To provide a low latency near RT RIC, some embodiments separate the RIC's functions into several different components that operate on different machines (e.g., execute on VMs or Pods) operating on the same host computer or different host computers. Some embodiments also provide high speed interfaces between these machines. Some or all of these interfaces operate in non-blocking, lockless manner in order to ensure that critical near RT RIC operations (e.g., datapath processes) are not delayed due to multiple requests causing one or more components to stall. In addition, each of these RIC components also has an internal architecture that is designed to operate in a non-blocking manner so that no one process of a component can block the operation of another process of the component. All of these low latency features allow the near RT RIC to serve as a high speed IO between the E2 nodes and the xApps.
Some embodiments of the invention provide a method for providing flow processing offload (FPO) for a host computer at a physical network interface card (pNIC) connected to the host computer. A set of compute nodes executing on the host computer are each associated with a set of interfaces that are each assigned a locally-unique virtual port identifier (VPID) by a flow processing and action generator. The pNIC includes a set of interfaces that are assigned physical port identifiers (PPIDs) by the pNIC. The method includes receiving a data message at an interface of the pNIC and matching the data message to a stored flow entry that specifies a destination using a VPID. The method also includes identifying, using the VPID, a PPID as a destination of the received data message by performing a lookup in a mapping table storing a set of VPIDs and a corresponding set of PPIDs and forwarding the data message to an interface of the pNIC associated with the identified PPID.
G06F 15/173 - Communication entre processeurs utilisant un réseau d'interconnexion, p. ex. matriciel, de réarrangement, pyramidal, en étoile ou ramifié
Some embodiments provide a method for establishing multiple virtual service networks over multiple datacenters. The method configures, for each virtual service network of the plurality of virtual service networks, a set of machines distributed across the datacenters to implement an ordered set of network services for the virtual service network. The method configures multiple service network selectors executing within the datacenters to receive a data message, select one of the virtual service networks for the data message based on analysis of contents of the data message, determine a location within the datacenters for a machine implementing a first network service of the ordered set of network services for the selected virtual service network, and transmit the data message to the machine implementing the first network service.
H04L 67/10 - Protocoles dans lesquels une application est distribuée parmi les nœuds du réseau
H04L 67/51 - Découverte ou gestion de ceux-ci, p. ex. protocole de localisation de service [SLP] ou services du Web
H04L 67/60 - Ordonnancement ou organisation du service des demandes d'application, p. ex. demandes de transmission de données d'application en utilisant l'analyse et l'optimisation des ressources réseau requises
Some embodiments provide novel methods for performing services for machines operating in one or more datacenters. For instance, for a group of related guest machines (e.g., a group of tenant machines), some embodiments define two different forwarding planes: (1) a guest forwarding plane and (2) a service forwarding plane. The guest forwarding plane connects to the machines in the group and performs L2 and/or L3 forwarding for these machines. The service forwarding plane (1) connects to the service nodes that perform services on data messages sent to and from these machines, and (2) forwards these data messages to the service nodes. In some embodiments, the guest machines do not connect directly with the service forwarding plane. For instance, in some embodiments, each forwarding plane connects to a machine or service node through a port that receives data messages from, or supplies data messages to, the machine or service node. In such embodiments, the service forwarding plane does not have a port that directly receives data messages from, or supplies data messages to, any guest machine Instead, in some such embodiments, data associated with a guest machine is routed to a port proxy module executing on the same host computer, and this other module has a service plane port. This port proxy module in some embodiments indirectly can connect more than one guest machine on the same host to the service plane (i.e., can serve as the port proxy module for more than one guest machine on the same host).
G06F 9/455 - ÉmulationInterprétationSimulation de logiciel, p. ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
G06F 9/50 - Allocation de ressources, p. ex. de l'unité centrale de traitement [UCT]
5.
DYNAMIC INTER-CLOUD PLACEMENT OF VIRTUAL NETWORK FUNCTIONS FOR A SLICE
Examples can include an optimizer that dynamically determines where to place virtual network functions for a slice in a distributed Telco cloud network. The optimizer can determine a slice path that complies with a service level agreement and balances network load. The virtual network functions of the slice can be provisioned at clouds identified by the optimal slice path. In one example, performance metrics are normalized, and tenant-selected weights can be applied. This can allow the optimizer to prioritize particular SLA attributes in choosing an optimal slice path.
