公开(公告)号：US20210226847A1

公开(公告)日：2021-07-22

申请号：US16819219

申请日：2020-03-16

Applicant: VMWARE, INC.

Inventor： GAURAV JINDAL ,  RASIK JESADIYA

IPC: H04L12/24 ,  H04L29/12 ,  H04L29/08

Abstract: The disclosure provides an approach for service provisioning. Embodiments include receiving first configuration data related to a first network endpoint and second configuration data related to a second network endpoint. Embodiments include generating a service map based on the first configuration data and the second configuration data. Embodiments include receiving a request to provision a service between the first network endpoint and the second network endpoint. Embodiments include determining in response to the request and based on the service map, first service configuration data for the first network endpoint and second service configuration data for the second network endpoint. Embodiments include provisioning the service between the first network endpoint and the second network endpoint by pushing the first service configuration data to the first network endpoint and pushing the second service configuration data to the second network endpoint.

公开(公告)号：US20240243991A1

公开(公告)日：2024-07-18

申请号：US18125758

申请日：2023-03-24

Applicant: VMWARE, INC.

Inventor： GAURAV JINDAL ,  NEERAJ MANTRI

IPC: H04L45/24 ,  H04L12/46 ,  H04L45/586

CPC classification number: H04L45/24 ,  H04L12/4641 ,  H04L45/586

Abstract: An example method of identifying an equal cost multipath (ECMP)-enabled route-based virtual private networks (RBVPN) in a virtualized computing system, comprises: obtaining, at a telemetry agent executing in an edge server of a data center, learned routes; identifying, by the telemetry agent from the routes, a destination network and a plurality of next hops associated therewith and a plurality of virtual tunnel interfaces (VTIs); identifying, by the telemetry agent for each of the plurality of VTIs, an associated VPN session; grouping, by the telemetry agent, the VPN sessions identified as associated with the plurality of VTIs into an ECMP-enabled RBVPN; adding, by the telemetry agent, a description of the ECMP-enabled RBVPN to telemetry data; and sending, by the telemetry agent, the telemetry data to a telemetry service.

公开(公告)号：US20240031336A1

公开(公告)日：2024-01-25

申请号：US17975608

申请日：2022-10-28

Applicant: VMWARE, INC.

Inventor： GAURAV JINDAL ,  Hussaina Begum Nandyala

IPC: H04L9/40

CPC classification number: H04L63/0272 ,  H04L63/061 ,  H04L63/0428 ,  H04L63/029

Abstract: Embodiments described herein relate to load balancing using multiple CPUs. A method for tunnel creation according to a security protocol at a source tunnel endpoint (TEP) includes exchanging messages with a destination TEP to create a security association (SA) for the tunnel creation; sending a message to the destination TEP, wherein the message is an encrypted message based on the first message exchange, and the message includes a traffic selector of the source TEP and a number of available CPUs of the source TEP; receiving a message from the destination TEP, wherein the message is an encrypted message based on the first message exchange, and the message includes a traffic selector of the destination TEP and a number of available CPUs of the destination TEP; and determining a number of SAs to create with the destination TEP, wherein the determination is based on the traffic selectors and the number of available CPUs.

公开(公告)号：US20240022452A1

公开(公告)日：2024-01-18

申请号：US17958513

申请日：2022-10-03

Applicant: VMWARE, INC.

Inventor： GAURAV JINDAL ,  HUSSAINA BEGUM NANDYALA ,  BHARGAV PUVVADA

IPC: H04L12/46 ,  H04L12/66 ,  H04L61/256

CPC classification number: H04L12/4641 ,  H04L12/66 ,  H04L61/256

Abstract: The disclosure provides an approach for processing inter-network communications. Embodiments include configuring, by a management component of a data center, a first virtual private network (VPN) session between a first endpoint outside of the data center and a first gateway of the data center. Embodiments include configuring, by the management component, a second VPN session between a second endpoint outside of the data center and a second gateway of the data center. Embodiments include programming, by the management component, one or more network address translation (NAT) tables of the data center such that, for the first VPN session and the second VPN session, a single public network address of the data center is exposed to the first endpoint and the second endpoint.