Providing virtual networking functionality for managed computer networks

US 8,644,188 B1
Filed: 06/25/2009
Issued: 02/04/2014
Est. Priority Date: 06/25/2009
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

receiving configuration information for a first virtual computer network having a plurality of computing nodes and having a first virtual local area network that includes a first computing node and one or more other computing nodes of the plurality of computing nodes, the configuration information further specifying that the first computing node uses a first communication link configured to be associated with multiple virtual local area networks; and

providing, by one or more configured computing systems, the first virtual computer network in accordance with the received configuration information by overlaying the first virtual computer network on a distinct substrate network and by emulating functionality corresponding to the first virtual local area network by;

initiating, by the one or more configured computing systems, forwarding of a communication over the substrate network to the first computing node without the forwarded communication including an identifier specific to the first virtual local area network;

after the forwarding of the communication over the substrate network, modifying, by the one or more configured computing systems, the communication to include the identifier specific to the first virtual local area network based on the first computing node being included in the first virtual local area network and based on the first communication link being configured to be associated with multiple virtual local area networks; and

providing, by the one or more configured computing systems, the modified communication to the first computing node.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques are described for providing virtual networking functionality for managed computer networks. In some situations, a user may configure or otherwise specify one or more virtual local area networks (“VLANs”) for a managed computer network being provided for the user, such as with each VLAN including multiple computing nodes of the managed computer network. Networking functionality corresponding to the specified VLAN(s) may then be provided in various manners, such as if the managed computer network itself is a distinct virtual computer network overlaid on one or more other computer networks, and communications between computing nodes of the managed virtual computer network are handled in accordance with the specified VLAN(s) of the managed virtual computer network by emulating functionality that would be provided by networking devices of the managed virtual computer network if they were physically present and configured to support the specified VLAN(s).

405 Citations

23 Claims

1. A computer-implemented method comprising:
- receiving configuration information for a first virtual computer network having a plurality of computing nodes and having a first virtual local area network that includes a first computing node and one or more other computing nodes of the plurality of computing nodes, the configuration information further specifying that the first computing node uses a first communication link configured to be associated with multiple virtual local area networks; and
  
  providing, by one or more configured computing systems, the first virtual computer network in accordance with the received configuration information by overlaying the first virtual computer network on a distinct substrate network and by emulating functionality corresponding to the first virtual local area network by;
  
  initiating, by the one or more configured computing systems, forwarding of a communication over the substrate network to the first computing node without the forwarded communication including an identifier specific to the first virtual local area network;
  
  after the forwarding of the communication over the substrate network, modifying, by the one or more configured computing systems, the communication to include the identifier specific to the first virtual local area network based on the first computing node being included in the first virtual local area network and based on the first communication link being configured to be associated with multiple virtual local area networks; and
  
  providing, by the one or more configured computing systems, the modified communication to the first computing node.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1 wherein the configuration information further specifies that the first communication link is part of the first virtual computer network and is configured to be associated with the multiple virtual local area networks, and wherein the first virtual computer network is one of the multiple virtual local area networks.
  - 3. The method of claim 2 further comprising providing the forwarded communication to a second computing node that is part of the first virtual local area network without modifying the provided communication to include any information corresponding to the first virtual local area network, the second computing node being associated with a second communication link of the first virtual computer network that is configured to be associated solely with the first virtual local area network.
  - 4. The method of claim 3 further comprising identifying the first virtual local area network as being associated with the communication based at least in part on a sending computing node for the communication being associated with a third communication link of the first virtual computer network that is configured to be associated solely with the first virtual local area network.
  - 5. The method of claim 4 wherein the second and third communication links are each a virtual local area network access link, and wherein the first communication link is a virtual local area network trunk link.
  - 6. The method of claim 2 wherein the identifier associated with the first virtual local area network is an IEEE (“
    - Institute of Electrical and Electronics Engineers”
      