G06F 9/455 - ÉmulationInterprétationSimulation de logiciel, p. ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
G06F 9/50 - Allocation de ressources, p. ex. de l'unité centrale de traitement [UCT]
H04L 41/0806 - Réglages de configuration pour la configuration initiale ou l’approvisionnement, p. ex. prêt à l’emploi [plug-and-play]
H04L 41/0826 - Réglages de configuration caractérisés par les objectifs d’un changement de paramètres, p. ex. l’optimisation de la configuration pour améliorer la fiabilité pour la réduction des coûts du réseau
H04L 41/0893 - Affectation de groupes logiques aux éléments de réseau
H04L 41/22 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p. ex. des réseaux de commutation de paquets comprenant des interfaces utilisateur graphiques spécialement adaptées [GUI]
H04L 41/50 - Gestion des services réseau, p. ex. en assurant une bonne réalisation du service conformément aux accords
H04L 41/5009 - Détermination des paramètres de rendement du niveau de service ou violations des contrats de niveau de service, p. ex. violations du temps de réponse convenu ou du temps moyen entre l’échec [MTBF]
H04L 41/5025 - Pratiques de respect de l’accord du niveau de service en réagissant de manière proactive aux changements de qualité du service, p. ex. par reconfiguration après dégradation ou mise à niveau de la qualité du service
H04L 41/5054 - Déploiement automatique des services déclenchés par le gestionnaire de service, p. ex. la mise en œuvre du service par configuration automatique des composants réseau
H04L 43/0817 - Surveillance ou test en fonction de métriques spécifiques, p. ex. la qualité du service [QoS], la consommation d’énergie ou les paramètres environnementaux en vérifiant la disponibilité en vérifiant le fonctionnement
H04L 43/0882 - Utilisation de la capacité de la liaison
H04L 45/12 - Évaluation de la route la plus courte
H04L 47/2425 - Trafic caractérisé par des attributs spécifiques, p. ex. la priorité ou QoS pour la prise en charge de spécifications de services, p. ex. SLA
H04L 67/1008 - Sélection du serveur pour la répartition de charge basée sur les paramètres des serveurs, p. ex. la mémoire disponible ou la charge de travail
H04L 67/101 - Sélection du serveur pour la répartition de charge basée sur les conditions du réseau
H04L 67/1097 - Protocoles dans lesquels une application est distribuée parmi les nœuds du réseau pour le stockage distribué de données dans des réseaux, p. ex. dispositions de transport pour le système de fichiers réseau [NFS], réseaux de stockage [SAN] ou stockage en réseau [NAS]
6.
HIERARCHICAL API FOR DEFINING A MULTI-SEGMENTED APPLICATION IN AN SDDC
Some embodiments provide a simplified mechanism to deploy and control a multi- segmented application by using application-based manifests that express how application segments of the multi-segment application are to be defined or modified, and how the communication profiles between these segments. In some embodiments, these manifests are application specific. Also, in some embodiments, deployment managers in a software defined datacenter (SDDC) provide these manifests as templates to administrators, who can use these templates to express their intent when they are deploying multi-segment applications in the datacenter. Application-based manifests can also be used to control previously deployed multi- segmented applications in the SDDC. Using such manifests would enable the administrators to be able to manage fine grained micro-segmentation rules based on endpoint and network attributes.
A virtual network over several public clouds of several public cloud providers and/or in several regions is an overlay network that spans across several public clouds to interconnect one or more private networks (e.g., networks within branches, divisions, departments of the entity or their associated datacenters), mobile users, and SaaS (Software as a Service) provider machines, and other web applications of the entity. The virtual network can be configured to optimize the routing of the entity's data messages to their destinations for best end-to-end performance, reliability and security, while trying to minimize the routing of this traffic through the =Internet. Also, the virtual network can be configured to optimize the layer 4 processing of the data message flows passing through the network.
H04L 45/12 - Évaluation de la route la plus courte
H04L 45/17 - Routage par raccourcis, p. ex. en utilisant le protocole de résolution du prochain saut [NHRP]
H04L 45/76 - Routage dans des topologies définies par logiciel, p. ex. l’acheminement entre des machines virtuelles
H04L 67/1001 - Protocoles dans lesquels une application est distribuée parmi les nœuds du réseau pour accéder à un serveur parmi une pluralité de serveurs répliqués
H04L 67/141 - Configuration des sessions d'application
8.
