-
公开(公告)号:US12254340B2
公开(公告)日:2025-03-18
申请号:US18103516
申请日:2023-01-31
Applicant: VMware LLC
Inventor: Fenil Kavathia , Anuprem Chalvadi , Yang Ping , Akhila Naveen , Yong Feng , Kantesh Mundaragi , Rahul Mishra , Pierluigi Rolando , Jayant Jain , Raju Koganty
IPC: G06F9/455 , G06F9/54 , H04L12/46 , H04L41/0803 , H04L41/0816 , H04L41/5003 , H04L41/5054 , H04L45/00 , H04L45/302 , H04L45/586 , H04L45/74 , H04L45/745 , H04L47/125 , H04L47/17 , H04L47/19 , H04L47/2425 , H04L49/00 , H04L49/25 , H04L61/2592 , H04L67/10 , H04L67/1001 , H04L67/101 , H04L67/51 , H04L67/56 , H04L67/563 , H04L67/60 , H04L69/321 , H04L69/324 , H04L69/325 , H04L41/0806 , H04L41/0893 , H04L101/622
Abstract: Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (I) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane.
-
Patent Agency Ranking
公开(公告)号:US20250080414A1
公开(公告)日:2025-03-06
申请号:US18952462
申请日:2024-11-19
Applicant: VMware LLC
Inventor: Akhila Naveen , Kantesh Mundaragi , Rahul Mishra , Fenil Kavathia , Raju Koganty , Pierluigi Rolando , Yong Feng , Jayant Jain
IPC: H04L41/0806 , H04L12/66 , H04L45/42 , H04L49/35 , H04L67/53
Abstract: Some embodiments provide a method for configuring a gateway machine in a datacenter. The method receives a definition of a logical network for implementation in the datacenter. The logical network includes at least one logical switch to which logical network endpoints attach and a logical router for handling data traffic between the logical network endpoints in the datacenter and an external network. The method receives configuration data attaching a third-party service to at least one interface of the logical router via an additional logical switch designated for service attachments. The third-party service is for performing non-forwarding processing on the data traffic between the logical network endpoints and the external network. The method configures the gateway machine in the datacenter to implement the logical router and redirect at least a subset of the data traffic between the logical network endpoints and the external network to the attached third-party service.
-
公开(公告)号:US12088493B2
公开(公告)日:2024-09-10
申请号:US17179174
申请日:2021-02-18
Applicant: VMware LLC
Inventor: Rahul Mishra , Kantesh Mundaragi , Stephen Tan , Akhila Naveen , Pierluigi Rolando , Raju Koganty
Abstract: In an embodiment, a method for a VRF and multi-service insertion on edge gateways is described. In an embodiment, the method comprises obtaining a rule configuration. Based on, at least in part, the rule configuration, a rule table is created. The rule table comprises rule data records, wherein a rule data record comprises packet attributes and a redirection identifier. A policy configuration comprising policy records is obtained. Each policy record comprises a redirection identifier, a next_hop, and an address pair for interfaces. A mapping between VRF identifiers and address pairs is generated. Based on, at least in part, the mapping and the policy configuration, a policy table is generated. The policy table comprises table records, wherein a table record comprises a redirection identifier, a next_hop, and an address pair. The rule and policy tables are used to redirect a packet from an edge gateway to a service virtual machine.
-
公开(公告)号:US12231252B2
公开(公告)日:2025-02-18
申请号:US17528094
申请日:2021-11-16
Applicant: VMware LLC
Inventor: Rahul Mishra , Pierluigi Rolando , Stephen Tan , Raju Koganty
IPC: H04L12/18 , H04L12/46 , H04L45/16 , H04L61/2596 , H04L101/622
Abstract: Some embodiments of the invention provide novel methods for providing transparent services for multicast data messages traversing a network edge device operating at a boundary between two networks. The method analyzes data messages received at the network edge device to determine whether they require a service provided at the boundary and whether they are unicast or multicast (including broadcast). The method modifies a multicast destination media access control (MAC) address of a multicast data message requiring a service to be a unicast destination MAC address and provides, without processing by a standard routing function, the modified data message directly to an interface associated with a service node that provides the particular service required by the data message. The method receives the serviced data message, restores the multicast destination MAC address, and forwards the serviced data message to a set of destinations associated with the multicast destination address.
-
公开(公告)号:US11962499B2
公开(公告)日:2024-04-16
申请号:US16176383
申请日:2018-10-31
Applicant: VMware LLC
Inventor: Rahul Mishra
CPC classification number: H04L45/74 , G06F9/45558 , H04L69/22 , G06F2009/45595 , H04L2212/00
Abstract: In an embodiment, a computer-implemented method for enabling multitenancy for service machines is disclosed. In an embodiment, the method comprises detecting a packet by a service insertion module implemented in a hypervisor. Based on metadata received along with the packet, the service insertion module determines a tenant identifier of a tenant that sent the packet. The service insertion module also determines a plurality of attributes of the packet. Based on the tenant identifier and the plurality of attributes of the packet, an action for the packet is retrieved from a rule table. Based on the action, the service insertion module determines whether at least one service is to be applied to the packet. In response to determining that at least one service is to be applied to the packet, an encapsulated packet is generated by encapsulating the packet with the tenant identifier, and the encapsulated packet is redirected to a service machine that is configured to provide the at least one service to the packet. Upon receiving a result from the service machine, the service insertion module determines, based on the result, whether to forward the packet toward a packet destination; and in response to determining that the packet is to be forwarded toward the packet destination, the packet is forwarded toward the packet destination.
-
公开(公告)号:US12177067B2
公开(公告)日:2024-12-24
申请号:US18102684
申请日:2023-01-28
Applicant: VMware LLC
Inventor: Akhila Naveen , Kantesh Mundaragi , Rahul Mishra , Fenil Kavathia , Raju Koganty , Pierluigi Rolando , Yong Feng , Jayant Jain
IPC: H04L41/0806 , H04L12/66 , H04L45/42 , H04L49/35 , H04L67/53
Abstract: Some embodiments provide a method for configuring a gateway machine in a datacenter. The method receives a definition of a logical network for implementation in the datacenter. The logical network includes at least one logical switch to which logical network endpoints attach and a logical router for handling data traffic between the logical network endpoints in the datacenter and an external network. The method receives configuration data attaching a third-party service to at least one interface of the logical router via an additional logical switch designated for service attachments. The third-party service is for performing non-forwarding processing on the data traffic between the logical network endpoints and the external network. The method configures the gateway machine in the datacenter to implement the logical router and redirect at least a subset of the data traffic between the logical network endpoints and the external network to the attached third-party service.
-
-
-
-
-
Search Results
6
records
(took 0.013 seconds)
