Load balancer bypass
First Claim
1. A destination intermediary computer system, comprising:
- one or more hardware processors; and
one or more hardware storage devices having stored thereon computer-executable instructions that are structured such that, when executed by the one or more processors of the destination intermediary computer system, the computer-executable instructions configure the destination intermediary computer system to redirect a multi-message flow so as to bypass a load balancer, including configuring the destination intermediary computer system to perform at least the following;
receive an augmented source-side message from a load balancer, the augmented source-side message comprising a source-side message previously received by the load balancer from a source intermediary serving a source machine along with a first augmented header that was added to the source-side message by the load balancer, a source-side message header including a virtual network address of the load balancer as a destination of the source-side message, and the augmented header including a network address of a destination machine served by the destination intermediary as a destination of the augmented source-side message;
remove the first augmented header from the augmented source-side message to obtain the source-side message;
determine that the source intermediary is to address subsequent network messages that originate from the source machine and that are associated with the same multi-message flow to the destination machine in a manner that bypasses the load balancer; and
based on the determination;
modify the source-side message header such that the destination of the source-side message comprises the network address of the destination machine;
pass the modified source-side message to the destination machine;
receive a response message from the destination machine that includes a response message header identifying a network address of the source machine as a destination of the response message, and identifying the network address of the destination machine as a source of the response message;
augment the response message with a second augmented header identifying a network address of the source machine as a destination of the augmented response message, and identifying the virtual network address of the load balancer as a source of the augmented response message; and
dispatch the augmented response message to the source machine while bypassing the load balancer.
2 Assignments
0 Petitions
Accused Products
Abstract
Redirecting message flows to bypass load balancers. A destination intermediary receives a source-side message that includes a virtual address of a load balancer as a destination, and that is augmented to include a network address of a destination machine as a destination. The destination intermediary determines that a source intermediary should address subsequent network messages that originate from a source machine and that are associated with the same multi-message flow to the destination machine while bypassing the load balancer. The destination intermediary modifies the source-side message so the destination for the source-side message addresses the destination machine, and passes the modified source-side message to the destination machine. The destination intermediary receives a response from the destination machine identifying the source machine as its destination, and modifies the response so a source address identifies the virtual address of the load balancer, and dispatches the modified response to the source machine.
172 Citations
14 Claims
-
1. A destination intermediary computer system, comprising:
-
one or more hardware processors; and one or more hardware storage devices having stored thereon computer-executable instructions that are structured such that, when executed by the one or more processors of the destination intermediary computer system, the computer-executable instructions configure the destination intermediary computer system to redirect a multi-message flow so as to bypass a load balancer, including configuring the destination intermediary computer system to perform at least the following; receive an augmented source-side message from a load balancer, the augmented source-side message comprising a source-side message previously received by the load balancer from a source intermediary serving a source machine along with a first augmented header that was added to the source-side message by the load balancer, a source-side message header including a virtual network address of the load balancer as a destination of the source-side message, and the augmented header including a network address of a destination machine served by the destination intermediary as a destination of the augmented source-side message; remove the first augmented header from the augmented source-side message to obtain the source-side message; determine that the source intermediary is to address subsequent network messages that originate from the source machine and that are associated with the same multi-message flow to the destination machine in a manner that bypasses the load balancer; and based on the determination; modify the source-side message header such that the destination of the source-side message comprises the network address of the destination machine; pass the modified source-side message to the destination machine; receive a response message from the destination machine that includes a response message header identifying a network address of the source machine as a destination of the response message, and identifying the network address of the destination machine as a source of the response message; augment the response message with a second augmented header identifying a network address of the source machine as a destination of the augmented response message, and identifying the virtual network address of the load balancer as a source of the augmented response message; and dispatch the augmented response message to the source machine while bypassing the load balancer. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A source intermediary computer system, comprising:
-
one or more hardware processors; and one or more hardware storage devices having stored thereon computer-executable instructions that are structured such that, when executed by the one or more processors of the source intermediary computer system, the computer-executable instructions configure the source intermediary computer system to cooperate in bypassing a load balancer, including configuring the source intermediary computer system to perform at least the following; receive a source-side message from a source machine, the source-side message having a virtual network address of a load balancer as a destination address, and having a routable device identifier of the source machine as a source address; send the source-side message to a load balancer serving a destination intermediary computer system; based on sending the source-side message to the load balancer, receive an augmented response from the destination intermediary computer system, the augmented message lacking an instruction to bypass the load balancer, the augmented response including a response from a destination machine served by the destination intermediary computer system, the augmented response having the routable device identifier of the source machine as its destination, and having the virtual network address of the load balancer as its source; extract the response from the augmented response; identify a routable device identifier of the destination machine from the response; modify the response so that a source address of the response includes the virtual network address of the load balancer; dispatch the modified response to the source machine; and redirect one or more subsequent messages received from the source machine to the destination machine, using the identified routable device identifier of the destination machine, to bypass the load balancer. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
-
-
14. A method, implemented at a destination intermediary computer system that includes one or more processors, for redirecting a multi-message flow so as to bypass a load balancer, the method comprising:
-
receiving an augmented source-side message from a load balancer, the augmented source-side message comprising a source-side message previously received by the load balancer from a source intermediary serving a source machine along with a first augmented header that was added to the source-side message by the load balancer, a source-side message header including a virtual network address of the load balancer as a destination of the source-side message, and the augmented header including a network address of a destination machine served by the destination intermediary as a destination of the augmented source-side message; removing the first augmented header from the augmented source-side message to obtain the source-side message; determining that the source intermediary is to address subsequent network messages that originate from the source machine and that are associated with the same multi-message flow to the destination machine in a manner that bypasses the load balancer; and based on the determination; modifying the source-side message header such that the destination of the source-side message comprises the network address of the destination machine; passing the modified source-side message to the destination machine; receiving a response message from the destination machine that includes a response message header identifying a network address of the source machine as a destination of the response message, and identifying the network address of the destination machine as a source of the response message; augmenting the response message with a second augmented header identifying a network address of the source machine as a destination of the augmented response message, and identifying the virtual network address of the load balancer as a source of the augmented response message; and dispatching the augmented response message to the source machine while bypassing the load balancer.
-
Specification