COLLECTING AND PROCESSING CONTEXT ATTRIBUTES ON A HOST
Some embodiments of the invention provide a novel architecture for capturing contextual attributes on host computers that execute one or more machines, and for consuming the captured contextual attributes to perform services on the host computers. The machines are virtual machines (VMs) in some embodiments, containers in other embodiments, or a mix of VMs and containers in still other embodiments. Some embodiments execute a guest-introspection (GI) agent on each machine from which contextual attributes need to be captured. In addition to executing one or more machines on each host computer, these embodiments also execute a context engine and one or more attribute-based service engines on each host computer. Through the GI agents of the machines on a host, the context engine of that host in some embodiments collects contextual attributes associated with network events and/or process events on the machines. The context engine then provides the contextual attributes to the service engines, which, in turn, use these contextual attributes to identify service rules for processing.
G06F 9/455 - ÉmulationInterprétationSimulation de logiciel, p. ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
An architecture is provided for capturing contextual attributes on host computers that execute one or more containers and/or virtual machines (VM), and for consuming the captured contextual attributes to perform services on the host computers. A guest- introspection (GI) agent on each container or VM is executable from which contextual attributes need to be captured. Embodiments also execute a context engine and one or more attribute-based service engines on each host computer. Through the GI agents on a host, the context engine of that host collects contextual attributes associated with network events and/or process events. The context engine may then provide the contextual attributes to the service engines.
G06F 9/44 - Dispositions pour exécuter des programmes spécifiques
G06F 9/455 - ÉmulationInterprétationSimulation de logiciel, p. ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
H04L 47/24 - Trafic caractérisé par des attributs spécifiques, p. ex. la priorité ou QoS
H04L 51/21 - Surveillance ou traitement des messages
10.
EXTENSION OF NETWORK CONTROL SYSTEM INTO PUBLIC CLOUD
Sorne embodiments provide a rnethod for a first network controller that rnanages a logical network implemented in a datacenter including forwarding elements to which the first network controller does not have access. The method identifies a first data compute node (DCN) in the datacenter configured to execute a second network controller. The method distributes configuration data defining the logical network to the first DCN. The second network controller distributes sets of the configuration data to local agents executing on additional DCNs in the datacenter that send and receive messages through the logical network. Both manaysed forwarding elements and the local agents execute on each of the additional DCNs. Each local agent on a particular DCN is for receiving a set of configuration data from the second network controller and configuring the rnanaged forwarding elernent on the particular DCN to implement the logical network according to the set of configuration data.
Some embodiments provide a method for a first network controller that manages a logical network implemented in a datacenter including forwarding elements to which the first network controller does not have access. The method identifies a first data compute node (DCN) in the datacenter configured to execute a second network controller. The method distributes configuration data defining the logical network to the first DCN. The second network controller distributes sets of the configuration data to local agents executing on additional DCNs in the datacenter that send and receive messages through the logical network. Both managed forwarding elements and the local agents execute on each of the additional DCNs. Each local agent on a particular DCN is for receiving a set of configuration data from the second network controller and configuring the managed forwarding element on the particular DCN to implement the logical network according to the set of configuration data.
G06F 9/455 - ÉmulationInterprétationSimulation de logiciel, p. ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
G06F 9/50 - Allocation de ressources, p. ex. de l'unité centrale de traitement [UCT]
H04L 41/044 - Architectures ou dispositions de gestion de réseau comprenant des structures de gestion hiérarchisées
H04L 41/046 - Architectures ou dispositions de gestion de réseau comprenant des agents de gestion de réseau ou des agents mobiles à cet effet
H04L 41/0806 - Réglages de configuration pour la configuration initiale ou l’approvisionnement, p. ex. prêt à l’emploi [plug-and-play]
H04L 41/0893 - Affectation de groupes logiques aux éléments de réseau
Some embodiments provide a method for a first network controller that rnanages a logical network implemented in a datacenter including forwarding elements to which the first network controller does not have access. The method identifies a first data cornpute node (DCN) in the datacenter configured to execute a second network controller. The method distributes configuration data defining the logical network to the first DCN. The second network controller distributes sets of the configuration data to local agents executing on additional DCNs in the datacenter that send and receive messages through the logical network. Both managed forwarding elements and the local agents execute on each of the additional DCNs. Each local agent on a particular DCN is for receiving a set of configuration data from the second network controller and configuring the managed forwarding element on the particillar DCN to implement the logical network according to the set of configuration data.
