WO2014088741A1 - Forwarding policies on a virtual service network - Google Patents
Forwarding policies on a virtual service network Download PDFInfo
- Publication number
- WO2014088741A1 WO2014088741A1 PCT/US2013/068345 US2013068345W WO2014088741A1 WO 2014088741 A1 WO2014088741 A1 WO 2014088741A1 US 2013068345 W US2013068345 W US 2013068345W WO 2014088741 A1 WO2014088741 A1 WO 2014088741A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- virtual service
- network address
- packet forwarding
- service
- virtual
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1001—Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
Definitions
- This invention relates generally to data communications, and more specifically, to a virtual service network.
- Service load balancers such as server load balancers or application delivery controllers typically balance load among a plurality of servers providing network services such as Web documents, voice calls, advertisements, enterprise applications, video services, gaming, or consuming broadband services.
- a service is used by many client computers. Some services are offered for few clients and some services are offered to many clients.
- a service is handled by a service load balancer. When there are many clients utilizing the service at the same time, the service load balancer will handle the distribution of client service accesses among the servers.
- a network administrator cannot easily add a second service load balancer, since a service is typically assigned to an IP address of the service load balancer. Adding another service load balancer having the same IP address for the service is not possible in a data network. Network nodes in the data network would not be able to determine which service load balancer to send a client service access to.
- the present invention describes a virtual service network wherein network nodes in the virtual service network are capable of processing client service sessions of a network service and forwarding the sessions to a plurality of service load balancers.
- a method for providing forwarding policies in a virtual service network comprises: (a) receiving a virtual service session request from a client device by the network node, the virtual service session request comprising the virtual service network address for the virtual service served by the pool of service load balancers, wherein the network node comprises a plurality of packet forwarding policies, each packet forwarding policy comprising a virtual service network address associated with a destination; (b) comparing by the network node the virtual service network address in the virtual service session request with the virtual service network address in each packet forwarding policy; (c) in response to finding a match between the virtual service network address in the virtual service session request and a given virtual service network address in a given packet forwarding policy, determining the given destination in the given packet forwarding policy by the network node; and (d) sending the virtual service session request to a service load
- the method further comprises: (e) receiving a virtual service request from the client device through the virtual service session by the network node, the virtual service request comprising the virtual service network address for the virtual service; (f) comparing by the network node the second virtual service network address in the virtual service request with the virtual service network address in each packet forwarding policy; (g) in response to finding a match between the virtual service network address in the virtual service request and a second given virtual service network address in a second given packet forwarding policy, determining a second given destination in the second given packet forwarding policy by the network node; and (h) sending the virtual service request to a second service load balancer associated with the second given
- the method further comprises: (i) receiving a virtual service data packet from the client device through the virtual service session by the network node, the virtual service data packet comprising the virtual service network address for the virtual service; (]) comparing by the network node the virtual service network address in the virtual service data packet with the virtual service network address in each packet forwarding policy; (k) in response to finding a match between the virtual service network address in the virtual service data packet and a third given virtual service network address in a third given packet forwarding policy, determining a third given destination in the third given packet forwarding policy by the network node; and (i) sending the virtual service data packet to a third service load balancer associated with the third given destination by the network node.
- the service load balancer, the second service load balancer, and the third service load balancer are the same service load balancer.
- the method further comprises: (e) receiving a data packet of the virtual service session by the network node from the service load balancer over a data network, the data packet comprising a client network address of the client device; (f) retrieving the client network address from the data packet by the network node; and (g) sending the data packet to the client device using the client network address by the network node.
- the data packet comprises a virtual service session request response or a virtual service request response.
- the given destination comprises a second network node
- the sending (d) comprises: (dl) sending the virtual service session request to the second network node, wherein the second network node comprises a second plurality of packet forwarding policies, each of the second packet forwarding policies comprising a second virtual service network address associated with a second destination; (d2) comparing by the second network node the virtual service network address in the virtual service session request with the virtual service network address in each of the second nnrket fnrwnrHiri CT policies; (d3) in response to finding a match between 1 ' 1 network address in the virtual service session request and a second given virtual service network address in a second given packet forwarding policy, determining a second given destination in the second given packet forwarding policy by the second network node; and (d4) sending the virtual service session request to the service load balancer associated with the second given destination, wherein the service load balancer establishes a virtual service session with the client device.
- the determining (c) comprises: (cl) finding by the network node that the virtual service network address in the virtual service session request matches a first virtual service network address in a first packet forwarding policy and a second virtual network address in a second packet forwarding policy; (c2) selecting by the network node either the first packet forwarding policy or the second packet forwarding policy based on additional information comprised in the first and second packet forwarding policies; and (c3) determining the given destination in the selected packet forwarding policy by the network node.
- the additional information comprises one or more of the following: a multi-path factor; and a traffic policy.
- the first packet forwarding policy comprises a first destination associated with a first service load balancer in the pool of service load balancers
- the second packet forwarding policy comprises a second destination associated with a second service load balancer in the pool of service load balancers, wherein the first service load balancer is different from the second service load balancer
- the determining (c3) comprises: (c3i) in response to selecting the first packet forwarding policy, determining the first destination associated with the first service load balancer in the first packet forwarding policy by the network node; and (c3ii) in response to selecting the second packet forwarding policy, determining the second destination in the second packet forwarding policy in the second packet forwarding policy by the network node.
- the network node comprises a first plurality of packet forwarding policies for a first virtual service and a second plurality of packet fnrwnrHiri CT nnliHes for a second virtual service, wherein the comparing s ' " 1 s determining by the network node whether the virtual service session request is for the first virtual service or the second virtual service; (b2) in response to determining that the virtual service session request is for the first virtual service, comparing by the network node the virtual service network address in the virtual service session request with a virtual service network address in each of the first plurality of packet forwarding policies; and (b3) in response to determining that the virtual service session request is for the first virtual service, comparing by the network node the virtual service network address in the virtual service session request with a virtual service network address in each of the second plurality of packet forwarding policies.
- the virtual service session request further comprises a client network address of the client device
- each packet forwarding policy further comprises a client network address associated with the destination
- the comparing (b) and the determining (c) comprise: (bl) comparing by the network node the virtual service network address in the virtual service session request with the virtual service network address in each packet forwarding policy; (b2) comparing by the network node the client network address in the virtual service session request with the client network address in each packet forwarding policy; and (cl) in response to finding the match between the virtual service network address in the virtual service session request and the given virtual service network address in the given packet forwarding policy, and in response to finding a match between the client network address in the virtual service session request and the given client network address in the given packet forwarding policy, determining the given destination in the given packet forwarding policy by the network node.
- a method for providing forwarding policies in a virtual service network comprising a network node and a pool of service load balancers serving a virtual service associated with a virtual service network address, comprising: (a) receiving a virtual service session request from a client device by the network node, the virtual service session request comprising a client device network address for the client device and the virtual service network address for the virtual service served by the pool of service load balancers, wherein the network node comprises a plurality of packet forwarding policies, each packet forwarding policy comprising a client network address and a virtual service network address associated with a destination; (b) comparing by the network node the virtual service network address in the virtual service session request with a first virtual service network address in a first packet forwarding policy of the plurality of packet forwarding policies, and comparing the client device network address in the virtual service session request with a first client network address in the first packet forwarding policy; (c) in response to determining that the virtual service
- Figure 1 illustrates a virtual service network for a service according to an
- Figure 2a illustrates a component view of network node according to an embodiment of the present invention.
- Figure 2b illustrates a component view of service load balancer according to an embodiment of the present invention.
- Figure 2c illustrates a component view of server according to an embodiment of the present invention.
- Figure 3 illustrates a virtual service session according to an embodiment of the present invention.
- Figure 3a illustrates processing of a virtual service session request according to an embodiment of the present invention.
- Figure 3b illustrates processing of a virtual service request according to an embodiment of the present invention.
- Figure 3c illustrates processing of a virtual service data packet according to an embodiment of the present invention.
- Figure 4 illustrates processing of a data packet from service load balancer to client device according to an embodiment of the present invention.
- Figure 5 illustrates a via network node according to an embodiment of the present invention.
- Figure 5a illustrates forwarding a virtual service data packet to a via network node according to an embodiment of the present invention.
- Figure 6 illustrates a network node configuration according to an embodiment of the present invention.
- Figure 7 illustrates packet forwarding policies with other information according to an embodiment of the present invention.
- Figure 8 illustrates a virtual service network supporting multiple services according to an embodiment of the present invention.
- the present invention can take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment containing both hardware and software elements.
- the present invention is implemented in software, which includes but is not limited to firmware, resident software, microcode, etc.
- the present invention can take the form of a computer program product accessible from a computer-usable or computer-readable medium providing program code for use by or in connection with a computer or any instruction execution system.
- a computer-usable or computer readable medium can be any apparatus that can contain, store, communicate, propagate, or transport eh program for use by or in connection with the instruction execution system, apparatus, or device.
- the medium can be an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system (or apparatus or device) or a propagation medium.
- Examples of a computer-readable medium include a semiconductor or solid state memory, magnetic tape, a removable computer diskette, a random access memory (RAM), a read-only memory (ROM), a rigid magnetic disk and an optical disk.
- Current examples of optical disks include compact disk - read only memory (CD-ROM), compact disk - read/write (CD-R/W) and DVD.
- a data processing system suitable for storing and/or executing program code will include at least one processor coupled directly or indirectly to memory elements through a system bus.
- the memory elements can include local memory employed during actual execution of the program code, bulk storage, and cache memories which provide temporary storage of at least some program code in order to reduce the number of times code must be retrieved from bulk storage during execution.
- I/O devices including but not limited to keyboards, displays, point devices, etc.
- I/O controllers including but not limited to keyboards, displays, point devices, etc.
- Network adapters may also be coupled to the system to enable the data processing system to become coupled to other data processing systems or remote printers or storage devices through intervening private or public networks.
- Modems, cable modem and Ethernet cards are just a few of the currently available types of network adapters.
- each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified local function(s).
- the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially
- Figure 1 illustrates a virtual service network for a service according to an
- Virtual service network 510 includes a network node 562 and a service load balancer pool 530, which includes, in one embodiment, a plurality of service load balancers 532, 534.
- Network node 562 and service load balancer pool 530 are connected in virtual service network 510 such that network node 562 can forward packets to service load balancers 532-534 and vice versa.
- virtual service network 510 is configured over a data network 500.
- network node 562 and service load balancers 532-534 are a part of data network 500.
- network node 562 connects directly to service load balancers 532-534 and forwards data packets directly to service load balancers 532-534.
- network node 562 forwards data packets through one or more network elements (not shown) in data network 500.
- service load balancers 532-534 send data packets to network node 562 through data network 500, using one or more network elements in data network 500 if necessary.
- data network 500 includes an Internet Protocol (IP) network, a corporate data network, a regional corporate data network, an Internet service provider network, a residential data network, a wired network such as Ethernet, a wireless network such as a WiFi network, or a cellular network.
- IP Internet Protocol
- data network 500 resides in a data center, or connects to a network or application network cloud.
- network node 562 includes, in addition to that described later in this specification, the functionality of a network switch, an Ethernet switch, an IP router, an ATM switch, a stackable switch, a broadband remote access system (BRAS), a cable headend, a mobile network gateway, a home agent gateway (HA-Gateway), a PDSN, a GGSN, a broadband gateway, a VPN gateway, a firewall, or a networking device capable of forwarding packets in data network 500.
- BRAS broadband remote access system
- H-Gateway home agent gateway
- PDSN Packet Data Network Gateway
- GGSN home agent gateway
- broadband gateway a VPN gateway
- firewall a networking device capable of forwarding packets in data network 500.
- service load balancer 534 includes functionality of a server load balancer, an application delivery controller, a service delivery platform, a traffic manager, a security gateway, a component of a firewall system, a component of a virtual private network (VPN), a load balancer for video servers, a gateway to distribute load to one or more servers, or a gateway performing network address translation (NAT).
- a server load balancer an application delivery controller, a service delivery platform, a traffic manager, a security gateway, a component of a firewall system, a component of a virtual private network (VPN), a load balancer for video servers, a gateway to distribute load to one or more servers, or a gateway performing network address translation (NAT).
- VPN virtual private network
- Service load balancer pool 530 connects to server pool 200, which in an embodiment includes a plurality of servers 212, 214, 216. Servers 212-216 of server pool 200 serves service 240. Service load balancers 532-534 of service load balancer pool 530 serves service 240 as virtual service 540.
- server 212 includes functionality of a Web server, a file server, a video server, a database server, an application server, a voice system, a
- conferencing server a media gateway, a media center, an app server or a network server providing a network or application service to client device 100 using a Web protocol.
- service 240 includes a Web service, a HTTP service, a FTP service, a file transfer service, a video or audio streaming service, an app download service, an advertisement service, an on-line game service, a document access service, a
- conferencing service a file sharing service, a group collaboration service, a database access service, an on-line transaction service, a Web browsing service, a VOIP service, a notification service, a messaging service, or an Internet data communication service.
- Each service load balancer for example service load balancer 532, can exchange data packets to one or more servers in server pool 200.
- Client device 100 is a computing device connecting to virtual service network 510.
- client device 100 in order to utilize service 240, client device 100 establishes a virtual service session 140 for virtual service 540 with service load balancer pool 530 through virtual service network 510.
- Service load balancer pool 530 establishes service session 340 with server pool 200 and relays data packets between virtual service session 140 and service session 340.
- server pool 200 provides the service 240 to client device 100.
- client device 100 is a personal computer, a laptop computer, a desktop computer, a smartphone, a feature phone, a tablet computer, an e-reader, an end-use networked device, a server computer, a service proxy computer, a service gateway, a business computer, a server computer, or a computer requesting service 240.
- Figures 2a-2c illustrate components of network node 562, service load balancer 534, and server 212 according to an embodiment of the present invention.
- network node 562 includes processor module 630, packet processing module 650, and network module 670.
- processor module 630 includes one or more processors and a computer readable medium storing programming instructions.
- processor module 630 includes storage such as random accessible memory (RAM).
- packet processing module 650 includes a processor or a network processor capable of processing data packets.
- packet processing module 650 is part of processor module 630.
- packet processing module 650 is a physical card or module housing a network processor.
- packet processing module 650 includes storage such as random access memory (RAM), context addressable memory (CAM), tertiary CAM
- packet processing module 650 includes a plurality of programming
- network module 670 interacts with data network 500 and virtual service network 510 to transmit and receive data packets.
- network module 670 includes a plurality of network interfaces such as network interface 671, network interface 672 and network interface 674. Each of the network interfaces connect to another network component.
- network interface 671 connects to client device 100; network interface 672 connects to service load balancer 532; and network interface 674 connects to service load balancer 534.
- network interface 671 connects to client device 100 and service load balancer pool 530.
- network interface 671 is an Ethernet, Gigabit Ethernet, 10-Gigabit Ethernet, ATM, MPLS, wireless network, or optical network interface.
- Figure 2b illustrates a service load balancer such as service load balancer 534 according to an embodiment of the present invention.
- service load balancer 534 includes processor module 734, virtual service processing module 754 and network module 774.
- Network module 774 interacts with data network 500 and virtual service network 510 to transmit and receive data packets.
- network module 774 exchanges data packets with network node 562 and server pool 200.
- Network module 774 includes a network interface card or network interface module connecting to data network 500 and virtual service network 510.
- processor module 734 includes a processor and computer readable medium storing programming instructions.
- virtual service processing module 754 includes a physical hardware comprising a processor or a network processor, a memory module such as RAM.
- virtual service processing module 754 is included in processor module 734.
- virtual service processing module 754 includes storage storing
- FIG. 2c illustrates a server, such as server 212, according to an embodiment of the present invention.
- server 212 includes processor module 832, service processing module 852 and network module 872.
- Network module 872 interacts with virtual service network 510 to transmit or receive data packets.
- network module 872 exchanges data packets with service load balancer pool 530.
- Network module 872 includes a network interface card or network interface module connecting to data network 510 or virtual service network 510.
- processor module 832 includes a processor and computer readable medium storing programming instructions.
- service processing module 852 includes a physical hardware comprising a processor or a network processor, a memory module such as RAM.
- service processing module 852 is included in processor module 832.
- service processing module 852 includes storage storing programming instructions executed by server 212.
- FIG. 3 illustrates a session between client device and a server according to an embodiment of the present invention.
- client device 100 uses service 240 by conducting virtual service session 140 using virtual service 540.
- virtual service session 140 is a IP session, a UDP session, a TCP session, a SIP session, an ICMP session, a GRE session, a RTSP session, an SSL session, a HTTPS session, or a HTTP session.
- virtual service 540 includes a virtual service network address 541, such as an IP network address.
- the virtual service network address 541 is shared among the service load balancers in the service load balancer pool 530.
- virtual service network address 541 includes a transport layer identity such as a port number, a TCP port, a UDP port.
- client device 100 sends a virtual service session request 142, such as a TCP session request data packet, to network node 562.
- Virtual service session request 142 includes virtual service network address 541.
- network node 562 determines that virtual service session request 142 is to be sent to service load balancer 534, based on virtual service network address 541.
- Service load balancer 534 establishes virtual service session 140 with client device 100.
- client device 100 After establishing virtual service session 140, client device 100 sends a virtual service request 144 through virtual service session 140 to service load balancer 534.
- Service load balancer 534 determines that virtual service request 144 is to be relayed to server 212. Subsequently client device 100 exchanges virtual service data packet 146 with server 212 via service load balancer 534.
- FIG. 3a illustrates processing of virtual service session request 142 according to an embodiment of the present invention.
- Client device 100 sends virtual service session request 142 to network node 562.
- virtual service session request 142 data packet includes virtual service network address 541, and client network address 101.
- client network address 101 includes an IP address of client device 100, and optionally a transport layer address.
- Network node 562 selects service load balancer 534, based on a packet forwarding policy 641, and forwards virtual service session request 142 to service load balancer 534.
- Packet forwarding policy 641 includes criteria 643 and destination 645. Criteria 643 contain matching information for network node 562 to match against virtual service session request 142. Destination 645 includes information to transmit virtual service session request 142.
- destination 645 indicates using network interface 674 to transmit virtual service session request 142.
- Network node 562 informs network module 670 to transmit virtual service session request 142 using interface 674.
- network interface 674 directly connects to service load balancer 534 and service load balancer 534 receives virtual service session request 142.
- network interface 674 connects to service load balancer 534 via data network 500 and service load balancer 534 receives virtual service session request 142 via data network 500.
- Network node 562 compares criteria 643 against virtual service session request 142. In one embodiment, network node 562 retrieves virtual service network address 541 from virtual service session request 142. In one embodiment, criteria 643 include virtual service network address 646. Network node 562 compares virtual service network address 541 with virtual service network address 646. In one embodiment, virtual service network address 646 includes virtual service network address 541 and network node 562 finds a match between virtual service network address 541 and virtual service network address 646.
- the network node 562 In response to finding a match between virtual service network address 541 and virtual service network address 646, the network node 562 applies the packet forwarding policy 641 to the virtual service session request 142 by informing the network module 670 to transmit the virtual service session request 142 using the network interface 674 indicated by destination 645.
- virtual service network address 646 includes a transport layer address such as TCP port number, UDP port number or other transport layer information.
- Network node 562 retrieves transport layer address from virtual service network address 541 and compares with virtual service network address 646. In one embodiment, network node 562 finds a match of the transport layer addresses, network node 562 determines that packet forwarding policy 641 is to be applied to virtual service session request 142.
- virtual service network address 646 includes a range of network addresses. In finding that virtual service network address 541 is included in the range of network addresses, network node 562 determines there is a match. In one embodiment, virtual service network address 646 includes a range of transport layer addresses.
- network node 562 determines there is a match.
- criteria 643 include client network address 647.
- Network node 562 obtains client device network address 101 from virtual service session request 142 and compares client network address 647 with client device network address 101. If there is a match, network node 562 determines packet forwarding policy 641 is applicable.
- client network address 647 includes a range of network addresses. In finding that client device network address 101 is included in the range of network addresses, network node 562 determines there is a match.
- network node 562 further includes another packet forwarding policy 651.
- Packet forwarding policy 651 includes criteria 652, which includes a client network address 653 different from client network address 647 and the same virtual service network address 646 as packet forwarding policy 641.
- Network node 562 obtains virtual service network address 541 and client device network address 101 from virtual service session request 142.
- network node 562 first determines whether packet forwarding policy 651 applies to virtual service session request 142.
- Network node 562 compares client network address 653 in packet forwarding policy 651 with client device network address 101, and compares virtual service network address 646 in packet forwarding policy 651 with virtual service network address 541.
- the network node 562 determines that packet forwarding policy 651 does not apply.
- client network address 653 includes a range of network addresses. In finding that client device network address 101 is not included in the range of network addresses, network node 562 determines there is no match.
- Network node 562 determines whether a different packet forwarding policy applies. In one embodiment, after determining that packet forwarding policy 651 does not apply, network node 562 determines whether packet forwarding policy 641 applies.
- Network node compares client network address 647 in packet forwarding policy 641 with client device network address 101, and compares virtual service network address 646 in packet forwarding policy 641 with virtual service network address 541. In response to finding a match between client network address 647 and client network address 101 and a match between the virtual service network address 646 and virtual service network address 541, network node 562 determines packet forwarding policy 641 is applicable.
- service load balancer 534 Upon receiving virtual service session request 142, service load balancer 534 processes the session request 142 and replies with a virtual service session request response 143, comprising one or more data packets to be transmitted to client device 100. A process to send data packet 143 will be discussed in a later illustration.
- destination 645 includes a modification procedure prior to transmission.
- Network node 562 applies the modification procedure in destination 645 prior to informing network interface 674.
- destination 645 indicates a IP tunneling modification, a VLAN modification, a MPLS modification, a L2TP tunnel, a IP- in-IP tunnel, a IPv6-v4 tunnel modification, a IPSec modification, a packet header modification, a packet payload modification, or other modification procedure related to network interface 674.
- Figure 3b illustrates processing of virtual service request 144 according to an embodiment of the present invention.
- Client device 100 sends virtual service request 144 data packet to network node 562, where the virtual service request 144 includes a virtual service network address 541.
- network node 562 processes virtual service request 144 using a similar process illustrated in figure 3a, matching the criteria from packet forwarding policy 641 with virtual service request 144 having virtual service network address 541.
- Network node 562 sends virtual service request 144 to service load balancer 534 according to the application of the matching packet forwarding policy 641.
- Service load balancer 534 receives and processes virtual service request 144.
- Service load balancer 534 selects server 212 to service virtual service request 144 and sends the virtual service request 148 to the server 212.
- the selection of server 212 is known to those skilled in the art. Any and all such selection process is considered as a part of an embodiment of the present invention and is not described in this specification.
- Server 212 responds to the virtual service request 148 with a service request response 245 and sends the service request response 245 to service load balancer 534.
- Service load balancer 534 creates virtual ser ire renuest response 145 and sends the service request respoi 1 ⁇ ' 1 - ' device 100. An embodiment to send virtual service request 145 from service load balancer 534 to client device 100 will be described in a later illustration in this specification.
- Figure 3c illustrates processing of virtual service data packet 146 according to an embodiment of the present invention.
- Client device 100 sends virtual service data packet 146 to network node 562, where the virtual service data packet 146 includes a virtual service network address 541.
- network node 562 processes virtual service data packet 146 in a similar process illustrated in figure 3a, matching the criteria from packet forwarding policy 641 with virtual service data packet 146 having virtual service network address 541.
