公开(公告)号：US20250147795A1

公开(公告)日：2025-05-08

申请号：US19018197

申请日：2025-01-13

Applicant: VMware LLC

Inventor： Boon S. Ang ,  Wenyi Jiang ,  Guolin Yang ,  Jin Heo

IPC: G06F9/455

Abstract: Some embodiments provide a method for a first smart NIC of multiple smart NICs of a host computer. Each of the smart NICs executes a smart NIC operating system that performs virtual networking operations for a set of data compute machines executing on the host computer. The method receives a data message sent by one of the data compute machines executing on the host computer. The method performs virtual networking operations on the data message to determine that the data message is to be transmitted from a port of a second smart NIC of the multiple smart NICs. The method passes the data message to the second smart NIC via a private communication channel connecting the plurality of smart NICs.

公开(公告)号：US20250039129A1

公开(公告)日：2025-01-30

申请号：US18229645

申请日：2023-08-02

Applicant: VMware LLC

Inventor： Pierluigi Rolando ,  Peng Li ,  Boon S. Ang ,  Guolin Yang ,  Wenyi Jiang ,  Yuxiao Zhang ,  Raju Koganty ,  Subrahmanyam Manuguri ,  Kok Pyng Liew ,  Jin Heo ,  Srinath Suriyanarayanan Thillaisthanam

IPC: H04L9/40 ,  G06F9/455

Abstract: Some embodiments provide a novel method for processing flows at an embedded hardware switch of a physical network interface card (PNIC) connected to a host computer. A firewall of the PNIC detects an end of a particular data message flow associated with a particular VM of the host computer. Processing of the particular data message flow was offloaded from the firewall to an embedded hardware switch of the PNIC. After detecting the end of the particular data message flow, the firewall ends offloading of the particular data message flow by deleting a first flow record stored at the embedded hardware switch for the particular data message flow. The firewall deletes a second flow record stored at the first firewall for the particular data message flow.

公开(公告)号：US20240231865A1

公开(公告)日：2024-07-11

申请号：US18150342

申请日：2023-01-05

Applicant: VMware LLC

Inventor： Ronak Doshi ,  Cheng-Chun Tu ,  Guolin Yang ,  Boon Seong Ang ,  Peng Li

IPC: G06F9/455 ,  H04L69/22

CPC classification number: G06F9/45533 ,  H04L69/22

Abstract: Described herein are systems, methods, and software to offload an eXpress Data Path (XDP) operation from a virtual machine to the hypervisor or smart network interface on the host. In one implementation, a method includes, in a virtual machine on a host, passing an XDP configuration for the virtual machine to a hypervisor on the host. The method further includes, in the hypervisor initiating a process to implement the XDP configuration, identifying a packet directed to the virtual machine, and applying the process to the packet to determine an action for the packet.

公开(公告)号：US11936562B2

公开(公告)日：2024-03-19

申请号：US16039946

申请日：2018-07-19

Applicant: VMware LLC

Inventor： Boon Seong Ang ,  Yong Wang ,  Guolin Yang ,  Craige Wenyi Jiang

IPC: H04L47/125 ,  G06F9/455 ,  H04L45/64 ,  H04L61/256

CPC classification number: H04L47/125 ,  G06F9/45558 ,  H04L45/64 ,  H04L61/256 ,  G06F2009/45595

Abstract: A method to offload network function packet processing from a virtual machine onto an offload destination is disclosed. In an embodiment, a method comprises: defining an application programing interface (“API”) for capturing, in a packet processor offload, a network function packet processing for a data flow by specifying how to perform the network function packet processing on data packets that belong to the data flow. Based on capabilities of the packet processor offload and available resources, a packet processing offload destination is selected. Based at least on the API, the packet processor offload for the packet processing offload destination is generated. The packet processor offload is downloaded to the packet processing offload destination to configure the packet processing offload destination to provide the network function packet processing on the data packets that belong to the data flow. The packet processing offload destination is a PNIC or a hypervisor.

公开(公告)号：US12229578B2

公开(公告)日：2025-02-18

申请号：US17560142

申请日：2021-12-22

Applicant: VMware LLC

Inventor： Boon S. Ang ,  Wenyi Jiang ,  Guolin Yang ,  Jin Heo

IPC: G06F9/455

Abstract: Some embodiments provide a method for a first smart NIC of multiple smart NICs of a host computer. Each of the smart NICs executes a smart NIC operating system that performs virtual networking operations for a set of data compute machines executing on the host computer. The method receives a data message sent by one of the data compute machines executing on the host computer. The method performs virtual networking operations on the data message to determine that the data message is to be transmitted from a port of a second smart NIC of the multiple smart NICs. The method passes the data message to the second smart NIC via a private communication channel connecting the plurality of smart NICs.