A system and method for automatic detection of a network incident from real-time network data is disclosed. The method includes: collecting real-time network data; executing performance calculations on the real-time network data to compute performance metrics; and detecting a pattern over a time window, wherein detecting a pattern includes detecting a proportion of metric values crossing a threshold exceeding a defined percentage amount, detecting a presence of a sequence of metric values, detecting a time-ordered stretch of metric values with a length of the time-ordered stretch exceeding a defined threshold, detecting a cyclical presence of a sequence of metric values, or combinations thereof.
H04L 41/0631 - Gestion des fautes, des événements, des alarmes ou des notifications en utilisant l’analyse des causes profondesGestion des fautes, des événements, des alarmes ou des notifications en utilisant l’analyse de la corrélation entre les notifications, les alarmes ou les événements en fonction de critères de décision, p. ex. la hiérarchie ou l’analyse temporelle ou arborescente
H04L 41/0659 - Gestion des fautes, des événements, des alarmes ou des notifications en utilisant la reprise sur incident de réseau en isolant ou en reconfigurant les entités défectueuses
H04L 41/142 - Analyse ou conception de réseau en utilisant des méthodes statistiques ou mathématiques
Some embodiments provide a method for determining a realization status of one or more logical entities of a logical network. The method, each time a particular event occurs, increments the value of a realization number and publishes the incremented value to a set of controllers of the logical network. Upon receiving data that specifies the state of a logical entity of the logical network, the method publishes the logical entity state's data to the set of controllers. In some embodiments, the method queries the set of controllers for a realization status of the state data for a set of logical entities that is published to the set of controllers up to a particular point of time. The submitted query, in some embodiments, includes a particular value of the realization number associated with the particular point of time.
Some embodiments provide novel methods for processing remote-device data messages in a network based on data-message attributes from a remote device management (RDM) system. For instance, the method of some embodiments identifies a set of RDM attributes associated with a data message, and then performs one or more service operations based on identified RDM attribute set.
H04L 45/50 - Routage ou recherche de routes de paquets dans les réseaux de commutation de données utilisant l'échange d'étiquettes, p. ex. des commutateurs d'étiquette multi protocole [MPLS]
H04L 45/745 - Recherche de table d'adressesFiltrage d'adresses
H04L 47/125 - Prévention de la congestionRécupération de la congestion en équilibrant la charge, p. ex. par ingénierie de trafic
Some embodiments provide novel methods for processing remote-device data messages in a network based on data-message attributes from a remote device management (RDM) system. For instance, the method of some embodiments identifies a set of RDM attributes associated with a data message, and then performs one or more service operations based on identified RDM attribute set.
H04L 61/4511 - Répertoires de réseauCorrespondance nom-adresse en utilisant des répertoires normalisésRépertoires de réseauCorrespondance nom-adresse en utilisant des protocoles normalisés d'accès aux répertoires en utilisant le système de noms de domaine [DNS]
Some embodiments provide a method for implementing a logical router in a logical network. In some embodiments, the method receives a configuration of a static route for the logical router, which includes several routing components with separate routing tables. The method identifies which of the routing components require addition of a route to a corresponding routing table to implement the configuration of the static route. The method adds the routes to the corresponding separate routing tables of the identified routing components.
Some embodiments provide a method for implementing a logical router in a logical network. In some embodiments, the method receives a configuration of a static route for the logical router, which includes several routing components with separate routing tables. The method identifies which of the routing components require addition of a route to a corresponding routing table to implement the configuration of the static route. The method adds the routes to the corresponding separate routing tables of the identified routing components.