- Network node 562 sends virtual service data packet 146 to service load balancer 534.
- Service load balancer 534 generates service packet 546 using virtual service data packet 146, and sends service packet 546 to server 212.
- the process of generating service packet 546 using virtual service data packet 146 is known to those skilled in the art and is not described in this specification.
- Figure 4 illustrates a process to forward a data packet from service load balancer 534 to client device 100 according to an embodiment of the present invention.
- service load balancer 534 sends a data packet 147 of service session 140 to network node 562.
- data packet 147 may be virtual service session request response 143 or virtual service request response 145.
- Data packet 147 includes client device network address 101 of client device 100 as a destination for data packet 147.
- Service load balancer 534 sends data packet 147 through data network 500 to network node 562, and network node 562 receives data packet 147 from data network 500.
- data packet 147 traverses through virtual service network 510 before it is received by network node 562.
- Network node 562 retrieves destination client device network address 101 from data packet 147, and determines that data packet 147 is to be sent to client device 100, based on the retrieved client device network address 101.
- virtual service network 510 includes a network node 564 connected with network node 562 and service load balancer 534.
- FIG. 5a illustrates a process for network node 562 to select network node 564 according to an embodiment of the present invention.
- Network node 564 receives and processes virtual service data packet 148.
- Network node 564 sends virtual service data packet 148 to service load balancer 534 according to an embodiment process illustrated in figures 3, 3a-3c.
- Figure 5a illustrates a process of network node 562 to send a virtual service data packet 148 from client device 100 to network node 564 according to an embodiment of the present invention.
- Client device 100 sends virtual service data packet 148 to network node 562.
- data packet 148 includes virtual service network address 541, and client network address 101.
- Network node 562 selects network node 564, based on a packet forwarding policy 681, and forwards data packet 148 to network node 564.
- Packet forwarding policy 681 includes criteria 683 and destination 685. Criteria 683 contain matching information for network node 562 to compare against data packet 148.
- Destination 685 indicates information to transmit data packet 148.
- destination 685 indicates network interface 674 is to be used to transmit data packet 148.
- Network node 562 informs network module 670 to transmit data packet 148 using interface 674.
- network interface 674 directly connects to network node 564 and network node 564 receives data packet 148.
- network interface 674 connects to network node 564 via data network 500 and network node 564 receives data packet 148 via data network 500.
- Network node 562 matches criteria 683 against data packet 148.
- network node 562 retrieves virtual service network address 541 from data packet 148.
- criteria 683 include virtual service network address 686.
- Network node 562 matches virtual service network address 541 with virtual service network address 686.
- virtual service network address 686 includes virtual service network address 541 and network node 562 finds a match between virtual service network address 541 and virtual service network address 686.
- virtual service network address 686 includes a transport layer address such as TCP port number, UDP port number or other transport layer information.
- Network node 562 retrieves transport layer address from data packet 148 and compares the transport layer address with virtual service network address 686.
- network node 562 finds a match of the transport layer addresses, network node 562 determines that packet forwarding policy 681 is to be applied to data packet 148.
- virtual service network address 686 includes a range of network addresses. In finding that virtual service network address 541 is included in the range of network addresses, network node 562 determines there is a match. In one embodiment, virtual service network address 686 includes a range transport layer addresses. In finding that the transport layer address of data packet 148 is included in the range of transport layer addresses, network node 562 determines there is a match.
- criteria 683 include client network address 687.
- Network node 562 obtains client device network address 101 from data packet 148 and compares client network address 687 with client device network address 101. If there is a match, network node 562 determines packet forwarding policy 681 is applicable.
- client network address 687 includes a range of network addresses. In finding that client device network address 101 is included in the range of network addresses, network node 562 determines there is a match.
- destination 685 indicates a modification process prior to transmission.
- Network node 562 applies the modification in destination 685 prior to informing network interface 674.
- destination 645 indicates an IP tunneling modification, a VLAN modification, a MPLS modification, a L2TP tunnel, a IP- in-IP tunnel, a IPv6-v4 tunnel modification, a IPSec modification, a packet header modification, a packet payload modification, a layer 2 over layer 2 tunnel modification, a layer 3 over layer 2 tunnel modification, a layer 3 over layer 3 tunnel modification, or other modification related to network interface 674.
- Network confisuration module 821 includes packet forwarding policy 641 which contains a policy to forward a data packet to service load balancer 534 or network node 564.
- Network configuration module 821 sends packet forwarding policy 641 to network node 562.
- network configuration module 821 is a network management system.
- network configuration module 821 is a software module within a service load balancer, such as service load balancer 534.
- network configuration module 821 is an administrative computing device, wherein a network administrative user provides packet forwarding policy 641 to network configuration module 821.
- network configuration module 821 connects to storage 823 wherein storage 823 includes packet forwarding policy 641.
- Network configuration module 821 retrieves packet forwarding policy 641 and sends to network node 562.
- storage 823 includes other packet forwarding policies.
- network configuration module 821 receives packet forwarding policy 641 from administrator 120, and stores packet forwarding policy 641 into storage 823.
- network configuration module 821 connects to service load balancer 534 and detects a change to service load balancer 534, and in response, network configuration module 821 generates packet forwarding policy 641.
- a change can be due to a change to virtual service 540 of service load balancer 534, or availability of service load balancer 534.
- service load balancer 534 sends packet forwarding policy 641 to network configuration module 821.
- network configuration module 821 connects to network node 564 and detects a change to network node 564, and in response, network configuration module 821 generates packet forwarding policy 641.
- network configuration module 821 connects to virtual service network 510 and data network 500.
- Network configuration module 821 detects a change to virtual service network 510 or data network 500.
- network configuration module 821 generates packet forwarding policy 641.
- network configuration module 821 detects a change in network node 562 and generates packet forwarding policy 641 .
- network configuration module 821 instructs network node 562 to remove packet forwarding policy 641.
- network configuration module 821 detects a change in network node 564, service load balancer 534, data network 500, virtual service network 510, or network node 562 and determines packet forwarding policy 641 is to be removed.
- network configuration module 821 removes packet programming policy 641 from storage 823.
- network configuration module 821 receives a command from administrator 120 to remove packet programming policy 641. In one embodiment, network configuration module 821 receives a command from service load balancer 534 to remove packet programming policy 641.
- FIG. 7 illustrates several embodiments of different packet forwarding policies according to an embodiment of the present invention.
- network node 562 includes packet forwarding policy 641 and packet forwarding policy 642.
- Packet forwarding policy 641 and packet forwarding 642 include the same criteria 643.
- Packet forwarding policy 641 includes destination 645 that is different from destination 646 in packet forwarding policy 642.
- destination 645 is for server load balancer 532 or a network node (not shown), whereas destination 646 is for service load balancer 534, which is different from service load balancer 532.
- network node 562 receives data packet 148 from client device 100 and matches information in data packet 148 with criteria 643.
- Network node 562 finds both packet forwarding policy 641 and packet forwarding policy 642 applicable.
- Network node 562 selects packet forwarding policy 641 based on additional information.
- packet forwarding policy 641 includes multi-path factor 648 while packet forwarding policy 642 includes multi-path factor 649.
- Network node 562 selects packet forwarding policy 641 based on multi-path factor 648 and multi-path factor 649.
- multi-path factor 648 indicates a primary path while multi-factor 648 indicates a sernnHnr nnth Network node 562 selects packet forwarding policy ⁇ 1 T embodiment, multi-path factor 648 includes a status indicating if service load balancer 532 is available. If multi-path factor 648 status indicates service load balancer 532 is available and multi-path factor 649 status indicates service load balancer 534 is not available, network node 562 selects packet forwarding policy 641.
- packet forwarding policy 641 includes traffic policy 649 such as traffic shaping, traffic management, quality of service, bandwidth management, packet access control or queuing parameters.
- Traffic policy 649 such as traffic shaping, traffic management, quality of service, bandwidth management, packet access control or queuing parameters.
- Network node 562 applies traffic policy 649 or instructs network module 670 to apply traffic policy 649.
- server pool 200 serves service 240 and service 250.
- service load balancer pool 530 provides virtual services 540 and 550 corresponding to service 240 and service 250 respectively.
- Network node 562 will include at least one packet forwarding policy for virtual service 540 and one packet forwarding policy for virtual service 550.
- the network node 562 determines whether the data packet is for virtual service 540 or virtual service 550. If the data packet is for virtual service 540, then the network node 562 processes the data packet according to the packet forwarding policies for virtual service 540. If the data packet is for virtual service 550, then the network node 562 processes the data packet according to the packet forwarding policies for virtual service 550.
Abstract
In providing packet forwarding policies in a virtual service network that includes a network node and a pool of service load balancers serving a virtual service, the network node: receives a virtual service session request from a client device, the request including a virtual service network address for the virtual service; compares the virtual service network address in the request with the virtual service network address in each of a plurality of packet forwarding policies; in response to finding a match between the virtual service network address in the request and a given virtual service network address in a given packet forwarding policy, determines the given destination in the given packet forwarding policy; and sends the request to a service load balancer in the pool of service load balancers associated with the given destination, where the service load balancer establishes a virtual service session with the client device.
Description
FORWARDING POLICIES ON A VIRTUAL SERVICE NETWORK
BACKGROUND OF THE INVENTION
FIELD
[0001] This invention relates generally to data communications, and more specifically, to a virtual service network.
BACKGROUND
[0002] Service load balancers such as server load balancers or application delivery controllers typically balance load among a plurality of servers providing network services such as Web documents, voice calls, advertisements, enterprise applications, video services, gaming, or consuming broadband services. A service is used by many client computers. Some services are offered for few clients and some services are offered to many clients. Typically a service is handled by a service load balancer. When there are many clients utilizing the service at the same time, the service load balancer will handle the distribution of client service accesses among the servers. However, as the capacity of the service load balancer is reached, a network administrator cannot easily add a second service load balancer, since a service is typically assigned to an IP address of the service load balancer. Adding another service load balancer having the same IP address for the service is not possible in a data network. Network nodes in the data network would not be able to determine which service load balancer to send a client service access to.
[0003] The scaling of service demand has not been a problem in the past as computing capacity of service load balancer was able to keep up with client service demand. However, as mobile computing becomes pervasive and as more traditional non networking services such as television, gaming, and advertisement are migrating to data networks, the demand for client services has surpassed the pace of processing improvement. The need to scale to a plurality of service load balancers to support a network service is imminent.
[0004] The present invention describes a virtual service network wherein network nodes in the virtual service network are capable of processing client service sessions of a network service and forwarding the sessions to a plurality of service load balancers.
BRIEF SUMMARY OF THE INVENTION
[0005] According to one embodiment of the present invention, a method for providing forwarding policies in a virtual service network, the virtual service network comprising a network node and a pool of service load balancers serving a virtual service associated with a virtual service network address, comprises: (a) receiving a virtual service session request from a client device by the network node, the virtual service session request comprising the virtual service network address for the virtual service served by the pool of service load balancers, wherein the network node comprises a plurality of packet forwarding policies, each packet forwarding policy comprising a virtual service network address associated with a destination; (b) comparing by the network node the virtual service network address in the virtual service session request with the virtual service network address in each packet forwarding policy; (c) in response to finding a match between the virtual service network address in the virtual service session request and a given virtual service network address in a given packet forwarding policy, determining the given destination in the given packet forwarding policy by the network node; and (d) sending the virtual service session request to a service load balancer in the pool of service load balancers associated with the given destination, wherein the service load balancer establishes a virtual service session with the client device.
[0006] In one aspect of the present invention, after the service load balancer establishes the virtual service session with the client device, the method further comprises: (e) receiving a virtual service request from the client device through the virtual service session by the network node, the virtual service request comprising the virtual service network address for the virtual service; (f) comparing by the network node the second virtual service network address in the virtual service request with the virtual service network address in each packet forwarding policy; (g) in response to finding a match between the virtual service network address in the virtual service request and a second given virtual service network address in a second given packet forwarding policy, determining a second given destination in the second given packet forwarding policy by the network node; and (h) sending the virtual service request to a second service load balancer associated with the second given
— *T,„ netWork node.
[0007] In one aspect of the present invention, the method further comprises: (i) receiving a virtual service data packet from the client device through the virtual service session by the network node, the virtual service data packet comprising the virtual service network address for the virtual service; (]) comparing by the network node the virtual service network address in the virtual service data packet with the virtual service network address in each packet forwarding policy; (k) in response to finding a match between the virtual service network address in the virtual service data packet and a third given virtual service network address in a third given packet forwarding policy, determining a third given destination in the third given packet forwarding policy by the network node; and (i) sending the virtual service data packet to a third service load balancer associated with the third given destination by the network node.
[0008] In one aspect of the present invention, the service load balancer, the second service load balancer, and the third service load balancer are the same service load balancer.
[0009] In one aspect of the present invention, the method further comprises: (e) receiving a data packet of the virtual service session by the network node from the service load balancer over a data network, the data packet comprising a client network address of the client device; (f) retrieving the client network address from the data packet by the network node; and (g) sending the data packet to the client device using the client network address by the network node.
[0010] In one aspect of the present invention, the data packet comprises a virtual service session request response or a virtual service request response.
[0011] In one aspect of the present invention, the given destination comprises a second network node, wherein the sending (d) comprises: (dl) sending the virtual service session request to the second network node, wherein the second network node comprises a second plurality of packet forwarding policies, each of the second packet forwarding policies comprising a second virtual service network address associated with a second destination; (d2) comparing by the second network node the virtual service network address in the virtual service session request with the virtual service network address in each of the second nnrket fnrwnrHiri CT policies; (d3) in response to finding a match between 1 ' 1
network address in the virtual service session request and a second given virtual service network address in a second given packet forwarding policy, determining a second given destination in the second given packet forwarding policy by the second network node; and (d4) sending the virtual service session request to the service load balancer associated with the second given destination, wherein the service load balancer establishes a virtual service session with the client device.
[0012] In one aspect of the present invention, the determining (c) comprises: (cl) finding by the network node that the virtual service network address in the virtual service session request matches a first virtual service network address in a first packet forwarding policy and a second virtual network address in a second packet forwarding policy; (c2) selecting by the network node either the first packet forwarding policy or the second packet forwarding policy based on additional information comprised in the first and second packet forwarding policies; and (c3) determining the given destination in the selected packet forwarding policy by the network node.
[0013] In one aspect of the present invention, wherein the additional information comprises one or more of the following: a multi-path factor; and a traffic policy.
[0014] In one aspect of the present invention, the first packet forwarding policy comprises a first destination associated with a first service load balancer in the pool of service load balancers, and the second packet forwarding policy comprises a second destination associated with a second service load balancer in the pool of service load balancers, wherein the first service load balancer is different from the second service load balancer, wherein the determining (c3) comprises: (c3i) in response to selecting the first packet forwarding policy, determining the first destination associated with the first service load balancer in the first packet forwarding policy by the network node; and (c3ii) in response to selecting the second packet forwarding policy, determining the second destination in the second packet forwarding policy in the second packet forwarding policy by the network node.
[0015] In one aspect of the present invention, the network node comprises a first plurality of packet forwarding policies for a first virtual service and a second plurality of packet fnrwnrHiri CT nnliHes for a second virtual service, wherein the comparing s ' " 1 s
determining by the network node whether the virtual service session request is for the first virtual service or the second virtual service; (b2) in response to determining that the virtual service session request is for the first virtual service, comparing by the network node the virtual service network address in the virtual service session request with a virtual service network address in each of the first plurality of packet forwarding policies; and (b3) in response to determining that the virtual service session request is for the first virtual service, comparing by the network node the virtual service network address in the virtual service session request with a virtual service network address in each of the second plurality of packet forwarding policies.
[0016] In one aspect of the present invention, the virtual service session request further comprises a client network address of the client device, and each packet forwarding policy further comprises a client network address associated with the destination, wherein the comparing (b) and the determining (c) comprise: (bl) comparing by the network node the virtual service network address in the virtual service session request with the virtual service network address in each packet forwarding policy; (b2) comparing by the network node the client network address in the virtual service session request with the client network address in each packet forwarding policy; and (cl) in response to finding the match between the virtual service network address in the virtual service session request and the given virtual service network address in the given packet forwarding policy, and in response to finding a match between the client network address in the virtual service session request and the given client network address in the given packet forwarding policy, determining the given destination in the given packet forwarding policy by the network node.
[0017] System and computer program products corresponding to the above- summarized methods are also described and claimed herein.
[0018] According to another embodiment of the present invention, a method for providing forwarding policies in a virtual service network, the virtual service network comprising a network node and a pool of service load balancers serving a virtual service associated with a virtual service network address, comprising: (a) receiving a virtual service session request from a client device by the network node, the virtual service session request comprising a
client device network address for the client device and the virtual service network address for the virtual service served by the pool of service load balancers, wherein the network node comprises a plurality of packet forwarding policies, each packet forwarding policy comprising a client network address and a virtual service network address associated with a destination; (b) comparing by the network node the virtual service network address in the virtual service session request with a first virtual service network address in a first packet forwarding policy of the plurality of packet forwarding policies, and comparing the client device network address in the virtual service session request with a first client network address in the first packet forwarding policy; (c) in response to determining that the virtual service network address in the virtual service session request matches the first virtual service network address, and determining that the client device network address in the virtual service session request does not match the first client network address, determining by the network node that the first packet forwarding policy does not apply to the virtual service session request; (d) in response to determining that the first packet forwarding policy does not apply, comparing by the network node the virtual service network address in the virtual service session request with a second virtual service network address in a second packet forwarding policy of the plurality of packet forwarding policies, and comparing the client device network address in the virtual service session request with a second client network address in the second packet forwarding policy; (e) in response to determining that the virtual service network address in the virtual service session request matches the second virtual service network address, and determining that the client device network address in the virtual service session request matches the second client network address, determining by the network node that the second packet forwarding policy applies to the virtual service session request; (f) in response to determining that the second packet forwarding policy applies, determining a given destination in the second packet forwarding policy by the network node; and (g) sending the virtual service session request to a service load balancer in the pool of service load balancers associated with the given destination, wherein the service load balancer establishes a virtual service session with the client device.
BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE FIGURES
[0019] Figure 1 illustrates a virtual service network for a service according to an
embodiment of the present invention.
[0020] Figure 2a illustrates a component view of network node according to an embodiment of the present invention.
[0021] Figure 2b illustrates a component view of service load balancer according to an embodiment of the present invention.
[0022] Figure 2c illustrates a component view of server according to an embodiment of the present invention.
[0023] Figure 3 illustrates a virtual service session according to an embodiment of the present invention.
[0024] Figure 3a illustrates processing of a virtual service session request according to an embodiment of the present invention.
[0025] Figure 3b illustrates processing of a virtual service request according to an embodiment of the present invention.
[0026] Figure 3c illustrates processing of a virtual service data packet according to an embodiment of the present invention.
[0027] Figure 4 illustrates processing of a data packet from service load balancer to client device according to an embodiment of the present invention.
[0028] Figure 5 illustrates a via network node according to an embodiment of the present invention.
[0029] Figure 5a illustrates forwarding a virtual service data packet to a via network node according to an embodiment of the present invention.
[0030] Figure 6 illustrates a network node configuration according to an embodiment of the present invention.
[0031] Figure 7 illustrates packet forwarding policies with other information according to an embodiment of the present invention.
[0032] Figure 8 illustrates a virtual service network supporting multiple services according to an embodiment of the present invention.
DETAILED DESCRIPTION OF THE INVENTION
[0033] The present invention can take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment containing both hardware and software elements. In a preferred embodiment, the present invention is implemented in software, which includes but is not limited to firmware, resident software, microcode, etc.
[0034] Furthermore, the present invention can take the form of a computer program product accessible from a computer-usable or computer-readable medium providing program code for use by or in connection with a computer or any instruction execution system. For the purposes of this description, a computer-usable or computer readable medium can be any apparatus that can contain, store, communicate, propagate, or transport eh program for use by or in connection with the instruction execution system, apparatus, or device.
[0035] The medium can be an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system (or apparatus or device) or a propagation medium. Examples of a computer-readable medium include a semiconductor or solid state memory, magnetic tape, a removable computer diskette, a random access memory (RAM), a read-only memory (ROM), a rigid magnetic disk and an optical disk. Current examples of optical disks include compact disk - read only memory (CD-ROM), compact disk - read/write (CD-R/W) and DVD.
[0036] A data processing system suitable for storing and/or executing program code will include at least one processor coupled directly or indirectly to memory elements through a system bus. The memory elements can include local memory employed during actual execution of the program code, bulk storage, and cache memories which provide temporary
storage of at least some program code in order to reduce the number of times code must be retrieved from bulk storage during execution.
[0037] Input/output or I/O devices (including but not limited to keyboards, displays, point devices, etc.) can be coupled to the system either directly or through intervening I/O controllers.
[0038] Network adapters may also be coupled to the system to enable the data processing system to become coupled to other data processing systems or remote printers or storage devices through intervening private or public networks. Modems, cable modem and Ethernet cards are just a few of the currently available types of network adapters.
[0039] The flowchart and block diagrams in the Figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified local function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially
concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
[0040] The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers stens nnerations, elements, and/or components, but do not pre< 1 1 1
addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
[0041] Figure 1 illustrates a virtual service network for a service according to an
embodiment of the present invention. Virtual service network 510 includes a network node 562 and a service load balancer pool 530, which includes, in one embodiment, a plurality of service load balancers 532, 534. Network node 562 and service load balancer pool 530 are connected in virtual service network 510 such that network node 562 can forward packets to service load balancers 532-534 and vice versa.
[0042] In one embodiment, virtual service network 510 is configured over a data network 500. In this embodiment, network node 562 and service load balancers 532-534 are a part of data network 500. In one embodiment, network node 562 connects directly to service load balancers 532-534 and forwards data packets directly to service load balancers 532-534. In one embodiment, network node 562 forwards data packets through one or more network elements (not shown) in data network 500.
[0043] In one embodiment, service load balancers 532-534 send data packets to network node 562 through data network 500, using one or more network elements in data network 500 if necessary.
[0044] In one embodiment, data network 500 includes an Internet Protocol (IP) network, a corporate data network, a regional corporate data network, an Internet service provider network, a residential data network, a wired network such as Ethernet, a wireless network such as a WiFi network, or a cellular network. In one embodiment, data network 500 resides in a data center, or connects to a network or application network cloud.
[0045] In one embodiment, network node 562 includes, in addition to that described later in this specification, the functionality of a network switch, an Ethernet switch, an IP router, an ATM switch, a stackable switch, a broadband remote access system (BRAS), a cable headend, a mobile network gateway, a home agent gateway (HA-Gateway), a PDSN, a GGSN, a broadband gateway, a VPN gateway, a firewall, or a networking device capable of forwarding packets in data network 500.
[0046] In some embodiments, service load balancer 534 includes functionality of a server load balancer, an application delivery controller, a service delivery platform, a traffic manager, a security gateway, a component of a firewall system, a component of a virtual private network (VPN), a load balancer for video servers, a gateway to distribute load to one or more servers, or a gateway performing network address translation (NAT).
[0047] Service load balancer pool 530 connects to server pool 200, which in an embodiment includes a plurality of servers 212, 214, 216. Servers 212-216 of server pool 200 serves service 240. Service load balancers 532-534 of service load balancer pool 530 serves service 240 as virtual service 540.
[0048] In some embodiments, server 212 includes functionality of a Web server, a file server, a video server, a database server, an application server, a voice system, a
conferencing server, a media gateway, a media center, an app server or a network server providing a network or application service to client device 100 using a Web protocol.