      ) 802.1Q VLAN tag.
  - 7. The method of claim 2 wherein the identifier associated with the first virtual local area network is a Label Switched Path label associated with the Multi-Protocol Label Switching protocol.
  - 8. The method of claim 1 wherein the providing of the first virtual computer network in accordance with the received configuration information further includes emulating, by the one or more configured computing systems, functionality corresponding to the first virtual local area networks for one or more other communications between computing nodes of the first virtual local area network by, for each of the one or more other communications:
    - initiating forwarding of the other communication over the substrate network to an identified destination computing node for the other communication, the forwarded other communication not having any associated information to indicate the first virtual local area network; and
      
      after the forwarding of the other communication over the substrate network, providing the forwarded other communication to the identified destination computing node for the other communication without modifying the provided other communication to include any information corresponding to the first virtual local area network, the identified destination computing node for the other communication being associated with a communication link of the first virtual computer network that is configured to be associated natively with the first virtual local area network.
  - 9. The method of claim 1 wherein the providing of the first virtual computer network in accordance with the received configuration information further includes emulating, by the one or more configured computing systems, functionality corresponding to the first virtual local area network for one or more other communications between computing nodes of the first virtual local area network by, for each of the one or more other communications:
    - initiating forwarding of the other communication over the substrate network to an identified destination computing node for the other communication, the forwarded other communication having associated information to indicate the first virtual local area network, and the forwarding being performed to maintain the associated information for the forwarded other communication but without the substrate network using the associated information for the forwarded other communication or using any other information associated with the first virtual local area network; and
      
      after the forwarding of the other communication over the substrate network, providing a copy of the forwarded other communication to the identified destination computing node for the other communication.
  - 10. The method of claim 1 wherein the substrate network is a physical network that includes multiple interconnected physical networking devices, wherein each of the plurality of computing nodes has an associated substrate network address that corresponds to a location of the computing node in the substrate network and that is distinct from a virtual network address for the computing node, and wherein the forwarding of the communication over the substrate network to the first computing node includes sending the communication to one of the physical networking devices of the substrate network so that the one physical networking device uses the substrate network address for the first computing node to route the communication to the location of the first computing node in the substrate network.
  - 11. The method of claim 1 wherein the received configuration information further specifies multiple logical sub-networks of the first virtual computer network that are each associated with one of multiple specified router devices and each include a group of some of the plurality of computing nodes associated with the one router device, wherein the computing nodes for the first virtual local area networks includes computing nodes from multiple distinct sub-networks, and wherein the providing of the first virtual computer network in accordance with the received configuration information includes emulating functionality of the multiple router devices without physically providing the multiple router devices by performing the modifying of the communication to add information that one or more of the router device would have added to the communication if the identified router device had been physically provided and used to forward the communication.
  - 12. The method of claim 1 wherein the first virtual computer network is further configured to include the multiple virtual local area networks, each of the multiple virtual local area networks being a logical broadcast domain for multiple computing nodes that are part of that virtual local area network.
  - 13. The method of claim 1 wherein the configuration information for the first virtual computer network is received from a user on whose behalf the first virtual computer network is provided.
  - 14. The method of claim 1 wherein the plurality of computing nodes are each a virtual machine hosted on one of multiple host physical computing systems, and wherein the method is performed by a virtual machine communication manager module that executes on one of the physical computing systems to manage communications by the virtual machine computing nodes hosted on the one physical computing system.

15. A non-transitory computer-readable medium having stored contents that configure a computing system to:
- obtaining configuration information for a first computer network overlaid on a distinct substrate network, the configuration information indicating that the first computer network includes a specified virtual local area network; and
  
  by the configured computing system, a communication sent to a first computing node of the specified virtual local area network in a manner that logically implements functionality of the specified virtual local area network, by;
  
  using a substrate network address associated with the first computing node to initiate forwarding of the communication over the substrate network to the first computing node without the substrate network using any information about the specified virtual local area network; and
  
  determining that the first computing node is configured to use a first communication link of the first computer network that is not configured to be associated only with the specified virtual local area network;
  
  after the forwarding of the communication over the substrate network, modifying the forwarded communication to include an identifier specific to the specified virtual local area network based on the first computing node being configured to use the first communication link and on the first communication link not being configured to be associated only with the specified virtual local area network; and
  
