Method and system for sharing a network connection in a virtual computer system

US 7,478,173 B1
Filed: 12/18/2003
Issued: 01/13/2009
Est. Priority Date: 12/18/2003
Status: Active Grant

First Claim

Patent Images

1. A method for sharing a network connection between a host software system and a virtual machine, the network connection connecting a single physical computer system to a computer network, the host software system and the virtual machine both executing within the single physical computer system, with a first layer 2 address being associated with the network connection, the method comprising:

allowing the host software system to use the network connection using the first layer 2 address and a first layer 3 address;

allowing the virtual machine to attempt to use the network connection using a second layer 2 address and a second layer 3 address, the second layer 2 address being different from the first layer 2 address and the second layer 3 address being different from the first layer 3 address;

for an outgoing data frame from the virtual machine to the computer network, replacing an occurrence of the second layer 2 address within the outgoing data frame with the first layer 2 address, so that the data frame appears to have originated from a network entity using the first layer 2 address and the second layer 3 address; and

for an incoming data frame from the computer network, if the data frame is addressed using the first layer 2 address and the second layer 3 address, replacing the first layer 2 address with the second layer 2 address and conveying the data frame toward the virtual machine, so that, after modification, the incoming data frame appears to have been addressed to the virtual machine, using the second layer 2 address and the second layer 3 address.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A virtual computer system including multiple virtual machines (VMs) is implemented in a single physical computer system. The multiple VMs have their own layer 2 and layer 3 addresses, but they share a common network connection for which only a single layer 2 address may be used, such as in the case of a standard wireless network interface card (NIC) or in the case of multiple NICs and a standard NIC teaming solution. For outgoing data frames from a VM to a network entity outside the virtual computer system, the layer 2 address of the VM contained in the source address field is generally replaced with the layer 2 address of the network connection. For incoming data frames from a network entity to a VM, the layer 2 address of the network connection contained in the destination address field is generally replaced with the layer 2 address of the VM.

492 Citations

30 Claims

1. A method for sharing a network connection between a host software system and a virtual machine, the network connection connecting a single physical computer system to a computer network, the host software system and the virtual machine both executing within the single physical computer system, with a first layer 2 address being associated with the network connection, the method comprising:
- allowing the host software system to use the network connection using the first layer 2 address and a first layer 3 address;
  
  allowing the virtual machine to attempt to use the network connection using a second layer 2 address and a second layer 3 address, the second layer 2 address being different from the first layer 2 address and the second layer 3 address being different from the first layer 3 address;
  
  for an outgoing data frame from the virtual machine to the computer network, replacing an occurrence of the second layer 2 address within the outgoing data frame with the first layer 2 address, so that the data frame appears to have originated from a network entity using the first layer 2 address and the second layer 3 address; and
  
  for an incoming data frame from the computer network, if the data frame is addressed using the first layer 2 address and the second layer 3 address, replacing the first layer 2 address with the second layer 2 address and conveying the data frame toward the virtual machine, so that, after modification, the incoming data frame appears to have been addressed to the virtual machine, using the second layer 2 address and the second layer 3 address.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the computer system further includes one or more additional virtual machines that are also allowed to share the network connection, with each virtual machine having a layer 2 address that is unique among layer 2 addresses within the physical computer system and a layer 3 address that is unique among layer 3 addresses within the physical computer system, and wherein the method further comprises maintaining a table for correlating layer 2 addresses with layer 3 addresses for the multiple virtual machines.
  - 3. The method of claim 2, wherein, if a virtual machine sends an outgoing data frame using a third layer 2 address and a third layer 3 address as source addresses, and the table does not contain an entry correlating the third layer 3 address with the third layer 2 address, the method further comprises adding an entry to the table that correlates the third layer 3 address with the third layer 2 address.
  - 4. The method of claim 3, wherein, if the destination addresses of an incoming data frame contain the first layer 2 address and a layer 3 address that matches an entry in the table, the method further comprises replacing the first layer 2 address with the layer 2 address from the matching entry in the table.
  - 5. The method of claim 1, wherein the layer 2 addresses are Ethernet addresses and the layer 3 addresses are Internet Protocol addresses.
  - 6. The method of claim 1, wherein the network connection comprises a wireless network interface card.
  - 7. The method of claim 1, wherein the network connection comprises a plurality of network interface cards and a network interface card (NIC) teaming solution.
  - 8. The method of claim 1, wherein the computer system further includes one or more additional virtual machines that are also allowed to share the network connection, the multiple virtual machines being interconnected by a virtual network within the computer network.
  - 9. The method of claim 8, wherein the virtual network comprises a virtual switch.

