Directing data traffic between intra-server virtual machines
First Claim
1. A system for improving data communications between intra-server virtual machines, the system comprising:
- network interfaces;
at least one hardware processor communicatively coupled to the network interfaces;
an intra-server routing module implemented by the at least one hardware processor; and
a memory communicatively coupled to the at least one hardware processor, the memory storing instructions which are executable by the at least one hardware processor to perform a method comprising;
receiving, by the intra-server routing module, a first data packet from a first virtual machine directed to a second virtual machine, the first virtual machine and the second virtual machine being associated with the same server;
without inspection from the intra-server routing module, providing to an inline device the first data packet, the inline device forwarding the first data packet to an external routing environment;
receiving, by the intra-server routing module, the first data packet from the external routing environment being allowed for delivery to the second virtual machine based on a predetermined policy;
determining, by a tap sensor, that a data flow associated with the first data packet is allowed between the first virtual machine and the second virtual machine using the receipt of the first data packet, the data flow including data packets from the first virtual machine directed to the second virtual machine and data packets from the second virtual machine directed to the first virtual machine;
using the determination, replacing, by the intra-server routing module, in second data packets of the allowed data flow, a unique identifier of the first virtual machine with a first unique identifier, and replacing a unique identifier of the second virtual machine with a second unique identifier, the first unique identifier and the second unique identifier being associated with the network interfaces of the intra-server routing module; and
directing, by the intra-server routing module, the allowed data flow between the first virtual machine and the second virtual machine using the first unique identifier and the second unique identifier associated with the intra-server routing module, the allowed data flow being directed internally within the server.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for improving data communications between intra-server virtual machines are described herein. An example method may commence with receiving, from a first virtual machine, a data packet directed to a second virtual machine, routing the data packet via an external routing environment, and receiving the data packet allowed for delivery to the second virtual machine. Based on the receipt, it may be determined that a data flow associated with the data packet is allowed, and a unique identifier of the first virtual machine may be replaced with a first unique identifier and a unique identifier of the second virtual machine may be replaced with a second unique identifier. The first and second unique identifiers may be associated with corresponding interfaces of the intra-server routing module and used to direct the data flow internally within the server between the first virtual machine and the second virtual machine.
246 Citations
15 Claims
-
1. A system for improving data communications between intra-server virtual machines, the system comprising:
-
network interfaces; at least one hardware processor communicatively coupled to the network interfaces; an intra-server routing module implemented by the at least one hardware processor; and a memory communicatively coupled to the at least one hardware processor, the memory storing instructions which are executable by the at least one hardware processor to perform a method comprising; receiving, by the intra-server routing module, a first data packet from a first virtual machine directed to a second virtual machine, the first virtual machine and the second virtual machine being associated with the same server; without inspection from the intra-server routing module, providing to an inline device the first data packet, the inline device forwarding the first data packet to an external routing environment; receiving, by the intra-server routing module, the first data packet from the external routing environment being allowed for delivery to the second virtual machine based on a predetermined policy; determining, by a tap sensor, that a data flow associated with the first data packet is allowed between the first virtual machine and the second virtual machine using the receipt of the first data packet, the data flow including data packets from the first virtual machine directed to the second virtual machine and data packets from the second virtual machine directed to the first virtual machine; using the determination, replacing, by the intra-server routing module, in second data packets of the allowed data flow, a unique identifier of the first virtual machine with a first unique identifier, and replacing a unique identifier of the second virtual machine with a second unique identifier, the first unique identifier and the second unique identifier being associated with the network interfaces of the intra-server routing module; and directing, by the intra-server routing module, the allowed data flow between the first virtual machine and the second virtual machine using the first unique identifier and the second unique identifier associated with the intra-server routing module, the allowed data flow being directed internally within the server. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method by an intra-server routing module for data communications between intra-server virtual machines comprising:
-
receiving, by the intra-server routing module, a first data packet from a first virtual machine directed to a second virtual machine, the first virtual machine and the second virtual machine being associated with the same server; without inspection from the intra-server routing module, providing to an inline device the first data packet, the inline device forwarding the first data packet to an external routing environment; receiving, by the intra-server routing module, the first data packet from the external routing environment being allowed for delivery to the second virtual machine based on a predetermined policy; determining, by a tap sensor, that a data flow associated with the first data packet is allowed between the first virtual machine and the second virtual machine using the receipt of the first data packet, the data flow including data packets from the first virtual machine directed to the second virtual machine and data packets from the second virtual machine directed to the first virtual machine; using the determination, replacing, by the intra-server routing module, in second data packets of the allowed data flow, a unique identifier of the first virtual machine with a first unique identifier, and replacing a unique identifier of the second virtual machine with a second unique identifier, the first unique identifier and the second unique identifier being associated with network interfaces of the intra-server routing module; and directing, by the intra-server routing module, the allowed data flow between the first virtual machine and the second virtual machine using the first unique identifier and the second unique identifier associated with the intra-server routing module, the allowed data flow being directed internally within the server. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
Specification