[0049] In some embodiments, service 240 includes a Web service, a HTTP service, a FTP service, a file transfer service, a video or audio streaming service, an app download service, an advertisement service, an on-line game service, a document access service, a
conferencing service, a file sharing service, a group collaboration service, a database access service, an on-line transaction service, a Web browsing service, a VOIP service, a notification service, a messaging service, or an Internet data communication service.
[0050] Each service load balancer, for example service load balancer 532, can exchange data packets to one or more servers in server pool 200.
[0051] Client device 100 is a computing device connecting to virtual service network 510. In one embodiment, in order to utilize service 240, client device 100 establishes a virtual service session 140 for virtual service 540 with service load balancer pool 530 through virtual service network 510. Service load balancer pool 530 establishes service session 340 with server pool 200 and relays data packets between virtual service session 140 and service session 340. In this embodiment, server pool 200 provides the service 240 to client device 100. In some embodiments, client device 100 is a personal computer, a laptop computer, a
desktop computer, a smartphone, a feature phone, a tablet computer, an e-reader, an end-use networked device, a server computer, a service proxy computer, a service gateway, a business computer, a server computer, or a computer requesting service 240.
[0052] Figures 2a-2c illustrate components of network node 562, service load balancer 534, and server 212 according to an embodiment of the present invention.
[0053] In one embodiment illustrated in figure 2a, network node 562 includes processor module 630, packet processing module 650, and network module 670. In one embodiment, processor module 630 includes one or more processors and a computer readable medium storing programming instructions. In one embodiment, processor module 630 includes storage such as random accessible memory (RAM). In one embodiment, packet processing module 650 includes a processor or a network processor capable of processing data packets. In one embodiment, packet processing module 650 is part of processor module 630. In one embodiment, packet processing module 650 is a physical card or module housing a network processor. In one embodiment packet processing module 650 includes storage such as random access memory (RAM), context addressable memory (CAM), tertiary CAM
(TCAM), static random access memory (SRAM) or other memory component. In one embodiment, packet processing module 650 includes a plurality of programming
instructions. In one embodiment, network module 670 interacts with data network 500 and virtual service network 510 to transmit and receive data packets. In one embodiment, network module 670 includes a plurality of network interfaces such as network interface 671, network interface 672 and network interface 674. Each of the network interfaces connect to another network component. For example, in one embodiment, network interface 671 connects to client device 100; network interface 672 connects to service load balancer 532; and network interface 674 connects to service load balancer 534. In one embodiment, network interface 671 connects to client device 100 and service load balancer pool 530. In one embodiment, network interface 671 is an Ethernet, Gigabit Ethernet, 10-Gigabit Ethernet, ATM, MPLS, wireless network, or optical network interface.
[0054] Figure 2b illustrates a service load balancer such as service load balancer 534 according to an embodiment of the present invention. In one embodiment, service load
balancer 534 includes processor module 734, virtual service processing module 754 and network module 774. Network module 774 interacts with data network 500 and virtual service network 510 to transmit and receive data packets. In one embodiment, network module 774 exchanges data packets with network node 562 and server pool 200. Network module 774 includes a network interface card or network interface module connecting to data network 500 and virtual service network 510. In one embodiment, processor module 734 includes a processor and computer readable medium storing programming instructions. In one embodiment, virtual service processing module 754 includes a physical hardware comprising a processor or a network processor, a memory module such as RAM. In one embodiment, virtual service processing module 754 is included in processor module 734. In one embodiment, virtual service processing module 754 includes storage storing
programming instructions.
[0055] Figure 2c illustrates a server, such as server 212, according to an embodiment of the present invention. In one embodiment, server 212 includes processor module 832, service processing module 852 and network module 872. Network module 872 interacts with virtual service network 510 to transmit or receive data packets. In one embodiment, network module 872 exchanges data packets with service load balancer pool 530. Network module 872 includes a network interface card or network interface module connecting to data network 510 or virtual service network 510. In one embodiment, processor module 832 includes a processor and computer readable medium storing programming instructions. In one embodiment, service processing module 852 includes a physical hardware comprising a processor or a network processor, a memory module such as RAM. In one embodiment, service processing module 852 is included in processor module 832. In one embodiment, service processing module 852 includes storage storing programming instructions executed by server 212.
[0056] Figure 3 illustrates a session between client device and a server according to an embodiment of the present invention. In one embodiment, client device 100 uses service 240 by conducting virtual service session 140 using virtual service 540. In one embodiment, virtual service session 140 is a IP session, a UDP session, a TCP session, a SIP session, an
ICMP session, a GRE session, a RTSP session, an SSL session, a HTTPS session, or a HTTP session. In one embodiment, virtual service 540 includes a virtual service network address 541, such as an IP network address. In one embodiment, the virtual service network address 541 is shared among the service load balancers in the service load balancer pool 530. In one embodiment, virtual service network address 541 includes a transport layer identity such as a port number, a TCP port, a UDP port. In one embodiment, client device 100 sends a virtual service session request 142, such as a TCP session request data packet, to network node 562. Virtual service session request 142 includes virtual service network address 541. In one embodiment, network node 562 determines that virtual service session request 142 is to be sent to service load balancer 534, based on virtual service network address 541. Service load balancer 534 establishes virtual service session 140 with client device 100.
[0057] After establishing virtual service session 140, client device 100 sends a virtual service request 144 through virtual service session 140 to service load balancer 534. Service load balancer 534 determines that virtual service request 144 is to be relayed to server 212. Subsequently client device 100 exchanges virtual service data packet 146 with server 212 via service load balancer 534.
[0058] Figure 3a illustrates processing of virtual service session request 142 according to an embodiment of the present invention. Client device 100 sends virtual service session request 142 to network node 562. In one embodiment, virtual service session request 142 data packet includes virtual service network address 541, and client network address 101. In one client network address 101 includes an IP address of client device 100, and optionally a transport layer address. Network node 562 selects service load balancer 534, based on a packet forwarding policy 641, and forwards virtual service session request 142 to service load balancer 534. Packet forwarding policy 641 includes criteria 643 and destination 645. Criteria 643 contain matching information for network node 562 to match against virtual service session request 142. Destination 645 includes information to transmit virtual service session request 142. In one embodiment, destination 645 indicates using network interface 674 to transmit virtual service session request 142. Network node 562 informs network
module 670 to transmit virtual service session request 142 using interface 674. In one embodiment, network interface 674 directly connects to service load balancer 534 and service load balancer 534 receives virtual service session request 142. In one embodiment, network interface 674 connects to service load balancer 534 via data network 500 and service load balancer 534 receives virtual service session request 142 via data network 500.
[0059] Network node 562 compares criteria 643 against virtual service session request 142. In one embodiment, network node 562 retrieves virtual service network address 541 from virtual service session request 142. In one embodiment, criteria 643 include virtual service network address 646. Network node 562 compares virtual service network address 541 with virtual service network address 646. In one embodiment, virtual service network address 646 includes virtual service network address 541 and network node 562 finds a match between virtual service network address 541 and virtual service network address 646. In response to finding a match between virtual service network address 541 and virtual service network address 646, the network node 562 applies the packet forwarding policy 641 to the virtual service session request 142 by informing the network module 670 to transmit the virtual service session request 142 using the network interface 674 indicated by destination 645.
[0060] In one embodiment, virtual service network address 646 includes a transport layer address such as TCP port number, UDP port number or other transport layer information. Network node 562 retrieves transport layer address from virtual service network address 541 and compares with virtual service network address 646. In one embodiment, network node 562 finds a match of the transport layer addresses, network node 562 determines that packet forwarding policy 641 is to be applied to virtual service session request 142. In one embodiment, virtual service network address 646 includes a range of network addresses. In finding that virtual service network address 541 is included in the range of network addresses, network node 562 determines there is a match. In one embodiment, virtual service network address 646 includes a range of transport layer addresses. In finding that transport layer address of virtual service network address 541 is included in the range of transport layer addresses, network node 562 determines there is a match.
[0061] In one embodiment, criteria 643 include client network address 647. Network node 562 obtains client device network address 101 from virtual service session request 142 and compares client network address 647 with client device network address 101. If there is a match, network node 562 determines packet forwarding policy 641 is applicable. In one embodiment, client network address 647 includes a range of network addresses. In finding that client device network address 101 is included in the range of network addresses, network node 562 determines there is a match.
[0062] In one embodiment, network node 562 further includes another packet forwarding policy 651. Packet forwarding policy 651 includes criteria 652, which includes a client network address 653 different from client network address 647 and the same virtual service network address 646 as packet forwarding policy 641. Network node 562 obtains virtual service network address 541 and client device network address 101 from virtual service session request 142. In one embodiment, network node 562 first determines whether packet forwarding policy 651 applies to virtual service session request 142. Network node 562 compares client network address 653 in packet forwarding policy 651 with client device network address 101, and compares virtual service network address 646 in packet forwarding policy 651 with virtual service network address 541. In response to determining that there is no match between the client network address 653 and client device network address 101, the network node 562 determines that packet forwarding policy 651 does not apply. In one embodiment client network address 653 includes a range of network addresses. In finding that client device network address 101 is not included in the range of network addresses, network node 562 determines there is no match.
[0063] Network node 562 then determines whether a different packet forwarding policy applies. In one embodiment, after determining that packet forwarding policy 651 does not apply, network node 562 determines whether packet forwarding policy 641 applies.
Network node compares client network address 647 in packet forwarding policy 641 with client device network address 101, and compares virtual service network address 646 in packet forwarding policy 641 with virtual service network address 541. In response to finding a match between client network address 647 and client network address 101 and a
match between the virtual service network address 646 and virtual service network address 541, network node 562 determines packet forwarding policy 641 is applicable.
[0064] Upon receiving virtual service session request 142, service load balancer 534 processes the session request 142 and replies with a virtual service session request response 143, comprising one or more data packets to be transmitted to client device 100. A process to send data packet 143 will be discussed in a later illustration.
[0065] In one embodiment, destination 645 includes a modification procedure prior to transmission. Network node 562 applies the modification procedure in destination 645 prior to informing network interface 674. In one embodiment, destination 645 indicates a IP tunneling modification, a VLAN modification, a MPLS modification, a L2TP tunnel, a IP- in-IP tunnel, a IPv6-v4 tunnel modification, a IPSec modification, a packet header modification, a packet payload modification, or other modification procedure related to network interface 674.
[0066] Figure 3b illustrates processing of virtual service request 144 according to an embodiment of the present invention. Client device 100 sends virtual service request 144 data packet to network node 562, where the virtual service request 144 includes a virtual service network address 541. In one embodiment, network node 562 processes virtual service request 144 using a similar process illustrated in figure 3a, matching the criteria from packet forwarding policy 641 with virtual service request 144 having virtual service network address 541. Network node 562 sends virtual service request 144 to service load balancer 534 according to the application of the matching packet forwarding policy 641.
[0067] Service load balancer 534 receives and processes virtual service request 144.
Service load balancer 534 selects server 212 to service virtual service request 144 and sends the virtual service request 148 to the server 212. The selection of server 212 is known to those skilled in the art. Any and all such selection process is considered as a part of an embodiment of the present invention and is not described in this specification. Server 212 responds to the virtual service request 148 with a service request response 245 and sends the service request response 245 to service load balancer 534. Service load balancer 534 creates virtual ser ire renuest response 145 and sends the service request respoi 1 ^ ' 1 - '
device 100. An embodiment to send virtual service request 145 from service load balancer 534 to client device 100 will be described in a later illustration in this specification.
[0068] Figure 3c illustrates processing of virtual service data packet 146 according to an embodiment of the present invention. Client device 100 sends virtual service data packet 146 to network node 562, where the virtual service data packet 146 includes a virtual service network address 541. In one embodiment, network node 562 processes virtual service data packet 146 in a similar process illustrated in figure 3a, matching the criteria from packet forwarding policy 641 with virtual service data packet 146 having virtual service network address 541. Network node 562 sends virtual service data packet 146 to service load balancer 534. Service load balancer 534 generates service packet 546 using virtual service data packet 146, and sends service packet 546 to server 212. The process of generating service packet 546 using virtual service data packet 146 is known to those skilled in the art and is not described in this specification.
[0069] Figure 4 illustrates a process to forward a data packet from service load balancer 534 to client device 100 according to an embodiment of the present invention. In one embodiment, service load balancer 534 sends a data packet 147 of service session 140 to network node 562. In one embodiment, data packet 147 may be virtual service session request response 143 or virtual service request response 145. Data packet 147 includes client device network address 101 of client device 100 as a destination for data packet 147. Service load balancer 534 sends data packet 147 through data network 500 to network node 562, and network node 562 receives data packet 147 from data network 500. In one embodiment, data packet 147 traverses through virtual service network 510 before it is received by network node 562.
[0070] Network node 562 retrieves destination client device network address 101 from data packet 147, and determines that data packet 147 is to be sent to client device 100, based on the retrieved client device network address 101.
[0071] In one embodiment illustrated in figure 5, virtual service network 510 includes a network node 564 connected with network node 562 and service load balancer 534.
etwork nnHe 567. connects to client device 100. Network node 562 rec ' ' ' 1
data packet 148 of virtual service session 140 from client device 100. Network node 562 selects network node 564 to receive virtual service data packet 148 from network node 562. Figure 5a illustrates a process for network node 562 to select network node 564 according to an embodiment of the present invention. Network node 564 receives and processes virtual service data packet 148. Network node 564 sends virtual service data packet 148 to service load balancer 534 according to an embodiment process illustrated in figures 3, 3a-3c.
[0072] Figure 5a illustrates a process of network node 562 to send a virtual service data packet 148 from client device 100 to network node 564 according to an embodiment of the present invention. Client device 100 sends virtual service data packet 148 to network node 562. In one embodiment, data packet 148 includes virtual service network address 541, and client network address 101. Network node 562 selects network node 564, based on a packet forwarding policy 681, and forwards data packet 148 to network node 564. Packet forwarding policy 681 includes criteria 683 and destination 685. Criteria 683 contain matching information for network node 562 to compare against data packet 148.
Destination 685 indicates information to transmit data packet 148. In one embodiment, destination 685 indicates network interface 674 is to be used to transmit data packet 148. Network node 562 informs network module 670 to transmit data packet 148 using interface 674. In one embodiment, network interface 674 directly connects to network node 564 and network node 564 receives data packet 148. In one embodiment, network interface 674 connects to network node 564 via data network 500 and network node 564 receives data packet 148 via data network 500.
[0073] Network node 562 matches criteria 683 against data packet 148. In one embodiment, network node 562 retrieves virtual service network address 541 from data packet 148. In one embodiment, criteria 683 include virtual service network address 686. Network node 562 matches virtual service network address 541 with virtual service network address 686. In one embodiment, virtual service network address 686 includes virtual service network address 541 and network node 562 finds a match between virtual service network address 541 and virtual service network address 686.
[0074] In one embodiment, virtual service network address 686 includes a transport layer address such as TCP port number, UDP port number or other transport layer information. Network node 562 retrieves transport layer address from data packet 148 and compares the transport layer address with virtual service network address 686. In one embodiment, network node 562 finds a match of the transport layer addresses, network node 562 determines that packet forwarding policy 681 is to be applied to data packet 148. In one embodiment, virtual service network address 686 includes a range of network addresses. In finding that virtual service network address 541 is included in the range of network addresses, network node 562 determines there is a match. In one embodiment, virtual service network address 686 includes a range transport layer addresses. In finding that the transport layer address of data packet 148 is included in the range of transport layer addresses, network node 562 determines there is a match.
[0075] In one embodiment, criteria 683 include client network address 687. Network node 562 obtains client device network address 101 from data packet 148 and compares client network address 687 with client device network address 101. If there is a match, network node 562 determines packet forwarding policy 681 is applicable. In one embodiment, client network address 687 includes a range of network addresses. In finding that client device network address 101 is included in the range of network addresses, network node 562 determines there is a match.
[0076] In one embodiment, destination 685 indicates a modification process prior to transmission. Network node 562 applies the modification in destination 685 prior to informing network interface 674. In one embodiment, destination 645 indicates an IP tunneling modification, a VLAN modification, a MPLS modification, a L2TP tunnel, a IP- in-IP tunnel, a IPv6-v4 tunnel modification, a IPSec modification, a packet header modification, a packet payload modification, a layer 2 over layer 2 tunnel modification, a layer 3 over layer 2 tunnel modification, a layer 3 over layer 3 tunnel modification, or other modification related to network interface 674.
[0077] Figure 6 illustrates a process to configure a network node with a packet forwarding policy according to an embodiment of the present invention. Network confisuration module
821 includes packet forwarding policy 641 which contains a policy to forward a data packet to service load balancer 534 or network node 564. Network configuration module 821 sends packet forwarding policy 641 to network node 562. In one embodiment, network configuration module 821 is a network management system. In one embodiment, network configuration module 821 is a software module within a service load balancer, such as service load balancer 534. In one embodiment, network configuration module 821 is an administrative computing device, wherein a network administrative user provides packet forwarding policy 641 to network configuration module 821. In one embodiment network configuration module 821 connects to storage 823 wherein storage 823 includes packet forwarding policy 641. Network configuration module 821 retrieves packet forwarding policy 641 and sends to network node 562. In one embodiment, storage 823 includes other packet forwarding policies.
[0078] In one embodiment, network configuration module 821 receives packet forwarding policy 641 from administrator 120, and stores packet forwarding policy 641 into storage 823.
[0079] In one embodiment, network configuration module 821 connects to service load balancer 534 and detects a change to service load balancer 534, and in response, network configuration module 821 generates packet forwarding policy 641. In one embodiment, a change can be due to a change to virtual service 540 of service load balancer 534, or availability of service load balancer 534. In one embodiment, service load balancer 534 sends packet forwarding policy 641 to network configuration module 821.
[0080] In one embodiment, network configuration module 821 connects to network node 564 and detects a change to network node 564, and in response, network configuration module 821 generates packet forwarding policy 641.
[0081] In one embodiment, network configuration module 821 connects to virtual service network 510 and data network 500. Network configuration module 821 detects a change to virtual service network 510 or data network 500. In response, network configuration module 821 generates packet forwarding policy 641.
[0082] In one embodiment, network configuration module 821 detects a change in network node 562 and generates packet forwarding policy 641 .
[0083] In one embodiment, network configuration module 821 instructs network node 562 to remove packet forwarding policy 641. In one embodiment, network configuration module 821 detects a change in network node 564, service load balancer 534, data network 500, virtual service network 510, or network node 562 and determines packet forwarding policy 641 is to be removed. In one embodiment, network configuration module 821 removes packet programming policy 641 from storage 823.
[0084] In one embodiment, network configuration module 821 receives a command from administrator 120 to remove packet programming policy 641. In one embodiment, network configuration module 821 receives a command from service load balancer 534 to remove packet programming policy 641.
[0085] Figure 7 illustrates several embodiments of different packet forwarding policies according to an embodiment of the present invention. In figure 7, network node 562 includes packet forwarding policy 641 and packet forwarding policy 642. Packet forwarding policy 641 and packet forwarding 642 include the same criteria 643. Packet forwarding policy 641 includes destination 645 that is different from destination 646 in packet forwarding policy 642. In one embodiment, destination 645 is for server load balancer 532 or a network node (not shown), whereas destination 646 is for service load balancer 534, which is different from service load balancer 532.
[0086] In one embodiment, network node 562 receives data packet 148 from client device 100 and matches information in data packet 148 with criteria 643. Network node 562 finds both packet forwarding policy 641 and packet forwarding policy 642 applicable. Network node 562 selects packet forwarding policy 641 based on additional information. In one embodiment, packet forwarding policy 641 includes multi-path factor 648 while packet forwarding policy 642 includes multi-path factor 649. Network node 562 selects packet forwarding policy 641 based on multi-path factor 648 and multi-path factor 649. In one embodiment, multi-path factor 648 indicates a primary path while multi-factor 648 indicates a sernnHnr nnth Network node 562 selects packet forwarding policy Λ 1 T
embodiment, multi-path factor 648 includes a status indicating if service load balancer 532 is available. If multi-path factor 648 status indicates service load balancer 532 is available and multi-path factor 649 status indicates service load balancer 534 is not available, network node 562 selects packet forwarding policy 641.
[0087] In one embodiment, packet forwarding policy 641 includes traffic policy 649 such as traffic shaping, traffic management, quality of service, bandwidth management, packet access control or queuing parameters. Network node 562 applies traffic policy 649 or instructs network module 670 to apply traffic policy 649.
[0088] In an embodiment illustrated in figure 8, server pool 200 serves service 240 and service 250. In this embodiment, service load balancer pool 530 provides virtual services 540 and 550 corresponding to service 240 and service 250 respectively. Network node 562 will include at least one packet forwarding policy for virtual service 540 and one packet forwarding policy for virtual service 550. When the network node 562 receives a data packet, the network node 562 determines whether the data packet is for virtual service 540 or virtual service 550. If the data packet is for virtual service 540, then the network node 562 processes the data packet according to the packet forwarding policies for virtual service 540. If the data packet is for virtual service 550, then the network node 562 processes the data packet according to the packet forwarding policies for virtual service 550.
[0089] Although the present invention has been described in accordance with the embodiments shown, one of ordinary skill in the art will readily recognize that there could be variations to the embodiments and those variations would be within the spirit and scope of the present invention. Accordingly, many modifications may be made by one of ordinary skill in the art without departing from the spirit and scope of the appended claims.
Claims
1. A method for providing forwarding policies in a virtual service network, the virtual service network comprising a network node and a pool of service load balancers serving a virtual service associated with a virtual service network address, comprising: receiving a virtual service session request from a client device by the network node, the virtual service session request comprising the virtual service network address for the virtual service served by the pool of service load balancers, wherein the network node comprises a plurality of packet forwarding policies, each packet forwarding policy comprising a virtual service network address associated with a destination;
comparing by the network node the virtual service network address in the virtual service session request with the virtual service network address in each packet forwarding policy;
in response to finding a match between the virtual service network address in the virtual service session request and a given virtual service network address in a given packet forwarding policy, determining the given destination in the given packet forwarding policy by the network node; and
sending the virtual service session request to a service load balancer in the pool of service load balancers associated with the given destination, wherein the service load balancer establishes a virtual service session with the client device.
2. The method of claim 1, wherein after the service load balancer establishes the virtual service session with the client device, the method further comprises:
receiving a virtual service request from the client device through the virtual service session by the network node, the virtual service request comprising the virtual service network address for the virtual service;
comparing by the network node the second virtual service network address in the virtual service request with the virtual service network address in each packet forwarding policy;
in response to finding a match between the virtual service network address in the virtual service request and a second given virtual service network address in a second given packet forwarding policy, determining a second given destination in the second given packet forwarding policy by the network node; and
sending the virtual service request to a second service load balancer
associated with the second given destination by the network node.
3. The method of claim 2, further comprising:
receiving a virtual service data packet from the client device through the virtual service session by the network node, the virtual service data packet comprising the virtual service network address for the virtual service;
comparing by the network node the virtual service network address in the virtual service data packet with the virtual service network address in each packet forwarding policy;
in response to finding a match between the virtual service network address in the virtual service data packet and a third given virtual service network address in a third given packet forwarding policy, determining a third given destination in the third given packet forwarding policy by the network node; and
sending the virtual service data packet to a third service load balancer
associated with the third given destination by the network node.
4. The method of claim 3, wherein the service load balancer, the second service load balancer, and the third service load balancer are the same service load balancer.