10. A computer program embodied in a tangible medium, the computer program being executable in a computer system, the computer system having a network connection to a computer network, the network connection having a first layer 2 address associated therewith, the computer system also including a virtual machine, the virtual machine using a second layer 2 address and a second layer 3 address for communications with the computer network, the second layer 2 address being different from the first layer 2 address, the computer program comprising:
- a virtual network connector for conveying data frames between the virtual machine and the computer network using the network connection; and
  
  a mapping unit for selectively modifying layer 2 addresses within data frames as they are conveyed between the virtual machine and the network connection,wherein, for an outgoing data frame from the virtual machine to the computer network, the mapping unit replaces the second layer 2 address of the virtual machine with the first layer 2 address of the network connection, and,wherein, for an incoming data frame from the computer network to the virtual machine, if the incoming data frame is addressed using the first layer 2 address of the network connection and the second layer 3 address of the virtual machine, the mapping unit replaces the first layer 2 address of the network connection with the second layer 2 address of the virtual machine.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The computer program of claim 10, wherein the first layer 2 address and a first layer 3 address are used by a host world for communications with the computer network.
  - 12. The computer program of claim 10, wherein the virtual network connector interfaces with a virtual switch, which further interfaces with the virtual machine, along with one or more additional virtual machines also executing within the computer system.
  - 13. The computer program of claim 10, wherein the virtual network connector comprises a high-level interface that interfaces with a host network subsystem running in a host world of the computer system.
  - 14. The computer program of claim 13, wherein the virtual network connector further comprises a low-level interface that also interfaces with the host network subsystem running in the host world of the computer system.
  - 15. The computer program of claim 10, wherein the virtual network connector comprises an intermediate driver that interfaces with a host network subsystem running in a host world of the computer system.
  - 16. The computer program of claim 10, wherein the computer system also includes one or more additional virtual machines, with each virtual machine having a layer 2 address that is unique among layer 2 addresses within the computer system and a layer 3 address that is unique among layer 3 addresses within the computer system, the computer program further comprising a table for correlating layer 2 addresses with layer 3 addresses for the multiple virtual machines, and wherein, if the destination addresses of an incoming data frame contain the first layer 2 address and a layer 3 address that matches an entry in the table, the mapping unit replaces the first layer 2 address with the layer 2 address from the matching entry in the table.
  - 17. The computer program of claim 16, wherein each entry of the table also includes a time value for indicating a relative time at which the entry was last added or updated.
  - 18. The computer program of claim 10, wherein the virtual machine includes a virtual network interface card and a network software system to enable the virtual machine to use the virtual network interface card as if it were a physical network interface card connected to the computer network, and wherein the virtual network connector conveys data frames to and from the virtual machine using the network software system.

19. A method for sharing a network connection between a first software entity and a second software entity, the network connection connecting a single physical computer system to a computer network, both software entities executing within the single physical computer system, the method comprising:
- allowing the first software entity to use the network connection using a first lower layer network address and a first higher layer network address;
  
  allowing the second software entity to attempt to use the network connection using a second lower layer network address and a second higher layer network address, the second lower layer network address being different from the first lower layer network address and the second higher layer network address being different from the first higher layer network address;
  
  for an outgoing data frame from the second software entity to the computer network, replacing an occurrence of the second lower layer network address within the outgoing data frame with the first lower layer network address, so that the data frame appears to have originated from a network entity using the first lower layer network address and the second higher layer network address; and
  
