公开(公告)号：US20240036898A1

公开(公告)日：2024-02-01

申请号：US17876457

申请日：2022-07-28

Applicant: VMware, Inc.

Inventor： Peng Li ,  Guolin Yang ,  Ronak Doshi ,  Boon Seong Ang ,  Wenyi Jiang

IPC: G06F9/455

CPC classification number: G06F9/45545 ,  G06F9/45558 ,  G06F2009/45595 ,  G06F2009/45587

Abstract: Some embodiments of the invention provide a method for offloading one or more data message processing services from a machine executing on a host computer. The method is performed at a virtual network interface card (VNIC) that executes on the host computer and is connected to the machine. The method receives, through a communications channel between the machine and the VNIC, (1) configuration data associated with processing data messages belonging to a particular data message flow associated with the machine, and (2) a set of service rules defined for the particular data message flow. The method determines that a first data message received at the VNIC belongs to the particular data message flow and matches at least one service rule in the set of service rules. The method performs, on the first data message, a service specified by the at least one service rule.

公开(公告)号：US20230195488A1

公开(公告)日：2023-06-22

申请号：US17560142

申请日：2021-12-22

Applicant: VMware, Inc.

Inventor： Boon S. Ang ,  Wenyi Jiang ,  Guolin Yang ,  Jin Heo

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/45595

Abstract: Some embodiments provide a method for a first smart NIC of multiple smart NICs of a host computer. Each of the smart NICs executes a smart NIC operating system that performs virtual networking operations for a set of data compute machines executing on the host computer. The method receives a data message sent by one of the data compute machines executing on the host computer. The method performs virtual networking operations on the data message to determine that the data message is to be transmitted from a port of a second smart NIC of the multiple smart NICs. The method passes the data message to the second smart NIC via a private communication channel connecting the plurality of smart NICs.

公开(公告)号：US20230018548A1

公开(公告)日：2023-01-19

申请号：US17860040

申请日：2022-07-07

Applicant: VMware, Inc.

Inventor： Peng Li ,  Ronak Doshi ,  Guolin Yang ,  Boon S. Ang

IPC: G06F9/455

Abstract: Some embodiments provide a method of forwarding data messages to a machine that executes on a host computer and has an associated virtual network interface controller (VNIC) also executing on the host computer. The method retrieves data messages from a queue associated with the VNIC and stores these data messages in a first set of buffer data stores associated with the VNIC. When the first buffer set reaches a threshold congestion level, the method stores data messages subsequently retrieved from the VNIC queue in a second set of buffer data stores associated with the VNIC. In some embodiments, a set of one or more processes executing on the machine retrieves the data messages stored in the buffer sets for processing by these processes or other processes.

公开(公告)号：US20220321536A1

公开(公告)日：2022-10-06

申请号：US17223956

申请日：2021-04-06

Applicant: VMware, Inc.

Inventor： Vignesh Raghuraman ,  Guolin Yang ,  Boon S. Ang ,  Prerit Rodney ,  Rajeev Nair ,  Ashwin Mahesh Shroff

IPC: H04L29/06 ,  H04L12/46

Abstract: Some embodiments of the invention provide a method of upgrading a firewall module executing on a host computer to process traffic sent to and from machines executing on the host computer. While a first version of the firewall module executes on the host computer to process the traffic to and from the machines, the method loads a second version of the firewall module alongside the first version of the firewall module. For each of multiple ports associated with machines executing on the host computer for which the firewall module processes traffic sent to and from the port, the method saves a runtime state of the first version that relates to the port, transfers association of a firewall filter associated with the port from the first version to the second version, and restores the saved runtime state for the port to the second version.

公开(公告)号：US10693806B2

公开(公告)日：2020-06-23

申请号：US14644789

申请日：2015-03-11

Applicant: VMware, Inc.

Inventor： Chi-Hsiang Su ,  Akshay Katrekar ,  Guolin Yang

IPC: H04L12/927 ,  H04L12/911 ,  H04L12/915 ,  H04L12/24

Abstract: Virtual computing instances are provisioned with network resource allocation constraints, which may include hard constraints that must be met in order for the virtual computing instances to be created in a host server. Network resources from multiple hosts may be pooled in a virtual switch, and a cloud management system (CMS) may ensure that a network bandwidth reservation for a new virtual computing instance can be accommodated by network bandwidth in the pool that is reserved for communication endpoint traffic. In addition to such CMS-level constraint enforcement, techniques disclosed herein may also enforce network bandwidths constraints at the host level to guarantee that network bandwidth reservation requirements for communication endpoint(s) of a new virtual computing instance can be satisfied by a particular host before creating the virtual computing instance in that host.

公开(公告)号：US20240036904A1

公开(公告)日：2024-02-01

申请号：US17876460

申请日：2022-07-28

Applicant: VMware, Inc.