A method for implementing a logical router in a network that comprises of receiving a definition of a logical router to serve as an interface between a logical first network and a second network external to the logical first network. To implement the logical router, define a plurality of routing components comprising (1) a distributed routing component and (2) a plurality of centralized routing components. The centralized routing components (1) to forward northbound packet flows from the logical first network to the second network, and (2) toward southbound packet flows from the second network to the logical first network. The distributed routing component to route packets (1) within the logical first network and (2) to and from the centralized routing components. The distributing definitions of the plurality of routing components to the first and second pluralities of computers to implement the distributed and centralized routing components.
H04L 41/0654 - Gestion des fautes, des événements, des alarmes ou des notifications en utilisant la reprise sur incident de réseau
H04L 43/08 - Surveillance ou test en fonction de métriques spécifiques, p. ex. la qualité du service [QoS], la consommation d’énergie ou les paramètres environnementaux
H04L 43/106 - Surveillance active, p. ex. battement de cœur, utilitaire Ping ou trace-route en utilisant des informations liées au temps dans des paquets, p. ex. en ajoutant des horodatages
H04L 45/00 - Routage ou recherche de routes de paquets dans les réseaux de commutation de données
H04L 45/02 - Mise à jour ou découverte de topologie
H04L 45/28 - Routage ou recherche de routes de paquets dans les réseaux de commutation de données en utilisant la reprise sur incident de routes
H04L 49/25 - Routage ou recherche de route dans une matrice de commutation
H04L 49/354 - Interrupteurs spécialement adaptés à des applications spécifiques pour la prise en charge des réseaux locaux virtuels [VLAN]
H04L 67/1001 - Protocoles dans lesquels une application est distribuée parmi les nœuds du réseau pour accéder à un serveur parmi une pluralité de serveurs répliqués
A method for implementing a logical router in a network that comprises of receiving a definition of a logical router to serve as an interface between a logical first network and a second network external to the logical first network. To implement the logical router, define a plurality of routing components comprising (1) a distributed routing component and (2) a plurality of centralized routing components. The centralized routing components (1) to forward northbound packet flows from the logical first network to the second network, and (2) toward southbound packet flows from the second network to the logical first network. The distributed routing component to route packets (1) within the logical first network and (2) to and from the centralized routing components. The distributing definitions of the plurality of routing components to the first and second pluralities of computers to implement the distributed and centralized routing components.
A network control system for generating physical control plane data for managing first and second managed forwarding elements that implement forwarding operations associated with a first logical datapath set is described. The system includes a first controller instance for converting logical control plane data for the first logical datapath set to universal physical control plane (UPCP) data. The system further includes a second controller instance for converting UPCP data to customized physical control plane (CPCP) data for the first managed forwarding element but not the second managed forwarding element. The system further includes a third controller instance for receiving UPCP data generated by the first controller instance, identifying the second controller instance as the controller instance responsible for generating the CPCP data for the first managed forward element, and supplying the received UPCP data to the second controller instance.
A network control system for generating physical control plane data for managing first and second managed forwarding elements that implement forwarding operations associated with a first logical datapath set is described. The system includes a first controller instance for converting logical control plane data for the first logical datapath set to universal physical control plane (UPCP) data. The system further includes a second controller instance for converting UPCP data to customized physical control plane (CPCP) data for the first managed forwarding element but not the second managed forwarding element. The system further includes a third controller instance for receiving UPCP data generated by the first controller instance, identifying the second controller instance as the controller instance responsible for generating the CPCP data for the first managed forward element, and supplying the received UPCP data to the second controller instance.
A network control system for generating physical control plane data for managing first and second managed forwarding elements that implement forwarding operations associated with a first logical datapath set is described. The system includes a first controller instance for converting logical control plane data for the first logical datapath set to universal physical control plane (UPCP) data. The system further includes a second controller instance for converting UPCP data to customized physical control plane (CPCP) data for the first managed forwarding element but not the second managed forwarding element. The system further includes a third controller instance for receiving UPCP data generated by the first controller instance, identifying the second controller instance as the controller instance responsible for generating the CPCP data for the first managed forward element, and supplying the received UPCP data to the second controller instance.
Remote desktop servers include a display encoder that maintains a secondary framebuffer that contains display data to be encoded and transmitted to a remote client display and a list of display primitives effectuating updated display data in the secondary framebuffer. The display encoder submits requests to receive the list of drawing primitives to a video adapter driver that receives and tracks drawing primitives that, when executed, update a primary framebuffer.
