MODIFYING VIRTUAL MACHINE COMMUNICATIONS

US 20150135178A1
Filed: 03/08/2012
Published: 05/14/2015
Est. Priority Date: 03/08/2012
Status: Abandoned Application

First Claim

Patent Images

1. A system comprising:

a first computing device to;

host a first virtual machine, andimplement a first host platform to;

determine that a communication generated by the first virtual machine that includes an indication that it is intended for a second virtual machine is to be transmitted to a network appliance, andas a consequence of determining that the communication generated by the first virtual machine is to be transmitted to the network appliance, modify the communication generated by the first virtual machine to include an indication that a computing device that hosts the network appliance is the destination for the communication generated by the first virtual machine; and

a second computing device communicatively coupled to the first computing device to;

host the second virtual machine, andimplement a second host platform to;

determine that a communication received at the second computing device that includes an indication that it is intended for the second virtual machine and an indication that it was transmitted by the computing device that hosts the network appliance originated from the first virtual machine, andas a consequence of determining that the communication received at the second computing device originated from the first virtual machine, overwrite the indication in the communication received at the second computing device that it is was transmitted by the computing device that hosts the network appliance with an indication that it originated from the first virtual machine.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one implementation, a host platform implemented on a computing device hosting one or more virtual machines determines that a communication generated by a virtual machine and intended for another virtual machine is to be transmitted to a network appliance. Consequently, the host platform modifies the communication generated by the virtual machine.

30 Citations

View as Search Results

15 Claims

1. A system comprising:
- a first computing device to;
  
  host a first virtual machine, andimplement a first host platform to;
  
  determine that a communication generated by the first virtual machine that includes an indication that it is intended for a second virtual machine is to be transmitted to a network appliance, andas a consequence of determining that the communication generated by the first virtual machine is to be transmitted to the network appliance, modify the communication generated by the first virtual machine to include an indication that a computing device that hosts the network appliance is the destination for the communication generated by the first virtual machine; and
  
  a second computing device communicatively coupled to the first computing device to;
  
  host the second virtual machine, andimplement a second host platform to;
  
  determine that a communication received at the second computing device that includes an indication that it is intended for the second virtual machine and an indication that it was transmitted by the computing device that hosts the network appliance originated from the first virtual machine, andas a consequence of determining that the communication received at the second computing device originated from the first virtual machine, overwrite the indication in the communication received at the second computing device that it is was transmitted by the computing device that hosts the network appliance with an indication that it originated from the first virtual machine.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1 wherein the first host platform is configured to determine that a communication generated by the first virtual machine that includes an indication that it is intended for a second virtual machine is to be transmitted to a network appliance by:
    - comparing the communication generated by the first virtual machine to a network policy, andbased on a result of comparing the communication generated by the first virtual machine to the network policy, determine that the communication is to be transmitted to the network appliance.
  - 3. The system of claim 1 wherein:
    - the first host platform is configured to;
      
      determine that the communication generated by the first virtual machine is to be transmitted to the network appliance based on a network layer address included in the communication generated by the first virtual machine, andmodify the communication generated by the first virtual machine to include an indication that the computing device that hosts the network appliance is the destination for the communication by overwriting a data link layer destination address included in the communication generated by the first virtual machine with a data link layer destination address for the computing device that hosts the network appliance; and
      
      the second host platform is configured to;
      
      determine that the communication received at the second computing device originated from the first virtual machine based on a network layer source address included in the communication received at the second computing device, andoverwrite the indication in the communication received at the second computing device that it is was transmitted by the computing device that hosts the network appliance with an indication that it originated from the first virtual machine by overwriting a data link layer source address included in the communication received at the second computing device with a data link layer address for the first virtual machine.
  - 4. The system of claim 1 wherein:
    - the communication generated by the first virtual machine is an Ethernet frame that includes;
      
      an Ethernet header having a source Media Access Control (MAC) address for the first virtual machine and a destination MAC address for the second virtual machine,an IP packet having an IP header having a source IP address for the first virtual machine and a destination IP address for the second virtual machine, the source IP address for the first virtual machine being the indication that the communication generated by the first virtual machine is intended for the second virtual machine; and
      
