What technology area does this patent fall under?

Primary CPC classification H04L61/256. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Mar 19 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Port and loopback IP addresses allocation scheme for full-mesh communications with transparent TLS tunnels

US11936613B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11936613-B2
Application number	US-202117371490-A
Country	US
Kind code	B2
Filing date	Jul 9, 2021
Priority date	Apr 11, 2018
Publication date	Mar 19, 2024
Grant date	Mar 19, 2024

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

The method for a virtual machine to use a port and loopback IP addresses allocation scheme for full-mesh communications with transparent transport layer security tunnels is presented. In an embodiment, the method comprises detecting, at a redirect agent implemented in a first machine, a packet that is sent from a client application executing on the first machine toward a server application executing on a second machine; and determining, by the redirect agent, whether a first redirect rule matches the packet. In response to determining that the first redirect rule matches the packet, the redirect agent applies the first redirect rule to the packet to translate the packet into a translated packet, and provides the translated packet to a client agent implemented in the first machine to cause the client agent to transmit the translated packet to a server agent implemented in the second machine.

First claim

Opening claim text (preview).

What is claimed is: 1. A method comprising: detecting, by a restore agent implemented in a second machine, a packet that is sent from a client application, executing on a first machine, toward a server application executing on the second machine; determining whether a first restore rule matches the packet; wherein the first restore rule specifies modifications to one or more loopback IP addresses in a header of the packet; in response to determining that the first restore rule matches the packet, applying the first restore rule to the packet to translate the packet into a translated packet by at least replacing a first loopback IP address of the second machine with a source IP address of the first machine or a destination IP address of the second machine; and providing the translated packet to a client agent implemented in the first machine to cause the client agent to transmit the translated packet to a server agent implemented in the second machine. 2. The method of claim 1 , wherein, upon detecting the translated packet, the client agent implemented in the first machine: determines whether the translated packet is a request to establish a communications connection between the client application executing on the first machine and the server application executing on the second machine. 3. The method of claim 1 , wherein upon receiving the translated packet, the server agent encrypts the translated packet, and transmits the encrypted translated packet, via a secure connection, to the client agent implemented in the first machine. 4. The method of claim 3 , wherein, upon receiving the encrypted translated packet, the client agent decrypts the encrypted translated packet, and provides the decrypted translated packet to the restore agent. 5. The method of claim 4 , wherein, upon detecting the translated packet, the restore agent restores the decrypted translated packet, and provides the restored translated packet to the client application executing on the first machine. 6. The method of claim 5 , wherein restoring the translated packet enables the translated packet to appear that the translated packet came from the second machine. 7. The method of claim 5 , wherein, upon detecting the decrypted translated data packet, the restore agent: determines whether a second restore rule matches the decrypted response data packet; and in response to determining that the second restore rule matches the decrypted translated packet, the restore agent applies the second restore rule to the decrypted translated packet to translate the decrypted response data packet into a restored response data packet, and provides the restored response data packet to the client application executing on the first machine. 8. One or more non-transitory computer-readable storage media storing one or more computer instructions which, when executed by one or more processors, cause the one or more processors to perform: detecting, a packet that is sent from a client application, executing on a first machine, toward a server application executing on a second machine; determining whether a first restore rule matches the packet; wherein the first restore rule specifies modifications to one or more loopback IP addresses in a header of the packet; in response to determining that the first restore rule matches the packet, applying the first restore rule to the packet to translate the packet into a translated packet by at least replacing a first loopback IP address of the second machine with a source IP address of the first machine or a destination IP address of the second machine; and providing the translated packet to a client agent implemented in the first machine to cause the client agent to transmit the translated packet to a server agent implemented in the second machine. 9. The one or more non-transitory computer-readable storage media of claim 8 , wherein, upon detecting the translated packet: determining whether the translated packet is a request to establish a communications connection between the client application executing on the first machine and the server application executing on the second machine. 10. The one or more non-transitory computer-readable storage media of claim 8 , wherein upon receiving the translated packet, the server agent encrypts the translated packet, and transmits the encrypted translated packet, via a secure connection, to the client agent implemented in the first machine. 11. The one or more non-transitory computer-readable storage media of claim 10 , wherein, upon receiving the encrypted translated packet, the client agent decrypts the encrypted translated packet, and provides the decrypted translated packet to the restore agent. 12. The one or more non-transitory computer-readable storage media of claim 11 , wherein, upon detecting the translated packet, the restore agent restores the decrypted translated packet, and provides the restored translated packet to the client application executing on the first machine. 13. The one or more non-transitory computer-readable storage media of claim 12 , wherein restoring the translated packet enables the translated packet to appear that the translated packet came from the second machine. 14. The one or more non-transitory computer-readable storage media of claim 12 , wherein, upon detecting the decrypted translated data packet: determining whether a second restore rule matches the decrypted response data packet; and in response to determining that the second restore rule matches the decrypted translated packet: applying the second restore rule to the decrypted translated packet to translate the decrypted response data packet into a restored response data packet; and providing the restored response data packet to the client application executing on the first machine. 15. A virtual machine implemented in a host computer, the virtual machine comprising: one or more processors; one or more memory units; and one or more non-transitory computer-readable storage media storing one or more computer instructions which, when executed by the one or more processors, cause the one or more processors to perform: detecting a packet that is sent from a client application executing on a first machine toward a server application executing on a second machine; determining whether a first restore rule matches the packet; wherein the first restore rule specifies modifications to one or more loopback IP addresses in a header of the packet; in response to determining that the first restore rule matches the packet, applying the first restore rule to the packet to translate the packet into a translated packet by at least replacing a first loopback IP address of the second machine with a source IP address of the first machine or a destination IP address of the second machine; and providing the translated packet to a client agent implemented in the first machine to cause the client agent to transmit the translated packet to a server agent implemented in the second machine. 16. The virtual machine of claim 15 , wherein, upon detecting the translated packet, the client agent implemented in the second machine: determines whether the translated packet is a request to establish a communications connection between the client application executing on the first machine and the server application executing on the first machine. 17. The virtual machine of claim 15 , wherein upon receiving the translated packet, the server agent encrypts the translated packet, and transmits the encrypted translated packet, via a secure connection, to the client agent

Assignees

Vmware Inc

Inventors

Classifications

H04L61/256Primary
NAT traversal · CPC title
G06F9/45558
Hypervisor-specific management and integration aspects · CPC title
H04L9/0861
Generation of secret information including derivation or calculation of cryptographic keys or passwords · CPC title
H04L12/4633
Interconnection of networks using encapsulation techniques, e.g. tunneling · CPC title
H04L61/2557
Translation policies or rules · CPC title

Patent family

Related publications grouped by family.

View patent family 68162337

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11936613B2 cover?: The method for a virtual machine to use a port and loopback IP addresses allocation scheme for full-mesh communications with transparent transport layer security tunnels is presented. In an embodiment, the method comprises detecting, at a redirect agent implemented in a first machine, a packet that is sent from a client application executing on the first machine toward a server application exec…
Who is the assignee on this patent?: Vmware Inc
What technology area does this patent fall under?: Primary CPC classification H04L61/256. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Mar 19 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).