What technology area does this patent fall under?

Primary CPC classification H04L67/1001. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Apr 05 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Tunnel-enabled elastic service model

US11296930B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11296930-B2
Application number	US-201514841649-A
Country	US
Kind code	B2
Filing date	Aug 31, 2015
Priority date	Sep 30, 2014
Publication date	Apr 5, 2022
Grant date	Apr 5, 2022

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Some embodiments provide novel inline switches that distribute data messages from source compute nodes (SCNs) to different groups of destination service compute nodes (DSCNs). In some embodiments, the inline switches are deployed in the source compute nodes datapaths (e.g., egress datapath). The inline switches in some embodiments are service switches that (1) receive data messages from the SCNs, (2) identify service nodes in a service-node cluster for processing the data messages based on service policies that the switches implement, and (3) use tunnels to send the received data messages to their identified service nodes. Alternatively, or conjunctively, the inline service switches of some embodiments (1) identify service-nodes cluster for processing the data messages based on service policies that the switches implement, and (2) use tunnels to send the received data messages to the identified service-node clusters. The service-node clusters can perform the same service or can perform different services in some embodiments. This tunnel-based approach for distributing data messages to service nodes/clusters is advantageous for seamlessly implementing in a datacenter a cloud-based XaaS model (where XaaS stands for X as a service, and X stands for anything), in which any number of services are provided by service providers in the cloud.

First claim

Opening claim text (preview).

