Method and Apparatus for Determining Virtual Machine Migration
US-2015281347-A1 · Oct 1, 2015 · US
Auto discovery of virtual machines
US9529995B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9529995-B2 |
| Application number | US-201113291739-A |
| Country | US |
| Kind code | B2 |
| Filing date | Nov 8, 2011 |
| Priority date | Nov 8, 2011 |
| Publication date | Dec 27, 2016 |
| Grant date | Dec 27, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method and apparatus is disclosed herein for performing auto discovery of virtual machines. In one embodiment, the method includes monitoring, using an interface of the device, one or more packets being sent from one or more virtual machines, the one or more packets being sent determining, using a processor of the device, if one of the monitored packets includes a discovery packet from one virtual machine of the one or more virtual machines, wherein the discovery packet includes an address of a destination location; sending, using the interface of the device, a reply packet to the one virtual machine using an address in the discovery packet identified in the monitored packets, the reply packet including an Internet Protocol (IP) address of the device.
First claim
Opening claim text (preview).
I claim: 1. A method performed by a device in a network, the device located between the network and one or more systems, at least one of the one or more systems having one or more virtual machines running thereon, the method performed by comprising: monitoring, using an interface of the device, one or more packets being sent from the one or more virtual machines and a newly deployed virtual machine running on one of the one or more systems, wherein the newly deployed virtual machine provides an internet protocol (IP) address in a discovery packet, and wherein the newly deployed virtual machine comprises one of a dynamically created virtual machine that has acquired a dynamically created IP address or an existing virtual machine with a changed IP address; in response to detection by the device of the newly deployed virtual machine based on receipt of a discovery packet sent by the newly deployed virtual machine in the one or more packets being monitored and the IP address in the discovery packet, intercepting the discovery packet at the device, wherein the discovery packet is sent from the newly deployed virtual machine to an address of a destination location on the network different from an address of the device; determining, using a processor of the device, from the intercepted discovery packet from the newly deployed virtual machine, the address of the destination location and the IP address of the newly deployed virtual machine that sent the discovery packet; and sending, using the interface of the device, a reply packet to the newly deployed virtual machine, the reply packet generated by the device in response to the discovery packet using the IP address of the newly deployed virtual machine in the discovery packet identified in the intercepted discovery packet, the reply packet including an IP address of the device that enables communication between the newly deployed virtual machine and the destination location through the device, wherein a connection is initiated with the newly deployed virtual machine based on the reply packet. 2. The method defined in claim 1 wherein the device comprises a security gateway. 3. The method defined in claim 1 wherein the discovery packet is a DNS query or an HTTP request. 4. The method defined in claim 1 , wherein initiation of the connection further comprises: subsequent to sending the reply packet, initiating a direct connection with the newly created virtual machine. 5. The method defined in claim 1 , wherein initiation of the connection further comprises: subsequent to sending the reply packet, receiving a packet from the newly created virtual machine to initiate a direct connection with the device and the newly created virtual machine. 6. The method defined in claim 1 wherein the destination address is for a location on the Internet, a domain name, or a broadcast address. 7. A security gateway for using a network, the security gateway to be located between the network and one or more systems, at least one of the one or more systems having one or more virtual machines running thereon, the security gateway comprising: a memory; an interface to receive one or more packets from the one or more virtual machines; and a processor coupled to the memory and the interface and operable to in response to detection of a newly deployed virtual machine based on receipt of a discovery packet sent by the newly deployed virtual machine in the one or more packets being received and an internet protocol (IP) address in the discovery packet, intercept the one or more packets, wherein the newly deployed virtual machine runs on one of the one or more systems and comprises one of a dynamically created virtual machine that has acquired a dynamically created IP address or an existing virtual machine with a changed IP address, and wherein the discovery packet is sent from the newly deployed virtual machine to an address of a destination location on the network different from an address of the security gateway; determine from the intercepted discovery packet from the newly deployed virtual machine, the address of the destination location in the network and the IP address of the newly deployed virtual machine that sent the discovery packet; generate a reply packet to the newly deployed virtual machine, the reply packet generated by the security gateway in response to the discovery packet using the IP address of the newly deployed virtual machine in the discovery packet identified in the intercepted discovery packet, the reply packet including an IP address of the security gateway that enables communication between the newly deployed virtual machine and the destination location through the security gateway, wherein the processor causes the reply packet to be sent through the interface to the newly deployed virtual machine, wherein a connection is initiated with the newly deployed virtual machine based on the reply packet. 8. The security gateway defined in claim 7 wherein the discovery packet is a DNS query or an HTTP request. 9. The security gateway defined in claim 7 wherein the processor generates the reply packet to initiate a direct connection to the newly created virtual machine subsequent to sending the reply packet. 10. The security gateway defined in claim 7 wherein the interface receives a packet from the newly created virtual machine to initiate a direct connection between the security gateway and the newly created virtual machine subsequent to interface sending the reply packet. 11. The security gateway defined in claim 7 wherein the destination address is for a location on the Internet, a domain name, or a broadcast address. 12. An article of manufacture having one or more non-transitory computer readable media storing instructions thereon which, when executed by a device in a network that is located between the network and one or more systems which have at least one or more virtual machines running thereon, causes the device to perform a method comprising: monitoring, using an interface of the device, one or more packets being sent from the one or more virtual machines and a newly deployed virtual machine running on one of the one or more systems, wherein the newly deployed virtual machine provides an internet protocol (IP) address in a discovery packet, and wherein the newly deployed virtual machine comprises one of a dynamically created virtual machine that has acquired a dynamically created IP address or an existing virtual machine with a changed IP address; in response to detection by the device of the newly deployed virtual machine based on receipt of a discovery packet sent by the newly deployed virtual machine in the one or more packets being monitored and the IP address in the discovery packet, intercepting the discovery packet at the device, wherein the discovery packet is sent from the newly deployed virtual machine to an address of a destination location on the network different from an address of the device; determining, using a processor of the device, from the intercepted discovery packet from the newly deployed virtual machine, the address of the destination location and the IP address of the newly deployed virtual machine that sent the discovery packet; and sending, using the interface of the device, a reply packet to the newly deployed virtual machine, the reply packet generated by the device in response to the discovery packet using the IP address of the newly deployed virtual machine in the discovery packet identified in the intercepted discovery packet, the reply packet including an IP address of the device that enables communication between the newly deployed virtual machine and the destination location through the dev
Assignees
Inventors
Classifications
Discovery or management of network topologies · CPC title
Isolation or security of virtual machine instances · CPC title
Starting, stopping, suspending or resuming virtual machine instances · CPC title
- G06F21/53Primary
by executing in a restricted environment, e.g. sandbox or secure virtual machine · CPC title
Hypervisor-specific management and integration aspects · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9529995B2 cover?
- A method and apparatus is disclosed herein for performing auto discovery of virtual machines. In one embodiment, the method includes monitoring, using an interface of the device, one or more packets being sent from one or more virtual machines, the one or more packets being sent determining, using a processor of the device, if one of the monitored packets includes a discovery packet from one vi…
- Who is the assignee on this patent?
- Shieh Choung-Yaw Michael, Varmour Networks Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/53. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Dec 27 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).