Isolating network traffic in multi-tenant virtualization environments

US 7,885,276 B1
Filed: 09/30/2008
Issued: 02/08/2011
Est. Priority Date: 09/30/2008
Status: Active Grant

First Claim

Patent Images

1. A method of managing data in a server system, comprising:

providing a plurality of physical servers, each having an internal gateway/switch that is accessible from outside the server;

providing a plurality of virtual servers on at least some of the servers, wherein each of the virtual servers is accessible by the internal gateway/switch of the corresponding server;

accessing data using the internal gateway/switch, wherein the internal gateway/switch determines which particular one of the virtual servers contain the data and then accesses the particular virtual server to provide the data; and

associating portions of the data to tenants of the server system, wherein each of the servers maintains a first table that correlates tenants with the virtual servers maintained thereby and wherein the internal gateway/switch uses the first table to determine which particular one of the virtual servers contains data for a particular tenant and wherein entries of the first table include a tenant id, at least one virtual server id, and at least one corresponding internal address of at least one virtual server identified by the at least one virtual server id.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Managing data in a server system includes providing a plurality of servers, each having an internal gateway/switch that is accessible from outside the server, providing a plurality of virtual servers on at least some of the servers, where each of the virtual servers is accessible by the internal gateway/switch of the corresponding server, and accessing the data using the internal gateway/switch, where the internal gateway/switch determines which particular one of the virtual servers contain the data and then accesses the particular virtual server to provide the data. Managing data in a server system may also include associating portions of the data to tenants of the server system. Each of the servers may maintain a table that correlates tenants with the virtual servers maintained thereby and the internal gateway/switch may use the table to determine which particular one of the virtual servers contains data for a particular tenant.

Citations

14 Claims

1. A method of managing data in a server system, comprising:
- providing a plurality of physical servers, each having an internal gateway/switch that is accessible from outside the server;
  
  providing a plurality of virtual servers on at least some of the servers, wherein each of the virtual servers is accessible by the internal gateway/switch of the corresponding server;
  
  accessing data using the internal gateway/switch, wherein the internal gateway/switch determines which particular one of the virtual servers contain the data and then accesses the particular virtual server to provide the data; and
  
  associating portions of the data to tenants of the server system, wherein each of the servers maintains a first table that correlates tenants with the virtual servers maintained thereby and wherein the internal gateway/switch uses the first table to determine which particular one of the virtual servers contains data for a particular tenant and wherein entries of the first table include a tenant id, at least one virtual server id, and at least one corresponding internal address of at least one virtual server identified by the at least one virtual server id.
- View Dependent Claims (2, 3, 4)
- - 2. A method, according to claim 1, wherein internal addresses of virtual servers are VLAN IDs.
  - 3. A method, according to claim 1, further comprising:
    - providing an internal VLAN for each of the servers, wherein the virtual gateway/switch uses the internal VLAN to access the virtual servers.
  - 4. A method, according to claim 3, wherein VLAN addresses for the virtual servers are maintained internal to the corresponding server.

5. A method of managing data in a server system, comprising:
- providing a plurality of physical servers, each having an internal gateway/switch that is accessible from outside the server;
  
  providing a plurality of virtual servers on at least some of the servers, wherein each of the virtual servers is accessible by the internal gateway/switch of the corresponding server;
  
  accessing data using the internal gateway/switch, wherein the internal gateway/switch determines which particular one of the virtual servers contain the data and then accesses the particular virtual server to provide the data; and
  
  associating portions of the data to tenants of the server system, wherein each of the servers maintains a first table that correlates tenants with the virtual servers maintained thereby and wherein the internal gateway/switch uses the first table to determine which particular one of the virtual servers contains data for a particular tenant and wherein each of the servers maintains a second table that correlates tenants with the virtual gateways/switches of other servers and wherein the internal gateway/switch uses the second table to determine which of the other servers to forward data for a particular tenant.
- View Dependent Claims (6, 7)
- - 6. A method, according to claim 5, further comprising:
    - providing an internal VLAN for each of the servers, wherein the virtual gateway/switch uses the internal VLAN to access the virtual servers.
  - 7. A method, according to claim 6, wherein VLAN addresses for the virtual servers are maintained internal to the corresponding server.

8. A non-transitory computer readable medium storing computer software that manages data in a server system, the software comprising:
- executable code that provides a plurality of virtual servers on servers of the server system, wherein each of the virtual servers is accessible by an internal gateway/switch of the corresponding server;
  
  executable code that accesses data using the internal gateway/switch, wherein the internal gateway/switch determines which particular one of the virtual servers contain the data and then accesses the particular virtual server to provide the data; and
  
  executable code that associates portions of the data to tenants of the server system, wherein each of the servers maintains a first table that correlates tenants with the virtual servers maintained thereby and wherein the internal gateway/switch uses the first table to determine which particular one of the virtual servers contains data for a particular tenant and wherein entries of the first table include a tenant id, at least one virtual server id, and at least one corresponding internal address of at least one virtual server identified by the at least one virtual server id.
- View Dependent Claims (9, 10, 11)
- - 9. The non-transitory computer readable medium according to claim 8, wherein internal addresses of virtual servers are VLAN IDs.
  - 10. The non-transitory computer readable medium according to claim 8, wherein the computer software further comprises:
    - executable code that provides an internal VLAN for each of the servers, wherein the virtual gateway/switch uses the internal VLAN to access the virtual servers.
  - 11. The non-transitory computer readable medium according to claim 10, wherein VLAN addresses for the virtual servers are maintained internal to the corresponding server.

12. A non-transitory computer readable medium storing computer software that manages data in a server system, the software comprising:
- executable code that provides a plurality of virtual servers on servers of the server system, wherein each of the virtual servers is accessible by an internal gateway/switch of the corresponding server;
  
  executable code that accesses data using the internal gateway/switch, wherein the internal gateway/switch determines which particular one of the virtual servers contain the data and then accesses the particular virtual server to provide the data; and
  
  executable code that associates portions of the data to tenants of the server system, wherein each of the servers maintains a first table that correlates tenants with the virtual servers maintained thereby and wherein the internal gateway/switch uses the first table to determine which particular one of the virtual servers contains data for a particular tenant and wherein each of the servers maintains a second table that correlates tenants with the virtual gateways/switches of other servers and wherein the internal gateway/switch uses the second table to determine which of the other servers to forward data for a particular tenant.
- View Dependent Claims (13, 14)
- - 13. The non-transitory computer readable medium according to claim 12, wherein the computer software further comprises:
    - executable code that provides an internal VLAN for each of the servers, wherein the virtual gateway/switch uses the internal VLAN to access the virtual servers.
  - 14. The non-transitory computer readable medium according to claim 13, wherein VLAN addresses for the virtual servers are maintained internal to the corresponding server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Lin, Wayzen
Primary Examiner(s)
Pezzlo; John

Application Number

US12/286,454
Time in Patent Office

861 Days
Field of Search

370/412, 370/419, 370/401
US Class Current

370/401
CPC Class Codes

H04L 12/4641 Virtual LANs, VLANs, e.g. v...

H04L 67/1001 for accessing one among a p...

Isolating network traffic in multi-tenant virtualization environments

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Isolating network traffic in multi-tenant virtualization environments

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links