Methods and Apparatus for Detecting and Handling Split Brain Issues in a Link Aggregation Group
US-2015172121-A1 · Jun 18, 2015 · US
Creating virtual networks spanning multiple public clouds
US11005684B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11005684-B2 |
| Application number | US-201815972083-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 4, 2018 |
| Priority date | Oct 2, 2017 |
| Publication date | May 11, 2021 |
| Grant date | May 11, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Some embodiments establish for an entity a virtual network over several public clouds of several public cloud providers and/or in several regions. In some embodiments, the virtual network is an overlay network that spans across several public clouds to interconnect one or more private networks (e.g., networks within branches, divisions, departments of the entity or their associated datacenters), mobile users, and SaaS (Software as a Service) provider machines, and other web applications of the entity. The virtual network in some embodiments can be configured to optimize the routing of the entity's data messages to their destinations for best end-to-end performance, reliability and security, while trying to minimize the routing of this traffic through the Internet. Also, the virtual network in some embodiments can be configured to optimize the layer 4 processing of the data message flows passing through the network.
First claim
Opening claim text (preview).
We claim: 1. A method of establishing a virtual network over a plurality of public cloud datacenters for a first entity, the method comprising: receiving data from the first entity identifying a set of locations of machines of the first entity outside of the public cloud datacenters to connect; configuring a set of forwarding elements, executing on a set of virtual machines that execute on a set of host computers, in first and second multi-tenant public cloud datacenters to implement a first virtual overlay wide area network (WAN) for the first entity, said first virtual overlay WAN (i) connecting each forwarding element to at least one other forwarding element through an overlay tunnel and (ii) spanning the first and second multi-tenant public cloud datacenters to connect the first entity's locations identified in the data received from the first entity, each of a plurality of the first entity's locations comprising a plurality of machines, wherein at least one of the forwarding elements in the set of forwarding elements is configured to establish a second virtual overlay WAN to connect a set of machines of a second entity outside of the public cloud datacenters; and forwarding, through the first virtual overlay WAN, data messages between machines of the first entity that reside outside of the first and second multi-tenant public cloud datacenters, said forwarding using a tenant identifier identifying the first entity as a tenant that uses the set of forwarding elements that implement the first virtual overlay WAN over the first and second multi-tenant public cloud datacenters, wherein each of the first and second multi-tenant public cloud datacenters comprises host computers executing machines of a plurality of tenants of the public cloud datacenter. 2. The method of claim 1 , wherein the set of machine locations of the first entity includes two or more office locations. 3. The method of claim 2 , wherein the set of machine locations of the first entity further includes at least one datacenter location. 4. The method of claim 3 , wherein the set of machine locations of the first entity further includes remote device locations. 5. The method of claim 1 , wherein the set of machine locations of the first entity includes an office location and a datacenter location. 6. The method of claim 5 , wherein the set of machine locations of the first entity further includes a location comprising a plurality of machines of a SaaS (Software as a Service) provider. 7. The method of claim 1 , wherein the machines include at least one of virtual machines, containers, or standalone computers. 8. The method of claim 1 , wherein: configuring the set of forwarding elements comprises configuring the set of forwarding elements to use a set of overlay virtual WAN headers to encapsulate data messages exchanged between the first entity machines in different machine locations; and the set of overlay virtual WAN headers storing the tenant identifier identifying the first entity. 9. The method of claim 1 further comprising: using a set of one or more controllers of a virtual network provider to deploy forwarding elements in the first and second multi-tenant public cloud datacenters; and wherein the configuring of the set of forwarding elements comprises using the set of one or more controllers of the virtual network provider to configure the set of forwarding elements with next-hop forwarding rules that establish the overlay WAN, the virtual network provider deploying different virtual WANs for different entities over public cloud datacenters of different public cloud providers and in different regions. 10. The method of claim 1 , wherein the set of forwarding elements comprises a plurality of software forwarding elements executing on virtual machines. 11. The method of claim 1 , wherein at least a subset of virtual machines on which the plurality of software forwarding elements execute on host computers along with other machines. 12. A non-transitory machine readable medium storing a program for establishing virtual networks over a plurality of public cloud datacenters, the program for execution by at least one hardware processing unit, the program comprising sets of instructions for: receiving data from the first entity identifying a set of locations of machines of the first entity outside of the public cloud datacenters to connect; configuring a set of forwarding elements, executing on a set of virtual machines that execute on a set of host computers, in first and second multi-tenant public cloud datacenters to implement a first virtual overlay wide area network (WAN) for the first entity, said first virtual overlay WAN (i) connecting each forwarding element to at least one other forwarding element through an overlay tunnel and (ii) spanning the first and second multi-tenant public cloud datacenters to connect the first entity's locations identified in the data received from the first entity, each of a plurality of the first entity's locations comprising a plurality of machines, wherein at least one of the forwarding elements in the set of forwarding elements is configured to establish a second virtual overlay WAN to connect a set of machines of a second entity outside of the public cloud datacenters; and forwarding, through the first virtual overlay WAN, data messages between machines of the first entity that reside outside of the first and second multi-tenant public cloud datacenters, said forwarding using a tenant identifier identifying the first entity as a tenant that uses the set of forwarding elements that implement the first virtual overlay WAN over the first and second multi-tenant public cloud datacenters, wherein each of the first and second multi-tenant public cloud datacenters comprises host computers executing machines of a plurality of tenants of the public cloud datacenter. 13. The non-transitory machine readable medium of claim 12 , wherein the set of machine locations of the first entity includes at least one office location, one datacenter location and a plurality of remote user locations. 14. The non-transitory machine readable medium of claim 13 , wherein the set of machine locations of the first entity further includes a location comprising a plurality of machines of a SaaS (Software as a Service) provider.
Assignees
Inventors
Classifications
for resellers, retailers or service providers · CPC title
Peer-to-peer [P2P] networks · CPC title
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
Firewall traversal, e.g. tunnelling or, creating pinholes · CPC title
Proxies · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11005684B2 cover?
- Some embodiments establish for an entity a virtual network over several public clouds of several public cloud providers and/or in several regions. In some embodiments, the virtual network is an overlay network that spans across several public clouds to interconnect one or more private networks (e.g., networks within branches, divisions, departments of the entity or their associated datacenters)…
- Who is the assignee on this patent?
- Vmware Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0263. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue May 11 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).