Remote desktop servers include a display encoder that maintains a secondary framebuffer that contains display data to be encoded and transmitted to a remote client display. The display encoder submits requests to update the display data in the secondary framebuffer to a video adapter driver that has access to a primary framebuffer whose display data is updated according to drawing commands received from applications running on the remote desktop servers. The video adapter driver utilizes a spatial data structure to track changes made to the display data located in regions of the primary framebuffer and copies the display data in those regions of the primary framebuffer to corresponding regions in the secondary framebuffer.
In general, the present invention relates to a virtual platform in which one or more distributed virtual switches can be created for use in virtual networking. According to some aspects, the distributed virtual switch according to the invention provides the ability for virtual and physical machines to more readily, securely, and efficiently communicate with each other even if they are not located on the same physical host and/or in the same subnet or VLAN. According other aspects, the distributed virtual switches of the invention can support integration with traditional IP networks and support sophisticated IP technologies including NAT functionality, stateful firewalling, and notifying the IP network of workload migration. According to further aspects, the virtual platform of the invention creates one or more distributed virtual switches which may be allocated to a tenant, application, or other entity requiring isolation and/or independent configuration state. According to still further aspects, the virtual platform of the invention manages and/or uses VLAN or tunnels (e.g., GRE) to create a distributed virtual switch for a network while working with existing switches and routers in the network. The present invention finds utility in both enterprise networks, datacenters and other facilities.
H04L 12/28 - Réseaux de données à commutation caractérisés par la configuration des liaisons, p. ex. réseaux locaux [LAN Local Area Networks] ou réseaux étendus [WAN Wide Area Networks]
H04L 41/0893 - Affectation de groupes logiques aux éléments de réseau
H04L 41/0896 - Gestion de la bande passante ou de la capacité des réseaux, c.-à-d. augmentation ou diminution automatique des capacités
H04L 41/12 - Découverte ou gestion des topologies de réseau
In general, the present invention relates to a virtual platform in which one or more distributed virtual switches can be created for use in virtual networking. According to some aspects, the distributed virtual switch according to the invention provides the ability for virtual and physical machines to more readily, securely, and efficiently communicate with each other even if they are not located on the same physical host and/or in the same subnet or VLAN. According other aspects, the distributed virtual switches of the invention can support integration with traditional IP networks and support sophisticated IP technologies including NAT functionality, stateful firewalling, and notifying the IP network of workload migration. According to further aspects, the virtual platform of the invention creates one or more distributed virtual switches which may be allocated to a tenant, application, or other entity requiring isolation and/or independent configuration state. According to still further aspects, the virtual platform of the invention manages and/or uses VLAN or tunnels (e.g., GRE) to create a distributed virtual switch for a network while working with existing switches and routers in the network. The present invention finds utility in both enterprise networks, datacenters and other facilities.
H04L 12/28 - Réseaux de données à commutation caractérisés par la configuration des liaisons, p. ex. réseaux locaux [LAN Local Area Networks] ou réseaux étendus [WAN Wide Area Networks]
H04L 41/0893 - Affectation de groupes logiques aux éléments de réseau
H04L 41/0896 - Gestion de la bande passante ou de la capacité des réseaux, c.-à-d. augmentation ou diminution automatique des capacités
H04L 41/12 - Découverte ou gestion des topologies de réseau
In general, the present invention relates to a virtual platform in which one or more distributed virtual switches can be created for use in virtual networking. According to some aspects, the distributed virtual switch according to the invention provides the ability for virtual and physical machines to more readily, securely, and efficiently communicate with each other even if they are not located on the same physical host and/or in the same subnet or VLAN. According other aspects, the distributed virtual switches of the invention can support integration with traditional IP networks and support sophisticated IP technologies including NAT functionality, stateful firewalling, and notifying the IP network of workload migration. According to further aspects, the virtual platform of the invention creates one or more distributed virtual switches which may be allocated to a tenant, application, or other entity requiring isolation and/or independent configuration state. According to still further aspects, the virtual platform of the invention manages and/or uses VLAN or tunnels (e.g, GRE) to create a distributed virtual switch for a network while working with existing switches and routers in the network. The present invention finds utility in both enterprise networks, datacenters and other facilities.
