公开(公告)号：US20220311669A1

公开(公告)日：2022-09-29

申请号：US17214254

申请日：2021-03-26

Applicant: VMware, Inc.

Inventor： Parasuramji Rajendran ,  Li Sun ,  Chidambareswaran Raman

IPC: H04L12/24

Abstract: Some embodiments provide a method, for configuring logical network entities at a host computer. The method receives configuration data for a particular logical networking entity implemented at the host computer. The method identifies that the configuration data for the particular logical networking entity includes at least two conflicting configuration settings for the particular logical networking entity. At least one of the configuration settings for the particular logical networking entity is based on association of a configuration profile to a group of logical entities that includes the particular logical networking entity. The method determines a particular one of the conflicting configuration settings with a highest priority to apply to the particular logical networking entity at the host computer.

公开(公告)号：US20210036924A1

公开(公告)日：2021-02-04

申请号：US16526755

申请日：2019-07-30

Applicant: VMware, Inc.

Inventor： Yanjun Lin ,  Yang Ping ,  Wei Guo ,  Li Sun

IPC: H04L12/24 ,  G06F16/901 ,  H04L12/713 ,  H04L12/931 ,  H04L12/715

Abstract: Described herein are systems and methods to manage and identify host spans of logical entities in software defined networks. In one example, a control system may identify a first graph that includes nodes that represent logical entities and hosts and further includes directional edges that represent a topology of the logical entities and hosts. The control system further identifies groups of strongly connected components in the first graph and generates a second graph based on the identified groups. The second graph includes nodes that represent the groups and any nodes of the first graph not included in the groups, and further includes directional edges that indicate a topology of the nodes. The control system may then follow the directional edges of the second graph to allocate host spans to the logical entities represented in the nodes.

公开(公告)号：US20200328967A1

公开(公告)日：2020-10-15

申请号：US16382002

申请日：2019-04-11

Applicant: VMware, Inc.

Inventor： Ziyou Wang ,  Li Sun ,  Anuprem Chalvadi ,  Yanjun Lin ,  Yang Ping ,  Mary Firenze ,  Pierluigi Rolando ,  Yong Feng ,  Raju Koganty ,  Jianjun Shen ,  Medhavi Dhawan

IPC: H04L12/717 ,  H04L12/707 ,  G06F9/455

Abstract: Some embodiments provide a method for assigning different service path identifiers to each of a set of different service paths along each of which a same set of service operations are performed on a set of packets. The method retrieves an available service path identifier from an identifier storage that stores service path identifiers for multiple service paths. The method generates a set of proposed service path identifiers based on the retrieved available service path identifier and the number of service paths in the set of service paths. The method performs a write operation on the identifier storage based on the set of proposed service path identifiers, and based on a determination that the write operation was successful, assigns the set of proposed service path identifiers to the set of service paths. Based on the set of service path identifiers, the method forwards the set of packets along the set of service paths.

公开(公告)号：US20200274769A1

公开(公告)日：2020-08-27

申请号：US16445062

申请日：2019-06-18

Applicant: VMware, Inc.

Inventor： Akhila Naveen ,  Anuprem Chalvadi ,  Yang Ping ,  Yanjun Lin ,  Li Sun ,  Fenil Kavathia ,  Yong Feng ,  Pierluigi Rolando ,  Jayant Jain ,  Raju Koganty

IPC: H04L12/24

Abstract: Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine. Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).

公开(公告)号：US20240028365A1

公开(公告)日：2024-01-25

申请号：US17871934

申请日：2022-07-23

Applicant: VMware, Inc.

Inventor： Han Li ,  Li Sun ,  Jianjun Shen

IPC: G06F9/455 ,  G06F9/50

CPC classification number: G06F9/45558 ,  G06F9/5088 ,  G06F2009/4557 ,  G06F2009/45587

Abstract: Some embodiments provide a novel method for processing control plane messages regarding migration of a particular machine from a first host computer managed by a first central control plane (CCP) server to a second host computer. At the first CCP server, the method receives a first data message from the first host computer notifying that the particular machine has been removed from the first host computer. The method determines whether a second data message from a second host computer notifying that the particular machine has been added to the second host computer has been received and processed in order to process the first data message. When it is determined that the second data message has been received and processed, the method processes the first data message.

公开(公告)号：US10949244B2

公开(公告)日：2021-03-16

申请号：US16445062

申请日：2019-06-18

Applicant: VMware, Inc.