5. The method of claim 1, wherein the method further comprises:
receiving a data packet of the virtual service session by the network node from the service load balancer over a data network, the data packet comprising a client network address of the client device;
retrieving the client network address from the data packet by the network node; and sending the data packet to the client device using the client network address by the network node.
6. The method of claim 5, wherein the data packet comprises a virtual service session request response or a virtual service request response.
7. The method of claim 1, wherein the given destination comprises a second network node, wherein the sending comprises:
sending the virtual service session request to the second network node, wherein the second network node comprises a second plurality of packet forwarding policies, each of the second packet forwarding policies comprising a second virtual service network address associated with a second destination;
comparing by the second network node the virtual service network address in the virtual service session request with the virtual service network address in each of the second packet forwarding policies;
in response to finding a match between the virtual service network address in the virtual service session request and a second given virtual service network address in a second given packet forwarding policy, determining a second given destination in the second given packet forwarding policy by the second network node; and
sending the virtual service session request to the service load balancer associated with the second given destination, wherein the service load balancer establishes a virtual service session with the client device.
8. The method of claim 1, wherein the determining comprise: finding by the network node that the virtual service network address in the virtual service session request matches a first virtual service network address in a first packet forwarding policy and a second virtual network address in a second packet forwarding policy;
selecting by the network node either the first packet forwarding policy or the second packet forwarding policy based on additional information comprised in the first and second packet forwarding policies; and
determining the given destination in the selected packet forwarding policy by the network node.
9. The method of claim 8, wherein the additional information comprises one or more of the following: a multi-path factor; and a traffic policy.
10. The method of claim 8, wherein the first packet forwarding policy comprises a first destination associated with a first service load balancer in the pool of service load balancers, wherein the second packet forwarding policy comprises a second destination associated with a second service load balancer in the pool of service load balancers, wherein the first service load balancer is different from the second service load balancer, wherein the determining comprises:
in response to selecting the first packet forwarding policy, determining the first destination associated with the first service load balancer in the first packet forwarding policy by the network node; and
in response to selecting the second packet forwarding policy, determining the second destination in the second packet forwarding policy in the second packet forwarding policy by the network node.
11. The method of claim 1, wherein the network node comprises a first plurality of packet forwarding policies for a first virtual service and a second plurality of packet forwarding policies for a second virtual service, wherein the comparing comprises:
determining by the network node whether the virtual service session request is for the first virtual service or the second virtual service;
in response to determining that the virtual service session request is for the first virtual service, comparing by the network node the virtual service network address in the virtual service session request with a virtual service network address in each of the first plurality of packet forwarding policies; and
in response to determining that the virtual service session request is for the first virtual service, comparing by the network node the virtual service network address in the virtual service session request with a virtual service network address in each of the second plurality of packet forwarding policies.
12. The method of claim 1, wherein the virtual service session request further comprises a client network address of the client device, wherein each packet forwarding policy further comprises a client network address associated with the destination, wherein the comparing and the determining comprise:
comparing by the network node the virtual service network address in the virtual service session request with the virtual service network address in each packet forwarding policy; comparing by the network node the client network address in the virtual service session request with the client network address in each packet forwarding policy; and
in response to finding the match between the virtual service network address in the virtual service session request and the given virtual service network address in the given packet forwarding policy, and in response to finding a match between the client network address in the virtual service session request and the given client network address in the given packet forwarding policy, determining the given destination in the given packet forwarding policy by the network node.
13. A non-transitory computer readable storage medium having computer readable program code embodied therewith for providing forwarding policies in a virtual service network, the virtual service network comprising a network node and a pool of service load balancers serving a virtual service associated with a virtual service network address, the computer readable program code configured to:
receive a virtual service session request from a client device, the virtual service session request comprising the virtual service network address for the virtual service served by the pool of service load balancers, wherein the network node comprises a plurality of packet forwarding policies, each packet forwarding policy comprising a virtual service network address associated with a destination;
compare the virtual service network address in the virtual service session request with the virtual service network address in each packet forwarding policy;
in response to finding a match between the virtual service network address in the virtual service session request and a given virtual service network address in a given packet forwarding policy, determine the given destination in the given packet forwarding policy; and
send the virtual service session request to a service load balancer in the pool of service load balancers associated with the given destination, wherein the service load balancer establishes a virtual service session with the client device.
14. The medium of claim 13, wherein the computer readable program code is further configured to, after the service load balancer establishes the virtual service session with the client device:
receive a virtual service request from the client device through the virtual service session, the virtual service request comprising the virtual service network address for the virtual service;
compare the second virtual service network address in the virtual service request with the virtual service network address in each packet forwarding policy;
in response to finding a match between the virtual service network address in the virtual service request and a second given virtual service network address in a second given packet forwarding policy, determine a second given destination in the second given packet forwarding policy; and
send the virtual service request to a second service load balancer associated with the second given destination.
15. The medium of claim 14, wherein the computer readable program code is further configured to:
receive a virtual service data packet from the client device through the virtual service session, the virtual service data packet comprising the virtual service network address for the virtual service;
compare the virtual service network address in the virtual service data packet with the virtual service network address in each packet forwarding policy;
in response to finding a match between the virtual service network address in the virtual service data packet and a third given virtual service network address in a third given packet forwarding policy, determine a third given destination in the third given packet forwarding policy; and
send the virtual service data packet to a third service load balancer associated with the third given destination.
16. The medium of claim 15, wherein the service load balancer, the second load balancer, and the third service load balancer are the same service load balancer.
17. The medium of claim 13, wherein the computer readable program code is further configured to:
receive a data packet of the virtual service session from the service load
balancer over a data network, the data packet comprising a client network address of the client device;
retrieve the client network address from the data packet; and
send the data packet to the client device using the client network address.
18. The medium of claim 17, wherein the data packet comprises a virtual service session request response or a virtual service request response.
19. The medium of claim 13, wherein the given destination comprises a network node, wherein the computer readable program code configured to send is further configured to:
send the virtual service session request to the network node, wherein the network node comprises a second plurality of packet forwarding policies, each of the second packet forwarding policies comprising a second virtual service network address associated with a second destination;
compare by the network node the virtual service network address in the virtual service session request with the virtual service network address in each of the second packet forwarding policies by the second network node;
in response to finding a match between the virtual service network address in the virtual service session request and a second given virtual service network address in a second given packet forwarding policy, determine a second given destination in the second given packet forwarding policy; and
send the virtual service session request to the service load balancer associated with the second given destination, wherein the service load balancer establishes a virtual service session with the client device.
20. The medium of claim 13, wherein the computer readable program code configured to determine is further configured to:
find that the virtual service network address in the virtual service session request matches a first virtual service network address in a first packet forwarding policy and a second virtual network address in a second packet forwarding policy;
select either the first packet forwarding policy or the second packet
forwarding policy based on additional information comprised in the first and second packet forwarding policies; and
determine the given destination in the selected packet forwarding policy.
21. The medium of claim 20, wherein the additional information comprises one or more of the following: a multi-path factor; and a traffic policy.
22. The medium of claim 20, wherein the first packet forwarding policy comprises a first destination associated with a first service load balancer in the pool of service load balancers, wherein the second packet forwarding policy comprises a second destination associated with a second service load balancer in the pool of service load balancers, wherein the first service load balancer is different from the second service load balancer, wherein the computer readable program code configured to determine is further configured to:
in response to selecting the first packet forwarding policy, determine the first destination associated with the first service load balancer in the first packet forwarding policy; and in response to selecting the second packet forwarding policy, determine the second destination in the second packet forwarding policy in the second packet forwarding policy.
23. The medium of claim 13, comprising a first plurality of packet forwarding policies for a first virtual service and a second plurality of packet forwarding policies for a second virtual service, wherein the computer readable program code configured to compare is further configured to:
determine whether the virtual service session request is for the first virtual service or the second virtual service;
in response to determining that the virtual service session request is for the first virtual service, compare the virtual service network address in the virtual service session request with a virtual service network address in each of the first plurality of packet forwarding policies; and
in response to determining that the virtual service session request is for the first virtual service, compare the virtual service network address in the virtual service session request with a virtual service network address in each of the second plurality of packet forwarding policies.
24. The medium of claim 13, wherein the virtual service session request further comprises a client network address of the client device, wherein each packet forwarding policy further comprises a client network address associated with the destination, wherein the computer readable program code configured to compare and to determine are further configured to:
compare the virtual service network address in the virtual service session request with the virtual service network address in each packet forwarding policy;
compare the client network address in the virtual service session request with the client network address in each packet forwarding policy; and
in response to finding the match between the virtual service network address in the virtual service session request and the given virtual service network address in the given packet forwarding policy, and in response to finding a match between the client network address in the virtual service session request and the given client network address in the
given packet forwarding policy, determine the given destination in the given packet forwarding policy.
25. A virtual service network, comprising:
a pool of service load balancers serving a virtual service associated with a virtual service network address; and
a network node comprising a plurality of packet forwarding policies, each packet forwarding policy comprising a virtual service network address associated with a
destination, wherein the network node: receives a virtual service session request from a client device, the virtual service session request comprising a virtual service network address for the virtual service served by the pool of service load balancers, wherein the network node;
compares the virtual service network address in the virtual service session request with the virtual service network address in each packet forwarding policy;
in response to finding a match between the virtual service network address in the virtual service session request and a given virtual service network address in a given packet forwarding policy, determines the given destination in the given packet forwarding policy; and
sends the virtual service session request to a service load balancer in the pool of service load balancers associated with the given destination, wherein the service load balancer establishes a virtual service session with the client device.
26. The network of claim 25, wherein after the service load balancer establishes the virtual service session with the client device, the network node further:
receives a virtual service request from the client device through the virtual service session, the virtual service request comprising the virtual service network address for the virtual service;
compares the second virtual service network address in the virtual service request with the virtual service network address in each packet forwarding policy;
in response to finding a match between the virtual service network address in the virtual service request and a second given virtual service network address in a second given packet forwarding policy, determines a second given destination in the second given packet forwarding policy; and
sends the virtual service request to a second service load balancer associated with the second given destination.
27. The network of claim 26, wherein the network node further:
receives a virtual service data packet from the client device through the virtual service session, the virtual service data packet comprising the virtual service network address for the virtual service;
compares the virtual service network address in the virtual service data packet with the virtual service network address in each packet forwarding policy;
in response to finding a match between the virtual service network address in the virtual service data packet and a third given virtual service network address in a third given packet forwarding policy, determines a third given destination in the third given packet forwarding policy; and
sends the virtual service data packet to a third service load balancer associated with the third given destination.
28. The network of claim 27, wherein the service load balancer, the second load balancer, and the third service load balancer are the same service load balancer.
29. The network of claim 25, wherein the network node further: receives a data packet of the virtual service session from the service load balancer over a data network, the data packet comprising a client network address of the client device;
retrieves the client network address from the data packet; and
sends the data packet to the client device using the client network address.
30. The network of claim 29, wherein the data packet comprises a virtual service session request response or a virtual service request response.
31. The network of claim 25, further comprising a second network node, wherein the given destination is associated with the second network node, wherein in the comparing, the network node further:
sends the virtual service session request to the second network node, wherein the second network node comprises a second plurality of packet forwarding policies, each of the second packet forwarding policies comprising a second virtual service network address associated with a second destination;
wherein the second network node:
compares the virtual service network address in the virtual service session request with the virtual service network address in each of the second packet forwarding policies; in response to finding a match between the virtual service network address in the virtual service session request and a second given virtual service network address in a second given packet forwarding policy, determines a second given destination in the second given packet forwarding policy; and
sends the virtual service session request to the service load balancer associated with the second given destination, wherein the service load balancer establishes a virtual service session with the client device.
32. The network of claim 25, wherein in the determining, the network node further:
finds that the virtual service network address in the virtual service session request matches a first virtual service network address in a first packet forwarding policy and a second virtual network address in a second packet forwarding policy;
selects either the first packet forwarding policy or the second packet forwarding policy based on additional information comprised in the first and second packet forwarding policies; and
determines the given destination in the selected packet forwarding policy.
33. The network of claim 32, wherein the additional information comprises one or more of a multi-path factor and a traffic policy.
34. The network of claim 32, wherein the first packet forwarding policy comprises a first destination associated with a first service load balancer in the pool of service load balancers, wherein the second packet forwarding policy comprises a second destination associated with a second service load balancer in the pool of service load balancers, wherein the first service load balancer is different from the second service load balancer, wherein in the determining, the network node:
in response to selecting the first packet forwarding policy, determines the first destination associated with the first service load balancer in the first packet forwarding policy; and
in response to selecting the second packet forwarding policy, determines the second destination in the second packet forwarding policy in the second packet forwarding policy.
35. The network of claim 25, wherein the network node comprises a first plurality of packet forwarding policies for a first virtual service and a second plurality of packet forwarding policies for a second virtual service, wherein in the comparing, the network node:
determines whether the virtual service session request is for the first virtual service or the second virtual service;
in response to determining that the virtual service session request is for the first virtual service, compares the virtual service network address in the virtual service session request with a virtual service network address in each of the first plurality of packet forwarding policies; and
in response to determining that the virtual service session request is for the first virtual service, compares the virtual service network address in the virtual service session request with a virtual service network address in each of the second plurality of packet forwarding policies.
36. The network of claim 25, wherein the virtual service session request further comprises a client network address of the client device, wherein each packet forwarding policy further comprises a client network address associated with the destination, wherein in comparing and determining, the network node:
compares the virtual service network address in the virtual service session request with the virtual service network address in each packet forwarding policy;
compares the client network address in the virtual service session request with the client network address in each packet forwarding policy; and
in response to finding the match between the virtual service network address in the virtual service session request and the given virtual service network address in the given packet forwarding policy, and in response to finding a match between the client network address in the virtual service session request and the given client network address in the
given packet forwarding policy, determines the given destination in the given packet forwarding policy.
37. A method for providing forwarding policies in a virtual service network, the virtual service network comprising a network node and a pool of service load balancers serving a virtual service associated with a virtual service network address, comprising: receiving a virtual service session request from a client device by the network node, the virtual service session request comprising a client device network address for the client device and the virtual service network address for the virtual service served by the pool of service load balancers, wherein the network node comprises a plurality of packet forwarding policies, each packet forwarding policy comprising a client network address and a virtual service network address associated with a destination;
comparing by the network node the virtual service network address in the virtual service session request with a first virtual service network address in a first packet forwarding policy of the plurality of packet forwarding policies, and comparing the client device network address in the virtual service session request with a first client network address in the first packet forwarding policy;
in response to determining that the virtual service network address in the virtual service session request matches the first virtual service network address, and determining that the client device network address in the virtual service session request does not match the first client network address, determining by the network node that the first packet forwarding policy does not apply to the virtual service session request;