G06F 9/455 - ÉmulationInterprétationSimulation de logiciel, p. ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
H04L 12/28 - Réseaux de données à commutation caractérisés par la configuration des liaisons, p. ex. réseaux locaux [LAN Local Area Networks] ou réseaux étendus [WAN Wide Area Networks]
H04L 41/0893 - Affectation de groupes logiques aux éléments de réseau
H04L 41/0896 - Gestion de la bande passante ou de la capacité des réseaux, c.-à-d. augmentation ou diminution automatique des capacités
H04L 41/12 - Découverte ou gestion des topologies de réseau
In general, the present invention relates to a virtual platform in which one or more distributed virtual switches can be created for use in virtual networking. According to some aspects, the distributed virtual switch according to the invention provides the ability for virtual and physical machines to more readily, securely, and efficiently communicate with each other even if they are not located on the same physical host and/or in the same subnet or VLAN. According other aspects, the distributed virtual switches of the invention can support integration with traditional IP networks and support sophisticated IP technologies including NAT functionality, stateful firewalling, and notifying the IP network of workload migration.; According to further aspects, the virtual platform of the invention creates one or more distributed virtual switches which may be allocated to a tenant, application, or other entity requiring isolation and/or independent configuration state. According to still further aspects, the virtual platform of the invention manages and/or uses VLAN or tunnels (e.g., GRE) to create a distributed virtual switch for a network while working with existing switches and routers in the network. The present invention finds utility in both enterprise networks, datacenters and other facilities.
H04L 12/28 - Réseaux de données à commutation caractérisés par la configuration des liaisons, p. ex. réseaux locaux [LAN Local Area Networks] ou réseaux étendus [WAN Wide Area Networks]
H04L 41/0893 - Affectation de groupes logiques aux éléments de réseau
H04L 41/0896 - Gestion de la bande passante ou de la capacité des réseaux, c.-à-d. augmentation ou diminution automatique des capacités
H04L 41/12 - Découverte ou gestion des topologies de réseau
A method for persisting a state of a virtual port in a virtualized computer system is described. A distributed virtual port (DVport) is stored in a persistent storage location, the DVport comprising a state of a corresponding virtual port and configuration settings of the virtual port. In addition, an association between the virtual port and the virtual network interface card (VNIC) connected to the virtual port is stored. When a virtual machine corresponding to the VNIC is restarted, the state from the DVport is restored to a new virtual port from the persistent storage location.
A method creates a distributed virtual switch (DVswitch) and distributed virtual ports (DVports) for the DVswitch. The DVswitch binds virtual switches in a collection of hosts together in a software abstraction. Also, the DVports are available for connection by virtual network interface cards (VNICs) of virtual machines in the collection of hosts. A request is received for a connection of a virtual network interface card (VNIC) of a virtual machine for a host in the collection of hosts to a DVport. If the requested DVport is available, the method provides connection information for the requested DVport to the host to allow the host to connect the requested DVport to the VNIC. The DVport stores a runtime state for a virtual port associated with a virtual switch for the host and the virtual switch forwards network frames between the VNIC and a physical network interface card (NIC).
H04L 12/12 - Dispositions pour la connexion ou la déconnexion à distance de sous-stations ou de leur équipement
H04L 12/28 - Réseaux de données à commutation caractérisés par la configuration des liaisons, p. ex. réseaux locaux [LAN Local Area Networks] ou réseaux étendus [WAN Wide Area Networks]
32.
EXTENDING SERVER-BASED DESKTOP VIRTUAL MACHINE ARCHITECTURE TO CLIENT MACHINES
A server-based desktop-virtual machines architecture may be extended to a client machine. In one embodiment, a user desktop is remotely accessed from a client system. The remote desktop is generated by a first virtual machine running on a server system, which may comprise one or more server computers. During execution of the first virtual machine, writes to a corresponding virtual disk are directed to a delta disk file or redo log. A copy of the virtual disk is created on the client system. When a user decides to 'check out' his or her desktop, the first virtual machine is terminated (if it is running) and a copy of the delta disk is created on the client system. Once the delta disk is present on the client system, a second virtual machine can be started on the client system using the virtual disk and delta disk to provide local access to the user's desktop at the client system. This allows the user to then access his or her desktop without being connected to a network.
