Failover of centralized routers in public cloud logical networks

US 10,601,705 B2
Filed: 12/04/2017
Issued: 03/24/2020
Est. Priority Date: 12/04/2017
Status: Active Grant

First Claim

Patent Images

1. A method for a first data compute node (DCN) implementing a logical network that spans a plurality of datacenters, the first DCN operating in a first datacenter as a logical network gateway that processes data messages between other DCNs of the logical network and external entities, wherein the external entities address the logical network gateway using a first network address and the first DCN has an interface with a second network address for use in the first datacenter, the method comprising:

storing a mapping between the second network address and a third network address, wherein a second DCN operates in a second datacenter as the logical network gateway and has an interface with the third network address for use in the second datacenter;

receiving connection state data from the second DCN describing connections between the external entities and the other DCNs of the logical network, the connection state data using the third network address;

replacing the third network address with the second network address in the connection state data using the stored mapping; and

storing the connection state data with the replaced network address.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Some embodiments provide a method for a first DCN operating in a first datacenter as a logical network gateway that processes messages between other DCNs of the logical network and external entities, which address the logical network gateway using a first address. The first DCN has an interface with a second address for use in the first datacenter. The method stores a mapping between the second address and a third address. A second DCN operates the logical network gateway in a second datacenter and has an interface with the third address for use in the second datacenter. From the second DCN, the method receives connection state data, describing connections between the external entities and the DCNs of the logical network, that uses the third address. The method replaces the third address with the second address in the connection state data using the stored mapping and stores the connection state data.

178 Citations

23 Claims

1. A method for a first data compute node (DCN) implementing a logical network that spans a plurality of datacenters, the first DCN operating in a first datacenter as a logical network gateway that processes data messages between other DCNs of the logical network and external entities, wherein the external entities address the logical network gateway using a first network address and the first DCN has an interface with a second network address for use in the first datacenter, the method comprising:
- storing a mapping between the second network address and a third network address, wherein a second DCN operates in a second datacenter as the logical network gateway and has an interface with the third network address for use in the second datacenter;
  
  receiving connection state data from the second DCN describing connections between the external entities and the other DCNs of the logical network, the connection state data using the third network address;
  
  replacing the third network address with the second network address in the connection state data using the stored mapping; and
  
  storing the connection state data with the replaced network address.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein the first and second datacenters are both datacenters of a same public cloud provider.
  - 3. The method of claim 2, wherein the first and second datacenters have different available subnets for DCN interfaces, wherein the second network address belongs to a subnet available in the first datacenter and the third network address belongs to a subnet available in the second datacenter.
  - 4. The method of claim 2, wherein the first network address is a public network address while the second and third network addresses are private network addresses.
  - 5. The method of claim 4, wherein when an external entity sends a data message to the first network address, a forwarding element managed by the public cloud provider translates a destination network address of the data message to one of the second and third network addresses.
  - 6. The method of claim 1, wherein:
    - the logical network comprises a logical router and a set of logical switches that logically connect to the logical router;
      
      the other DCNs logically connect to the logical switches; and
      
      the logical network gateway implements a centralized routing component of the logical router.
  - 7. The method of claim 6, wherein the other DCNs execute managed forwarding elements that implement the logical switches and a distributed routing component of the logical router.
  - 8. The method of claim 1, wherein the connection state data comprises data regarding existing connections for use by a firewall function of the logical network gateway.
  - 9. The method of claim 1, wherein the other DCNs of the logical network operate in the second datacenter and preferentially exchange data messages with external entities via the second DCN.
  - 10. The method of claim 9, wherein the first and second datacenters are both datacenters of a public cloud provider, wherein the public cloud provider charges more for data traffic between datacenters than for data traffic within a single datacenter.
  - 11. The method of claim 1, wherein storing the mapping comprises receiving the mapping from a network controller.
  - 12. The method of claim 1, wherein storing the mapping comprises interacting with a public cloud provider management system to determine that the first network address is mapped to both the second network address and the third network address.
  - 13. The method of claim 1 further comprising:
    - receiving a set of rules from a network controller, the set of rules using the first network address;
      
