Sticky Service Sessions in a Datacenter

US 20160094661A1
Filed: 08/31/2015
Published: 03/31/2016
Est. Priority Date: 09/30/2014
Status: Active Grant

First Claim

Patent Images

1. A non-transitory machine readable medium storing a service processing module for execution on a host computer on which a source compute node (SCN) also executes, the service processing module comprising sets of instructions for:

intercepting a first data message transmitted by a virtual network interface of the SCN;

establishing a connection session with a service node that needs to receive a data message flow associated with the first data message;

extracting and storing a session parameter from a datagram of a second data message that is provided by the SCN or the service node during the connection session; and

using the stored session parameter to relay subsequent data messages to the service node.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Some embodiments provide novel inline switches that distribute data messages from source compute nodes (SCNs) to different groups of destination service compute nodes (DSCNs). In some embodiments, the inline switches are deployed in the source compute nodes datapaths (e.g., egress datapath). The inline switches in some embodiments are service switches that (1) receive data messages from the SCNs, (2) identify service nodes in a service-node cluster for processing the data messages based on service policies that the switches implement, and (3) use tunnels to send the received data messages to their identified service nodes. Alternatively, or conjunctively, the inline service switches of some embodiments (1) identify service-nodes cluster for processing the data messages based on service policies that the switches implement, and (2) use tunnels to send the received data messages to the identified service-node clusters. The service-node clusters can perform the same service or can perform different services in some embodiments. This tunnel-based approach for distributing data messages to service nodes/clusters is advantageous for seamlessly implementing in a datacenter a cloud-based XaaS model (where XaaS stands for X as a service, and X stands for anything), in which any number of services are provided by service providers in the cloud.

133 Citations

17 Claims

1. A non-transitory machine readable medium storing a service processing module for execution on a host computer on which a source compute node (SCN) also executes, the service processing module comprising sets of instructions for:
- intercepting a first data message transmitted by a virtual network interface of the SCN;
  
  establishing a connection session with a service node that needs to receive a data message flow associated with the first data message;
  
  extracting and storing a session parameter from a datagram of a second data message that is provided by the SCN or the service node during the connection session; and
  
  using the stored session parameter to relay subsequent data messages to the service node.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The non-transitory machine readable medium of claim 1, whereinthe connection session is a Layer 4 (L4) connection session,the second data message is a packet comprising a packet header with Layer 3 (L3) and L4 parameters and a payload that is the datagram from which the session parameter is extracted.
  - 3. The non-transitory machine readable medium of claim 2, wherein the session parameter is a session identifier.
  - 4. The non-transitory machine readable medium of claim 3, wherein the session identifier is provided by the service node and the second data message is a message sent by the service node.
  - 5. The non-transitory machine readable medium of claim 3, whereinthe session identifier is a secure session identifier that is based on a session key generated by service node,the set of instructions for using the stored session parameter comprises a set of instructions for providing the secure session identifier for a subsequent data message in order to allow the service node to forego generating another session key.
  - 6. The non-transitory machine readable medium of claim 2, wherein the session parameter is a filename and the second data message is a message sent by the SCN.
  - 7. The non-transitory machine readable medium of claim 6, wherein the set of instructions for extracting the filename comprises a set of instructions for extracting the filename from a URI (Uniform Resource Identifier) that is specified in the second data message.
  - 8. The non-transitory machine readable medium of claim 1, wherein the first data message is a request from the SCN to establish a connection session with the service node.
  - 9. The non-transitory machine readable medium of claim 1, wherein the set of instructions for establishing a connection session comprises a set of instructions for performing a three-way TCP (Transport Control Protocol)/IP (Internet Protocol) handshake with the service node.
  - 10. The non-transitory machine readable medium of claim 9, wherein the service processing module further comprises a set of instructions for establishing a connection session with the SCN by performing a three-way TCP/IP handshake with the SCN.
  - 11. The non-transitory machine readable medium of claim 9, whereinthe second data message comprises a header,the connection session is established so that for the second data message, the service processing module extracts the header, examines the datagram to extract the session parameter, and re-encapsulated the datagram with another header before relaying the packet to the SCN or the service node,the session parameter extracted from the examined payload.
  - 12. The non-transitory machine readable medium of claim 1, wherein the SCN is a virtual machine or a container.
  - 13. The non-transitory machine readable medium of claim 1, wherein the set of instructions for extracting the session parameter comprises a set of instructions for extracting the session parameter from a plurality of datagrams of a plurality of data messages including the second data message, said plurality of datagrams exchanged between the SCN and the service node during the connection session.
  - 14. The non-transitory machine readable medium of claim 1,wherein the service node is a first service node and the first data message is a service request for a service action performed by a group of service nodes including the first service node,wherein the service module further comprises a set of instructions for selecting, for each service request for the service action, a service node in the service node group,wherein the set of instructions for using the stored session parameter comprises sets of instructions for extracting the session parameter from a datagram of a subsequently received data message, identifying the first service node as a service node that previously processed a similar service request, and forwarding a subsequent service request associated with the subsequently received data message to the first service node.
  - 15. The non-transitory machine readable medium of claim 1, wherein the set of instructions for selecting the service node comprises a set of instructions for selecting a service node in the service node group based on a set of load balancing criteria and based on stored session parameters.

16. A method of performing a service on data messages associated with a source compute node (SCN) executing on a host computer, the method comprising:
- at a service processing module executing on the host computer;
  
  intercepting a first data message transmitted by a virtual network interface of the SCN;
  
  establishing a connection session with a service node that needs to receive a data message flow associated with the first data message;
  
  extracting and storing a session parameter from a datagram of a second data message that is provided by the SCN or the service node during the connection session; and
  
  using the stored session parameter to relay subsequent data messages to the service node.
- View Dependent Claims (17)
- - 17. The method of claim 16, whereinthe second data message is a data packet with a packet header and a payload,the connection session is established so that for the data packet, the service processing module extracts the packet header, examines the payload, and re-encapsulated the payload with another packet header before relaying the packet to the SCN or the service node,the session parameter extracted from the examined payload.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nicira Incorporated (Broadcom, Inc.)
Original Assignee
Nicira Incorporated (Broadcom, Inc.)
Inventors
Jain, Jayant, Sengupta, Anirban, Lund, Rick, Koganty, Raju, Hong, Xinhua

Granted Patent

US 11,496,606 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 12/56   Packet switching systems

H04L 41/00   Arrangements for maintenanc...

H04L 41/0803   Configuration setting

H04L 47/125   by balancing the load, e.g....

H04L 47/825   Involving tunnels, e.g. MPLS

H04L 49/60   Software-defined switches

H04L 49/70   Virtual switches

H04L 51/18   Commands or executable codes

H04L 63/0245   Filtering by information in...

H04L 67/10   in which an application is ...

H04L 67/1001   for accessing one among a p...

H04L 67/14   Session management for real...

H04L 67/51   Discovery or management the...

H04L 67/63   Routing a service request d...

H04L 69/16   Implementation or adaptatio...

H04L 69/22   Parsing or analysis of headers

H04W 76/12   Setup of transport tunnels

Sticky Service Sessions in a Datacenter

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

133 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Sticky Service Sessions in a Datacenter

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

133 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links