  H04L61/2503 ,  H04L43/0876 ,  H04L65/80 ,  H04L9/32 ,  H04L45/7453 ,  H04L69/16 ,  H04L69/22 ,  H04L67/1001

CPC classification number: H04L65/613 ,  H04L9/3242 ,  H04L43/0876 ,  H04L45/7453 ,  H04L61/2503 ,  H04L65/80 ,  H04L67/1001 ,  H04L69/16 ,  H04L69/22

Abstract: Disclosed is distributed routing and load balancing in a dynamic service chain, receiving a packet at a first service instance, including a NSH imposed on the by a service classifier. The NSH includes a stream affinity code consistent for packets in a stream. The method also includes processing the packet at the first instance where the instance performs a first service in a service chain that includes second and third services. The first service instance accesses a flow table using the stream affinity code to select a second service instance performing the second service from among service instances performing the second service, and the first instance routes the packet to the selected second service instance upon egress from the first service instance. The method can include hashing the stream affinity code to access the flow table and access an available instance using the hash as a key to a CHT.

公开(公告)号：US11381617B2

公开(公告)日：2022-07-05

申请号：US17118142

申请日：2020-12-10

Applicant: Netskope, Inc.

Inventor： Ravi Ithal ,  Umesh Bangalore Muniyappa

IPC: H04L65/613 ,  H04L9/32 ,  H04L43/0876 ,  H04L61/2503 ,  H04L65/80 ,  H04L45/7453 ,  H04L67/1001 ,  H04L69/16 ,  H04L69/22

Abstract: The technology disclosed relates to failure recovery in cloud-based services. In particular, the technology disclosed relates to a service instance BA that identifies a service instance BB as having a secondary role for packets carrying a stream affinity code which is specified in a service map distributed to service instances. Service instance BA state information is synchronized with the service instance BB after processing a first packet. After failure of the service instance BA, a service instance AA receives an updated service map, and prepares to forward to the service instance BA a second packet. The second packet includes a same stream affinity code as the first packet forwarded before the failure. The updated service map is used to determine that the service instance BB is available and servicing the same stream affinity code as the service instance BA. The second packet is forwarded to the service instance BB.

公开(公告)号：US20240372908A1

公开(公告)日：2024-11-07

申请号：US18396581

申请日：2023-12-26

Applicant: Netskope, Inc.

Inventor： Umesh Bangalore Muniyappa ,  Ravi Ithal

IPC: H04L65/613 ,  H04L9/32 ,  H04L43/0876 ,  H04L45/7453 ,  H04L61/2503 ,  H04L65/80 ,  H04L67/1001 ,  H04L69/16 ,  H04L69/22

Abstract: Disclosed is distributed routing and load balancing in a dynamic service chain, receiving a packet at a first service instance, including a NSH imposed on the by a service classifier. The NSH includes a stream affinity code consistent for packets in a stream. The method also includes processing the packet at the first instance where the instance performs a first service in a service chain that includes second and third services. The first service instance accesses a flow table using the stream affinity code to select a second service instance performing the second service from among service instances performing the second service, and the first instance routes the packet to the selected second service instance upon egress from the first service instance. The method can include hashing the stream affinity code to access the flow table and access an available instance using the hash as a key to a CHT.

公开(公告)号：US10986150B2

公开(公告)日：2021-04-20

申请号：US16807128

申请日：2020-03-02

Applicant: Netskope, Inc.

Inventor： Ravi Ithal ,  Umesh Bangalore Muniyappa

IPC: H04L9/00 ,  H04L29/06 ,  H04L29/12 ,  H04L12/26 ,  H04L9/32 ,  H04L12/743 ,  H04L29/08

Abstract: The disclosed technology teaches distributed routing and load balancing in a dynamic service chain: receiving and processing a packet, with added header including stream affinity code, at a first service instance and based on processing determining a second service, among available services, that should next handle the packet. The technology teaches accessing a flow table using the stream affinity code in the header to select a service instance performing the second service in the service chain, and routing the packet to the second service instance upon egress from the first service instance. When the flow table lacks an entry for the second service corresponding to the stream affinity code, the disclosed technology teaches accessing a consistent hash table of service instances performing the second service, selecting an available instance, and updating the flow table to specify the second service instance as providing the second service for packets sharing the header.