      the first host platform is configured to;
      
      determine that the communication generated by the first virtual machine is to be transmitted to the network appliance based on the IP header of the communication generated by the first virtual machine, andmodify the communication generated by the first virtual machine to include an indication that the computing device that hosts the network appliance is the destination for the communication by overwriting the MAC address for the second virtual machine with a MAC address for the computing device that hosts the network appliance as the destination MAC address in the Ethernet header of the communication generated by the first virtual machine;
      
      the communication received at the second computing device includes an Ethernet frame having;
      
      an Ethernet header having a source MAC address for the computing device that hosts the network appliance and a destination MAC address for the second computing device, andan IP packet having an IP header having a source IP address for the first virtual machine and a destination IP address for the second virtual machine, the destination IP address for the second virtual machine being the indication that the communication received at the second computing device is intended for the second virtual machine; and
      
      andthe second host platform is configured to;
      
      determine that the communication received at the second computing device originated from the first virtual machine based on the source IP address for the first virtual machine in the IP header of the communication received at the second computing device, andoverwrite the indication in the communication received at the second computing device that it is was transmitted by the computing device that hosts the network appliance with an indication that it originated from the first virtual machine by overwriting the MAC address for the computing device that hosts the network appliance with the MAC address for the first virtual machine as the source MAC address in the Ethernet header of the communication received at the second computing device.
  - 5. The system of claim 4 wherein the first host platform is configured to determine that the communication generated by the first virtual machine is to be transmitted to the network appliance based on the destination IP address for the second virtual machine in the IP header of the communication generated by the first virtual machine.
  - 6. The system of claim 4 wherein the first host platform is configured to determine that the communication generated by the first virtual machine is to be transmitted to the network appliance based on the source IP address for the first virtual machine in the IP header of the communication generated by the first virtual machine.
  - 7. The system of claim 1 further comprising the computing device that hosts the network appliance, the computing device that hosts the network appliance being configured to:
    - host the network appliance, andimplement a third host platform to;
      
      determine that a communication received at the computing device that hosts the network appliance and that includes an indication that it is intended for the second virtual machine and an indication that it originated from the first virtual machine is to be passed to the network appliance,as a consequence of determining that the communication received at the computing device that hosts the network appliance is to be passed to the network appliance, pass the communication received at the computing device that hosts the network appliance to the network appliance,determine that a communication passed by the network appliance to the third host platform includes an indication that it is intended for the second virtual machine, andas a consequence of determining that the communication passed by the network appliance to the third host platform includes an indication that it is intended for the second virtual machine, modify the communication passed by the network appliance to the third host platform to include an indication that the second computing device is the destination for the communication.
  - 8. The system of claim 1 wherein:
    - the first computing device is further configured to host a third virtual machine; and
      
      the first host platform is further configured to;
      
      determine that a different communication generated by the third virtual machine that includes an indication that it is intended for a fourth virtual machine is to be transmitted to a different network appliance, andas a consequence of determining that the communication generated by the third virtual machine is to be transmitted to the different network appliance, modify the communication generated by the third virtual machine to include an indication that a computing device that hosts the different network appliance is the destination for the communication generated by the third virtual machine.

9. A method comprising:
- receiving, at a host platform executing on a computing device, a network packet including an IP packet generated by a sender virtual machine executing on the computing device, the Network packet being intended for a recipient virtual machine;
  
  comparing, using the host platform executing on the computing device, information in an IP header of the Network packet to a network policy;
  
  based on a result of comparing the information in the IP header to the network policy, determining, using the host platform executing on the computing device, that the Network packet is to be transmitted to a network appliance;
  
  as a consequence of determining that the Network packet is to be transmitted to the network appliance, marking, using the host platform executing on the computing device, the Network packet with an IP address for the network appliance;
  
  identifying, using the host platform executing on the computing device, a Media Access Control (MAC) address for a computing device corresponding to the IP address for the network appliance; and
  
