DEFAULT GATEWAY EXTENSION

US 20160352682A1
Filed: 06/24/2015
Published: 12/01/2016
Est. Priority Date: 05/29/2015
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

establishing a secure transport layer tunnel over a public network between a first cloud gateway in a private cloud and a second cloud gateway in a public cloud, the secure transport layer tunnel configured to provide a link layer network extension between the private cloud and the public cloud;

intercepting a first address resolution protocol request sent from a first virtual machine in the public cloud;

fabricating a first address resolution protocol response including a MAC address of a router in the public cloud; and

sending the first address resolution protocol response to the first virtual machine.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Many hybrid cloud topologies require virtual machines in a public cloud to use a router in a private cloud, even when the virtual machine is transmitting to another virtual machine in the public cloud. Routing data through an enterprise router on the private cloud via the internet is generally inefficient. This problem can be overcome by placing a router within the public cloud that mirrors much of the routing functionality of the enterprise router. A switch configured to intercept address resolution protocol (ARP) request for the enterprise router'"'"'s address and fabricate a response using the MAC address of the router in the public cloud.

69 Citations

View as Search Results

18 Claims

1. A method comprising:
- establishing a secure transport layer tunnel over a public network between a first cloud gateway in a private cloud and a second cloud gateway in a public cloud, the secure transport layer tunnel configured to provide a link layer network extension between the private cloud and the public cloud;
  
  intercepting a first address resolution protocol request sent from a first virtual machine in the public cloud;
  
  fabricating a first address resolution protocol response including a MAC address of a router in the public cloud; and
  
  sending the first address resolution protocol response to the first virtual machine.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 wherein the first address resolution protocol request sent from a first virtual machine in the public cloud is for a router MAC address.
  - 3. The method of claim 2, wherein the router in the public cloud is an intercloud fabric router.
  - 4. The method of claim 1, wherein the method is performed by an intercloud switch on the public cloud.
  - 5. The method of claim 2, wherein the router MAC address is a private router in the private cloud.
  - 6. The method of claim 1, further comprising:
    - migrating the first virtual machine from the public cloud to the private cloud;
      
      receiving a second address resolution protocol request sent from a first virtual machine in the private cloud at a gateway in the private cloud; and
      
      fabricating by the private cloud gateway a second address resolution protocol response including a MAC address of a router in the private cloud.
  - 7. The method of claim 1, further comprising:
    - detecting a malfunction of the router in the public cloud;
      
      receiving a second address resolution protocol request sent from a first virtual machine in the private cloud; and
      
      in response to detecting that the router in the public cloud has malfunctioned, fabricating a second address resolution protocol response including a MAC address of a router in the private cloud.

8. A non-transitory computer-readable medium having computer readable instructions stored on the computer readable medium that, when executed are effective to cause a computer to:
- establish a tunnel over a public network between the public cloud and a private cloud to provide a link layer network extension between the public cloud and the private cloud;
  
  detect a presence and a function of a local router;
  
  intercept an address resolution protocol request sent from a first virtual machine in the public cloud, andreturn the local router address when the local router is present and detected to be functioning.
- View Dependent Claims (9, 10, 11)
- - 9. The non-transitory computer-readable medium of claim 8, wherein the instructions are effective to send a gratuitous address resolution protocol message to the first virtual machine with a private router address when the local router is not present or detected to be malfunctioning.
  - 10. The non-transitory computer-readable medium of claim 8, wherein the instructions are effective to return a private router address when the local router is not present or detected to be malfunctioning.
  - 11. The non-transitory computer-readable medium of claim 8, wherein after the first virtual machine in the public cloud has been migrated to the private cloud, instructions are effective to return a private router address.

12. A system comprising:
- a first cloud gateway in a first cloud;
  
  a second cloud gateway in a second cloud;
  
  a secure transport layer tunnel over a public network between the first cloud gateway in the first cloud and the second cloud gateway in the second cloud, the secure transport layer tunnel configured to provide a link layer network extension between the first cloud and the second cloud;
  
  a private application virtual machine in the second cloud connected to the second cloud gateway that is configured to switch inter-virtual machine traffic between the second cloud and the private application virtual machine;
  
  a default gateway extension in the second cloud configured to intercept an address resolution protocol request for resolving a default gateway MAC address that is sent from the private application virtual machine; and
  
  return a local router'"'"'s MAC address address in an address resolution protocol response to the private application virtual machine.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The system of claim 12 wherein the first cloud is a private cloud and wherein the second cloud is a public cloud.
  - 14. The system of claim 13 comprising:
    - a virtual supervisor module in the private cloud configured to manage the private application virtual machine in the public cloud as though the private application virtual machine was within the private cloud.
  - 15. The system of claim 13 comprising:
    - a virtual supervisor module in the private cloud configured enable the default gateway extension in the public cloud.
  - 16. The system of claim 13, wherein the default gateway extension is configured to send a gratuitous address resolution protocol message to the first virtual machine with a private router address when the local router is not present or detected to be malfunctioning.
  - 17. The system of claim 13, wherein the default gateway extension is configured to return a private router address when the local router is not present or detected to be malfunctioning.
  - 18. The system of claim 13, wherein the default gateway extension and the second cloud gateway are part of an intercloud fabric switch.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Chang, David W., Patra, Abhijit, Bagepalli, Nagaraj, Devireddy, Dileep Kumar, Sadasivan, Ganesh

Granted Patent

US 10,554,620 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 2009/4557   Distribution of virtual mac...

G06F 2009/45595   Network integration; Enabli...

G06F 9/4416   Network booting; Remote ini...

G06F 9/45558   Hypervisor-specific managem...

H04L 12/4633   Interconnection of networks...

H04L 2101/622   Layer-2 addresses, e.g. med...

H04L 45/66   Layer 2 routing, e.g. in Et...

H04L 47/825   Involving tunnels, e.g. MPLS

H04L 61/103   across network layers, e.g....

H04L 63/0272   Virtual private networks

H04L 67/10   in which an application is ...

H04L 67/1097   for distributed storage of ...

DEFAULT GATEWAY EXTENSION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

69 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

DEFAULT GATEWAY EXTENSION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

69 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links