Inventor： Peng Li ,  Guolin Yang ,  Ronak Doshi ,  Boon Seong Ang ,  Wenyi Jiang

IPC: G06F9/455 ,  H04L49/00 ,  H04L12/46

CPC classification number: G06F9/45558 ,  H04L49/70 ,  H04L12/4641 ,  G06F2009/45595

Abstract: Some embodiments of the invention provide a method for offloading one or more data message processing services from a machine executing on a host computer. The method is performed at a virtual network interface card (VNIC) that executes within a set of virtualization software executing on the host computer and that is connected to the machine. The method uses a set of configuration data received from the machine to perform the set of data message processing services for a first set of data messages belonging to a particular data message flow associated with the machine. The method determines that a physical network interface card (PNIC) connected to the host computer is available to perform the set of data message processing services for a subsequent second set of data messages belonging to the particular data message flow. The method directs the PNIC to perform the set of data message processing services for subsequent data messages belonging to the particular data message flow.

公开(公告)号：US11863376B2

公开(公告)日：2024-01-02

申请号：US17560153

申请日：2021-12-22

Applicant: VMware, Inc.

Inventor： Boon S. Ang ,  Wenyi Jiang ,  Guolin Yang ,  Jin Heo

IPC: H04L41/0803 ,  G06F9/455

CPC classification number: H04L41/0803 ,  G06F9/45558 ,  G06F2009/45595

Abstract: Some embodiments provide a method for a first smart NIC of multiple smart NICs of a host computer. Each of the smart NICs is for performing virtual networking operations for a set of data compute machines executing on the host computer. The method determines that the first smart NIC is elected to communicate with a network management and control system that configures the virtual networking operations. The method receives a set of configuration data for the virtual networking operations from the network management and control system. The method provides the received set of configuration data to the other smart NICs of the host computer.

公开(公告)号：US20230396563A1

公开(公告)日：2023-12-07

申请号：US18235860

申请日：2023-08-20

Applicant: VMware, Inc.

Inventor： Boon S. Ang ,  Wenyi Jiang ,  Guolin Yang ,  Jin Heo ,  Srividya Murali

IPC: H04L47/80 ,  H04L49/00 ,  H04L45/00 ,  H04L47/78 ,  H04L47/12 ,  H04L49/109

CPC classification number: H04L47/80 ,  H04L49/3009 ,  H04L45/38 ,  H04L47/781 ,  H04L47/12 ,  H04L49/109 ,  H04L49/70

Abstract: Some embodiments of the invention provide a method for configuring a physical network card or physical network controller (pNIC) to provide flow processing offload (FPO) for a host computer connected to the pNIC. The host computers host a set of compute nodes in a virtual network. The set of compute nodes are each associated with a set of interfaces that are each assigned a locally-unique virtual port identifier (VPID) by a flow processing and action generator. The pNIC includes a set of interfaces that are assigned physical port identifiers (PPIDs) by the pNIC. The method includes providing the pNIC with a set of mappings between VPIDs and PPIDs. The method also includes sending updates to the mappings as compute nodes migrate, connect to different interfaces of the pNIC, are assigned different VPIDs, etc. In some embodiments, the flow processing and action generator executes on processing units of the host computer, while in other embodiments, the flow processing and action generator executes on a set of processing units of a pNIC that includes flow processing hardware and a set of programmable processing units.

公开(公告)号：US11736413B2

公开(公告)日：2023-08-22

申请号：US17149760

申请日：2021-01-15

Applicant: VMware, Inc.

Inventor： Yong Wang ,  Boon Seong Ang ,  Wenyi Jiang ,  Guolin Yang

IPC: H04L49/1546 ,  H04L69/22 ,  H04L49/00 ,  H04L9/06 ,  H04L9/40 ,  H04L45/7453

CPC classification number: H04L49/3063 ,  H04L9/0643 ,  H04L45/7453 ,  H04L63/20 ,  H04L69/22 ,  H04L2212/00

Abstract: Example methods and systems for a programmable virtual network interface controller (VNIC) to perform packet processing are described. In one example, the programmable VNIC may modify a packet processing pipeline based on the instruction. The modification may include injecting a second packet processing stage among the multiple first packet processing stages of the packet processing pipeline. In response to detecting an ingress packet that requires processing by the programmable VNIC, the ingress packet may be steered towards the modified packet processing pipeline. The ingress packet may then be processed using the modified packet processing pipeline by performing the second packet processing stage (a) to bypass at least one of the multiple first processing stages, or (b) in addition to the multiple first processing stages.

公开(公告)号：US20220103488A1

公开(公告)日：2022-03-31

申请号：US17091663

申请日：2020-11-06

Applicant: VMware, Inc.

Inventor： Yong Wang ,  Boon S. Ang ,  Guolin Yang ,  Wenyi Jiang

IPC: H04L12/933

Abstract: Some embodiments of the invention provide a method for configuring multiple hardware offload units of a host computer to perform operations on packets associated with machines (e.g., virtual machines or containers) executing on the host computer and to pass the packets between each other efficiently. For instance, in some embodiments, the method configures a program executing on the host computer to identify a first hardware offload unit that has to perform a first operation on a packet associated with a particular machine and to provide the packet to the first hardware offload unit. The packet in some embodiments is a packet that the particular machine has sent to a destination machine on the network, or is a packet received from a source machine through a network and destined to the particular machine.