  rewriting, using the host platform executing on the computing device, a destination address of an Ethernet header of the Network packet specifying a MAC address for the recipient virtual machine with the MAC address identified as corresponding to the IP address for the network appliance.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The method of claim 9 further comprising transmitting the Network packet from the computing device after rewriting the destination address of the Ethernet header of the Network packet specifying the MAC address for the recipient virtual machine with the MAC address identified as corresponding to the IP address for the network appliance.
  - 11. The method of claim 10 wherein:
    - the network appliance is implemented as another virtual machine executing on another computing device;
      
      identifying a MAC address for a computing device corresponding to the IP address for the network appliance includes identifying a MAC address for the other computing device on which the virtual machine implementing the network appliance is executing; and
      
      rewriting the destination address of the Ethernet header of the Network packet specifying the MAC address for the recipient virtual machine with the MAC address identified as corresponding to the IP address for the network appliance includes rewriting the destination address of the Ethernet header of the Network packet specifying the MAC address for the recipient virtual machine with the MAC address identified for the other computing device on which the virtual machine implementing the network appliance is executing; and
      
      the method further comprises;
      
      after transmitting the Network packet from the computing device, receiving, at another host platform executing on the other computing device, the Network packet having the destination address in the Ethernet header specifying the MAC address for the other computing device on which the virtual machine implementing the network appliance is executing,comparing, using the other host platform executing on the other computing device, information in the IP header of the Network packet to another network policy,based on a result of comparing the information in the IP header to the other network policy, determining, using the other host platform executing on the other computing device, that the Network packet is to be transmitted to the network appliance,as a consequence of determining, using the other host platform executing on the other computing device, that the Network packet is to be transmitted to the network appliance, marking, using the host platform executing on the computing device, the Network packet with an IP address for the network appliance,identifying, using the other host platform executing on the other computing device, a MAC address for the network appliance,rewriting, using the other host platform executing on the other computing device, the destination address of the Ethernet header of the Network packet specifying the MAC address for the other computing device with the MAC address identified for the network appliance,passing the Network packet to the network appliance after rewriting the destination address of the Ethernet header of the Network packet to the MAC address identified for the network appliance,receiving, at the other host platform executing on the other computing device and from the network appliance, the Network packet after processing of the Network packet by the network appliance, a source address of the Ethernet header of the processed Network packet specifying the MAC address for the network appliance and the destination address of the Ethernet header of the processed Network packet specifying a MAC address for the recipient virtual machine,responsive to receiving the processed Network packet, identifying, using the other host platform executing on the other computing device, a MAC address for a different computing device hosting the recipient virtual machine,rewriting, using the other host platform executing on the other computing device, the destination address of the Ethernet header specifying the MAC address for the recipient virtual machine with the MAC address identified for the different computing device hosting the recipient virtual machine,transmitting the Network packet from the other computing device after rewriting the destination address of the Ethernet header of the Network packet specifying the MAC address for the recipient virtual machine with the MAC address identified for the different computing device hosting the recipient virtual machine,after transmitting the Network packet from the other computing device, receiving, at a different host platform executing on the different computing device, the Network packet having the destination address in the Ethernet header specifying the MAC address for the different computing device hosting the recipient virtual machine, andrewriting, using the different host platform executing on the different computing device, the destination address of the Ethernet header of the Network packet specifying the MAC address for the different computing device with the MAC address for the recipient virtual machine.
  - 12. The method of claim 11 wherein:
    - the IP header of the Network packet includes an IP header source address specifying an IP address of the sender virtual machine and an IP header destination address specifying an IP address of the recipient virtual machine;
      
      rewriting the destination address of the Ethernet header of the Network packet specifying the MAC address for the recipient virtual machine with the MAC address identified for the other computing device on which the virtual machine implementing the network appliance is executing includes rewriting the destination address of the Ethernet header of the Network packet specifying the MAC address for the recipient virtual machine with the MAC address identified for the other computing device on which the virtual machine implementing the network appliance is executing while preserving the IP header source address as specifying the IP address of the sender virtual machine and the IP header destination address as specifying the IP address of the recipient virtual machine;
      
