SELECTING ONE NODE FROM SEVERAL CANDIDATE NODES IN SEVERAL PUBLIC CLOUDS TO ESTABLISH A VIRTUAL NETWORK THAT SPANS THE PUBLIC CLOUDS

US 20190103992A1
Filed: 05/04/2018
Published: 04/04/2019
Est. Priority Date: 10/02/2017
Status: Active Grant

First Claim

Patent Images

1. A method of connecting a location of external machines to a virtual network that is defined over a plurality of public cloud datacenters, the method comprising:

sending a DNS (domain name server) request to identify a particular managed forwarding node (MFN) from a plurality of MFNs at the plurality of public cloud datacenters that are candidate edge MFNs for connecting the external machine location to the virtual network;

in response to the DNS request, receiving an identifier that identifies the particular MFN; and

establishing a network connection between the external machine location and the particular MFN in order to connect the external machine location to the virtual network.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Some embodiments establish for an entity a virtual network over several public clouds of several public cloud providers and/or in several regions. In some embodiments, the virtual network is an overlay network that spans across several public clouds to interconnect one or more private networks (e.g., networks within branches, divisions, departments of the entity or their associated datacenters), mobile users, and SaaS (Software as a Service) provider machines, and other web applications of the entity. The virtual network in some embodiments can be configured to optimize the routing of the entity'"'"'s data messages to their destinations for best end-to-end performance, reliability and security, while trying to minimize the routing of this traffic through the Internet. Also, the virtual network in some embodiments can be configured to optimize the layer 4 processing of the data message flows passing through the network.

102 Citations

View as Search Results

20 Claims

1. A method of connecting a location of external machines to a virtual network that is defined over a plurality of public cloud datacenters, the method comprising:
- sending a DNS (domain name server) request to identify a particular managed forwarding node (MFN) from a plurality of MFNs at the plurality of public cloud datacenters that are candidate edge MFNs for connecting the external machine location to the virtual network;
  
  in response to the DNS request, receiving an identifier that identifies the particular MFN; and
  
  establishing a network connection between the external machine location and the particular MFN in order to connect the external machine location to the virtual network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1 further comprising performing the sending, receiving and establishing operations after determining that a network connection needs to be established between the external machine location and the virtual network.
  - 3. The method of claim 2 further comprising periodically determining, sending, receiving and establishing in order to ensure that the edge MFN for the external machine location is an optimal edge MFN for the external machine location.
  - 4. The method of claim 2, wherein said determination is based on a determination that a virtual private network (VPN) connection needs to be established between the external machine location and the virtual network, and wherein the established network connection is a VPN connection.
  - 5. The method of claim 1, wherein the external machine location is an office or a private datacenter of the entity.
  - 6. The method of claim 1, wherein the plurality of MFNs are candidate ingress/egress edge MFNs, and the particular MFN is the selected ingress/egress MFN (i) for receiving data messages from the external machine location into the virtual network to forward to other external machines of the entity that are connected to the virtual network and (ii) for supplying data messages from other external machines of the entity through the virtual network to the external machine location.
  - 7. The method of claim 1, wherein the sending, receiving and establishing operations are performed by a virtual-network gateway at the external machine location.
  - 8. The method of claim 1, wherein sending the DNS request comprises sending the DNS request to a set of one or more authoritative DNS machines in one or more public clouds
  - 9. The method of claim 8, whereinthe virtual network is deployed in the public cloud datacenter by a virtual network provider that manages a particular domain and deploys other virtual networks for other entities over public cloud datacenters;
    - andthe DNS request to the set of authoritative DNS machines comprises a hierarchical domain name formed by concatenating at least three labels, with a right-most first label identifying the particular domain, a second label to the left of the first label that identifies that entity, and a third label to the left of the second label that identifies the external machine location of the entity in case the entity has more than one external machine locations.
  - 10. The method of claim 1, wherein receiving the identifier comprises receiving a set of at least two identifiers for at least two MFNs, the method further comprising selecting one of the two MFNs as the edge MFN.
  - 11. The method of claim 10, wherein selecting one of the two MFNs comprises:
    - sending a message that needs a reply to each of the two MFNs identified by the received two identifiers; and
      
      selecting one of the two MFNs based on a response time of the two MFNs to the two sent messages.
  - 12. The method of claim 11, wherein the two messages are Internet Control Message Protocol (ICMP) echo request packets.
  - 13. The method of claim 11, wherein selecting the MFN comprises selecting the MFN because another external machine location of the entity has picked the selected MFN as the edge MFN.
  - 14. The method of claim 1, wherein the identifier that identifies the particular MFN is a network address of the MFN.