in response to determining that the first packet forwarding policy does not apply, comparing by the network node the virtual service network address in the virtual service session request with a second virtual service network address in a second packet forwarding policy of the plurality of packet forwarding policies, and comparing the client device network address in the virtual service session request with a second client network address in the second packet forwarding policy;
in response to determining that the virtual service network address in the virtual service session request matches the second virtual service network address, and determining that the client device network address in the virtual service session request matches the second client network address, determining by the network node that the second packet forwarding policy applies to the virtual service session request;
in response to determining that the second packet forwarding policy applies, determining a given destination in the second packet forwarding policy by the network node; and
sending the virtual service session request to a service load balancer in the pool of service load balancers associated with the given destination, wherein the service load balancer establishes a virtual service session with the client device.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/706,363 | 2012-12-06 | ||
US13/706,363 US9338225B2 (en) | 2012-12-06 | 2012-12-06 | Forwarding policies on a virtual service network |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2014088741A1 true WO2014088741A1 (en) | 2014-06-12 |
Family
ID=50882260
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2013/068345 WO2014088741A1 (en) | 2012-12-06 | 2013-11-04 | Forwarding policies on a virtual service network |
Country Status (2)
Country | Link |
---|---|
US (3) | US9338225B2 (en) |
WO (1) | WO2014088741A1 (en) |
Cited By (32)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8897154B2 (en) | 2011-10-24 | 2014-11-25 | A10 Networks, Inc. | Combining stateless and stateful server load balancing |
US8977749B1 (en) | 2012-07-05 | 2015-03-10 | A10 Networks, Inc. | Allocating buffer for TCP proxy session based on dynamic network conditions |
US9094364B2 (en) | 2011-12-23 | 2015-07-28 | A10 Networks, Inc. | Methods to manage services over a service gateway |
US9215275B2 (en) | 2010-09-30 | 2015-12-15 | A10 Networks, Inc. | System and method to balance servers based on server load status |
US9219751B1 (en) | 2006-10-17 | 2015-12-22 | A10 Networks, Inc. | System and method to apply forwarding policy to an application session |
US9253152B1 (en) | 2006-10-17 | 2016-02-02 | A10 Networks, Inc. | Applying a packet routing policy to an application session |
US9338225B2 (en) | 2012-12-06 | 2016-05-10 | A10 Networks, Inc. | Forwarding policies on a virtual service network |
US9386088B2 (en) | 2011-11-29 | 2016-07-05 | A10 Networks, Inc. | Accelerating service processing using fast path TCP |
US9531846B2 (en) | 2013-01-23 | 2016-12-27 | A10 Networks, Inc. | Reducing buffer usage for TCP proxy session based on delayed acknowledgement |
US9609052B2 (en) | 2010-12-02 | 2017-03-28 | A10 Networks, Inc. | Distributing application traffic to servers based on dynamic service response time |
US9705800B2 (en) | 2012-09-25 | 2017-07-11 | A10 Networks, Inc. | Load distribution in data networks |
US9742879B2 (en) | 2012-03-29 | 2017-08-22 | A10 Networks, Inc. | Hardware-based packet editor |
US9843484B2 (en) | 2012-09-25 | 2017-12-12 | A10 Networks, Inc. | Graceful scaling in software driven networks |
US9900252B2 (en) | 2013-03-08 | 2018-02-20 | A10 Networks, Inc. | Application delivery controller and global server load balancer |
US9906422B2 (en) | 2014-05-16 | 2018-02-27 | A10 Networks, Inc. | Distributed system to determine a server's health |
US9942162B2 (en) | 2014-03-31 | 2018-04-10 | A10 Networks, Inc. | Active application response delay time |
US9942152B2 (en) | 2014-03-25 | 2018-04-10 | A10 Networks, Inc. | Forwarding data packets using a service-based forwarding policy |
US9960967B2 (en) | 2009-10-21 | 2018-05-01 | A10 Networks, Inc. | Determining an application delivery server based on geo-location information |
US9986061B2 (en) | 2014-06-03 | 2018-05-29 | A10 Networks, Inc. | Programming a data network device using user defined scripts |
US9992229B2 (en) | 2014-06-03 | 2018-06-05 | A10 Networks, Inc. | Programming a data network device using user defined scripts with licenses |
US9992107B2 (en) | 2013-03-15 | 2018-06-05 | A10 Networks, Inc. | Processing data packets using a policy based network path |
US10002141B2 (en) | 2012-09-25 | 2018-06-19 | A10 Networks, Inc. | Distributed database in software driven networks |
US10021174B2 (en) | 2012-09-25 | 2018-07-10 | A10 Networks, Inc. | Distributing service sessions |
US10027761B2 (en) | 2013-05-03 | 2018-07-17 | A10 Networks, Inc. | Facilitating a secure 3 party network session by a network device |
US10038693B2 (en) | 2013-05-03 | 2018-07-31 | A10 Networks, Inc. | Facilitating secure network traffic by an application delivery controller |
US10044582B2 (en) | 2012-01-28 | 2018-08-07 | A10 Networks, Inc. | Generating secure name records |
US10129122B2 (en) | 2014-06-03 | 2018-11-13 | A10 Networks, Inc. | User defined objects for network devices |
US10230770B2 (en) | 2013-12-02 | 2019-03-12 | A10 Networks, Inc. | Network proxy layer for policy-based application proxies |
USRE47296E1 (en) | 2006-02-21 | 2019-03-12 | A10 Networks, Inc. | System and method for an adaptive TCP SYN cookie with time validation |
US10243791B2 (en) | 2015-08-13 | 2019-03-26 | A10 Networks, Inc. | Automated adjustment of subscriber policies |
US10268467B2 (en) | 2014-11-11 | 2019-04-23 | A10 Networks, Inc. | Policy-driven management of application traffic for providing services to cloud-based applications |
US10581976B2 (en) | 2015-08-12 | 2020-03-03 | A10 Networks, Inc. | Transmission control of protocol state exchange for dynamic stateful service insertion |
Families Citing this family (74)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8656471B1 (en) * | 2012-03-12 | 2014-02-18 | Amazon Technologies, Inc. | Virtual requests |
US9450758B1 (en) | 2012-03-12 | 2016-09-20 | Amazon Technologies, Inc. | Virtual requests |
US9660905B2 (en) * | 2013-04-12 | 2017-05-23 | Futurewei Technologies, Inc. | Service chain policy for distributed gateways in virtual overlay networks |
US9225638B2 (en) | 2013-05-09 | 2015-12-29 | Vmware, Inc. | Method and system for service switching using service tags |
US9432305B1 (en) * | 2013-06-26 | 2016-08-30 | Amazon Technologies, Inc. | Connection redistribution in load-balanced systems |
US10454714B2 (en) | 2013-07-10 | 2019-10-22 | Nicira, Inc. | Method and system of overlay flow control |
EP3758307A1 (en) | 2013-07-10 | 2020-12-30 | Huawei Technologies Co., Ltd. | Method for implementing gre tunnel, access point and gateway |
US10749711B2 (en) | 2013-07-10 | 2020-08-18 | Nicira, Inc. | Network-link method useful for a last-mile connectivity in an edge-gateway multipath system |
ES2757505T3 (en) | 2013-07-12 | 2020-04-29 | Huawei Tech Co Ltd | Method to implement GRE tunnel, access device and aggregation gate |
US9424429B1 (en) * | 2013-11-18 | 2016-08-23 | Amazon Technologies, Inc. | Account management services for load balancers |
US9967175B2 (en) * | 2014-02-14 | 2018-05-08 | Futurewei Technologies, Inc. | Restoring service functions after changing a service chain instance path |
US11496606B2 (en) * | 2014-09-30 | 2022-11-08 | Nicira, Inc. | Sticky service sessions in a datacenter |
US9531590B2 (en) | 2014-09-30 | 2016-12-27 | Nicira, Inc. | Load balancing across a group of load balancers |
US10257095B2 (en) | 2014-09-30 | 2019-04-09 | Nicira, Inc. | Dynamically adjusting load balancing |
US10609091B2 (en) | 2015-04-03 | 2020-03-31 | Nicira, Inc. | Method, apparatus, and system for implementing a content switch |
US10498652B2 (en) | 2015-04-13 | 2019-12-03 | Nicira, Inc. | Method and system of application-aware routing with crowdsourcing |
US10425382B2 (en) | 2015-04-13 | 2019-09-24 | Nicira, Inc. | Method and system of a cloud-based multipath routing protocol |
US10135789B2 (en) | 2015-04-13 | 2018-11-20 | Nicira, Inc. | Method and system of establishing a virtual private network in a cloud service for branch networking |
CN105610632B (en) * | 2016-02-14 | 2019-12-24 | 华为技术有限公司 | Virtual network equipment and related method |
US10313271B2 (en) | 2016-03-16 | 2019-06-04 | At&T Intellectual Property I, L.P. | Providing and using a distributed forwarding service |
US10237176B2 (en) * | 2016-06-30 | 2019-03-19 | Juniper Networks, Inc. | Auto discovery and auto scaling of services in software-defined network environment |
US10447591B2 (en) * | 2016-08-30 | 2019-10-15 | Oracle International Corporation | Executing multiple virtual private network (VPN) endpoints associated with an endpoint pool address |
US11121962B2 (en) | 2017-01-31 | 2021-09-14 | Vmware, Inc. | High performance software-defined core network |
US11252079B2 (en) | 2017-01-31 | 2022-02-15 | Vmware, Inc. | High performance software-defined core network |
US10992568B2 (en) | 2017-01-31 | 2021-04-27 | Vmware, Inc. | High performance software-defined core network |
US20180219765A1 (en) | 2017-01-31 | 2018-08-02 | Waltz Networks | Method and Apparatus for Network Traffic Control Optimization |
US20200036624A1 (en) | 2017-01-31 | 2020-01-30 | The Mode Group | High performance software-defined core network |
US11706127B2 (en) | 2017-01-31 | 2023-07-18 | Vmware, Inc. | High performance software-defined core network |
US10778528B2 (en) | 2017-02-11 | 2020-09-15 | Nicira, Inc. | Method and system of connecting to a multipath hub in a cluster |
US10523539B2 (en) | 2017-06-22 | 2019-12-31 | Nicira, Inc. | Method and system of resiliency in cloud-delivered SD-WAN |
US10999100B2 (en) * | 2017-10-02 | 2021-05-04 | Vmware, Inc. | Identifying multiple nodes in a virtual network defined over a set of public clouds to connect to an external SAAS provider |
US11089111B2 (en) | 2017-10-02 | 2021-08-10 | Vmware, Inc. | Layer four optimization for a virtual network defined over public cloud |
US11115480B2 (en) | 2017-10-02 | 2021-09-07 | Vmware, Inc. | Layer four optimization for a virtual network defined over public cloud |
US11005684B2 (en) | 2017-10-02 | 2021-05-11 | Vmware, Inc. | Creating virtual networks spanning multiple public clouds |
US11403149B2 (en) * | 2017-10-17 | 2022-08-02 | Telefonaktiebolaget Lm Ericsson (Publ) | Management of a virtual network function |
US10797966B2 (en) | 2017-10-29 | 2020-10-06 | Nicira, Inc. | Service operation chaining |
US11223514B2 (en) | 2017-11-09 | 2022-01-11 | Nicira, Inc. | Method and system of a dynamic high-availability mode based on current wide area network connectivity |
US11012420B2 (en) | 2017-11-15 | 2021-05-18 | Nicira, Inc. | Third-party service chaining using packet encapsulation in a flow-based forwarding element |
US10797910B2 (en) | 2018-01-26 | 2020-10-06 | Nicira, Inc. | Specifying and utilizing paths through a network |
US10805192B2 (en) | 2018-03-27 | 2020-10-13 | Nicira, Inc. | Detecting failure of layer 2 service using broadcast messages |
CN110611622B (en) * | 2018-06-15 | 2023-05-09 | 伊姆西Ip控股有限责任公司 | Method for load balancing, network interface card and computer readable medium |
US11595250B2 (en) | 2018-09-02 | 2023-02-28 | Vmware, Inc. | Service insertion at logical network gateway |
US11249784B2 (en) | 2019-02-22 | 2022-02-15 | Vmware, Inc. | Specifying service chains |
US11394693B2 (en) * | 2019-03-04 | 2022-07-19 | Cyxtera Cybersecurity, Inc. | Establishing network tunnel in response to access request |
US11212238B2 (en) | 2019-08-27 | 2021-12-28 | Vmware, Inc. | Providing recommendations for implementing virtual networks |
US11044190B2 (en) | 2019-10-28 | 2021-06-22 | Vmware, Inc. | Managing forwarding elements at edge nodes connected to a virtual network |
US11283717B2 (en) | 2019-10-30 | 2022-03-22 | Vmware, Inc. | Distributed fault tolerant service chain |
US11140218B2 (en) | 2019-10-30 | 2021-10-05 | Vmware, Inc. | Distributed service chain across multiple clouds |
US11394640B2 (en) | 2019-12-12 | 2022-07-19 | Vmware, Inc. | Collecting and analyzing data regarding flows associated with DPI parameters |
US11489783B2 (en) | 2019-12-12 | 2022-11-01 | Vmware, Inc. | Performing deep packet inspection in a software defined wide area network |
US11223494B2 (en) | 2020-01-13 | 2022-01-11 | Vmware, Inc. | Service insertion for multicast traffic at boundary |
US11153406B2 (en) | 2020-01-20 | 2021-10-19 | Vmware, Inc. | Method of network performance visualization of service function chains |
US11659061B2 (en) | 2020-01-20 | 2023-05-23 | Vmware, Inc. | Method of adjusting service function chains to improve network performance |
US11438789B2 (en) | 2020-01-24 | 2022-09-06 | Vmware, Inc. | Computing and using different path quality metrics for different service classes |
US11277331B2 (en) | 2020-04-06 | 2022-03-15 | Vmware, Inc. | Updating connection-tracking records at a network edge using flow programming |
US11245641B2 (en) | 2020-07-02 | 2022-02-08 | Vmware, Inc. | Methods and apparatus for application aware hub clustering techniques for a hyper scale SD-WAN |
US11363124B2 (en) | 2020-07-30 | 2022-06-14 | Vmware, Inc. | Zero copy socket splicing |
US11444865B2 (en) | 2020-11-17 | 2022-09-13 | Vmware, Inc. | Autonomous distributed forwarding plane traceability based anomaly detection in application traffic for hyper-scale SD-WAN |
US11575600B2 (en) | 2020-11-24 | 2023-02-07 | Vmware, Inc. | Tunnel-less SD-WAN |
US11611625B2 (en) | 2020-12-15 | 2023-03-21 | Vmware, Inc. | Providing stateful services in a scalable manner for machines executing on host computers |
US11734043B2 (en) | 2020-12-15 | 2023-08-22 | Vmware, Inc. | Providing stateful services in a scalable manner for machines executing on host computers |
US11929903B2 (en) | 2020-12-29 | 2024-03-12 | VMware LLC | Emulating packet flows to assess network links for SD-WAN |
CN116783874A (en) | 2021-01-18 | 2023-09-19 | Vm维尔股份有限公司 | Network aware load balancing |
US11792108B2 (en) | 2021-04-30 | 2023-10-17 | Bank Of America Corporation | Dynamic auto-routing and load balancing for communication systems |
US11469988B1 (en) | 2021-04-30 | 2022-10-11 | Bank Of America Corporation | Communication analysis for dynamic auto-routing and load balancing |
US11784930B2 (en) | 2021-04-30 | 2023-10-10 | Bank Of America Corporation | Communication system with auto-routing and load balancing |
US11637768B2 (en) | 2021-05-03 | 2023-04-25 | Vmware, Inc. | On demand routing mesh for routing packets through SD-WAN edge forwarding nodes in an SD-WAN |
US11729065B2 (en) | 2021-05-06 | 2023-08-15 | Vmware, Inc. | Methods for application defined virtual network service among multiple transport in SD-WAN |
US11558452B2 (en) * | 2021-05-20 | 2023-01-17 | Sap Se | Transparent multiple availability zones in a cloud platform |
US11489720B1 (en) | 2021-06-18 | 2022-11-01 | Vmware, Inc. | Method and apparatus to evaluate resource elements and public clouds for deploying tenant deployable elements based on harvested performance metrics |
US11375005B1 (en) | 2021-07-24 | 2022-06-28 | Vmware, Inc. | High availability solutions for a secure access service edge application |
US11943146B2 (en) | 2021-10-01 | 2024-03-26 | VMware LLC | Traffic prioritization in SD-WAN |
US11811675B2 (en) | 2022-01-24 | 2023-11-07 | Bank Of America Corporation | System for triggering adaptive resource channel requisition within a distributed network |
US11909815B2 (en) | 2022-06-06 | 2024-02-20 | VMware LLC | Routing based on geolocation costs |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7792113B1 (en) * | 2002-10-21 | 2010-09-07 | Cisco Technology, Inc. | Method and system for policy-based forwarding |
US20110110294A1 (en) * | 2009-11-06 | 2011-05-12 | Vamsidhar Valluri | VIRTUAL CARE-OF ADDRESS FOR MOBILE IP (Internet Protocol) |
US7991859B1 (en) * | 2009-12-28 | 2011-08-02 | Amazon Technologies, Inc. | Using virtual networking devices to connect managed computer networks |
US8224971B1 (en) * | 2009-12-28 | 2012-07-17 | Amazon Technologies, Inc. | Using virtual networking devices and routing information to initiate external actions |
Family Cites Families (498)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4495570A (en) | 1981-01-14 | 1985-01-22 | Hitachi, Ltd. | Processing request allocator for assignment of loads in a distributed processing system |
US4403286A (en) | 1981-03-06 | 1983-09-06 | International Business Machines Corporation | Balancing data-processing work loads |
US4577272A (en) | 1983-06-27 | 1986-03-18 | E-Systems, Inc. | Fault tolerant and load sharing processing system |
US4720850A (en) | 1986-03-14 | 1988-01-19 | American Telephone And Telegraph Company At&T Bell Laboratories | Communication system control arrangement |
US4864492A (en) | 1986-09-17 | 1989-09-05 | International Business Machines Corporation | System and method for network configuration |
US4882699A (en) | 1988-09-19 | 1989-11-21 | International Business Machines Corp. | Communications network routing and management system |
US5031089A (en) | 1988-12-30 | 1991-07-09 | United States Of America As Represented By The Administrator, National Aeronautics And Space Administration | Dynamic resource allocation scheme for distributed heterogeneous computer systems |
US5341477A (en) | 1989-02-24 | 1994-08-23 | Digital Equipment Corporation | Broker for computer network server selection |
US5218676A (en) | 1990-01-08 | 1993-06-08 | The University Of Rochester | Dynamic routing system for a multinode communications network |
US5218602A (en) | 1991-04-04 | 1993-06-08 | Dsc Communications Corporation | Interprocessor switching network |
EP0522224B1 (en) | 1991-07-10 | 1998-10-21 | International Business Machines Corporation | High speed buffer management |
EP0530394B1 (en) | 1991-09-03 | 1996-11-13 | Hewlett-Packard Company | Message-routing apparatus |
JPH06250869A (en) | 1993-03-01 | 1994-09-09 | Hitachi Ltd | Distributed control system |
US5931914A (en) | 1993-04-09 | 1999-08-03 | Industrial Technology Research Institute | Apparatus for communication protocol processing utilizing a state machine look up table |
GB2281793A (en) | 1993-09-11 | 1995-03-15 | Ibm | A data processing system for providing user load levelling in a network |
US5522042A (en) | 1994-01-28 | 1996-05-28 | Cabletron Systems, Inc. | Distributed chassis agent for distributed network management |
US5537542A (en) | 1994-04-04 | 1996-07-16 | International Business Machines Corporation | Apparatus and method for managing a server workload according to client performance goals in a client/server data processing system |
US5944794A (en) | 1994-09-30 | 1999-08-31 | Kabushiki Kaisha Toshiba | User identification data management scheme for networking computer systems using wide area network |
US5563878A (en) | 1995-01-05 | 1996-10-08 | International Business Machines Corporation | Transaction message routing in digital communication networks |
US5675739A (en) | 1995-02-03 | 1997-10-07 | International Business Machines Corporation | Apparatus and method for managing a distributed data processing system workload according to a plurality of distinct processing goal types |
US5867636A (en) | 1995-06-06 | 1999-02-02 | Apple Computer, Inc. | Client server symmetric presentation-layer connection protocol for network printing systems |
US5774668A (en) | 1995-06-07 | 1998-06-30 | Microsoft Corporation | System for on-line service in which gateway computer uses service map which includes loading condition of servers broadcasted by application servers for load balancing |
US5603029A (en) | 1995-06-07 | 1997-02-11 | International Business Machines Corporation | System of assigning work requests based on classifying into an eligible class where the criteria is goal oriented and capacity information is available |
US5751971A (en) | 1995-07-12 | 1998-05-12 | Cabletron Systems, Inc. | Internet protocol (IP) work group routing |
JP2962203B2 (en) | 1995-09-28 | 1999-10-12 | 日本電気株式会社 | Load balancing method for online information processing system |
GB2305747A (en) | 1995-09-30 | 1997-04-16 | Ibm | Load balancing of connections to parallel servers |
US6104717A (en) | 1995-11-03 | 2000-08-15 | Cisco Technology, Inc. | System and method for providing backup machines for implementing multiple IP addresses on multiple ports |
US5867661A (en) | 1996-02-15 | 1999-02-02 | International Business Machines Corporation | Method and apparatus of using virtual sockets for reducing data transmitted over a wireless communication link between a client web browser and a host web server using a standard TCP protocol |
US5754752A (en) | 1996-03-28 | 1998-05-19 | Tandem Computers Incorporated | End-to-end session recovery |
US5828847A (en) | 1996-04-19 | 1998-10-27 | Storage Technology Corporation | Dynamic server switching for maximum server availability and load balancing |
US5935207A (en) | 1996-06-03 | 1999-08-10 | Webtv Networks, Inc. | Method and apparatus for providing remote site administrators with user hits on mirrored web sites |
US6031978A (en) | 1996-06-28 | 2000-02-29 | International Business Machines Corporation | System, method and program for enabling a client to reconnect to a same server in a network of computer systems after the server has moved to a different network address |
US5835724A (en) | 1996-07-03 | 1998-11-10 | Electronic Data Systems Corporation | System and method for communication information using the internet that receives and maintains information concerning the client and generates and conveys the session data to the client |
US5774660A (en) | 1996-08-05 | 1998-06-30 | Resonate, Inc. | World-wide-web server with delayed resource-binding for resource-based load balancing on a distributed resource multi-node network |
US5918017A (en) | 1996-08-23 | 1999-06-29 | Internatioinal Business Machines Corp. | System and method for providing dynamically alterable computer clusters for message routing |
US6381632B1 (en) | 1996-09-10 | 2002-04-30 | Youpowered, Inc. | Method and apparatus for tracking network usage |
US5923854A (en) | 1996-11-22 | 1999-07-13 | International Business Machines Corporation | Virtual internet protocol (IP) addressing |
US5917997A (en) | 1996-12-06 | 1999-06-29 | International Business Machines Corporation | Host identity takeover using virtual internet protocol (IP) addressing |
US5941988A (en) | 1997-01-27 | 1999-08-24 | International Business Machines Corporation | Session and transport layer proxies via TCP glue |
US5875296A (en) | 1997-01-28 | 1999-02-23 | International Business Machines Corporation | Distributed file system web server user authentication with cookies |
US5958053A (en) | 1997-01-30 | 1999-09-28 | At&T Corp. | Communications protocol with improved security |
US5951650A (en) | 1997-01-31 | 1999-09-14 | International Business Machines Corporation | Session traffic splitting using virtual internet protocol addresses associated with distinct categories of application programs irrespective of destination IP address |
US6041357A (en) | 1997-02-06 | 2000-03-21 | Electric Classified, Inc. | Common session token system and protocol |
US5935215A (en) | 1997-03-21 | 1999-08-10 | International Business Machines Corporation | Methods and systems for actively updating routing in TCP/IP connections using TCP/IP messages |
US6324177B1 (en) | 1997-05-02 | 2001-11-27 | Cisco Technology | Method and apparatus for managing connections based on a client IP address |
GB9709136D0 (en) | 1997-05-02 | 1997-06-25 | Certicom Corp | A log-on verification protocol |
US6445704B1 (en) | 1997-05-02 | 2002-09-03 | Cisco Technology, Inc. | Method and apparatus for virtualizing a locally initiated outbound connection from a connection manager |
US6088728A (en) | 1997-06-11 | 2000-07-11 | Oracle Corporation | System using session data stored in session data storage for associating and disassociating user identifiers for switching client sessions in a server |
US5946686A (en) | 1997-07-11 | 1999-08-31 | International Business Machines Corporation | Parallel file system and method with quota allocation |
