Load balancer bypass

US 9,826,033 B2
Filed: 12/17/2015
Issued: 11/21/2017
Est. Priority Date: 10/16/2012
Status: Active Grant

First Claim

Patent Images

1. A destination intermediary computer system, comprising:

one or more hardware processors; and

one or more hardware storage devices having stored thereon computer-executable instructions that are structured such that, when executed by the one or more processors of the destination intermediary computer system, the computer-executable instructions configure the destination intermediary computer system to redirect a multi-message flow so as to bypass a load balancer, including configuring the destination intermediary computer system to perform at least the following;

receive an augmented source-side message from a load balancer, the augmented source-side message comprising a source-side message previously received by the load balancer from a source intermediary serving a source machine along with a first augmented header that was added to the source-side message by the load balancer, a source-side message header including a virtual network address of the load balancer as a destination of the source-side message, and the augmented header including a network address of a destination machine served by the destination intermediary as a destination of the augmented source-side message;

remove the first augmented header from the augmented source-side message to obtain the source-side message;

determine that the source intermediary is to address subsequent network messages that originate from the source machine and that are associated with the same multi-message flow to the destination machine in a manner that bypasses the load balancer; and

based on the determination;

modify the source-side message header such that the destination of the source-side message comprises the network address of the destination machine;

pass the modified source-side message to the destination machine;

receive a response message from the destination machine that includes a response message header identifying a network address of the source machine as a destination of the response message, and identifying the network address of the destination machine as a source of the response message;

augment the response message with a second augmented header identifying a network address of the source machine as a destination of the augmented response message, and identifying the virtual network address of the load balancer as a source of the augmented response message; and

dispatch the augmented response message to the source machine while bypassing the load balancer.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Redirecting message flows to bypass load balancers. A destination intermediary receives a source-side message that includes a virtual address of a load balancer as a destination, and that is augmented to include a network address of a destination machine as a destination. The destination intermediary determines that a source intermediary should address subsequent network messages that originate from a source machine and that are associated with the same multi-message flow to the destination machine while bypassing the load balancer. The destination intermediary modifies the source-side message so the destination for the source-side message addresses the destination machine, and passes the modified source-side message to the destination machine. The destination intermediary receives a response from the destination machine identifying the source machine as its destination, and modifies the response so a source address identifies the virtual address of the load balancer, and dispatches the modified response to the source machine.

172 Citations

14 Claims

1. A destination intermediary computer system, comprising:
- one or more hardware processors; and
  
  one or more hardware storage devices having stored thereon computer-executable instructions that are structured such that, when executed by the one or more processors of the destination intermediary computer system, the computer-executable instructions configure the destination intermediary computer system to redirect a multi-message flow so as to bypass a load balancer, including configuring the destination intermediary computer system to perform at least the following;
  
  receive an augmented source-side message from a load balancer, the augmented source-side message comprising a source-side message previously received by the load balancer from a source intermediary serving a source machine along with a first augmented header that was added to the source-side message by the load balancer, a source-side message header including a virtual network address of the load balancer as a destination of the source-side message, and the augmented header including a network address of a destination machine served by the destination intermediary as a destination of the augmented source-side message;
  
  remove the first augmented header from the augmented source-side message to obtain the source-side message;
  
  determine that the source intermediary is to address subsequent network messages that originate from the source machine and that are associated with the same multi-message flow to the destination machine in a manner that bypasses the load balancer; and
  
  based on the determination;
  
  modify the source-side message header such that the destination of the source-side message comprises the network address of the destination machine;
  
  pass the modified source-side message to the destination machine;
  
  receive a response message from the destination machine that includes a response message header identifying a network address of the source machine as a destination of the response message, and identifying the network address of the destination machine as a source of the response message;
  
  augment the response message with a second augmented header identifying a network address of the source machine as a destination of the augmented response message, and identifying the virtual network address of the load balancer as a source of the augmented response message; and
  
  dispatch the augmented response message to the source machine while bypassing the load balancer.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The destination intermediary computer system of claim 1, wherein the response message lacks an instruction to bypass the load balancer.
  - 3. The destination intermediary computer system of claim 1, wherein the virtual network address of the load balancer is a virtual internet protocol (IP) address that is load balanced across a plurality of destination machines.
  - 4. The destination intermediary computer system of claim 1, wherein the destination intermediary computer system comprises a virtual machine host.
  - 5. The destination intermediary computer system of claim 4, wherein the destination machine is a virtual machine executing on the destination intermediary computer system.