G06F 12/00 - Accès à, adressage ou affectation dans des systèmes ou des architectures de mémoires
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p. ex. pour le traitement simultané de plusieurs programmes
33.
NETWORK OPERATING SYSTEM FOR MANAGING AND SECURING NETWORKS
Systems and methods for managing a network are described. A view of current state of the network is maintained where the current state of the network characterizes network topology and network constituents, including network entities and network elements residing in or on the network. Events are announced that correspond to changes in the state of the network and one or more network elements can be configured accordingly. Methods for managing network traffic are described that ensure forwarding and other actions taken by network elements implement globally declared network policy and refer to high-level names, independently of network topology and the location of network constituents. Methods for discovering network constituents are described, whereby are automatically configured. Routing may be performed using ACL and packets can be intercepted to permit host to continue in sleep mode. The methods are applicable to virtual environments.
H04L 41/0213 - Protocoles de gestion de réseau normalisés, p. ex. protocole de gestion de réseau simple [SNMP]
H04L 41/06 - Gestion des fautes, des événements, des alarmes ou des notifications
H04L 41/0806 - Réglages de configuration pour la configuration initiale ou l’approvisionnement, p. ex. prêt à l’emploi [plug-and-play]
H04L 41/082 - Réglages de configuration caractérisés par les conditions déclenchant un changement de paramètres la condition étant des mises à jour ou des mises à niveau des fonctionnalités réseau
H04L 41/0853 - Récupération de la configuration du réseauSuivi de l’historique de configuration du réseau en recueillant activement des informations de configuration ou en sauvegardant les informations de configuration
H04L 41/0859 - Récupération de la configuration du réseauSuivi de l’historique de configuration du réseau en conservant l'historique des différentes générations de configuration ou en revenant aux versions de configuration précédentes
H04L 41/0893 - Affectation de groupes logiques aux éléments de réseau
H04L 41/12 - Découverte ou gestion des topologies de réseau
H04L 43/0817 - Surveillance ou test en fonction de métriques spécifiques, p. ex. la qualité du service [QoS], la consommation d’énergie ou les paramètres environnementaux en vérifiant la disponibilité en vérifiant le fonctionnement
34.
NETWORK OPERATING SYSTEM FOR MANAGING AND SECURING NETWORKS
Systems and methods for managing a network are described. A view of current state of the network is maintained where the current state of the network characterizes network topology and network constituents, including network entities and network elements residing in or on the network. Events are announced that correspond to changes in the state of the network and one or more network elements can be configured accordingly. Methods for managing network traffic are described that ensure forwarding and other actions taken by network elements implement globally declared network policy and refer to high-level names, independently of network topology and the location of network constituents. Methods for discovering network constituents are described, whereby are automatically configured. Routing may be performed using ACL and packets can be intercepted to permit host to continue in sleep mode. The methods are applicable to virtual environments.
H04L 41/0213 - Protocoles de gestion de réseau normalisés, p. ex. protocole de gestion de réseau simple [SNMP]
H04L 41/06 - Gestion des fautes, des événements, des alarmes ou des notifications
H04L 41/0806 - Réglages de configuration pour la configuration initiale ou l’approvisionnement, p. ex. prêt à l’emploi [plug-and-play]
H04L 41/082 - Réglages de configuration caractérisés par les conditions déclenchant un changement de paramètres la condition étant des mises à jour ou des mises à niveau des fonctionnalités réseau
H04L 41/0853 - Récupération de la configuration du réseauSuivi de l’historique de configuration du réseau en recueillant activement des informations de configuration ou en sauvegardant les informations de configuration
H04L 41/0859 - Récupération de la configuration du réseauSuivi de l’historique de configuration du réseau en conservant l'historique des différentes générations de configuration ou en revenant aux versions de configuration précédentes
H04L 41/0893 - Affectation de groupes logiques aux éléments de réseau
H04L 41/12 - Découverte ou gestion des topologies de réseau
H04L 43/0817 - Surveillance ou test en fonction de métriques spécifiques, p. ex. la qualité du service [QoS], la consommation d’énergie ou les paramètres environnementaux en vérifiant la disponibilité en vérifiant le fonctionnement
brevets