GB9715256D0 (en) | 1997-07-21 | 1997-09-24 | Rank Xerox Ltd | Token-based docement transactions |
US6393475B1 (en) | 1997-07-28 | 2002-05-21 | Nortel Networks Limited | Method of performing a network management transaction using a web-capable agent |
US6006264A (en) | 1997-08-01 | 1999-12-21 | Arrowpoint Communications, Inc. | Method and system for directing a flow between a client and a server |
US6286039B1 (en) | 1997-08-28 | 2001-09-04 | Cisco Technology, Inc. | Automatic static to dynamic IP address and DNS address management for remote communications network access |
DE19739297C2 (en) | 1997-09-08 | 2001-11-15 | Phoenix Contact Gmbh & Co | Automation system and connection device for transparent communication between two networks |
JP3369445B2 (en) | 1997-09-22 | 2003-01-20 | 富士通株式会社 | Network service server load adjusting device, method and recording medium |
US6377993B1 (en) | 1997-09-26 | 2002-04-23 | Mci Worldcom, Inc. | Integrated proxy interface for web based data management reports |
US7058600B1 (en) | 1997-09-26 | 2006-06-06 | Mci, Inc. | Integrated proxy interface for web based data management reports |
US6714979B1 (en) | 1997-09-26 | 2004-03-30 | Worldcom, Inc. | Data warehousing infrastructure for web based reporting tool |
US7225249B1 (en) | 1997-09-26 | 2007-05-29 | Mci, Llc | Integrated systems for providing communications network management services and interactive generating invoice documents |
US6745229B1 (en) | 1997-09-26 | 2004-06-01 | Worldcom, Inc. | Web based integrated customer interface for invoice reporting |
US6128279A (en) | 1997-10-06 | 2000-10-03 | Web Balance, Inc. | System for balancing loads among network servers |
US8782199B2 (en) | 1997-10-14 | 2014-07-15 | A-Tech Llc | Parsing a packet header |
US6434620B1 (en) | 1998-08-27 | 2002-08-13 | Alacritech, Inc. | TCP/IP offload network interface device |
US7237036B2 (en) | 1997-10-14 | 2007-06-26 | Alacritech, Inc. | Fast-path apparatus for receiving data corresponding a TCP connection |
US6226680B1 (en) | 1997-10-14 | 2001-05-01 | Alacritech, Inc. | Intelligent network interface system method for protocol processing |
US6223205B1 (en) | 1997-10-20 | 2001-04-24 | Mor Harchol-Balter | Method and apparatus for assigning tasks in a distributed server system |
US6252878B1 (en) | 1997-10-30 | 2001-06-26 | Cisco Technology, Inc. | Switched architecture access server |
US6047268A (en) | 1997-11-04 | 2000-04-04 | A.T.&T. Corporation | Method and apparatus for billing for transactions conducted over the internet |
US6542926B2 (en) | 1998-06-10 | 2003-04-01 | Compaq Information Technologies Group, L.P. | Software partitioned multi-processor system with flexible resource sharing levels |
US6141759A (en) | 1997-12-10 | 2000-10-31 | Bmc Software, Inc. | System and architecture for distributing, monitoring, and managing information requests on a computer network |
US6003069A (en) | 1997-12-16 | 1999-12-14 | Lexmark International, Inc. | Client/server printer driver system |
US6363075B1 (en) | 1998-01-23 | 2002-03-26 | Industrial Technology Research Institute | Shared buffer management mechanism and method using multiple linked lists in a high speed packet switching system |
US6167062A (en) | 1998-02-02 | 2000-12-26 | Tellabs Operations, Inc. | System and associated method for the synchronization and control of multiplexed payloads over a telecommunications network |
US6185598B1 (en) | 1998-02-10 | 2001-02-06 | Digital Island, Inc. | Optimized network resource location |
US6131163A (en) | 1998-02-17 | 2000-10-10 | Cisco Technology, Inc. | Network gateway mechanism having a protocol stack proxy |
US6363081B1 (en) | 1998-03-04 | 2002-03-26 | Hewlett-Packard Company | System and method for sharing a network port among multiple applications |
US6353614B1 (en) | 1998-03-05 | 2002-03-05 | 3Com Corporation | Method and protocol for distributed network address translation |
US6076108A (en) | 1998-03-06 | 2000-06-13 | I2 Technologies, Inc. | System and method for maintaining a state for a user session using a web system having a global session server |
US6006269A (en) | 1998-03-11 | 1999-12-21 | Hewlett-Packard Company | Admission control system with messages admitted or deferred for re-submission at a later time on a priority basis |
US6098093A (en) | 1998-03-19 | 2000-08-01 | International Business Machines Corp. | Maintaining sessions in a clustered server environment |
US6459682B1 (en) | 1998-04-07 | 2002-10-01 | International Business Machines Corporation | Architecture for supporting service level agreements in an IP network |
US6446225B1 (en) | 1998-04-23 | 2002-09-03 | Microsoft Corporation | Server system with scalable session timeout mechanism |
JPH11338836A (en) | 1998-05-25 | 1999-12-10 | Nippon Telegr & Teleph Corp <Ntt> | Load distribution system for computer network |
US6704317B1 (en) | 1998-05-27 | 2004-03-09 | 3Com Corporation | Multi-carrier LAN modem server |
US6317786B1 (en) | 1998-05-29 | 2001-11-13 | Webspective Software, Inc. | Web service |
US6314463B1 (en) | 1998-05-29 | 2001-11-06 | Webspective Software, Inc. | Method and system for measuring queue length and delay |
JP4522583B2 (en) | 1998-07-08 | 2010-08-11 | ブリティッシュ・テレコミュニケーションズ・パブリック・リミテッド・カンパニー | Requirements matching server, requirements matching system, electronic purchasing apparatus using them, electronic transaction system and method |
US6223287B1 (en) | 1998-07-24 | 2001-04-24 | International Business Machines Corporation | Method for establishing a secured communication channel over the internet |
US7333484B2 (en) | 1998-08-07 | 2008-02-19 | Intel Corporation | Services processor having a packet editing unit |
AU6255199A (en) | 1998-09-17 | 2000-04-17 | Tod Mcnamara | System and method for network flow optimization using traffic classes |
US6578066B1 (en) | 1999-09-17 | 2003-06-10 | Alteon Websystems | Distributed load-balancing internet servers |
GB2342195A (en) | 1998-09-30 | 2000-04-05 | Xerox Corp | Secure token-based document server |
US6119174A (en) | 1998-10-13 | 2000-09-12 | Hewlett-Packard Company | Methods and apparatus for implementing quality-of-service guarantees in data storage systems |
US6219706B1 (en) | 1998-10-16 | 2001-04-17 | Cisco Technology, Inc. | Access control for networks |
US6247057B1 (en) | 1998-10-22 | 2001-06-12 | Microsoft Corporation | Network server supporting multiple instance of services to operate concurrently by having endpoint mapping subsystem for mapping virtual network names to virtual endpoint IDs |
US6571274B1 (en) | 1998-11-05 | 2003-05-27 | Beas Systems, Inc. | Clustered enterprise Java™ in a secure distributed processing system |
US6321338B1 (en) | 1998-11-09 | 2001-11-20 | Sri International | Network surveillance |
US6763370B1 (en) | 1998-11-16 | 2004-07-13 | Softricity, Inc. | Method and apparatus for content protection in a secure content delivery system |
US6850965B2 (en) | 1998-11-17 | 2005-02-01 | Arthur Douglas Allen | Method for connection acceptance and rapid determination of optimal multi-media content delivery over network |
US6374359B1 (en) | 1998-11-19 | 2002-04-16 | International Business Machines Corporation | Dynamic use and validation of HTTP cookies for authentication |
US6594268B1 (en) | 1999-03-11 | 2003-07-15 | Lucent Technologies Inc. | Adaptive routing system and method for QOS packet networks |
JP2000276432A (en) | 1999-03-24 | 2000-10-06 | Nec Corp | Dynamic load distribution system for transaction message |
JP2000307634A (en) | 1999-04-15 | 2000-11-02 | Kdd Corp | Congestion control method by repeating station of packet exchanging network |
EP1049307A1 (en) * | 1999-04-29 | 2000-11-02 | International Business Machines Corporation | Method and system for dispatching client sessions within a cluster of servers connected to the World Wide Web |
US6226752B1 (en) | 1999-05-11 | 2001-05-01 | Sun Microsystems, Inc. | Method and apparatus for authenticating users |
US20010049741A1 (en) | 1999-06-18 | 2001-12-06 | Bryan D. Skene | Method and system for balancing load distribution on a wide area network |
US7188181B1 (en) | 1999-06-30 | 2007-03-06 | Sun Microsystems, Inc. | Universal session sharing |
US6606315B1 (en) | 1999-07-02 | 2003-08-12 | Cisco Technology, Inc. | Synchronizing service instructions among forwarding agents using a service manager |
US6650641B1 (en) | 1999-07-02 | 2003-11-18 | Cisco Technology, Inc. | Network address translation using a forwarding agent |
EP1067458A1 (en) | 1999-07-09 | 2001-01-10 | CANAL+ Société Anonyme | Running and testing applications |
US6374300B2 (en) | 1999-07-15 | 2002-04-16 | F5 Networks, Inc. | Method and system for storing load balancing information with an HTTP cookie |
US6567857B1 (en) | 1999-07-29 | 2003-05-20 | Sun Microsystems, Inc. | Method and apparatus for dynamic proxy insertion in network traffic flow |
US6892307B1 (en) | 1999-08-05 | 2005-05-10 | Sun Microsystems, Inc. | Single sign-on framework with trust-level mapping to authentication requirements |
JP2001051859A (en) | 1999-08-11 | 2001-02-23 | Hitachi Ltd | Load information communication method |
EP1212680B1 (en) | 1999-08-13 | 2007-07-04 | Sun Microsystems, Inc. | Graceful distribution in application server load balancing |
AU6795100A (en) | 1999-08-21 | 2001-03-19 | Webever, Inc. | Method for content delivery over the internet |
US7463648B1 (en) * | 1999-08-23 | 2008-12-09 | Sun Microsystems, Inc. | Approach for allocating resources to an apparatus based on optional resource requirements |
US8019870B1 (en) * | 1999-08-23 | 2011-09-13 | Oracle America, Inc. | Approach for allocating resources to an apparatus based on alternative resource requirements |
US8032634B1 (en) * | 1999-08-23 | 2011-10-04 | Oracle America, Inc. | Approach for allocating resources to an apparatus based on resource requirements |
US8179809B1 (en) * | 1999-08-23 | 2012-05-15 | Oracle America, Inc. | Approach for allocating resources to an apparatus based on suspendable resource requirements |
US8234650B1 (en) * | 1999-08-23 | 2012-07-31 | Oracle America, Inc. | Approach for allocating resources to an apparatus |
US6339423B1 (en) | 1999-08-23 | 2002-01-15 | Entrust, Inc. | Multi-domain access control |
US7703102B1 (en) * | 1999-08-23 | 2010-04-20 | Oracle America, Inc. | Approach for allocating resources to an apparatus based on preemptable resource requirements |
US6760758B1 (en) | 1999-08-31 | 2004-07-06 | Qwest Communications International, Inc. | System and method for coordinating network access |
US6772333B1 (en) | 1999-09-01 | 2004-08-03 | Dickens Coal Llc | Atomic session-start operation combining clear-text and encrypted sessions to provide id visibility to middleware such as load-balancers |
US6711618B1 (en) | 1999-09-03 | 2004-03-23 | Cisco Technology, Inc. | Apparatus and method for providing server state and attribute management for voice enabled web applications |
US6330560B1 (en) | 1999-09-10 | 2001-12-11 | International Business Machines Corporation | Multiple manager to multiple server IP locking mechanism in a directory-enabled network |
US6430622B1 (en) | 1999-09-22 | 2002-08-06 | International Business Machines Corporation | Methods, systems and computer program products for automated movement of IP addresses within a cluster |
US6742126B1 (en) | 1999-10-07 | 2004-05-25 | Cisco Technology, Inc. | Method and apparatus for identifying a data communications session |
US6748414B1 (en) | 1999-11-15 | 2004-06-08 | International Business Machines Corporation | Method and apparatus for the load balancing of non-identical servers in a network environment |
US6748413B1 (en) | 1999-11-15 | 2004-06-08 | International Business Machines Corporation | Method and apparatus for load balancing of parallel servers in a network environment |
US6952728B1 (en) | 1999-12-01 | 2005-10-04 | Nortel Networks Limited | Providing desired service policies to subscribers accessing internet |
WO2001040903A2 (en) | 1999-12-06 | 2001-06-07 | Warp Solutions, Inc. | System and method for enhancing operation of a web server cluster |
US6510464B1 (en) | 1999-12-14 | 2003-01-21 | Verizon Corporate Services Group Inc. | Secure gateway having routing feature |
US6564215B1 (en) | 1999-12-16 | 2003-05-13 | International Business Machines Corporation | Update support in database content management |
US6754706B1 (en) | 1999-12-16 | 2004-06-22 | Speedera Networks, Inc. | Scalable domain name system with persistence and load balancing |
US7269143B2 (en) | 1999-12-31 | 2007-09-11 | Ragula Systems (Fatpipe Networks) | Combining routers to increase concurrency and redundancy in external network access |
US6587866B1 (en) | 2000-01-10 | 2003-07-01 | Sun Microsystems, Inc. | Method for distributing packets to server nodes using network client affinity and packet distribution table |
US6820133B1 (en) | 2000-02-07 | 2004-11-16 | Netli, Inc. | System and method for high-performance delivery of web content using high-performance communications protocol between the first and second specialized intermediate nodes to optimize a measure of communications performance between the source and the destination |
US6725272B1 (en) | 2000-02-18 | 2004-04-20 | Netscaler, Inc. | Apparatus, method and computer program product for guaranteed content delivery incorporating putting a client on-hold based on response time |
JP3817429B2 (en) | 2000-02-23 | 2006-09-06 | キヤノン株式会社 | Information processing apparatus, information processing method, and information processing program |
US6877095B1 (en) | 2000-03-09 | 2005-04-05 | Microsoft Corporation | Session-state manager |
US8380854B2 (en) | 2000-03-21 | 2013-02-19 | F5 Networks, Inc. | Simplified method for processing multiple connections from the same client |
US6336137B1 (en) | 2000-03-31 | 2002-01-01 | Siebel Systems, Inc. | Web client-server system and method for incompatible page markup and presentation languages |
JP2001298449A (en) | 2000-04-12 | 2001-10-26 | Matsushita Electric Ind Co Ltd | Security communication method, communication system and its unit |
US6657974B1 (en) | 2000-04-14 | 2003-12-02 | International Business Machines Corporation | Method and apparatus for generating replies to address resolution protocol requests |
US8239445B1 (en) | 2000-04-25 | 2012-08-07 | International Business Machines Corporation | URL-based sticky routing tokens using a server-side cookie jar |
US6718383B1 (en) | 2000-06-02 | 2004-04-06 | Sun Microsystems, Inc. | High availability networking with virtual IP address failover |
US8204082B2 (en) | 2000-06-23 | 2012-06-19 | Cloudshield Technologies, Inc. | Transparent provisioning of services over a network |
US7031267B2 (en) | 2000-12-21 | 2006-04-18 | 802 Systems Llc | PLD-based packet filtering methods with PLD configuration data update of filtering rules |
US7013482B1 (en) | 2000-07-07 | 2006-03-14 | 802 Systems Llc | Methods for packet filtering including packet invalidation if packet validity determination not timely made |
US7814180B2 (en) | 2000-07-13 | 2010-10-12 | Infoblox, Inc. | Domain name service server |
US6591262B1 (en) | 2000-08-01 | 2003-07-08 | International Business Machines Corporation | Collaborative workload management incorporating work unit attributes in resource allocation |
US6941384B1 (en) | 2000-08-17 | 2005-09-06 | International Business Machines Corporation | Methods, systems and computer program products for failure recovery for routed virtual internet protocol addresses |
US7120697B2 (en) | 2001-05-22 | 2006-10-10 | International Business Machines Corporation | Methods, systems and computer program products for port assignments of multiple application instances using the same source IP address |
US6996617B1 (en) | 2000-08-17 | 2006-02-07 | International Business Machines Corporation | Methods, systems and computer program products for non-disruptively transferring a virtual internet protocol address between communication protocol stacks |
US6996631B1 (en) | 2000-08-17 | 2006-02-07 | International Business Machines Corporation | System having a single IP address associated with communication protocol stacks in a cluster of processing systems |
US6954784B2 (en) | 2000-08-17 | 2005-10-11 | International Business Machines Corporation | Systems, method and computer program products for cluster workload distribution without preconfigured port identification by utilizing a port of multiple ports associated with a single IP address |
CN1200368C (en) | 2000-08-18 | 2005-05-04 | 清华大学 | Local re-transmission method of using TCP for un-reliable transmission network |
US7711790B1 (en) | 2000-08-24 | 2010-05-04 | Foundry Networks, Inc. | Securing an accessible computer system |
US7010605B1 (en) | 2000-08-29 | 2006-03-07 | Microsoft Corporation | Method and apparatus for encoding and storing session data |
US6772334B1 (en) | 2000-08-31 | 2004-08-03 | Networks Associates, Inc. | System and method for preventing a spoofed denial of service attack in a networked computing environment |
JP3501361B2 (en) | 2000-09-04 | 2004-03-02 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Computer network system, computer system, communication method between computer systems, method for measuring computer system performance, and recording medium |
US7398317B2 (en) | 2000-09-07 | 2008-07-08 | Mazu Networks, Inc. | Thwarting connection-based denial of service attacks |
JP2002091936A (en) | 2000-09-11 | 2002-03-29 | Hitachi Ltd | Device for distributing load and method for estimating load |
US9525696B2 (en) | 2000-09-25 | 2016-12-20 | Blue Coat Systems, Inc. | Systems and methods for processing data flows |
US7454500B1 (en) | 2000-09-26 | 2008-11-18 | Foundry Networks, Inc. | Global server load balancing |
US6813635B1 (en) | 2000-10-13 | 2004-11-02 | Hewlett-Packard Development Company, L.P. | System and method for distributing load among redundant independent stateful world wide web server sites |
US6963917B1 (en) | 2000-10-20 | 2005-11-08 | International Business Machines Corporation | Methods, systems and computer program products for policy based distribution of workload to subsets of potential servers |
US6965930B1 (en) | 2000-10-20 | 2005-11-15 | International Business Machines Corporation | Methods, systems and computer program products for workload distribution based on end-to-end quality of service |
ATE381191T1 (en) * | 2000-10-26 | 2007-12-15 | Prismedia Networks Inc | METHOD AND SYSTEM FOR MANAGING DISTRIBUTED CONTENT AND CORRESPONDING METADATA |
US7039717B2 (en) | 2000-11-10 | 2006-05-02 | Nvidia Corporation | Internet modem streaming socket method |
US7739398B1 (en) | 2000-11-21 | 2010-06-15 | Avaya Inc. | Dynamic load balancer |
US20020078164A1 (en) | 2000-12-13 | 2002-06-20 | Marnetics Ltd. | System and method for data transfer acceleration in a TCP network environment |
US6779033B1 (en) | 2000-12-28 | 2004-08-17 | Networks Associates Technology, Inc. | System and method for transacting a validated application session in a networked computing environment |
US7301899B2 (en) | 2001-01-31 | 2007-11-27 | Comverse Ltd. | Prevention of bandwidth congestion in a denial of service or other internet-based attack |
US7155515B1 (en) | 2001-02-06 | 2006-12-26 | Microsoft Corporation | Distributed load balancing for single entry-point systems |
US7149817B2 (en) | 2001-02-15 | 2006-12-12 | Neteffect, Inc. | Infiniband TM work queue to TCP/IP translation |
WO2002069575A1 (en) | 2001-02-28 | 2002-09-06 | Gotham Networks, Inc. | Methods and apparatus for network routing device |
US7454523B2 (en) | 2001-03-16 | 2008-11-18 | Intel Corporation | Geographic location determination including inspection of network address |
US7313822B2 (en) | 2001-03-16 | 2007-12-25 | Protegrity Corporation | Application-layer security method and system |
US7533409B2 (en) | 2001-03-22 | 2009-05-12 | Corente, Inc. | Methods and systems for firewalling virtual private networks |
JP2002290459A (en) | 2001-03-27 | 2002-10-04 | Nec Corp | Device for transferring packets and method for the same |
US7349970B2 (en) | 2001-03-29 | 2008-03-25 | International Business Machines Corporation | Workload management of stateful program entities |
US20020143954A1 (en) | 2001-04-03 | 2002-10-03 | Aiken John Andrew | Methods, systems and computer program products for content-based routing via active TCP connection transfer |
US20020143953A1 (en) | 2001-04-03 | 2002-10-03 | International Business Machines Corporation | Automatic affinity within networks performing workload balancing |
US20030189927A1 (en) | 2001-04-27 | 2003-10-09 | Foster Michael S. | Method and system for multiframe buffering in a routing device |
US7711831B2 (en) | 2001-05-22 | 2010-05-04 | International Business Machines Corporation | Methods, systems and computer program products for source address selection |
US20020176378A1 (en) * | 2001-05-22 | 2002-11-28 | Hamilton Thomas E. | Platform and method for providing wireless data services |
US6839700B2 (en) | 2001-05-23 | 2005-01-04 | International Business Machines Corporation | Load balancing content requests using dynamic document generation cost information |
GB0113844D0 (en) | 2001-06-07 | 2001-08-01 | Marconi Comm Ltd | Real time processing |
US7239632B2 (en) | 2001-06-18 | 2007-07-03 | Tatara Systems, Inc. | Method and apparatus for converging local area and wide area wireless data networks |
US6944678B2 (en) | 2001-06-18 | 2005-09-13 | Transtech Networks Usa, Inc. | Content-aware application switch and methods thereof |
US8180921B2 (en) | 2001-06-19 | 2012-05-15 | Intel Corporation | Method and apparatus for load balancing |
US7343399B2 (en) | 2001-06-25 | 2008-03-11 | Nortel Networks Limited | Apparatus and method for managing internet resource requests |
US6922727B2 (en) | 2001-06-26 | 2005-07-26 | International Business Machines Corporation | Method and system for managing parallel data transfer through multiple sockets to provide scalability to a computer network |
DE60202527T2 (en) | 2001-07-03 | 2006-03-30 | Telefonaktiebolaget Lm Ericsson (Publ) | METHOD AND SYSTEM FOR TREATING MULTILINGER MESSAGES |
US7305492B2 (en) | 2001-07-06 | 2007-12-04 | Juniper Networks, Inc. | Content service aggregation system |
US7509369B1 (en) * | 2001-07-11 | 2009-03-24 | Swsoft Holdings, Ltd. | Balancing shared servers in virtual environments |
US7366794B2 (en) | 2001-07-13 | 2008-04-29 | Certicom Corp. | Method and apparatus for resolving a web site address when connected with a virtual private network (VPN) |
US7072958B2 (en) * | 2001-07-30 | 2006-07-04 | Intel Corporation | Identifying network management policies |
US20040187032A1 (en) | 2001-08-07 | 2004-09-23 | Christoph Gels | Method, data carrier, computer system and computer progamme for the identification and defence of attacks in server of network service providers and operators |
US7039037B2 (en) | 2001-08-20 | 2006-05-02 | Wang Jiwei R | Method and apparatus for providing service selection, redirection and managing of subscriber access to multiple WAP (Wireless Application Protocol) gateways simultaneously |
US6895590B2 (en) | 2001-09-26 | 2005-05-17 | Intel Corporation | Method and system enabling both legacy and new applications to access an InfiniBand fabric via a socket API |
EP1436736B1 (en) | 2001-09-28 | 2017-06-28 | Level 3 CDN International, Inc. | Configurable adaptive global traffic control and management |
FR2830397B1 (en) | 2001-09-28 | 2004-12-03 | Evolium Sas | METHOD FOR IMPROVING THE PERFORMANCE OF A TRANSMISSION PROTOCOL USING A RETRANSMISSION TIMER |
US7822970B2 (en) | 2001-10-24 | 2010-10-26 | Microsoft Corporation | Method and apparatus for regulating access to a computer via a computer network |
JP3730563B2 (en) | 2001-11-02 | 2006-01-05 | キヤノンソフトウェア株式会社 | Session management apparatus, session management method, program, and recording medium |
US7958199B2 (en) | 2001-11-02 | 2011-06-07 | Oracle America, Inc. | Switching systems and methods for storage management in digital networks |
US7370353B2 (en) | 2001-11-05 | 2008-05-06 | Cisco Technology, Inc. | System and method for managing dynamic network sessions |
US7512980B2 (en) | 2001-11-30 | 2009-03-31 | Lancope, Inc. | Packet sampling flow-based detection of network intrusions |
JP3898498B2 (en) * | 2001-12-06 | 2007-03-28 | 富士通株式会社 | Server load balancing system |
US20030131245A1 (en) | 2002-01-04 | 2003-07-10 | Michael Linderman | Communication security system |