  providing to the first computing node modified forwarded communication.
- View Dependent Claims (16, 17, 18)
- - 16. The non-transitory computer-readable medium of claim 15 wherein the obtained configuration information is specified by a user on whose behalf the first computer network is provided, and wherein the first computer network is a virtual computer network.
  - 17. The non-transitory computer-readable medium of claim 15 wherein the configuration information further indicates that the first computing node uses the first communication link and that the first communication link is configured to be a trunk communication link associated with multiple virtual local area networks, and wherein the determining that the first computing node is configured to use the first communication link is performed based on the configuration information.
  - 18. The non-transitory computer-readable medium of claim 15 wherein the configuration information further indicates that a second computing node of the specified virtual local area network uses a second communication link that is configured to be an access communication link associated with only the specified virtual local area network, and wherein the stored contents are executable software instructions that further configure the computing system to manage a second communication sent to the second computing node by:
    - using a second substrate network address associated with the second computing node to initiate forwarding of the second communication over the substrate network to the second computing node without the substrate network using any information about the specified virtual local area network; and
      
      after the forwarding of the second communication over the substrate network, determining to provide the forwarded second communication to the second computing node without modifying the forwarded second communication to include the identifier specific to the specified virtual local area network, the determining being based on the second communication link being an access communication link associated with only the specified virtual local area network.

19. A system comprising:
- one or more processors of one or more computing systems; and
  
  a module that is configured to, when executed by at least one of the one or more processors, provide networking functionality for a first virtual computer network that has a specified virtual local area network logically interconnecting multiple computing nodes, by;
  
  initiating forwarding, without using any information corresponding to the specified virtual local area network, of a communication to a first computing node of the multiple computing nodes via at least one physical networking devices of one or more intermediate networks on which the first virtual computer network is implemented;
  
  before providing the forwarded communication to the first computing node, determining to modify the communication to include an identifier specific to the specified virtual local area network based at least in part on a type of communication link in the first virtual computer network that the first computing node is configured to use; and
  
  initiating providing the modified communication to the first computing node.
- View Dependent Claims (20, 21, 22, 23)
- - 20. The system of claim 19 wherein the one or more intermediate networks are a substrate network on which the first virtual computer network is overlaid, and wherein the type of communication link that the first computing node is configured to use is specified in configuration information for the virtual computer network that indicates that a second computing node of the multiple computing nodes of the specified virtual local area network is configured to use an access communication link associated with only the specified virtual local area network.
  - 21. The system of claim 20 wherein the module is further configured to manage a second communication to the second computing node by initiating forwarding of the second communication over the one or more intermediate networks to the second computing node and by determining, based on the second computing node being configured to use the access communication link associated with only the specified virtual local area network, to provide the forwarded second communication to the second computing node without modifying the second communication to include information corresponding to the specified virtual local area network.
  - 22. The system of claim 19 wherein the type of communication link that the first computing node is configured to use is specified in configuration information for the virtual computer network as a trunk communication link associated with multiple virtual local area networks.
  - 23. The system of claim 19 wherein the module includes software instructions for execution by the at least one processors of the one or more computing systems.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Brandwine, Eric Jason, Hill, Peter J.
Primary Examiner(s)
Sheikh, Ayaz
Assistant Examiner(s)
Hampton, Tarell

Application Number

US12/491,818
Time in Patent Office

1,685 Days
Field of Search

370/254, 709/225, 709/223
US Class Current

370/254
CPC Class Codes

G06F 2009/45595   Network integration; Enabli...

G06F 9/45558   Hypervisor-specific managem...

G06F 9/5077   Logical partitioning of res...

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 12/4645   Details on frame tagging ro...

H04L 12/4666   Operational details on the ...

H04L 41/0803   Configuration setting

H04L 41/12   Discovery or management of ...

H04L 45/00   Routing or path finding of ...

H04L 45/76   Routing in software-defined...

H04L 49/354   for supporting virtual loca...

Providing virtual networking functionality for managed computer networks

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

405 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Providing virtual networking functionality for managed computer networks

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

405 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links