公开(公告)号：US20250039128A1

公开(公告)日：2025-01-30

申请号：US18229633

申请日：2023-08-02

Applicant: VMware LLC

Inventor： Pierluigi Rolando ,  Peng Li ,  Boon S. Ang ,  Guolin Yang ,  Wenyi Jiang ,  Yuxiao Zhang ,  Raju Koganty ,  Subrahmanyam Manuguri ,  Kok Pyng Liew ,  Jin Heo ,  Srinath Suriyanarayanan Thillaisthanam

IPC: H04L9/40 ,  G06F9/455

Abstract: Some embodiments provide a novel method for offloading firewall operations from a host computer executing a set of one or more virtual machines (VMs) to a physical network interface card (PNIC) connected to the host computer. The method configures, on the PNIC, a first firewall to determine actions to perform on flows associated with the set of VMs, and to offload processing of the flows to a flow-cache second firewall of the PNIC. The method configures, on the PNIC, the flow-cache second firewall to process a first set of flows based on a first set of actions determined by the first firewall, and to offload processing of a second set of flows to an embedded hardware switch of the PNIC. The method configures, on the PNIC, the embedded hardware switch to process the second set of flows based on a second set of actions determined by the first firewall.

公开(公告)号：US12088512B2

公开(公告)日：2024-09-10

申请号：US17208608

申请日：2021-03-22

Applicant: VMware LLC

Inventor： Jia Yu ,  Yong Wang ,  Xinhua Hong ,  Wenyi Jiang ,  Guolin Yang ,  Dexiang Wang

IPC: H04L49/9057 ,  H04L12/66 ,  H04L45/64 ,  H04L69/166 ,  H04L69/22

CPC classification number: H04L49/9057 ,  H04L12/66 ,  H04L45/64 ,  H04L69/166 ,  H04L69/22 ,  H04L2212/00

Abstract: In some embodiments, a method fragments a first packet into a plurality of fragments when a length of an encapsulated first packet is larger than a maximum transmission unit size. For each fragment in the plurality of fragments, fragmentation information is generated. The method encapsulates each fragment in the plurality of fragments with an outer header to form a plurality of encapsulated packets. The respective fragmentation information for each fragment is inserted in a portion of the outer header that is processed by endpoints of an overlay tunnel and not processed by a device along a path of the overlay tunnel. The plurality of encapsulated packets are sent via the overlay tunnel.

公开(公告)号：US12192116B2

公开(公告)日：2025-01-07

申请号：US18235860

申请日：2023-08-20

Applicant: VMware LLC

Inventor： Boon S. Ang ,  Wenyi Jiang ,  Guolin Yang ,  Jin Heo ,  Srividya Murali

IPC: H04L47/80 ,  H04L45/00 ,  H04L47/12 ,  H04L47/78 ,  H04L49/00 ,  H04L49/109

Abstract: Some embodiments of the invention provide a method for configuring a physical network card or physical network controller (pNIC) to provide flow processing offload (FPO) for a host computer connected to the pNIC. The host computers host a set of compute nodes in a virtual network. The set of compute nodes are each associated with a set of interfaces that are each assigned a locally-unique virtual port identifier (VPID) by a flow processing and action generator. The pNIC includes a set of interfaces that are assigned physical port identifiers (PPIDs) by the pNIC. The method includes providing the pNIC with a set of mappings between VPIDs and PPIDs. The method also includes sending updates to the mappings as compute nodes migrate, connect to different interfaces of the pNIC, are assigned different VPIDs, etc. In some embodiments, the flow processing and action generator executes on processing units of the host computer, while in other embodiments, the flow processing and action generator executes on a set of processing units of a pNIC that includes flow processing hardware and a set of programmable processing units.

公开(公告)号：US12095889B2

公开(公告)日：2024-09-17

申请号：US17581674

申请日：2022-01-21

Applicant: VMware LLC

Inventor： Yong Wang ,  Guolin Yang ,  Eduard Serra Miralles ,  Dexiang Wang ,  Qing Chang

IPC: H04L69/22 ,  H04L47/31 ,  H04L47/62 ,  H04L47/78

CPC classification number: H04L69/22 ,  H04L47/31 ,  H04L47/6235 ,  H04L47/78

Abstract: Described herein are systems, methods, and software to manage the identification of control packets in an encapsulation header. In one implementation, a computing system may receive a Geneve packet at a network interface and determine that the Geneve packet includes an Operations and Management (OAM) flag. Once the OAM flag is identified, the computing system can select a processing queue from a plurality of processing queues for a main processing system of the computing system based on the OAM flag and assign the Geneve packet to the processing queue.

公开(公告)号：US20250106172A1

公开(公告)日：2025-03-27

申请号：US18974114

申请日：2024-12-09

Applicant: VMware LLC

Inventor： Boon S. Ang ,  Wenyi Jiang ,  Guolin Yang ,  Jin Heo ,  Srividya Murali

IPC: H04L47/80 ,  H04L45/00 ,  H04L47/12 ,  H04L47/78 ,  H04L49/00 ,  H04L49/109

Abstract: Some embodiments of the invention provide a method for configuring a physical network card or physical network controller (pNIC) to provide flow processing offload (FPO) for a host computer connected to the pNIC. The host computers host a set of compute nodes in a virtual network. The set of compute nodes are each associated with a set of interfaces that are each assigned a locally-unique virtual port identifier (VPID) by a flow processing and action generator. The pNIC includes a set of interfaces that are assigned physical port identifiers (PPIDs) by the pNIC. The method includes providing the pNIC with a set of mappings between VPIDs and PPIDs. The method also includes sending updates to the mappings as compute nodes migrate, connect to different interfaces of the pNIC, are assigned different VPIDs, etc.