Inventor： Akhila Naveen ,  Anuprem Chalvadi ,  Yang Ping ,  Yanjun Lin ,  Li Sun ,  Fenil Kavathia ,  Yong Feng ,  Pierluigi Rolando ,  Jayant Jain ,  Raju Koganty

IPC: G06F9/455 ,  H04L12/721 ,  H04L12/803 ,  H04L29/08 ,  H04L12/46 ,  H04L12/801 ,  H04L12/947 ,  H04L29/12 ,  H04L12/24 ,  G06F9/54 ,  H04L12/741 ,  H04L12/713 ,  H04L12/725 ,  H04L12/851 ,  H04L12/935

Abstract: Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine. Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).

公开(公告)号：US20220321535A1

公开(公告)日：2022-10-06

申请号：US17223731

申请日：2021-04-06

Applicant: VMware, Inc.

Inventor： Li Sun ,  Parasuramji Rajendran ,  Yang Ping ,  Jianjun Shen

IPC: H04L29/06 ,  H04L29/12

Abstract: Some embodiments provide a novel secure method for suppressing address discovery messaging. In some embodiments, the method receives an address discovery record that provides a network address associated with a machine connected to a network. The method then identifies a set of one or more rules for evaluating the received address discovery record to determine whether the address discovery record or its provided network address should be distributed to one or more hosts and/or devices associated with the network. The method then processes the set of rules to determine whether the received address discovery record violates a rule in the set of rules so as to prevent the distribution of its provided network address. When the address discovery record violates a rule, the method discards it in some embodiments. On the other hand, when the address discovery record does not violate any rule in the identified set of rules, the method distributes the address discovery record or its provided network address to one or more hosts and/or devices associated with the network.

公开(公告)号：US11321113B2

公开(公告)日：2022-05-03

申请号：US16445044

申请日：2019-06-18

Applicant: VMware, Inc.

Inventor： Yong Feng ,  Anuprem Chalvadi ,  Yang Ping ,  Yanjun Lin ,  Li Sun ,  Akhila Naveen ,  Fenil Kavathia ,  Pierluigi Rolando ,  Jayant Jain ,  Raju Koganty

IPC: G06F15/16 ,  G06F9/455 ,  H04L45/00 ,  H04L47/125 ,  H04L69/324 ,  H04L69/325 ,  H04L69/321 ,  H04L12/46 ,  H04L47/17 ,  H04L49/25 ,  H04L101/622 ,  H04L41/5054 ,  G06F9/54 ,  H04L45/74 ,  H04L47/19 ,  H04L67/563 ,  H04L41/0803 ,  H04L41/5003 ,  H04L67/1001 ,  H04L67/10 ,  H04L45/586 ,  H04L67/60 ,  H04L45/30 ,  H04L45/745 ,  H04L67/101 ,  H04L41/0816 ,  H04L47/2425 ,  H04L67/51 ,  H04L67/56 ,  H04L49/00 ,  H04L61/2592 ,  H04L41/0806 ,  H04L41/0893

Abstract: Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine. Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).

公开(公告)号：US11012351B2

公开(公告)日：2021-05-18

申请号：US16282802

申请日：2019-02-22

Applicant: VMware, Inc.

Inventor： Yong Feng ,  Yanjun Lin ,  Yang Ping ,  Pierluigi Rolando ,  Anuprem Chalvadi ,  Li Sun ,  Fenil Kavathia ,  Raju Koganty

IPC: G06F15/173 ,  H04L12/715 ,  G06F9/455 ,  H04L12/24 ,  H04L12/707 ,  H04L12/741 ,  H04L29/08

Abstract: The disclosure provides an approach for computing service paths for a service chain identifying a sequence of services. One method includes including information about a plurality of hosts in a heap. Each of the plurality of hosts includes at least one service virtual computing instance (SVCI) configured to provide at least one of the services of the service chain. The information includes, for each of the plurality of hosts, a number of service paths computed for the service chain at the host and one of a number of services provided by unused SVCIs of the host or a number of consecutive services provided by unused SVCIs of the host. The method further includes selecting a host from the heap based on the information. The method further includes generating a first service path for the service chain, the first service path identifying at least one SVCI of the selected host.

公开(公告)号：US20200272499A1

公开(公告)日：2020-08-27

申请号：US16445044

申请日：2019-06-18

Applicant: VMware, Inc.

Inventor： Yong Feng ,  Anuprem Chalvadi ,  Yang Ping ,  Yanjun Lin ,  Li Sun ,  Akhila Naveen ,  Fenil Kavathia ,  Pierluigi Rolando ,  Jayant Jain ,  Raju Koganty

IPC: G06F9/455 ,  H04L12/721 ,  H04L12/803 ,  H04L29/08

Abstract: Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine. Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).