Configure interconnections between networks hosted in datacenters
US-9306949-B1 · Apr 5, 2016 · US
Overlay network encapsulation to forward data message flows through multiple public cloud datacenters
US2019104049A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2019104049-A1 |
| Application number | US-201815972086-A |
| Country | US |
| Kind code | A1 |
| Filing date | May 4, 2018 |
| Priority date | Oct 2, 2017 |
| Publication date | Apr 4, 2019 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Some embodiments establish for an entity a virtual network over several public clouds of several public cloud providers and/or in several regions. In some embodiments, the virtual network is an overlay network that spans across several public clouds to interconnect one or more private networks (e.g., networks within branches, divisions, departments of the entity or their associated datacenters), mobile users, and SaaS (Software as a Service) provider machines, and other web applications of the entity. The virtual network in some embodiments can be configured to optimize the routing of the entity's data messages to their destinations for best end-to-end performance, reliability and security, while trying to minimize the routing of this traffic through the Internet. Also, the virtual network in some embodiments can be configured to optimize the layer 4 processing of the data message flows passing through the network.
First claim
Opening claim text (preview).
We claim: 1 . A method of forwarding data message flows through at least two public cloud datacenters of at least two different public cloud providers, the method comprising: at an ingress forwarding element in a first public cloud datacenter, receiving, from a first external machine outside of the public cloud datacenters, a data message addressed to a second external machine outside of the public cloud datacenters, said second external machine reachable through an egress forwarding element that is in a second public cloud datacenter; encapsulating the data message with a first header that includes network addresses for the ingress and egress forwarding elements as source and destination addresses; and encapsulating the data message with a second header that specifies source and destination network addresses as the network address of the ingress forwarding element and a network address of a next hop forwarding element that is in a public cloud datacenter and that is a next hop on a path to the egress forwarding element. 2 . The method of claim 1 , wherein the next hop forwarding element is in a third public cloud datacenter. 3 . The method of claim 2 , wherein the first, second and third public cloud datacenters belong to three different public cloud providers. 4 . The method of claim 2 , wherein the first and second public cloud datacenter belong to a first public cloud provider, while the third public cloud datacenter belongs to a different, second public cloud provider. 5 . The method of claim 2 , wherein the first and second public cloud datacenters belong to two different public cloud providers, while the third public cloud datacenter belongs to the public cloud provider of the first public cloud datacenter or the second public cloud datacenter. 6 . The method of claim 2 , wherein the next hop forwarding element is a first next hop forwarding element, and the first next hop forwarding element identifies a second next hop forwarding element along the path as a next hop for the data message and in the second header specifies source and destination network addresses as the network addresses of the first next hop forwarding element and the second next hop forwarding element. 7 . The method of claim 6 , wherein the second next hop forwarding element is the egress forwarding element. 8 . The method of claim 7 , wherein after receiving the encapsulated data message, the egress forwarding element determines from the destination network address in the first header that the encapsulated data message is addressed to the egress forwarding element, removes the first and second headers from the data message, and forwards the data message to the second external machine. 9 . The method of claim 6 , wherein the second next hop forwarding element is a fourth forwarding element that is different than the second forwarding element. 10 . The method of claim 1 , wherein the next hop forwarding element is the second forwarding element. 11 . The method of claim 1 further comprising: processing at the ingress and egress forwarding elements data messages belonging to different tenants of a virtual network provider that defines different virtual networks over public cloud datacenters for the different tenants; in the encapsulating first header of the received message, storing a tenant identifier that identifies the tenant associated with the first and second external machines. 12 . The method of claim 11 , wherein the encapsulation of the data message with the first and second headers defines, for the first tenant, an overlay virtual network that spans a group of networks of a group public cloud datacenters including the first and second public cloud datacenters. 13 . The method of claim 12 , wherein the tenants are corporations and the virtual networks are corporate wide area networks (WANs). 14 . The method of claim 1 , wherein the first external machine is one of a machine in a first branch office, a machine in a private first datacenter, or a remote machine, and the second external machine is a machine in a second branch office or a machine in a private second datacenter. 15 . A system for establishing a virtual network for an entity, the system comprising: a first set of forwarding elements in a first multi-tenant public cloud operated by a first public cloud provider; and a second set of forwarding elements in a second multi-tenant public cloud operated by a second public cloud provider different than the first public cloud provider; said first and second sets of forwarding elements establishing first and second overlay virtual networks for first and second tenants of a virtual network provider with each overlay virtual network spanning both first and second multi-tenant public clouds, each overlay virtual network established by encapsulating each data message with first and second headers, the first header identifying ingress/egress interfaces in the virtual network for the data message, and the second header identifying a next hop in the overlay network for the data message. 16 . The system of claim 15 , wherein the next hop forwarding element is in a third public cloud datacenter. 17 . The system of claim 16 , wherein the first, second and third public cloud datacenters belong to three different public cloud providers. 18 . The system of claim 16 , wherein the first and second public cloud datacenter belong to a first public cloud provider, while the third public cloud datacenter belongs to a different, second public cloud provider. 19 . The system of claim 16 , wherein the first and second public cloud datacenters belong to two different public cloud providers, while the third public cloud datacenter belongs to the public cloud provider of the first public cloud datacenter or the second public cloud datacenter. 20 . The system of claim 16 , wherein the next hop forwarding element is a first next hop forwarding element, and the first next hop forwarding element identifies a second next hop forwarding element along the path as a next hop for the data message and in the second header specifies source and destination network addresses as the network addresses of the first next hop forwarding element and the second next hop forwarding element.
Assignees
Inventors
Classifications
Point-to-point connection between the data network and the subscribers (encapsulation H04L12/4633; virtual LANs H04L12/4641; routing of packets H04L45/00) · CPC title
Architecture for metering, charging or billing · CPC title
Arrangements for metering, time-control or time indication {; Metering, charging or billing arrangements for voice wireline or wireless communications, e.g. VoIP} · CPC title
comprising network management agents or mobile agents therefor · CPC title
using an overlay routing layer · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2019104049A1 cover?
- Some embodiments establish for an entity a virtual network over several public clouds of several public cloud providers and/or in several regions. In some embodiments, the virtual network is an overlay network that spans across several public clouds to interconnect one or more private networks (e.g., networks within branches, divisions, departments of the entity or their associated datacenters)…
- Who is the assignee on this patent?
- Nicira Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0263. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Apr 04 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).