      rewriting, using the other host platform executing on the other computing device, the destination address of the Ethernet header of the Network packet specifying the MAC address for the other computing device with the MAC address identified for the network appliance includes rewriting, using the other host platform executing on the other computing device, the destination address of the Ethernet header of the Network packet specifying the MAC address for the other computing device with the MAC address identified for the network appliance while preserving the IP header source address as specifying the IP address of the sender virtual machine and the IP header destination address as specifying the IP address of the recipient virtual machine;
      
      rewriting, using the other host platform executing on the other computing device, the destination address of the Ethernet header specifying the MAC address for the recipient virtual machine with the MAC address identified for the different computing device hosting the recipient virtual machine includes rewriting, using the other host platform executing on the other computing device, the destination address of the Ethernet header specifying the MAC address for the recipient virtual machine with the MAC address identified for the different computing device hosting the recipient virtual machine while preserving the IP header source address as specifying the IP address of the sender virtual machine and the IP header destination address as specifying the IP address of the recipient virtual machine; and
      
      rewriting, using the different host platform executing on the different computing device, the destination address of the Ethernet header of the Network packet specifying the MAC address for the different computing device with the MAC address for the recipient virtual machine includes rewriting, using the different host platform executing on the different computing device, the destination address of the Ethernet header of the Network packet specifying the MAC address for the different computing device with the MAC address for the recipient virtual machine while preserving the IP header source address as specifying the IP address of the sender virtual machine and the IP header destination address as specifying the IP address of the recipient virtual machine.
  - 13. The method of claim 9 wherein:
    - the network appliance is implemented as a virtual machine executing on a different computing device;
      
      identifying a MAC address for a computing device corresponding to the IP address for the network appliance includes identifying a MAC address for the different computing device on which the virtual machine implementing the network appliance is executing; and
      
      rewriting the destination address of the Ethernet header of the Network packet specifying the MAC address for the recipient virtual machine with the MAC address identified as corresponding to the IP address for the network appliance includes rewriting the destination address of the Ethernet header of the Network packet specifying the MAC address for the recipient virtual machine with the MAC address identified for the different computing device on which the virtual machine implementing the network appliance is executing.
  - 14. The method of claim 9 wherein:
    - the network appliance is a standalone, physical network appliance having its own MAC address;
      
      identifying a MAC address for a computing device corresponding to the IP address for the network appliance includes identifying the MAC address for the standalone, physical network appliance; and
      
      rewriting the destination address of the Ethernet header of the Network packet specifying the MAC address for the recipient virtual machine with the MAC address identified as corresponding to the IP address for the network appliance includes rewriting the destination address of the Ethernet header of the Network packet specifying the MAC address for the recipient virtual machine with the MAC address identified for the standalone, physical network appliance.

15. A non-transitory, computer-readable storage medium storing instructions that, when executed by a host computer hosting a virtual machine, cause the computer to implement a host platform to:
- receive a communication generated by the virtual machine hosted by the computing device that includes;
  
  first layer address information identifying the virtual machine hosted by the computing device as the source of the communication and a recipient virtual machine as the destination for the communication, andsecond layer address information identifying the virtual machine hosted by the computing device as the source of the communication and the recipient virtual machine as the destination for the communication;
  
  determine that the communication is to be transmitted to a network appliance; and
  
  as a consequence of determining that the communication is to be transmitted to a network appliance, rewrite the second layer address information identifying the recipient virtual machine as the destination for the communication with address information associated with the network appliance while preserving the first layer address information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Inventors
Fischer, Anna, Edwards, Aled, Goldsack, Patrick

Application Number

US14/381,453
Publication Number

US 20150135178A1
Time in Patent Office

Days
Field of Search
US Class Current

718/1
CPC Class Codes

G06F 2209/542   Intercept

G06F 9/45533   Hypervisors; Virtual machin...

G06F 9/54   Interprogram communication

H04L 2101/622   Layer-2 addresses, e.g. med...

H04L 67/10   in which an application is ...

MODIFYING VIRTUAL MACHINE COMMUNICATIONS

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

30 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

MODIFYING VIRTUAL MACHINE COMMUNICATIONS

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others