公开(公告)号：US11360796B2

公开(公告)日：2022-06-14

申请号：US16445023

申请日：2019-06-18

申请人： VMware, Inc.

发明人： Rahul Mishra ,  Camille Lecuyer ,  Saahil Gokhale ,  Rajeev Nair ,  Kantesh Mundaragi ,  Pierluigi Rolando ,  Jayant Jain ,  Raju Koganty

IPC分类号： G06F15/16 ,  G06F9/455 ,  H04L45/00 ,  H04L47/125 ,  H04L69/324 ,  H04L69/325 ,  H04L69/321 ,  H04L12/46 ,  H04L47/17 ,  H04L49/25 ,  H04L101/622 ,  H04L41/5054 ,  G06F9/54 ,  H04L45/74 ,  H04L47/19 ,  H04L67/563 ,  H04L41/0803 ,  H04L41/5003 ,  H04L67/1001 ,  H04L67/10 ,  H04L45/586 ,  H04L67/60 ,  H04L45/302 ,  H04L45/745 ,  H04L67/101 ,  H04L41/0816 ,  H04L47/2425 ,  H04L67/51 ,  H04L67/56 ,  H04L49/00 ,  H04L61/2592 ,  H04L41/0806 ,  H04L41/0893

摘要： Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine. Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).

公开(公告)号：US11025546B2

公开(公告)日：2021-06-01

申请号：US16045690

申请日：2018-07-25

申请人： VMware, Inc.

发明人： Aditya G. Holla ,  Wenyi Jiang ,  Rajeev Nair ,  Srikar Tati ,  Boon Ang ,  Kairav Padarthy

IPC分类号： H04L12/743 ,  H04L12/803 ,  H04L12/861 ,  H04L12/863 ,  H04L29/06 ,  H04L12/935 ,  H04L12/931

摘要： Some embodiments provide a method for selecting a transmit queue of a network interface card (NIC) of a host computer for an outbound data message. The NIC includes multiple transmit queues and multiple receive queues. Each of the transmit queues is individually associated with a different receive queue, and the MC performs a load balancing operation to distribute inbound data messages among multiple receive queues. The method extracts a set of header values from a header of the outbound data message. The method uses the extracted set of header values to identify a receive queue which the NIC would select for a corresponding inbound data message upon which the NIC performed the load balancing operation. The method selects a transmit queue associated with the identified receive queue to process the outbound data message.

公开(公告)号：US10929171B2

公开(公告)日：2021-02-23

申请号：US16445031

申请日：2019-06-18

申请人： VMware, Inc.

发明人： Saahil Gokhale ,  Camille Lecuyer ,  Rajeev Nair ,  Kantesh Mundaragi ,  Rahul Mishra ,  Pierluigi Rolando ,  Jayant Jain ,  Raju Koganty

IPC分类号： G06F9/455 ,  H04L12/721 ,  H04L12/803 ,  H04L29/08 ,  H04L12/46 ,  H04L12/801 ,  H04L12/947 ,  H04L29/12 ,  H04L12/24 ,  G06F9/54 ,  H04L12/741 ,  H04L12/713 ,  H04L12/725 ,  H04L12/851 ,  H04L12/935

摘要： Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine. Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).

公开(公告)号：US20200274779A1

公开(公告)日：2020-08-27

申请号：US16444989

申请日：2019-06-18

申请人： VMware, Inc.

发明人： Pierluigi Rolando ,  Camille Lecuyer ,  Saahil Gokhale ,  Rajeev Nair ,  Yuxiao Zhang ,  Kantesh Mundaragi ,  Rahul Mishra ,  Jayant Jain ,  Raju Koganty

IPC分类号： H04L12/24 ,  H04L29/08 ,  H04L12/741 ,  H04L12/721 ,  H04L12/851

摘要： Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine. Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).

公开(公告)号：US20200272493A1

公开(公告)日：2020-08-27

申请号：US16444845

申请日：2019-06-18

申请人： VMware, Inc.

发明人： Camille Lecuyer ,  Saahil Gokhale ,  Rajeev Nair ,  Anuprem Chalvadi ,  Yang Ping ,  Kantesh Mundaragi ,  Rahul Mishra ,  Pierluigi Rolando ,  Jayant Jain ,  Raju Koganty

IPC分类号： G06F9/455 ,  H04L29/08 ,  H04L12/721 ,  H04L12/46

摘要： Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine. Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).

公开(公告)号：US20220321536A1

公开(公告)日：2022-10-06

申请号：US17223956

申请日：2021-04-06

申请人： VMware, Inc.