US6633835B1 (en) | 2002-01-10 | 2003-10-14 | Networks Associates Technology, Inc. | Prioritized data capture, classification and filtering in a network monitoring environment |
US7058718B2 (en) | 2002-01-15 | 2006-06-06 | International Business Machines Corporation | Blended SYN cookies |
US8090866B1 (en) | 2002-01-18 | 2012-01-03 | Cisco Technology, Inc. | TCP proxy connection management in a gigabit environment |
US7076555B1 (en) | 2002-01-23 | 2006-07-11 | Novell, Inc. | System and method for transparent takeover of TCP connections between servers |
CN1714545A (en) | 2002-01-24 | 2005-12-28 | 艾维西系统公司 | System and method for fault tolerant data communication |
US7240330B2 (en) | 2002-02-01 | 2007-07-03 | John Fairweather | Use of ontologies for auto-generating and handling applications, their persistent storage, and user interfaces |
WO2003067382A2 (en) | 2002-02-04 | 2003-08-14 | Intel Corporation | Service processor having a queue operations unit and an output scheduler |
US7584262B1 (en) | 2002-02-11 | 2009-09-01 | Extreme Networks | Method of and system for allocating resources to resource requests based on application of persistence policies |
US7228359B1 (en) | 2002-02-12 | 2007-06-05 | Cisco Technology, Inc. | Methods and apparatus for providing domain name service based on a client identifier |
CA2372092C (en) | 2002-02-15 | 2010-04-06 | Cognos Incorporated | A queuing model for a plurality of servers |
US20030195962A1 (en) | 2002-04-10 | 2003-10-16 | Satoshi Kikuchi | Load balancing of servers |
US8554929B1 (en) | 2002-05-03 | 2013-10-08 | Foundry Networks, Llc | Connection rate limiting for server load balancing and transparent cache switching |
US7707295B1 (en) | 2002-05-03 | 2010-04-27 | Foundry Networks, Inc. | Connection rate limiting |
KR100976750B1 (en) | 2002-05-09 | 2010-08-18 | 오니시스 그룹 엘.에이., 엘엘시 | Encryption device, encryption method, and encryption system |
US7340535B1 (en) | 2002-06-04 | 2008-03-04 | Fortinet, Inc. | System and method for controlling routing in a virtual router system |
US6888807B2 (en) | 2002-06-10 | 2005-05-03 | Ipr Licensing, Inc. | Applying session services based on packet flows |
US7277963B2 (en) | 2002-06-26 | 2007-10-02 | Sandvine Incorporated | TCP proxy providing application layer modifications |
US6744774B2 (en) | 2002-06-27 | 2004-06-01 | Nokia, Inc. | Dynamic routing over secure networks |
US7254133B2 (en) | 2002-07-15 | 2007-08-07 | Intel Corporation | Prevention of denial of service attacks |
US7069438B2 (en) | 2002-08-19 | 2006-06-27 | Sowl Associates, Inc. | Establishing authenticated network connections |
US7430755B1 (en) | 2002-09-03 | 2008-09-30 | Fs Networks, Inc. | Method and system for providing persistence in a secure network access |
US7337241B2 (en) | 2002-09-27 | 2008-02-26 | Alacritech, Inc. | Fast-path apparatus for receiving data corresponding to a TCP connection |
US7506360B1 (en) | 2002-10-01 | 2009-03-17 | Mirage Networks, Inc. | Tracking communication for determining device states |
US7236457B2 (en) | 2002-10-04 | 2007-06-26 | Intel Corporation | Load balancing in a network |
US7487248B2 (en) | 2002-10-08 | 2009-02-03 | Brian Moran | Method and system for transferring a computer session between devices |
US7310686B2 (en) | 2002-10-27 | 2007-12-18 | Paxfire, Inc. | Apparatus and method for transparent selection of an Internet server based on geographic location of a user |
US8176186B2 (en) | 2002-10-30 | 2012-05-08 | Riverbed Technology, Inc. | Transaction accelerator for client-server communications systems |
US7406087B1 (en) | 2002-11-08 | 2008-07-29 | Juniper Networks, Inc. | Systems and methods for accelerating TCP/IP data stream processing |
US7386889B2 (en) | 2002-11-18 | 2008-06-10 | Trusted Network Technologies, Inc. | System and method for intrusion prevention in a communications network |
US7945673B2 (en) | 2002-12-06 | 2011-05-17 | Hewlett-Packard Development Company, L.P. | Reduced wireless internet connect time |
US7379958B2 (en) | 2002-12-30 | 2008-05-27 | Nokia Corporation | Automatic and dynamic service information delivery from service providers to data terminals in an access point network |
US7269850B2 (en) | 2002-12-31 | 2007-09-11 | Intel Corporation | Systems and methods for detecting and tracing denial of service attacks |
US7234161B1 (en) | 2002-12-31 | 2007-06-19 | Nvidia Corporation | Method and apparatus for deflecting flooding attacks |
US6904439B2 (en) * | 2002-12-31 | 2005-06-07 | International Business Machines Corporation | System and method for aggregating user project information in a multi-server system |
US7089231B2 (en) * | 2002-12-31 | 2006-08-08 | International Business Machines Corporation | System and method for searching a plurality of databases distributed across a multi server domain |
US7194480B2 (en) * | 2002-12-31 | 2007-03-20 | International Business Machines Corporation | System and method for invoking methods on place objects in a distributed environment |
US20040141005A1 (en) * | 2003-01-22 | 2004-07-22 | International Business Machines Corporation | System and method for integrating online meeting materials in a place |
US7167874B2 (en) * | 2003-01-22 | 2007-01-23 | International Business Machines Corporation | System and method for command line administration of project spaces using XML objects |
US7835363B2 (en) | 2003-02-12 | 2010-11-16 | Broadcom Corporation | Method and system to provide blade server load balancing using spare link bandwidth |
US20040210623A1 (en) * | 2003-03-06 | 2004-10-21 | Aamer Hydrie | Virtual network topology generation |
US7355992B2 (en) | 2003-03-18 | 2008-04-08 | Harris Corporation | Relay for extended range point-to-point wireless packetized data communication system |
JPWO2004084085A1 (en) | 2003-03-18 | 2006-06-22 | 富士通株式会社 | Load balancing system by inter-site cooperation |
US20040210663A1 (en) | 2003-04-15 | 2004-10-21 | Paul Phillips | Object-aware transport-layer network processing engine |
US7373500B2 (en) * | 2003-04-15 | 2008-05-13 | Sun Microsystems, Inc. | Secure network processing |
US7308499B2 (en) | 2003-04-30 | 2007-12-11 | Avaya Technology Corp. | Dynamic load balancing for enterprise IP traffic |
US7356577B2 (en) | 2003-06-12 | 2008-04-08 | Samsung Electronics Co., Ltd. | System and method for providing an online software upgrade in load sharing servers |
US7181524B1 (en) | 2003-06-13 | 2007-02-20 | Veritas Operating Corporation | Method and apparatus for balancing a load among a plurality of servers in a computer system |
US7590736B2 (en) | 2003-06-30 | 2009-09-15 | Microsoft Corporation | Flexible network load balancing |
US7613822B2 (en) | 2003-06-30 | 2009-11-03 | Microsoft Corporation | Network load balancing with session information |
US20050027862A1 (en) | 2003-07-18 | 2005-02-03 | Nguyen Tien Le | System and methods of cooperatively load-balancing clustered servers |
KR100568231B1 (en) | 2003-08-11 | 2006-04-07 | 삼성전자주식회사 | Domain name service system and service method thereof |
US8938553B2 (en) | 2003-08-12 | 2015-01-20 | Riverbed Technology, Inc. | Cooperative proxy auto-discovery and connection interception through network address translation |
US7385923B2 (en) | 2003-08-14 | 2008-06-10 | International Business Machines Corporation | Method, system and article for improved TCP performance during packet reordering |
US7467202B2 (en) | 2003-09-10 | 2008-12-16 | Fidelis Security Systems | High-performance network content analysis platform |
KR100570836B1 (en) | 2003-10-14 | 2006-04-13 | 한국전자통신연구원 | A Server Load Balancing Device and Method using Load Balancing Session Label |
CN100456690C (en) | 2003-10-14 | 2009-01-28 | 北京邮电大学 | Whole load equalizing method based on global network positioning |
US7472190B2 (en) | 2003-10-17 | 2008-12-30 | International Business Machines Corporation | Method, system and program product for preserving a user state in an application |
JP2005141441A (en) | 2003-11-06 | 2005-06-02 | Hitachi Ltd | Load distribution system |
US20050125276A1 (en) | 2003-12-05 | 2005-06-09 | Grigore Rusu | System and method for event tracking across plural contact mediums |
US20050213586A1 (en) | 2004-02-05 | 2005-09-29 | David Cyganski | System and method to increase network throughput |
US7881215B1 (en) | 2004-03-18 | 2011-02-01 | Avaya Inc. | Stateful and stateless data processing |
US20050240989A1 (en) | 2004-04-23 | 2005-10-27 | Seoul National University Industry Foundation | Method of sharing state between stateful inspection firewalls on mep network |
US20060112170A1 (en) * | 2004-05-03 | 2006-05-25 | Craig Sirkin | Geo-locating load balancing |
US20060064478A1 (en) * | 2004-05-03 | 2006-03-23 | Level 3 Communications, Inc. | Geo-locating load balancing |
US7584301B1 (en) | 2004-05-06 | 2009-09-01 | Foundry Networks, Inc. | Host-level policies for global server load balancing |
US8423758B2 (en) | 2004-05-10 | 2013-04-16 | Tara Chand Singhal | Method and apparatus for packet source validation architecture system for enhanced internet security |
US7391725B2 (en) | 2004-05-18 | 2008-06-24 | Christian Huitema | System and method for defeating SYN attacks |
US8179786B2 (en) | 2004-05-19 | 2012-05-15 | Mosaid Technologies Incorporated | Dynamic traffic rearrangement and restoration for MPLS networks with differentiated services capabilities |
US20060069774A1 (en) | 2004-06-17 | 2006-03-30 | International Business Machine Corporation | Method and apparatus for managing data center using Web services |
FI20040888A0 (en) | 2004-06-28 | 2004-06-28 | Nokia Corp | Management of services in a packet switching data network |
US8688834B2 (en) | 2004-07-09 | 2014-04-01 | Toshiba America Research, Inc. | Dynamic host configuration and network access authentication |
CN1317853C (en) | 2004-07-20 | 2007-05-23 | 联想网御科技(北京)有限公司 | Network safety equipment and assemblied system and method for implementing high availability |
JP4313266B2 (en) | 2004-07-29 | 2009-08-12 | 株式会社エヌ・ティ・ティ・ドコモ | Server apparatus, control method thereof and connection establishment method |
TW200606667A (en) | 2004-08-13 | 2006-02-16 | Reallusion Inc | System and method of converting and sharing data |
US7423977B1 (en) | 2004-08-23 | 2008-09-09 | Foundry Networks Inc. | Smoothing algorithm for round trip time (RTT) measurements |
JP4555025B2 (en) | 2004-08-25 | 2010-09-29 | 株式会社エヌ・ティ・ティ・ドコモ | Server device, client device, and process execution method |
US7292592B2 (en) | 2004-10-08 | 2007-11-06 | Telefonaktiebolaget Lm Ericsson (Publ) | Home network-assisted selection of intermediary network for a roaming mobile terminal |
US20060092950A1 (en) * | 2004-10-28 | 2006-05-04 | Cisco Technology, Inc. | Architecture and method having redundancy in active/active stateful devices based on symmetric global load balancing protocol (sGLBP) |
US20060098645A1 (en) | 2004-11-09 | 2006-05-11 | Lev Walkin | System and method for providing client identifying information to a server |
US8458467B2 (en) | 2005-06-21 | 2013-06-04 | Cisco Technology, Inc. | Method and apparatus for adaptive application message payload content transformation in a network infrastructure element |
US7634564B2 (en) | 2004-11-18 | 2009-12-15 | Nokia Corporation | Systems and methods for invoking a service from a plurality of event servers in a network |
US7613193B2 (en) | 2005-02-04 | 2009-11-03 | Nokia Corporation | Apparatus, method and computer program product to reduce TCP flooding attacks while conserving wireless network bandwidth |
US20060190997A1 (en) | 2005-02-22 | 2006-08-24 | Mahajani Amol V | Method and system for transparent in-line protection of an electronic communications network |
US20060187901A1 (en) | 2005-02-23 | 2006-08-24 | Lucent Technologies Inc. | Concurrent dual-state proxy server, method of providing a proxy and SIP network employing the same |
US8533473B2 (en) | 2005-03-04 | 2013-09-10 | Oracle America, Inc. | Method and apparatus for reducing bandwidth usage in secure transactions |
US20060206586A1 (en) | 2005-03-09 | 2006-09-14 | Yibei Ling | Method, apparatus and system for a location-based uniform resource locator |
JP4413965B2 (en) | 2005-03-17 | 2010-02-10 | 富士通株式会社 | Load balancing communication device and load balancing management device |
KR101141645B1 (en) | 2005-03-29 | 2012-05-17 | 엘지전자 주식회사 | Method for Controlling Transmission of Data Block |
US7606147B2 (en) | 2005-04-13 | 2009-10-20 | Zeugma Systems Inc. | Application aware traffic shaping service node positioned between the access and core networks |
US7990847B1 (en) | 2005-04-15 | 2011-08-02 | Cisco Technology, Inc. | Method and system for managing servers in a server cluster |
KR100642935B1 (en) | 2005-05-06 | 2006-11-10 | (주)아이디스 | Name service system and method thereof |
US7826487B1 (en) | 2005-05-09 | 2010-11-02 | F5 Network, Inc | Coalescing acknowledgement responses to improve network communications |
JP4101251B2 (en) | 2005-05-24 | 2008-06-18 | 富士通株式会社 | Load distribution program, load distribution method, and load distribution apparatus |
US7664041B2 (en) * | 2005-05-26 | 2010-02-16 | Dale Trenton Smith | Distributed stream analysis using general purpose processors |
IES20050376A2 (en) | 2005-06-03 | 2006-08-09 | Asavie R & D Ltd | Secure network communication system and method |
US20060277303A1 (en) | 2005-06-06 | 2006-12-07 | Nikhil Hegde | Method to improve response time when clients use network services |
JP4557815B2 (en) | 2005-06-13 | 2010-10-06 | 富士通株式会社 | Relay device and relay system |
US7774402B2 (en) | 2005-06-29 | 2010-08-10 | Visa U.S.A. | Adaptive gateway for switching transactions and data on unreliable networks using context-based rules |
US7609625B2 (en) | 2005-07-06 | 2009-10-27 | Fortinet, Inc. | Systems and methods for detecting and preventing flooding attacks in a network environment |
US7496566B2 (en) | 2005-08-03 | 2009-02-24 | Intenational Business Machines Corporation | Priority based LDAP service publication mechanism |
EP1770915A1 (en) | 2005-09-29 | 2007-04-04 | Matsushita Electric Industrial Co., Ltd. | Policy control in the evolved system architecture |
US20070086382A1 (en) | 2005-10-17 | 2007-04-19 | Vidya Narayanan | Methods of network access configuration in an IP network |
JP4650203B2 (en) * | 2005-10-20 | 2011-03-16 | 株式会社日立製作所 | Information system and management computer |
US7606232B1 (en) | 2005-11-09 | 2009-10-20 | Juniper Networks, Inc. | Dynamic virtual local area network (VLAN) interface configuration |
US20070118881A1 (en) | 2005-11-18 | 2007-05-24 | Julian Mitchell | Application control at a policy server |
US7694011B2 (en) | 2006-01-17 | 2010-04-06 | Cisco Technology, Inc. | Techniques for load balancing over a cluster of subscriber-aware application servers |
CN100452041C (en) | 2006-01-18 | 2009-01-14 | 腾讯科技(深圳)有限公司 | Method and system for reading information at network resource site, and searching engine |
US7610622B2 (en) | 2006-02-06 | 2009-10-27 | Cisco Technology, Inc. | Supporting options in a communication session using a TCP cookie |
US7675854B2 (en) | 2006-02-21 | 2010-03-09 | A10 Networks, Inc. | System and method for an adaptive TCP SYN cookie with time validation |
US7492766B2 (en) | 2006-02-22 | 2009-02-17 | Juniper Networks, Inc. | Dynamic building of VLAN interfaces based on subscriber information strings |
US7808994B1 (en) | 2006-02-22 | 2010-10-05 | Juniper Networks, Inc. | Forwarding traffic to VLAN interfaces built based on subscriber information strings |
US8832247B2 (en) | 2006-03-24 | 2014-09-09 | Blue Coat Systems, Inc. | Methods and systems for caching content at multiple levels |
JP5108244B2 (en) | 2006-03-30 | 2012-12-26 | 株式会社エヌ・ティ・ティ・ドコモ | Communication terminal and retransmission control method |
US8539075B2 (en) | 2006-04-21 | 2013-09-17 | International Business Machines Corporation | On-demand global server load balancing system and method of use |
US8130826B2 (en) * | 2006-04-27 | 2012-03-06 | Jds Uniphase Corporation | Systems and methods for preparing network data for analysis |
US7680478B2 (en) | 2006-05-04 | 2010-03-16 | Telefonaktiebolaget Lm Ericsson (Publ) | Inactivity monitoring for different traffic or service classifications |
US20070274285A1 (en) | 2006-05-23 | 2007-11-29 | Werber Ryan A | System and method for configuring a router |
KR100830413B1 (en) | 2006-05-25 | 2008-05-20 | (주)씨디네트웍스 | Server connection system and load balancing network system |
US20070283429A1 (en) | 2006-05-30 | 2007-12-06 | A10 Networks Inc. | Sequence number based TCP session proxy |
GB0611249D0 (en) | 2006-06-07 | 2006-07-19 | Nokia Corp | Communication system |
US20070288247A1 (en) | 2006-06-11 | 2007-12-13 | Michael Mackay | Digital life server |
US20070294209A1 (en) | 2006-06-20 | 2007-12-20 | Lyle Strub | Communication network application activity monitoring and control |
EP2060087A1 (en) | 2006-07-03 | 2009-05-20 | Telefonaktiebolaget L M Ericsson (Publ) | Topology hiding of mobile agents |
US7970934B1 (en) | 2006-07-31 | 2011-06-28 | Google Inc. | Detecting events of interest |
EP1885096B1 (en) | 2006-08-01 | 2012-07-04 | Alcatel Lucent | Application session border element |
JP4916809B2 (en) | 2006-08-04 | 2012-04-18 | 日本電信電話株式会社 | Load balancing control apparatus and method |
US7580417B2 (en) | 2006-08-07 | 2009-08-25 | Cisco Technology, Inc. | Method and apparatus for load balancing over virtual network links |
US8584199B1 (en) | 2006-10-17 | 2013-11-12 | A10 Networks, Inc. | System and method to apply a packet routing policy to an application session |
US7716378B2 (en) | 2006-10-17 | 2010-05-11 | A10 Networks, Inc. | System and method to associate a private user identity with a public user identity |
US8312507B2 (en) | 2006-10-17 | 2012-11-13 | A10 Networks, Inc. | System and method to apply network traffic policy to an application session |
JP4680866B2 (en) | 2006-10-31 | 2011-05-11 | 株式会社日立製作所 | Packet transfer device with gateway load balancing function |
WO2008053954A1 (en) | 2006-11-01 | 2008-05-08 | Panasonic Corporation | Communication control method, communication system, home agent allocation server, and mobile node |
US8584195B2 (en) | 2006-11-08 | 2013-11-12 | Mcafee, Inc | Identities correlation infrastructure for passive network monitoring |
CN101094225B (en) | 2006-11-24 | 2011-05-11 | 中兴通讯股份有限公司 | Network, system and method of differentiated security service |
US7974286B2 (en) | 2006-12-04 | 2011-07-05 | International Business Machines Corporation | Reduced redundant security screening |
EP2128772A4 (en) | 2006-12-22 | 2014-11-12 | Ibm | Message hub, program, and method |
US7992192B2 (en) | 2006-12-29 | 2011-08-02 | Ebay Inc. | Alerting as to denial of service attacks |
US8379515B1 (en) | 2007-02-01 | 2013-02-19 | F5 Networks, Inc. | TCP throughput control by imposing temporal delay |
CN100531098C (en) | 2007-03-13 | 2009-08-19 | 华为技术有限公司 | Point-to-point network system and intercommunicating method for overlapped network node |
US8352634B2 (en) | 2007-04-06 | 2013-01-08 | International Business Machines Corporation | On-demand propagation of routing information in distributed computing system |
US7743155B2 (en) * | 2007-04-20 | 2010-06-22 | Array Networks, Inc. | Active-active operation for a cluster of SSL virtual private network (VPN) devices with load distribution |
US20080271130A1 (en) * | 2007-04-30 | 2008-10-30 | Shankar Ramamoorthy | Minimizing client-side inconsistencies in a distributed virtual file system |
US20080291911A1 (en) | 2007-05-21 | 2008-11-27 | Ist International, Inc. | Method and apparatus for setting a TCP retransmission timer |
US8191106B2 (en) | 2007-06-07 | 2012-05-29 | Alcatel Lucent | System and method of network access security policy management for multimodal device |
US7743157B2 (en) | 2007-06-26 | 2010-06-22 | Sap Ag | System and method for switching between stateful and stateless communication modes |
US7904409B2 (en) | 2007-08-01 | 2011-03-08 | Yahoo! Inc. | System and method for global load balancing of requests for content based on membership status of a user with one or more subscription services |
US8032632B2 (en) | 2007-08-14 | 2011-10-04 | Microsoft Corporation | Validating change of name server |
US9407693B2 (en) | 2007-10-03 | 2016-08-02 | Microsoft Technology Licensing, Llc | Network routing of endpoints to content based on content swarms |
WO2009061973A1 (en) | 2007-11-09 | 2009-05-14 | Blade Network Technologies, Inc. | Session-less load balancing of client traffic across servers in a server group |
CN101163336B (en) | 2007-11-15 | 2010-06-16 | 中兴通讯股份有限公司 | Method of implementing mobile phone terminal access authority authentication |
CN101169785A (en) | 2007-11-21 | 2008-04-30 | 浪潮电子信息产业股份有限公司 | Clustered database system dynamic loading balancing method |
GB0723422D0 (en) | 2007-11-29 | 2008-01-09 | Level 5 Networks Inc | Virtualised receive side scaling |
US8125908B2 (en) | 2007-12-04 | 2012-02-28 | Extrahop Networks, Inc. | Adaptive network traffic classification using historical context |
US8756340B2 (en) | 2007-12-20 | 2014-06-17 | Yahoo! Inc. | DNS wildcard beaconing to determine client location and resolver load for global traffic load balancing |
JP5296373B2 (en) | 2007-12-26 | 2013-09-25 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Technology that provides processing time in advance |
US9100268B2 (en) | 2008-02-27 | 2015-08-04 | Alcatel Lucent | Application-aware MPLS tunnel selection |
US7930427B2 (en) | 2008-03-03 | 2011-04-19 | Microsoft Corporation | Client-side load balancing |
JP2009211343A (en) | 2008-03-04 | 2009-09-17 | Kddi Corp | Server device and communication system |
US8185628B2 (en) | 2008-03-07 | 2012-05-22 | At&T Mobility Ii Llc | Enhanced policy capabilities for mobile data services |
CN101247349A (en) | 2008-03-13 | 2008-08-20 | 华耀环宇科技(北京)有限公司 | Network flux fast distribution method |
CN101547189B (en) | 2008-03-28 | 2011-08-10 | 华为技术有限公司 | Method, system and device for establishing CoD service |
US7886021B2 (en) * | 2008-04-28 | 2011-02-08 | Oracle America, Inc. | System and method for programmatic management of distributed computing resources |
CN101261644A (en) | 2008-04-30 | 2008-09-10 | 杭州华三通信技术有限公司 | Method and device for accessing united resource positioning symbol database |
CN101577661B (en) | 2008-05-09 | 2013-09-11 | 华为技术有限公司 | Method and equipment for switching path |
US9137739B2 (en) | 2009-01-28 | 2015-09-15 | Headwater Partners I Llc | Network based service policy implementation with network neutrality and user privacy |
CN102017548B (en) | 2008-06-12 | 2013-08-28 | 松下电器产业株式会社 | Network monitoring device, bus system monitoring device, method and program |
US7990855B2 (en) | 2008-07-11 | 2011-08-02 | Alcatel-Lucent Usa Inc. | Method and system for joint reverse link access and traffic channel radio frequency overload control |
CN101631065B (en) | 2008-07-16 | 2012-04-18 | 华为技术有限公司 | Method and device for controlling congestion of wireless multi-hop network |
US8271652B2 (en) | 2008-07-24 | 2012-09-18 | Netapp, Inc. | Load-derived probability-based domain name service in a network storage cluster |
US7890632B2 (en) | 2008-08-11 | 2011-02-15 | International Business Machines Corporation | Load balancing using replication delay |
US8307422B2 (en) | 2008-08-14 | 2012-11-06 | Juniper Networks, Inc. | Routing device having integrated MPLS-aware firewall |
JP5211987B2 (en) | 2008-09-26 | 2013-06-12 | ブラザー工業株式会社 | Terminal device and time adjustment method thereof |
US7864765B2 (en) | 2008-09-30 | 2011-01-04 | At&T Intellectual Property I, L.P. | Anycast-based internet protocol redirection to alleviate partial routing tables |
US7958247B2 (en) | 2008-10-14 | 2011-06-07 | Hewlett-Packard Development Company, L.P. | HTTP push to simulate server-initiated sessions |
US8266288B2 (en) | 2008-10-23 | 2012-09-11 | International Business Machines Corporation | Dynamic expiration of domain name service entries |
US20100106854A1 (en) | 2008-10-29 | 2010-04-29 | Hostway Corporation | System and method for controlling non-existing domain traffic |
JP2010108409A (en) | 2008-10-31 | 2010-05-13 | Hitachi Ltd | Storage management method and management server |
US8359402B2 (en) | 2008-11-19 | 2013-01-22 | Seachange International, Inc. | Intercept device for providing content |
US9009329B2 (en) * | 2008-11-25 | 2015-04-14 | Microsoft Technology Licensing, Llc | Platform for enabling terminal services virtualization |
US8260926B2 (en) | 2008-11-25 | 2012-09-04 | Citrix Systems, Inc. | Systems and methods for GSLB site persistence |