15. A method of defining a virtual network over a plurality of public cloud datacenters for an entity, the method comprising:
- deploying managed forwarding nodes (MFNs) at the plurality of public cloud datacenters, said MFNs comprising a plurality of edge MFNs for connecting to a plurality of external machine locations of the entity;
  
  for at least one particular external machine location, selecting one MFN from a plurality of MFNs to connect to the particular external machine location, said selecting comprising;
  
  receiving a DNS (domain name servers) request from a connection agent of the particular external machine location;
  
  processing the DNS request to provide the connection agent with a plurality of candidate MFNs, wherein at the particular location, the network connection between the particular location and each of the candidate MFNs is examined in order to select one of the candidate MFNs.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, wherein the examination of the network connection comprises quantifying message throughput speed of the connection.
  - 17. The method of claim 15, wherein the examination of the network connection comprises quantifying message loss rate of the connection.
  - 18. The method of claim 15, wherein the examination of the network connection comprises quantifying at least one of the message throughput speed of the connection and message loss rate of the connection;
    - andassessing distance between the MFN associated with the connection and other external machine locations of the entity.
  - 19. The method of claim 15, whereinreceiving the DNS request comprises receiving with the request a location identifier that uniquely identifies a location of the particular external machine node independently from a location of the connection agent;
    - andprocessing the DNS request comprises using the location identifier to process the DNS request.
  - 20. The method of claim 19, wherein the location identifier specifies one of an IP address, a latitude/longitude geographic description of a location, and a street address.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Vmware LLC (Broadcom, Inc.)
Original Assignee
Nicira Incorporated (Broadcom, Inc.)
Inventors
Cidon, Israel, Dar, Chen, Venugopal, Prashanth, Zohar, Eyal, Markuze, Alex, Bergman, Aran

Granted Patent

US 10,958,479 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

H04L 12/14   Charging , metering or bill...

H04L 12/1403   Architecture for metering, ...

H04L 12/1428   Invoice generation, e.g. cu...

H04L 12/2854   Wide area networks, e.g. pu...

H04L 12/2859   Point-to-point connection b...

H04L 12/4633   Interconnection of networks...

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 2101/35   containing special prefixes

H04L 2212/00   Encapsulation of packets

H04L 41/046   comprising network manageme...

H04L 41/0803   Configuration setting

H04L 41/0895   Configuration of virtualise...

H04L 41/40   using virtualisation of net...

H04L 43/08   Monitoring or testing based...

H04L 43/0829   Packet loss

H04L 43/0852   Delays

H04L 43/0888   Throughput

H04L 45/04   Interdomain routing, e.g. h...

H04L 45/12   Shortest path evaluation

H04L 45/14   Routing performance; Theore...

H04L 45/64 : using an overlay routing layer

H04L 45/74 : Address processing for routing

H04L 45/745 : Address table lookup; Addre...

H04L 61/25 : of the same type

H04L 61/2514 : between local and global IP...

H04L 61/255 : Maintenance or indexing of ...

H04L 61/4511 : using domain name system [DNS]

H04L 63/0245 : Filtering by information in...

H04L 63/0263 : Rule management

H04L 63/0272 : Virtual private networks

H04L 63/0281 : Proxies

H04L 63/20 : for managing network securi...

H04L 67/10 : in which an application is ...

H04M 15/00 : Arrangements for metering, ...

H04M 15/51 : for resellers, retailers or...

View All

SELECTING ONE NODE FROM SEVERAL CANDIDATE NODES IN SEVERAL PUBLIC CLOUDS TO ESTABLISH A VIRTUAL NETWORK THAT SPANS THE PUBLIC CLOUDS

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

102 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SELECTING ONE NODE FROM SEVERAL CANDIDATE NODES IN SEVERAL PUBLIC CLOUDS TO ESTABLISH A VIRTUAL NETWORK THAT SPANS THE PUBLIC CLOUDS

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

102 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links