中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

16 records (took 0.017 seconds)

    DYNAMIC PATH SELECTION OF VPN ENDPOINT
    3.
    发明申请
    DYNAMIC PATH SELECTION OF VPN ENDPOINT 有权

    公开(公告)号:US20220394016A1

    公开(公告)日:2022-12-08

    申请号:US17570364

    申请日:2022-01-06

    Applicant: VMware, Inc.

    Inventor: Deepika Solanki Awan Kumar Sharma Yong Wang Sourabh Bhattacharya Sarthak Ray

    IPC: H04L9/40 H04L12/46

    Abstract: Some embodiments provide a method that identifies multiple paths between a first site and a second site. A security association (SA) is established for transmitting encrypted payload from the first site to the second site in a virtual private network (VPN) session. The method selects a path based on metrics that are obtained for the paths. The selected path is defined by a first endpoint address of the first site and a second endpoint address of the second site. The method sends a message from the first site to the second site to update the SA to switch from using an original path to using the selected path. The message indicates the first and second endpoint addresses. The method transmits a packet including a payload that is encrypted according to the updated SA.

    MULTI-UPLINK PATH QUALITY AWARE IPSEC
    5.
    发明申请
    MULTI-UPLINK PATH QUALITY AWARE IPSEC 有权

    公开(公告)号:US20220394014A1

    公开(公告)日:2022-12-08

    申请号:US17570363

    申请日:2022-01-06

    Applicant: VMware, Inc.

    Inventor: Yong Wang Awan Kumar Sharma Sourabh Bhattacharya Deepika Solanki Sarthak Ray

    IPC: H04L9/40 H04L45/42 H04L45/24 H04L47/125 H04L45/12

    Abstract: Some embodiments provide a method that collects metrics for one or more paths of a first tunnel implementing a first security association (SA) and for one or more paths of a second tunnel implementing a second SA. The method selects a path based on the collected metrics of the paths of the first and second tunnels. When the selected path belongs to the first tunnel, the method encrypts data transmitted as encrypted payload of the first SA and transmits the encrypted payload in the first tunnel. When the selected path belongs to the second tunnel, the method encrypts data to be transmitted as encrypted payload of the second SA and transmits the encrypted payload in the second tunnel.

    LOAD BALANCING OF VPN TRAFFIC OVER MULTIPLE UPLINKS
    6.
    发明申请
    LOAD BALANCING OF VPN TRAFFIC OVER MULTIPLE UPLINKS 有权

    公开(公告)号:US20220393967A1

    公开(公告)日:2022-12-08

    申请号:US17570365

    申请日:2022-01-06

    Applicant: VMware, Inc.

    Inventor: Deepika Solanki Awan Kumar Sharma Sourabh Bhattacharya Yong Wang Sarthak Ray

    IPC: H04L45/24 H04L45/42 H04L45/12 H04L12/46

    Abstract: Some embodiments provide a method that establishes multiple active uplinks for a VPN session with a VPN peer using a first uplink interface to access a first set of paths and a second uplink interface to access a second set of paths. The method selects a path from a pool of paths by using a hash value derived from data to be transmitted to a peer in the VPN session. The paths in the pool are identified from the first and second sets of paths based on performance metrics. When the selected path is accessible by the first uplink interface, the method transmits the data as an IPsec packet over the first uplink interface. When the selected path is accessible by the second uplink interface, the method transmits the data as an IPsec packet over the second uplink interface, wherein the data is encrypted according to a security association.

    DETERMINISTIC LOAD BALANCING OF IPSEC PACKET PROCESSING
    8.
    发明申请
    DETERMINISTIC LOAD BALANCING OF IPSEC PACKET PROCESSING 有权

    公开(公告)号:US20210136049A1

    公开(公告)日:2021-05-06

    申请号:US16802580

    申请日:2020-02-27

    Applicant: VMWARE, INC.

    Inventor: Yong Wang Awan Kumar Sharma Manmeet Khurana Shailesh Urhekar Sourabh Bhattacharya

    IPC: H04L29/06 H04L12/741

    Abstract: Certain embodiments described herein are generally directed to systems and methods for deterministic load balancing of processing encapsulated encrypted data packets at a destination tunnel endpoint. For example, certain embodiments described herein relate to configuring a destination tunnel endpoint (TEP) with an encapsulating security payload (ESP) receive side scaling (RSS) mode to assign each incoming packet, received from a certain source endpoint (EP), to a certain RSS queue based on an identifier that is encoded in an SPI value included the packet.

    MANAGING PROCESSING QUEUE ALLOCATION BASED ON ADDRESSING ATTRIBUTES OF AN INNER PACKET
    9.
    发明申请
    MANAGING PROCESSING QUEUE ALLOCATION BASED ON ADDRESSING ATTRIBUTES OF AN INNER PACKET 有权

    公开(公告)号:US20230028529A1

    公开(公告)日:2023-01-26

    申请号:US17467479

    申请日:2021-09-07

    Applicant: Vmware, Inc.

    Inventor: BHARGAV PUVVADA SOURSBH BHATTACHARYA, Awan Kumar Sharma

    IPC: H04L12/721 H04L12/745 H04L12/46 H04L12/715

    Abstract: Described herein are systems, methods, and software to manage processing queue allocation based on addressing attributes of an inner packet. In one implementation, a first gateway identifies processing queues at a second gateway and assigns a unique flow label to each of the processing queues. The first gateway further receives a packet from a computing node that is directed toward the second gateway. The first gateway hashes addressing information in the packet to select a flow label, encapsulates the packet with the flow label in the outer encapsulation header for the encapsulated packet, and forwards the packet toward the second gateway.

Patent Agency Ranking