MULTIPLE VIRTUAL MACHINES SHARING A SINGLE IP ADDRESS

US 20120063458A1
Filed: 09/15/2010
Published: 03/15/2012
Est. Priority Date: 09/15/2010
Status: Active Grant

First Claim

Patent Images

1. An apparatus comprising:

a host computer system with a processor and a memory;

a physical interface with a single internet protocol (IP) address connecting the host computer to an external network;

a plurality of virtual machines each with a virtual machine number in the memory;

a data packet with a destination port number received on the physical interface;

a virtual network manager that forwards the data packet to a unique one of the plurality of virtual machines depending on the destination port number in the data packet.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus allow multiple virtual machines to share the same IP address on an external network address space. The virtual machines reside on one or more physical host computer systems. A virtual network manager handles network traffic from a physical interface on the host computer and forwards network data to the appropriate virtual machine based on a destination port number. Data packets on the external network each have a destination and source port number. The virtual network manager uses a port range table that associates each virtual machine with a range of destination port numbers for incoming data packets. Each of the virtual machines is assigned a unique destination port range in the port range table and incoming data traffic on the external network is routed to the receiving virtual machines based on the destination port number in the data packet.

Citations

20 Claims

1. An apparatus comprising:
- a host computer system with a processor and a memory;
  
  a physical interface with a single internet protocol (IP) address connecting the host computer to an external network;
  
  a plurality of virtual machines each with a virtual machine number in the memory;
  
  a data packet with a destination port number received on the physical interface;
  
  a virtual network manager that forwards the data packet to a unique one of the plurality of virtual machines depending on the destination port number in the data packet.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The apparatus of claim 1 further comprising a port range table with a plurality of port ranges and a corresponding virtual machine number for each port range, and wherein the virtual network manager determines the virtual machine number of the unique one of the plurality of virtual machines by selecting the virtual machine number stored in the port range table corresponding to a port range that includes the destination port number in the data packet.
  - 3. The apparatus of claim 1 further comprising a firewall protecting the host computer from the external network.
  - 4. The apparatus of claim 1 wherein the plurality of virtual machines are located on a plurality of host computer systems.
  - 5. The apparatus of claim 1 and wherein the virtual network manager forwards the data packet to the virtual machine on a virtual network.
  - 6. The apparatus of claim 1 wherein the data packets conform to a protocol chosen from the following:
    - TCP (Transmission Control Protocol) and User Datagram Protocol (UDP).
  - 7. The apparatus of claim 1 wherein where ephemeral ports of the virtual machines are configured to use port numbers in the port range table assigned to the virtual machine.

8. A computer-implemented method for sending data to a virtual machine on a host computer system, the method comprising the steps of:
- (A) configuring multiple virtual machines with a single internet protocol (IP) address;
  
  (B) configuring a virtual network manager with a port range table with a plurality of port ranges and a corresponding virtual machine number for each port range;
  
  (C) routing an incoming data packet from a physical interface to a unique one of the multiple virtual machines based on a destination port number in the data packet; and
  
  (D) wherein the method steps are implemented in a computer software program stored in computer memory and executed by a computer processor.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The method of claim 8 wherein the step of routing the incoming data packet further comprises:
    - determining a virtual machine number corresponding to a port range in the port range table which includes the destination port number in the data packet and routing the data packet to the unique one virtual machine with the determined virtual machine number.
  - 10. The method of claim 8 further comprising the steps of:
    - (E) discarding the incoming packet where the incoming packet is not allowed by a firewall; and
      
      (F) returning the incoming packet if the packet does not conform to a protocol chosen from the following;
      
      TCP (Transmission Control Protocol) and User Datagram Protocol (UDP); and
      
      (G) configuring ephemeral ports of the virtual machines to use port numbers in the port range table assigned to the virtual machine.
  - 11. The method of claim 8 wherein the virtual network manager forwards the data packet to the virtual machine on a virtual network.
  - 12. The method of claim 8 wherein the plurality of virtual machines are located on a plurality of host computers.

13. A computer-implemented method for sending data to a virtual machine on a host computer system, the method comprising the steps of:
- (A) configuring multiple virtual machines located on at least one physical host computer with a single internet protocol (IP) address;
  
  (B) configuring a virtual network manager with a port range table with a plurality of port ranges and a corresponding virtual machine number for each port range;
  
  (C) routing an incoming data packet from a physical interface to a unique one of the multiple virtual machines based on a destination port number in the data packet by determining a virtual machine number corresponding to a port range in the port range table which includes the destination port number in the data packet and routing the data packet to the unique one virtual machine with the determined virtual machine number;
  
  (D) discarding the incoming packet where the incoming packet is not allowed by a firewall;
  
  (E) returning the incoming packet if the packet does not conform to a protocol chosen from the following;
  
  TCP (Transmission Control Protocol) and User Datagram Protocol (UDP);
  
  (F) configuring ephemeral ports of the virtual machines to use port numbers in the port range table assigned to the virtual machine;
  
  (G) wherein the data packet is routed on a virtual network; and
  
  (H) wherein the method steps are implemented in a computer software program stored in computer memory and executed by a computer processor.

14. An article of manufacture comprising software stored on tangible computer readable storage medium, the software comprising:
- a virtual network manager that forwards a data packet with a destination port number received on a physical interface to a unique one of a plurality of virtual machines depending on the destination port number in the data packet, where the plurality of virtual machines share the physical interface having a single internet protocol (IP) address connecting a host computer to an external network.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The article of manufacture of claim 14 wherein the virtual network manager further comprises a port range table with a plurality of port ranges and a corresponding virtual machine number for each port range, and wherein the virtual network manager determines the virtual machine number of the unique one of the plurality of virtual machines by selecting the virtual machine number stored in the port range table corresponding to a port range that includes the destination port number in the data packet.
  - 16. The article of manufacture of claim 14 wherein a firewall protects the host computer from the external network.
  - 17. The article of manufacture of claim 14 and wherein the plurality of virtual machines are located on a plurality of host computers.
  - 18. The article of manufacture of claim 14 wherein the virtual network manager forwards the data packet to the virtual machine on a virtual network
  - 19. The article of manufacture of claim 14 wherein the data packets conform to a protocol chosen from the following:
    - TCP (Transmission Control Protocol) and User Datagram Protocol (UDP).
  - 20. The article of manufacture of claim 14 wherein ephemeral ports of the virtual machines are configured to use port numbers in the port range table assigned to the virtual machine.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Klink, Jeffrey, Shoykher, Mikhail

Granted Patent

US 8,363,656 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/392
CPC Class Codes

G06F 2009/45595   Network integration; Enabli...

G06F 9/45558   Hypervisor-specific managem...

H04L 61/2514   between local and global IP...

H04L 61/2517   using port numbers

MULTIPLE VIRTUAL MACHINES SHARING A SINGLE IP ADDRESS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

MULTIPLE VIRTUAL MACHINES SHARING A SINGLE IP ADDRESS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links