  for an incoming data frame from the computer network, if the data frame is addressed using the first lower layer network address and the second higher layer network address, replacing the first lower layer network address with the second lower layer network address and conveying the data frame toward the second software entity, so that, after modification, the incoming data frame appears to have been addressed to the second software entity, using the second lower layer network address and the second higher layer network address.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
- - 20. The method of claim 19, wherein the first software entity is a host software system and the second software entity is a virtual machine.
  - 21. The method of claim 19, wherein the lower layer network addresses are Ethernet addresses and the higher layer network addresses are Internet Protocol addresses.
  - 22. The method of claim 19, wherein, if the outgoing data frame comprises a Dynamic Host Configuration Protocol (DHCP) request, the method further comprises setting a broadcast bit in the DHCP request, indicating that any reply to the DHCP request is to be broadcast, instead of being unicast.
  - 23. The method of claim 19, wherein, if the outgoing data frame comprises a Dynamic Host Configuration Protocol (DHCP) request, the method further comprises replacing an occurrence of the second lower layer network address in a chaddr field of the DHCP request with the first lower layer network address and placing the second lower layer network address into a client identifier extension of the DHCP request.
  - 24. The method of claim 23, wherein, if the incoming data frame comprises a Dynamic Host Configuration Protocol (DHCP) reply, the method further comprises replacing the first lower layer network address in the incoming data frame with a lower layer network address from a client identifier extension of the DHCP reply.
  - 25. The method of claim 23, wherein, if the incoming data frame comprises a Dynamic Host Configuration Protocol (DHCP) reply, the method further comprises replacing the first lower layer network address in the incoming data frame with a lower layer network address that is determined based on correlating a transaction identifier value with a prior outgoing DHCP request.
  - 26. The method of claim 19, wherein, if the outgoing data frame comprises an Address Resolution Protocol (ARP) request, the method further comprises replacing an occurrence of the second lower layer network address within the ARP request with the first lower layer network address.
  - 27. The method of claim 19, wherein, if the outgoing data frame comprises a Reverse Address Resolution Protocol (RARP) request, the method further comprises replacing an occurrence of the second lower layer network address within the RARP request with the first lower layer network address.

28. A method for sharing a network connection between a first software entity and a second software entity, the network connection connecting a single physical computer system to a computer network, the network connection having a first layer 2 address associated therewith, both software entities executing within the single physical computer system, the method comprising:
- allowing the first software entity to attempt to use the network connection using a second lower layer network address and a second higher layer network address, the second lower layer network address being different from the first lower layer network address;
  
  allowing the second software entity to attempt to use the network connection using a third lower layer network address and a third higher layer network address, the third lower layer network address being different from the first lower layer network address and from the second lower layer network address, and the third higher layer network address being different from the second higher layer network address;
  
  for an outgoing data frame from the first software entity to the computer network, replacing an occurrence of the second lower layer network address within the outgoing data frame with the first lower layer network address, so that the data frame appears to have originated from a network entity using the first lower layer network address and the second higher layer network address;
  
  for an outgoing data frame from the second software entity to the computer network, replacing an occurrence of the third lower layer network address within the outgoing data frame with the first lower layer network address, so that the data frame appears to have originated from a network entity using the first lower layer network address and the third higher layer network address;
  
  for an incoming data frame from the computer network, if the data frame is addressed using the first lower layer network address and the second higher layer network address, replacing the first lower layer network address with the second lower layer network address and conveying the data frame toward the first software entity, so that, after modification, the incoming data frame appears to have been addressed to the first software entity, using the second lower layer network address and the second higher layer network address; and
  
  for an incoming data frame from the computer network, if the data frame is addressed using the first lower layer network address and the third higher layer network address, replacing the first lower layer network address with the third lower layer network address and conveying the data frame toward the second software entity, so that, after modification, the incoming data frame appears to have been addressed to the second software entity, using the third lower layer network address and the third higher layer network address.
- View Dependent Claims (29, 30)
- - 29. The method of claim 28, wherein the first software entity is a host software system and the second software entity is a virtual machine.
  - 30. The method of claim 28, wherein the first software entity is a first virtual machine and the second software entity is a second virtual machine.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Vmware LLC (Broadcom, Inc.)
Original Assignee
VMware, Inc. (Broadcom, Inc.)
Inventors
Delco, Matthew Ray
Primary Examiner(s)
Ali; Farhad

Application Number

US10/741,242
Time in Patent Office

1,853 Days
Field of Search

709/250, 709224-226, 709/249, 709/236
US Class Current

709/250
CPC Class Codes

H04L 12/2865 Logical combinations

H04L 61/103 across network layers, e.g....

Method and system for sharing a network connection in a virtual computer system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

492 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for sharing a network connection in a virtual computer system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

492 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links