发明人： Vignesh Raghuraman ,  Guolin Yang ,  Boon S. Ang ,  Prerit Rodney ,  Rajeev Nair ,  Ashwin Mahesh Shroff

IPC分类号： H04L29/06 ,  H04L12/46

摘要： Some embodiments of the invention provide a method of upgrading a firewall module executing on a host computer to process traffic sent to and from machines executing on the host computer. While a first version of the firewall module executes on the host computer to process the traffic to and from the machines, the method loads a second version of the firewall module alongside the first version of the firewall module. For each of multiple ports associated with machines executing on the host computer for which the firewall module processes traffic sent to and from the port, the method saves a runtime state of the first version that relates to the port, transfers association of a firewall filter associated with the port from the first version to the second version, and restores the saved runtime state for the port to the second version.

公开(公告)号：US20210311772A1

公开(公告)日：2021-10-07

申请号：US17352298

申请日：2021-06-19

申请人： VMware, Inc.

发明人： Rahul Mishra ,  Camille Lecuyer ,  Saahil Gokhale ,  Rajeev Nair ,  Kantesh Mundaragi ,  Pierluigi Rolando ,  Jayant Jain ,  Raju Koganty

IPC分类号： G06F9/455 ,  H04L12/721 ,  H04L12/803 ,  H04L29/08 ,  H04L12/46 ,  H04L12/801 ,  H04L12/947 ,  H04L29/12 ,  H04L12/24 ,  G06F9/54 ,  H04L12/741 ,  H04L12/713 ,  H04L12/725 ,  H04L12/851 ,  H04L12/935

摘要： Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine. Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).

公开(公告)号：US11042397B2

公开(公告)日：2021-06-22

申请号：US16444826

申请日：2019-06-18

申请人： VMware, Inc.

发明人： Rahul Mishra ,  Camille Lecuyer ,  Saahil Gokhale ,  Rajeev Nair ,  Anuprem Chalvadi ,  Yang Ping ,  Kantesh Mundaragi ,  Pierluigi Rolando ,  Jayant Jain ,  Raju Koganty

IPC分类号： G06F9/455 ,  H04L12/721 ,  H04L12/803 ,  H04L29/08 ,  H04L12/46 ,  H04L12/801 ,  H04L12/947 ,  H04L29/12 ,  H04L12/24 ,  G06F9/54 ,  H04L12/741 ,  H04L12/713 ,  H04L12/725 ,  H04L12/851 ,  H04L12/935

摘要： Some embodiments of the invention provide a method for migrating a machine on a first host computer to a second host computer. At the first host computer, the method gathers a set of service insertion data used by a first service insertion module executing on the first host computer to identify a particular chain of multiple services that a set of multiple service nodes have to perform on a particular data message flow associated with the machine. To the second host computer, the method sends a set of machine configuration data and the set of service insertion data. The second host computer (1) uses the machine configuration data to deploy the machine on the second host computer and (2) uses the gathered set of service insertion data to configure a second service insertion module executing on the second host computer to identify the particular chain of two or more services.

公开(公告)号：US20200272494A1

公开(公告)日：2020-08-27

申请号：US16444927

申请日：2019-06-18

申请人： VMware, Inc.

发明人： Saahil Gokhale ,  Camille Lecuyer ,  Rajeev Nair ,  Kantesh Mundaragi ,  Rahul Mishra ,  Pierluigi Rolando ,  Jayant Jain ,  Raju Koganty

IPC分类号： G06F9/455 ,  G06F9/54

摘要： Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine. Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).

公开(公告)号：US11740887B2

公开(公告)日：2023-08-29

申请号：US17223959

申请日：2021-04-06

申请人： VMware, Inc.

发明人： Vignesh Raghuraman ,  Guolin Yang ,  Boon S. Ang ,  Prerit Rodney ,  Rajeev Nair ,  Ashwin Mahesh Shroff

IPC分类号： G06F8/65 ,  H04L9/40

CPC分类号： G06F8/65 ,  H04L63/02

摘要： Some embodiments of the invention provide a method of upgrading software defined networking (SDN) modules executing on a host computer. While a first version of the SDN modules is executing on the host computer to perform traffic processing, the method loads a second version of the SDN modules alongside the first version of the SDN modules such that the first and second versions of the SDN modules are executing on the host computer at the same time. The method saves runtime states from the first version of the SDN modules, and transfers responsibility for performing traffic processing from the first version of the SDN modules to the second version of the SDN modules. The method then restores the saved runtime states to the second version of the SDN modules.