6. A source intermediary computer system, comprising:
- one or more hardware processors; and
  
  one or more hardware storage devices having stored thereon computer-executable instructions that are structured such that, when executed by the one or more processors of the source intermediary computer system, the computer-executable instructions configure the source intermediary computer system to cooperate in bypassing a load balancer, including configuring the source intermediary computer system to perform at least the following;
  
  receive a source-side message from a source machine, the source-side message having a virtual network address of a load balancer as a destination address, and having a routable device identifier of the source machine as a source address;
  
  send the source-side message to a load balancer serving a destination intermediary computer system;
  
  based on sending the source-side message to the load balancer, receive an augmented response from the destination intermediary computer system, the augmented message lacking an instruction to bypass the load balancer, the augmented response including a response from a destination machine served by the destination intermediary computer system, the augmented response having the routable device identifier of the source machine as its destination, and having the virtual network address of the load balancer as its source;
  
  extract the response from the augmented response;
  
  identify a routable device identifier of the destination machine from the response;
  
  modify the response so that a source address of the response includes the virtual network address of the load balancer;
  
  dispatch the modified response to the source machine; and
  
  redirect one or more subsequent messages received from the source machine to the destination machine, using the identified routable device identifier of the destination machine, to bypass the load balancer.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
- - 7. The source intermediary computer system of claim 6, wherein the augmented response encapsulates the response.
  - 8. The source intermediary computer system of claim 7, wherein extracting the response from the augmented response comprises decapsulating the response from the augmented response.
  - 9. The source intermediary computer system of claim 6, wherein the load balancer serves a plurality of destination intermediary computer systems.
  - 10. The source intermediary computer system of claim 6, wherein sending the source-side message to the load balancer comprises preventing the source-side message from undergoing network address translation (NAT).
  - 11. The source intermediary computer system of claim 6, wherein the virtual network address of the load balancer is a virtual internet protocol (IP) address that is load balanced across a plurality of destination machines.
  - 12. The source intermediary computer system of claim 6, wherein the source intermediary computer system comprises a virtual machine host.
  - 13. The source intermediary computer system of claim 12, wherein the source machine is a virtual machine executing on the source intermediary computer system.

14. A method, implemented at a destination intermediary computer system that includes one or more processors, for redirecting a multi-message flow so as to bypass a load balancer, the method comprising:
- receiving an augmented source-side message from a load balancer, the augmented source-side message comprising a source-side message previously received by the load balancer from a source intermediary serving a source machine along with a first augmented header that was added to the source-side message by the load balancer, a source-side message header including a virtual network address of the load balancer as a destination of the source-side message, and the augmented header including a network address of a destination machine served by the destination intermediary as a destination of the augmented source-side message;
  
  removing the first augmented header from the augmented source-side message to obtain the source-side message;
  
  determining that the source intermediary is to address subsequent network messages that originate from the source machine and that are associated with the same multi-message flow to the destination machine in a manner that bypasses the load balancer; and
  
  based on the determination;
  
  modifying the source-side message header such that the destination of the source-side message comprises the network address of the destination machine;
  
  passing the modified source-side message to the destination machine;
  
  receiving a response message from the destination machine that includes a response message header identifying a network address of the source machine as a destination of the response message, and identifying the network address of the destination machine as a source of the response message;
  
  augmenting the response message with a second augmented header identifying a network address of the source machine as a destination of the augmented response message, and identifying the virtual network address of the load balancer as a source of the augmented response message; and
  
  dispatching the augmented response message to the source machine while bypassing the load balancer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Kumar, Hemant, Patel, Parveen Kumar, Bansal, Deepak
Primary Examiner(s)
Hussain, Tauqir
Assistant Examiner(s)
GRIJALVA LOBOS, BORIS D

Application Number

US14/972,951
Publication Number

US 20160105499A1
Time in Patent Office

705 Days
Field of Search
US Class Current
CPC Class Codes

H04L 12/56   Packet switching systems

H04L 61/2521   Translation architectures o...

H04L 67/1038   Load balancing arrangements...

H04L 67/563   Data redirection of data ne...

Load balancer bypass

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

172 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Load balancer bypass

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

172 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links