US8844018B2 (en) | 2008-12-18 | 2014-09-23 | At&T Intellectual Property I, L.P. | Methods and apparatus to enhance security in residential networks |
CN101567818B (en) | 2008-12-25 | 2011-04-20 | 中国人民解放军总参谋部第五十四研究所 | Large-scale network routing simulation method based on hardware |
US9112871B2 (en) | 2009-02-17 | 2015-08-18 | Core Wireless Licensing S.A.R.L | Method and apparatus for providing shared services |
US8364163B2 (en) | 2009-02-23 | 2013-01-29 | Research In Motion Limited | Method, system and apparatus for connecting a plurality of client machines to a plurality of servers |
US20100228819A1 (en) | 2009-03-05 | 2010-09-09 | Yottaa Inc | System and method for performance acceleration, data protection, disaster recovery and on-demand scaling of computer applications |
CN101834777B (en) | 2009-03-11 | 2015-07-29 | 瞻博网络公司 | The HTTP of dialogue-based high-speed cache accelerates |
EP2234333B1 (en) | 2009-03-23 | 2015-07-15 | Corvil Limited | System and method for estimation of round trip times within a tcp based data network |
US8761204B2 (en) | 2010-05-18 | 2014-06-24 | Lsi Corporation | Packet assembly module for multi-core, multi-thread network processors |
US9081742B2 (en) | 2009-04-27 | 2015-07-14 | Intel Corporation | Network communications processor architecture |
US9461930B2 (en) | 2009-04-27 | 2016-10-04 | Intel Corporation | Modifying data streams without reordering in a multi-thread, multi-flow network processor |
US8296434B1 (en) | 2009-05-28 | 2012-10-23 | Amazon Technologies, Inc. | Providing dynamically scaling computing load balancing |
US8259726B2 (en) | 2009-05-28 | 2012-09-04 | Force10 Networks, Inc. | Method and apparatus for forwarding table reduction |
US8266088B2 (en) | 2009-06-09 | 2012-09-11 | Cisco Technology, Inc. | Tracking policy decisions in a network |
US8060579B2 (en) | 2009-06-12 | 2011-11-15 | Yahoo! Inc. | User location dependent DNS lookup |
US8289975B2 (en) | 2009-06-22 | 2012-10-16 | Citrix Systems, Inc. | Systems and methods for handling a multi-connection protocol between a client and server traversing a multi-core system |
US8863111B2 (en) | 2009-06-26 | 2014-10-14 | Oracle International Corporation | System and method for providing a production upgrade of components within a multiprotocol gateway |
US8165019B2 (en) | 2009-07-14 | 2012-04-24 | At&T Intellectual Property I, L.P. | Indirect measurement methodology to infer routing changes using statistics of flow arrival processes |
US9749387B2 (en) | 2009-08-13 | 2017-08-29 | Sap Se | Transparently stateful execution of stateless applications |
US9960967B2 (en) | 2009-10-21 | 2018-05-01 | A10 Networks, Inc. | Determining an application delivery server based on geo-location information |
WO2011049135A1 (en) * | 2009-10-23 | 2011-04-28 | 日本電気株式会社 | Network system, control method thereof, and controller |
JP5378946B2 (en) * | 2009-10-26 | 2013-12-25 | 株式会社日立製作所 | Server management apparatus and server management method |
WO2011066435A2 (en) | 2009-11-25 | 2011-06-03 | Citrix Systems, Inc. | Systems and methods for client ip address insertion via tcp options |
US8190736B2 (en) | 2009-12-16 | 2012-05-29 | Quantum Corporation | Reducing messaging in a client-server system |
US8335853B2 (en) | 2009-12-17 | 2012-12-18 | Sonus Networks, Inc. | Transparent recovery of transport connections using packet translation techniques |
US8255528B2 (en) | 2009-12-23 | 2012-08-28 | Citrix Systems, Inc. | Systems and methods for GSLB spillover |
US8965955B2 (en) * | 2009-12-23 | 2015-02-24 | Citrix Systems, Inc. | Systems and methods for policy based integration to horizontally deployed WAN optimization appliances |
WO2011079381A1 (en) | 2009-12-31 | 2011-07-07 | Bce Inc. | Method and system for increasing performance of transmission control protocol sessions in data networks |
US8789061B2 (en) | 2010-02-01 | 2014-07-22 | Ca, Inc. | System and method for datacenter power management |
US8301786B2 (en) | 2010-02-10 | 2012-10-30 | Cisco Technology, Inc. | Application session control using packet inspection |
US8804513B2 (en) | 2010-02-25 | 2014-08-12 | The Trustees Of Columbia University In The City Of New York | Methods and systems for controlling SIP overload |
US8533337B2 (en) * | 2010-05-06 | 2013-09-10 | Citrix Systems, Inc. | Continuous upgrading of computers in a load balanced environment |
JP5557590B2 (en) | 2010-05-06 | 2014-07-23 | 株式会社日立製作所 | Load balancing apparatus and system |
US8499093B2 (en) | 2010-05-14 | 2013-07-30 | Extreme Networks, Inc. | Methods, systems, and computer readable media for stateless load balancing of network traffic flows |
US20110289496A1 (en) | 2010-05-18 | 2011-11-24 | North End Technologies, Inc. | Method & apparatus for load balancing software update across a plurality of publish/subscribe capable client devices |
US8539068B2 (en) | 2010-06-07 | 2013-09-17 | Salesforce.Com, Inc. | Methods and systems for providing customized domain messages |
US20110307541A1 (en) | 2010-06-10 | 2011-12-15 | Microsoft Corporation | Server load balancing and draining in enhanced communication systems |
US9680750B2 (en) | 2010-07-06 | 2017-06-13 | Nicira, Inc. | Use of tunnels to hide network addresses |
US8743889B2 (en) | 2010-07-06 | 2014-06-03 | Nicira, Inc. | Method and apparatus for using a network information base to control a plurality of shared network infrastructure switching elements |
US9363312B2 (en) | 2010-07-28 | 2016-06-07 | International Business Machines Corporation | Transparent header modification for reducing serving load based on current and projected usage |
US8520672B2 (en) | 2010-07-29 | 2013-08-27 | Cisco Technology, Inc. | Packet switching device using results determined by an application node |
US8675488B1 (en) | 2010-09-07 | 2014-03-18 | Juniper Networks, Inc. | Subscriber-based network traffic management |
US8949410B2 (en) * | 2010-09-10 | 2015-02-03 | Cisco Technology, Inc. | Server load balancer scaling for virtual servers |
US9215275B2 (en) | 2010-09-30 | 2015-12-15 | A10 Networks, Inc. | System and method to balance servers based on server load status |
US20120084460A1 (en) | 2010-10-04 | 2012-04-05 | Openwave Systems Inc. | Method and system for dynamic traffic steering |
US9237194B2 (en) * | 2010-11-05 | 2016-01-12 | Verizon Patent And Licensing Inc. | Load balancer and firewall self-provisioning system |
US8533285B2 (en) * | 2010-12-01 | 2013-09-10 | Cisco Technology, Inc. | Directing data flows in data centers with clustering services |
US9609052B2 (en) | 2010-12-02 | 2017-03-28 | A10 Networks, Inc. | Distributing application traffic to servers based on dynamic service response time |
EP2649858B1 (en) | 2010-12-07 | 2018-09-19 | Telefonaktiebolaget LM Ericsson (publ) | Method for enabling traffic acceleration in a mobile telecommunication network |
US9152293B2 (en) * | 2010-12-09 | 2015-10-06 | Verizon Patent And Licensing Inc. | Server IP addressing in a computing-on-demand system |
US8965957B2 (en) | 2010-12-15 | 2015-02-24 | Sap Se | Service delivery framework |
EP2659651B1 (en) | 2010-12-29 | 2019-10-23 | Citrix Systems Inc. | Systems and methods for policy based integration to horizontally deployed wan optimization appliances |
US8477730B2 (en) | 2011-01-04 | 2013-07-02 | Cisco Technology, Inc. | Distributed load management on network devices |
CN103477611B (en) * | 2011-02-09 | 2016-09-28 | 思杰系统有限公司 | The system and method redirected for N tier cache |
CN102104548B (en) | 2011-03-02 | 2015-06-10 | 中兴通讯股份有限公司 | Method and device for receiving and processing data packets |
US8732267B2 (en) * | 2011-03-15 | 2014-05-20 | Cisco Technology, Inc. | Placement of a cloud service using network topology and infrastructure performance |
US8694993B1 (en) * | 2011-03-31 | 2014-04-08 | Emc Corporation | Virtualization platform for secured communications between a user device and an application server |
KR101246889B1 (en) | 2011-04-15 | 2013-03-25 | 서강대학교산학협력단 | Method and system of controlling data transfer rate for downward vertical handover in overlayed network environment |
KR101528825B1 (en) | 2011-04-18 | 2015-06-15 | 닛본 덴끼 가부시끼가이샤 | Terminal, control device, communication method, communication system, communication module, program, and information processing device |
US8804620B2 (en) | 2011-10-04 | 2014-08-12 | Juniper Networks, Inc. | Methods and apparatus for enforcing a common user policy within a network |
US8885463B1 (en) | 2011-10-17 | 2014-11-11 | Juniper Networks, Inc. | Path computation element communication protocol (PCEP) extensions for stateful label switched path management |
US8897154B2 (en) | 2011-10-24 | 2014-11-25 | A10 Networks, Inc. | Combining stateless and stateful server load balancing |
US8918501B2 (en) | 2011-11-10 | 2014-12-23 | Microsoft Corporation | Pattern-based computational health and configuration monitoring |
EP2749118B1 (en) | 2011-11-23 | 2018-01-10 | Telefonaktiebolaget LM Ericsson (publ) | Improving tcp performance in a cellular network |
US9386088B2 (en) | 2011-11-29 | 2016-07-05 | A10 Networks, Inc. | Accelerating service processing using fast path TCP |
US8880689B2 (en) | 2011-12-22 | 2014-11-04 | Empire Technology Development Llc | Apparatus, mobile terminal, and method to estimate quality of experience of application |
US9094364B2 (en) | 2011-12-23 | 2015-07-28 | A10 Networks, Inc. | Methods to manage services over a service gateway |
US8874790B2 (en) | 2011-12-30 | 2014-10-28 | Verisign, Inc. | DNS package in a partitioned network |
US9380635B2 (en) | 2012-01-09 | 2016-06-28 | Google Technology Holdings LLC | Dynamic TCP layer optimization for real-time field performance |
US8898222B2 (en) | 2012-01-19 | 2014-11-25 | International Business Machines Corporation | Processing STREAMS messages over a system area network |
JP2013152095A (en) | 2012-01-24 | 2013-08-08 | Sony Corp | Time control device, time control method and program |
US10044582B2 (en) | 2012-01-28 | 2018-08-07 | A10 Networks, Inc. | Generating secure name records |
KR101348739B1 (en) | 2012-02-22 | 2014-01-08 | 유대영 | LED Lighting apparatus and LED Lighting system having the same |
US9386128B2 (en) | 2012-03-23 | 2016-07-05 | Qualcomm Incorporated | Delay based active queue management for uplink traffic in user equipment |
US9118618B2 (en) | 2012-03-29 | 2015-08-25 | A10 Networks, Inc. | Hardware-based packet editor |
WO2013158098A1 (en) * | 2012-04-19 | 2013-10-24 | Empire Technology Development Llc | Migration in place |
US9027129B1 (en) | 2012-04-30 | 2015-05-05 | Brocade Communications Systems, Inc. | Techniques for protecting against denial of service attacks |
US9755994B2 (en) | 2012-05-21 | 2017-09-05 | Nvidia Corporation | Mechanism for tracking age of common resource requests within a resource management subsystem |
US8782221B2 (en) | 2012-07-05 | 2014-07-15 | A10 Networks, Inc. | Method to allocate buffer for TCP proxy session based on dynamic network conditions |
US9158577B2 (en) | 2012-08-08 | 2015-10-13 | Amazon Technologies, Inc. | Immediately launching applications |
WO2014031046A1 (en) | 2012-08-23 | 2014-02-27 | Telefonaktiebolaget L M Ericsson (Publ) | Tcp proxy server |
US10021174B2 (en) | 2012-09-25 | 2018-07-10 | A10 Networks, Inc. | Distributing service sessions |
US9843484B2 (en) | 2012-09-25 | 2017-12-12 | A10 Networks, Inc. | Graceful scaling in software driven networks |
US10002141B2 (en) | 2012-09-25 | 2018-06-19 | A10 Networks, Inc. | Distributed database in software driven networks |
US9106561B2 (en) | 2012-12-06 | 2015-08-11 | A10 Networks, Inc. | Configuration of a virtual service network |
US9705800B2 (en) | 2012-09-25 | 2017-07-11 | A10 Networks, Inc. | Load distribution in data networks |
US9338225B2 (en) | 2012-12-06 | 2016-05-10 | A10 Networks, Inc. | Forwarding policies on a virtual service network |
US9531846B2 (en) | 2013-01-23 | 2016-12-27 | A10 Networks, Inc. | Reducing buffer usage for TCP proxy session based on delayed acknowledgement |
US9900252B2 (en) | 2013-03-08 | 2018-02-20 | A10 Networks, Inc. | Application delivery controller and global server load balancer |
US20140258465A1 (en) | 2013-03-11 | 2014-09-11 | Cisco Technology, Inc. | Identification of originating ip address and client port connection to a web server via a proxy server |
WO2014144837A1 (en) | 2013-03-15 | 2014-09-18 | A10 Networks, Inc. | Processing data packets using a policy based network path |
US9148465B2 (en) | 2013-04-01 | 2015-09-29 | Oracle International Corporation | Update management for a distributed computing system |
US10027761B2 (en) | 2013-05-03 | 2018-07-17 | A10 Networks, Inc. | Facilitating a secure 3 party network session by a network device |
WO2014179753A2 (en) | 2013-05-03 | 2014-11-06 | A10 Networks, Inc. | Facilitating secure network traffic by an application delivery controller |
US9225638B2 (en) | 2013-05-09 | 2015-12-29 | Vmware, Inc. | Method and system for service switching using service tags |
US9319476B2 (en) | 2013-05-28 | 2016-04-19 | Verizon Patent And Licensing Inc. | Resilient TCP splicing for proxy services |
US9380646B2 (en) | 2013-09-24 | 2016-06-28 | At&T Intellectual Property I, L.P. | Network selection architecture |
US10230770B2 (en) | 2013-12-02 | 2019-03-12 | A10 Networks, Inc. | Network proxy layer for policy-based application proxies |
US9942152B2 (en) | 2014-03-25 | 2018-04-10 | A10 Networks, Inc. | Forwarding data packets using a service-based forwarding policy |
US9942162B2 (en) | 2014-03-31 | 2018-04-10 | A10 Networks, Inc. | Active application response delay time |
US9917851B2 (en) | 2014-04-28 | 2018-03-13 | Sophos Limited | Intrusion detection using a heartbeat |
US9906422B2 (en) | 2014-05-16 | 2018-02-27 | A10 Networks, Inc. | Distributed system to determine a server's health |
US10129122B2 (en) | 2014-06-03 | 2018-11-13 | A10 Networks, Inc. | User defined objects for network devices |
US9986061B2 (en) | 2014-06-03 | 2018-05-29 | A10 Networks, Inc. | Programming a data network device using user defined scripts |
US20150381465A1 (en) | 2014-06-26 | 2015-12-31 | Microsoft Corporation | Real Time Verification of Cloud Services with Real World Traffic |
US10268467B2 (en) | 2014-11-11 | 2019-04-23 | A10 Networks, Inc. | Policy-driven management of application traffic for providing services to cloud-based applications |
-
2012
- 2012-12-06 US US13/706,363 patent/US9338225B2/en active Active
-
2013
- 2013-11-04 WO PCT/US2013/068345 patent/WO2014088741A1/en active Application Filing
-
2016
- 2016-02-19 US US15/048,290 patent/US9544364B2/en active Active
- 2016-12-29 US US15/394,669 patent/US10341427B2/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7792113B1 (en) * | 2002-10-21 | 2010-09-07 | Cisco Technology, Inc. | Method and system for policy-based forwarding |
US20110110294A1 (en) * | 2009-11-06 | 2011-05-12 | Vamsidhar Valluri | VIRTUAL CARE-OF ADDRESS FOR MOBILE IP (Internet Protocol) |
US7991859B1 (en) * | 2009-12-28 | 2011-08-02 | Amazon Technologies, Inc. | Using virtual networking devices to connect managed computer networks |
US8224971B1 (en) * | 2009-12-28 | 2012-07-17 | Amazon Technologies, Inc. | Using virtual networking devices and routing information to initiate external actions |
Cited By (61)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
USRE47296E1 (en) | 2006-02-21 | 2019-03-12 | A10 Networks, Inc. | System and method for an adaptive TCP SYN cookie with time validation |
US9497201B2 (en) | 2006-10-17 | 2016-11-15 | A10 Networks, Inc. | Applying security policy to an application session |
US10305859B2 (en) | 2006-10-17 | 2019-05-28 | A10 Networks, Inc. | Applying security policy to an application session |
US9219751B1 (en) | 2006-10-17 | 2015-12-22 | A10 Networks, Inc. | System and method to apply forwarding policy to an application session |
US9253152B1 (en) | 2006-10-17 | 2016-02-02 | A10 Networks, Inc. | Applying a packet routing policy to an application session |
US9270705B1 (en) | 2006-10-17 | 2016-02-23 | A10 Networks, Inc. | Applying security policy to an application session |
US9954899B2 (en) | 2006-10-17 | 2018-04-24 | A10 Networks, Inc. | Applying a network traffic policy to an application session |
US9661026B2 (en) | 2006-10-17 | 2017-05-23 | A10 Networks, Inc. | Applying security policy to an application session |
US10735267B2 (en) | 2009-10-21 | 2020-08-04 | A10 Networks, Inc. | Determining an application delivery server based on geo-location information |
US9960967B2 (en) | 2009-10-21 | 2018-05-01 | A10 Networks, Inc. | Determining an application delivery server based on geo-location information |
US10447775B2 (en) | 2010-09-30 | 2019-10-15 | A10 Networks, Inc. | System and method to balance servers based on server load status |
US9215275B2 (en) | 2010-09-30 | 2015-12-15 | A10 Networks, Inc. | System and method to balance servers based on server load status |
US9961135B2 (en) | 2010-09-30 | 2018-05-01 | A10 Networks, Inc. | System and method to balance servers based on server load status |
US9961136B2 (en) | 2010-12-02 | 2018-05-01 | A10 Networks, Inc. | Distributing application traffic to servers based on dynamic service response time |
US9609052B2 (en) | 2010-12-02 | 2017-03-28 | A10 Networks, Inc. | Distributing application traffic to servers based on dynamic service response time |
US10178165B2 (en) | 2010-12-02 | 2019-01-08 | A10 Networks, Inc. | Distributing application traffic to servers based on dynamic service response time |
US9906591B2 (en) | 2011-10-24 | 2018-02-27 | A10 Networks, Inc. | Combining stateless and stateful server load balancing |
US10484465B2 (en) | 2011-10-24 | 2019-11-19 | A10 Networks, Inc. | Combining stateless and stateful server load balancing |
US8897154B2 (en) | 2011-10-24 | 2014-11-25 | A10 Networks, Inc. | Combining stateless and stateful server load balancing |
US9270774B2 (en) | 2011-10-24 | 2016-02-23 | A10 Networks, Inc. | Combining stateless and stateful server load balancing |
US9386088B2 (en) | 2011-11-29 | 2016-07-05 | A10 Networks, Inc. | Accelerating service processing using fast path TCP |
US9094364B2 (en) | 2011-12-23 | 2015-07-28 | A10 Networks, Inc. | Methods to manage services over a service gateway |
US9979801B2 (en) | 2011-12-23 | 2018-05-22 | A10 Networks, Inc. | Methods to manage services over a service gateway |
US10044582B2 (en) | 2012-01-28 | 2018-08-07 | A10 Networks, Inc. | Generating secure name records |
US10069946B2 (en) | 2012-03-29 | 2018-09-04 | A10 Networks, Inc. | Hardware-based packet editor |
US9742879B2 (en) | 2012-03-29 | 2017-08-22 | A10 Networks, Inc. | Hardware-based packet editor |
US9154584B1 (en) | 2012-07-05 | 2015-10-06 | A10 Networks, Inc. | Allocating buffer for TCP proxy session based on dynamic network conditions |
US8977749B1 (en) | 2012-07-05 | 2015-03-10 | A10 Networks, Inc. | Allocating buffer for TCP proxy session based on dynamic network conditions |
US9602442B2 (en) | 2012-07-05 | 2017-03-21 | A10 Networks, Inc. | Allocating buffer for TCP proxy session based on dynamic network conditions |
US10021174B2 (en) | 2012-09-25 | 2018-07-10 | A10 Networks, Inc. | Distributing service sessions |
US10491523B2 (en) | 2012-09-25 | 2019-11-26 | A10 Networks, Inc. | Load distribution in data networks |
US10002141B2 (en) | 2012-09-25 | 2018-06-19 | A10 Networks, Inc. | Distributed database in software driven networks |
US10516577B2 (en) | 2012-09-25 | 2019-12-24 | A10 Networks, Inc. | Graceful scaling in software driven networks |
US9705800B2 (en) | 2012-09-25 | 2017-07-11 | A10 Networks, Inc. | Load distribution in data networks |
US9843484B2 (en) | 2012-09-25 | 2017-12-12 | A10 Networks, Inc. | Graceful scaling in software driven networks |
US10862955B2 (en) | 2012-09-25 | 2020-12-08 | A10 Networks, Inc. | Distributing service sessions |
US9544364B2 (en) | 2012-12-06 | 2017-01-10 | A10 Networks, Inc. | Forwarding policies on a virtual service network |
US9338225B2 (en) | 2012-12-06 | 2016-05-10 | A10 Networks, Inc. | Forwarding policies on a virtual service network |
US10341427B2 (en) | 2012-12-06 | 2019-07-02 | A10 Networks, Inc. | Forwarding policies on a virtual service network |
US9531846B2 (en) | 2013-01-23 | 2016-12-27 | A10 Networks, Inc. | Reducing buffer usage for TCP proxy session based on delayed acknowledgement |
US9900252B2 (en) | 2013-03-08 | 2018-02-20 | A10 Networks, Inc. | Application delivery controller and global server load balancer |
US11005762B2 (en) | 2013-03-08 | 2021-05-11 | A10 Networks, Inc. | Application delivery controller and global server load balancer |
US9992107B2 (en) | 2013-03-15 | 2018-06-05 | A10 Networks, Inc. | Processing data packets using a policy based network path |
US10659354B2 (en) | 2013-03-15 | 2020-05-19 | A10 Networks, Inc. | Processing data packets using a policy based network path |
US10038693B2 (en) | 2013-05-03 | 2018-07-31 | A10 Networks, Inc. | Facilitating secure network traffic by an application delivery controller |
US10305904B2 (en) | 2013-05-03 | 2019-05-28 | A10 Networks, Inc. | Facilitating secure network traffic by an application delivery controller |
US10027761B2 (en) | 2013-05-03 | 2018-07-17 | A10 Networks, Inc. | Facilitating a secure 3 party network session by a network device |
US10230770B2 (en) | 2013-12-02 | 2019-03-12 | A10 Networks, Inc. | Network proxy layer for policy-based application proxies |
US9942152B2 (en) | 2014-03-25 | 2018-04-10 | A10 Networks, Inc. | Forwarding data packets using a service-based forwarding policy |
US10257101B2 (en) | 2014-03-31 | 2019-04-09 | A10 Networks, Inc. | Active application response delay time |
US9942162B2 (en) | 2014-03-31 | 2018-04-10 | A10 Networks, Inc. | Active application response delay time |
US10686683B2 (en) | 2014-05-16 | 2020-06-16 | A10 Networks, Inc. | Distributed system to determine a server's health |
US9906422B2 (en) | 2014-05-16 | 2018-02-27 | A10 Networks, Inc. | Distributed system to determine a server's health |
US10129122B2 (en) | 2014-06-03 | 2018-11-13 | A10 Networks, Inc. | User defined objects for network devices |
US9992229B2 (en) | 2014-06-03 | 2018-06-05 | A10 Networks, Inc. | Programming a data network device using user defined scripts with licenses |
US9986061B2 (en) | 2014-06-03 | 2018-05-29 | A10 Networks, Inc. | Programming a data network device using user defined scripts |
US10749904B2 (en) | 2014-06-03 | 2020-08-18 | A10 Networks, Inc. | Programming a data network device using user defined scripts with licenses |
US10880400B2 (en) | 2014-06-03 | 2020-12-29 | A10 Networks, Inc. | Programming a data network device using user defined scripts |
US10268467B2 (en) | 2014-11-11 | 2019-04-23 | A10 Networks, Inc. | Policy-driven management of application traffic for providing services to cloud-based applications |
US10581976B2 (en) | 2015-08-12 | 2020-03-03 | A10 Networks, Inc. | Transmission control of protocol state exchange for dynamic stateful service insertion |
US10243791B2 (en) | 2015-08-13 | 2019-03-26 | A10 Networks, Inc. | Automated adjustment of subscriber policies |
Also Published As
Publication number | Publication date |
---|---|
US9544364B2 (en) | 2017-01-10 |
US10341427B2 (en) | 2019-07-02 |
US20160173579A1 (en) | 2016-06-16 |
US20140164617A1 (en) | 2014-06-12 |
US9338225B2 (en) | 2016-05-10 |
US20170111441A1 (en) | 2017-04-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10341427B2 (en) | Forwarding policies on a virtual service network | |
US10694005B2 (en) | Hardware-based packet forwarding for the transport layer | |
US10484465B2 (en) | Combining stateless and stateful server load balancing | |
US9106561B2 (en) | Configuration of a virtual service network | |
JP7125788B2 (en) | System and method for communicating between secure and unsecure devices using proxies | |
US9602591B2 (en) | Managing TCP anycast requests | |
US8549146B2 (en) | Stateless forwarding of load balanced packets | |
EP3186930B1 (en) | Relay optimization using software defined networking | |
US20160380966A1 (en) | Media Relay Server | |
US10412159B1 (en) | Direct load balancing using a multipath protocol | |
US20070214265A1 (en) | Scalable captive portal redirect | |
US11171809B2 (en) | Identity-based virtual private network tunneling | |
US20080069116A1 (en) | Network architecture with a light-weight TCP stack | |
US20240015099A1 (en) | Network traffic routing in an sd-wan |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 13859928 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 13859928 Country of ref document: EP Kind code of ref document: A1 |