The invention claimed is: 1. A non-transitory machine readable medium storing a program for performing a service on data messages associated with a source compute node (SCN) executing on a host computer in a datacenter, the program for execution by at least one processing unit of the host computer, the program comprising sets of instructions for: receiving a data message, associated with the SCN, on which a middlebox service operation has to be performed; identifying a primary service node (PSN) in a service node (SN) group outside the datacenter, the SN group comprising a plurality of SNs that execute on a set of devices outside the datacenter to perform the middlebox service operation; and sending the data message to the identified PSN, along a tunnel connected to the PSN, for the PSN to analyze in order for the PSN to identify a particular SN of the SN group to perform the middlebox service operation on the data message, wherein: when the PSN identifies the PSN as the SN to perform the middlebox service operation, the PSN performs the middlebox service operation on the data message; when the PSN identifies a particular secondary service node (SSN) as the SN to perform the middlebox service operation, the PSN forwards the data message to the particular SSN in order for the particular SSN to perform the middlebox service operation on the data message; and to process an increasing data message load, the PSN dynamically adds an SSN to the SN group to elastically grow the SN group size. 2. The non-transitory machine readable medium of claim 1 , wherein the PSN forwards data messages to SSNs in order to distribute the load for performing the middlebox service operation on different data message flows to different SNs. 3. The non-transitory machine readable medium of claim 1 , wherein the PSN dynamically adds the SSN when the data message load on at least one SN exceeds a threshold value. 4. The non-transitory machine readable medium of claim 1 , wherein the PSN redirects the data message to the particular SSN through an L3 or L4 network address translation. 5. The non-transitory machine readable medium of claim 1 , wherein the PSN redirects the data message to the particular SSN through a media access control (MAC) address redirection operation. 6. The non-transitory machine readable medium of claim 1 , wherein the tunnel connects the host computer with the PSN. 7. The non-transitory machine readable medium of claim 1 , wherein the data message is associated with a data message flow; and the set of instructions for sending the data message along the tunnel comprises a set of instructions for using a unique tunnel key for the data message flow, because the tunnel is used to send other data message flows with other tunnel keys to the PSN. 8. The machine readable medium of claim 7 , wherein: the host computer executes a plurality of other SCNs and a software forwarding element; the tunnel is for use by at least two SCNs executing on the host to send data messages to the PSN; the PSN uses the tunnel key in a reply data message that the PSN sends back; and the program further comprises a set of instructions for using the tunnel key to associate the reply data message to the data message sent to the PSN. 9. The non-transitory machine readable medium of claim 1 , wherein the program further comprises a set of instructions for determining that the middlebox service operation has to be performed on the data message by identifying a service rule in a service rule storage that has a rule identifier that matches a set of header parameters of the data message, the identified service rule identifying the PSN. 10. The non-transitory machine readable medium of claim 1 , wherein the program further comprises a set of instructions for determining that the middlebox service operation has to be performed on the data message by identifying a service rule in a service rule storage that has a rule identifier that matches a set of header parameters of the data message, the identified service rule identifying the tunnel. 11. The non-transitory machine readable medium of claim 10 , wherein the header parameter set of the data message and the matching rule identifier includes a virtual IP (Internet Protocol) address (VIP), the service rule storage storing at least one service rule associated with a set of one or more middlebox service operations associated with the VIP. 12. The non-transitory machine readable medium of claim 10 , wherein the header parameter set of the data message and the matching rule identifier includes one or more L3 (Layer 3) or L4 (Layer 4) packet header values, wherein at least two rule identifiers of two rules are defined by two different sets of L3/L4 parameters. 13. The non-transitory machine readable medium of claim 1 , wherein the received data message associated with the SCN is a data message originating at the SCN. 14. A non-transitory machine readable medium storing a program for performing a service on data messages associated with a source compute node (SCN) executing on a host computer in a datacenter, the program for execution by at least one processing unit of the host computer, the program comprising sets of instructions for: receiving a data message, associated with the SCN, on which a middlebox service operation has to be performed; identifying a primary service node (PSN) in a service node (SN) group outside the datacenter, the SN group comprising a plurality of SNs that execute on a set of devices outside the datacenter to perform the middlebox service operation; and sending the data message to the identified PSN, along a tunnel connected to the PSN, for the PSN to analyze in order for the PSN to identify a particular SN of the SN group to perform the middlebox service operation on the data message, wherein: when the PSN identifies the PSN as the SN to perform the middlebox service operation, the PSN performs the middlebox service operation on the data message; when the PSN identifies a particular secondary service node (SSN) as the SN to perform the middlebox service operation, the PSN forwards the data message to the particular SSN in order for the particular SSN to perform the middlebox service operation on the data message; and in response to a decreasing data message load, the PSN dynamically removes an SSN from the SN group to elastically reduce the SN group size. 15. The non-transitory machine readable medium of claim 14 , wherein the PSN dynamically removes the SSN from the SN group when the data message load on the SN group falls below a threshold value. 16. The non-transitory machine readable medium of claim 14 , wherein the PSN dynamically removes the SSN from the SN group when the data message load on the SN group falls below a threshold value for a duration of time. 17. A non-transitory machine readable medium storing a program for performing a service on data messages associated with a source compute node (SCN) executing on a host computer in a datacenter, the program for execution by at least one processing unit of the host computer, the program comprising sets of instructions for: receiving a first data message, associated with the SCN, on which a first middlebox service operation has to be performed; identifying a first primary service node (PSN) in a first service node (SN) group outside the datacenter, the SN group comprising a first plurality of SNs that execute on a first set of devices outside the datacenter to perform the first middlebox service operation; sending the first data message to the identified first PSN, along a tun

Assignees

Nicira Inc

Inventors

Classifications

H04L67/63
Routing a service request depending on the request content or context · CPC title
H04L67/1001Primary
for accessing one among a plurality of replicated servers · CPC title
H04W76/12
Setup of transport tunnels · CPC title
H04L67/51
Discovery or management thereof, e.g. service location protocol [SLP] or web services · CPC title
H04L67/10
in which an application is distributed across nodes in the network (software deployment G06F8/60; multiprogramming arrangements G06F9/46) · CPC title

Patent family

Related publications grouped by family.

View patent family 55585627

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11296930B2 cover?: Some embodiments provide novel inline switches that distribute data messages from source compute nodes (SCNs) to different groups of destination service compute nodes (DSCNs). In some embodiments, the inline switches are deployed in the source compute nodes datapaths (e.g., egress datapath). The inline switches in some embodiments are service switches that (1) receive data messages from the SCN…
Who is the assignee on this patent?: Nicira Inc
What technology area does this patent fall under?: Primary CPC classification H04L67/1001. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Apr 05 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).