      replacing the first network address with the second network address in the received set of rules; and
      
      using the set of rules with the second network address to process new connections between the external entities and the other DCNs of the logical network.
  - 14. The method of claim 13, wherein the second DCN receives the same set of rules, replaces the first network address with the third network address, and uses the set of rules with the third network address to process new connections between the external entities and the other DCNs of the logical network.
  - 15. The method of claim 1, wherein the first DCN executes (i) the logical network gateway and (ii) a first network controller for receiving configuration data for the logical network gateway from a second network controller.
  - 16. The method of claim 15, wherein the second network controller operates in a private datacenter separate from the first and second datacenters.
  - 17. The method of claim 15, wherein the first network controller further receives configuration data for the other DCNs of the logical network.

18. A non-transitory machine-readable medium storing a program which when executed by at least one processing unit of a host machine executes in a first data compute node (DCN) implementing a logical network that spans a plurality of datacenters, the first DCN operating in a first datacenter as a logical network gateway that processes data messages between other DCNs of the logical network and external entities, wherein the external entities address the logical network gateway using a first network address that is translated by a forwarding element managed by a datacenter provider into a second network address that is an address of an interface of the first DCN, the second network address for use in the first datacenter, the program comprising sets of instructions for:
- storing a mapping between the second network address and a third network address, wherein a second DCN operates in a second datacenter as the logical network gateway and has an interface with the third network address for use in the second datacenter;
  
  receiving connection state data from the second DCN describing connections between the external entities and the DCNs of the logical network, the connection state data using the third network address;
  
  replacing the third network address with the second network address in the connection state data using the stored mapping; and
  
  storing the connection state data with the replaced network address such that if the second DCN fails, the first DCN will uses the stored connection state data to process data messages for connections previously processed by the second DCN.
- View Dependent Claims (19, 20, 21, 22, 23)
- - 19. The non-transitory machine-readable medium of claim 18, wherein:
    - the first and second datacenters are both datacenters of a same public cloud provider;
      
      the first and second datacenters have different available subnets for DCN interfaces; and
      
      the second network address belongs to a subnet available in the first datacenter and the third network address belongs to a subnet available in the second datacenter.
  - 20. The non-transitory machine-readable medium of claim 18, wherein:
    - the first and second datacenters are both datacenters of a same public cloud provider;
      
      the first network address is a public network address while the second and third network addresses are private network addresses; and
      
      when an external entity sends a data message with the first network address as a destination network address, the forwarding element managed by the public cloud provider translates the destination network address of the data message to one of the second and third network addresses.
  - 21. The non-transitory machine-readable medium of claim 18, wherein the other DCNs of the logical network operate in the second datacenter and preferentially exchange data messages with external entities via the second DCN.
  - 22. The non-transitory machine-readable medium of claim 18, wherein the program further comprises sets of instructions for:
    - receiving a set of rules from a network controller, the set of rules using the first network address;
      
      replacing the first network address with the second network address in the received set of rules; and
      
      using the set of rules with the second network address to process new connections between the external entities and the other DCNs of the logical network.
  - 23. The non-transitory machine-readable medium of claim 22, wherein the second DCN receives the same set of rules, replaces the first network address with the third network address, and uses the set of rules with the third network address to process new connections between the external entities and the other DCNs of the logical network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nicira Incorporated (Broadcom, Inc.)
Original Assignee
Nicira Incorporated (Broadcom, Inc.)
Inventors
Hira, Mukesh, Chandrashekhar, Ganesan, Jain, Jayant, Jain, Rahul
Primary Examiner(s)
Zong, Ruolei

Application Number

US15/831,369
Publication Number

US 20190173780A1
Time in Patent Office

841 Days
Field of Search

709244
US Class Current
CPC Class Codes

H04L 45/22   Alternate routing

H04L 45/42   Centralised routing

H04L 45/745   Address table lookup; Addre...

H04L 49/355   Application aware switches,...

H04L 61/2514   between local and global IP...

H04L 61/256   NAT traversal

H04L 67/10   in which an application is ...

Failover of centralized routers in public cloud logical networks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

178 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Failover of centralized routers in public cloud logical networks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

178 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links