Dynamic generation of proxy connections
US-2015326683-A1 · Nov 12, 2015 · US
Systems and methods for supporting a network profile
US9742857B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9742857-B2 |
| Application number | US-201213593986-A |
| Country | US |
| Kind code | B2 |
| Filing date | Aug 24, 2012 |
| Priority date | Aug 24, 2012 |
| Publication date | Aug 22, 2017 |
| Grant date | Aug 22, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The present solution is directed to a system for specifying a source internet protocol (IP) address used by an intermediary device for a connection to a server. The system includes a device intermediary to a plurality of clients and a server. The device may have a net profile for sending traffic to servers. The net profile specifies one or more internet protocol (IP) addresses to use as a source IP address for a connection between the device and the server. The device receives a request from a client of the plurality of clients via a first transport layer connection between the client and the device, identifies the net profile for the request, and establishes, responsive to the request, a second transport layer connection between the device and the server using an IP address.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for specifying a source internet protocol (IP) address used by an intermediary device for a connection to a server, the method comprising: (a) establishing, via a device intermediary to a plurality of clients and a server, a net profile configured via the device by a user for sending traffic to servers, the net profile bound by a user via a policy engine to one of a service or a virtual server and comprising a name and an expression specifying one or more internet protocol (IP) addresses from a plurality of IP addresses hosted by the device to use as a source IP address for a connection between the device and the server, the plurality of IP addresses hosted by the device for transmitting communications by the device using a hosted IP address as a source IP address of the device and receiving communications routable to the device using a hosted IP address as a destination IP address of the device over a network; (b) receiving, by the device, a request from a client of the plurality of clients to a service of the server via a first transport layer connection established between the client and the device; (c) identifying, by the device for the request, via the policy engine the net profile bound to one of the service executing on the server and managed by the device or the virtual server executing on the device managing the service; (d) establishing, by the device responsive to the request, a second transport layer connection between the device and the server using an IP address hosted by the device from the one or more IP addresses specified by the net profile as the source IP address. 2. The method of claim 1 , wherein step (a) further comprises binding the net profile to a virtual server executing on the device. 3. The method of claim 1 , wherein step (a) further comprises binding the net profile to a service of the server managed by the device. 4. The method of claim 1 , wherein step (a) further comprises binding the net profile to a monitor executing on the device, the monitor monitoring a service on the server. 5. The method of claim 1 , wherein step (a) further comprises specifying a name of an IP set for the net profile, the IP set identifying the one or more IP addresses. 6. The method of claim 1 , wherein step (a) further comprises identifying the one or more IP addresses for the net profile from a pool of the plurality of IP addresses hosted by and routable to the device as a destination. 7. The method of claim 1 , wherein step (b) further comprises receiving, by the device, the request from the client to establish a transport layer connection with the server and responsive to the request establishing the first transport layer connection and the second transport layer connection. 8. The method of claim 1 , wherein step (c) further comprises identifying, by the device for the second transport layer connection, the net profile bound to a virtual server executing on the device. 9. The method of claim 1 , wherein step (c) further comprises identifying, by the device for the second transport layer connection, the net profile bound to a service managed by a virtual server executing on the device. 10. The method of claim 1 , wherein step (d) further comprises selecting, by the device, as the source IP address for the second transport layer connection the IP address from a plurality of IP addresses specified by the net profile. 11. A system for specifying a source internet protocol (IP) address used by an intermediary device for a connection to a server, the system comprising: a device intermediary to a plurality of clients and a server; a net profile configured via the device by a user for sending traffic to servers, the net profile bound by a user via a policy engine to one of a service or a virtual server and comprising a name and an expression specifying one or more internet protocol (IP) addresses from a plurality of IP addresses hosted by the device to use as a source IP address for a connection between the device and the serve, the plurality of IP addresses hosted by the device for transmitting communications by the device using a hosted IP address as a source IP address of the device and receiving communications routable to the device using a hosted IP address as a destination IP address of the device over a network; wherein the device receives a request from a client of the plurality of clients to a service of the server via a first transport layer connection established between the client and the device, identifies via the policy engine the net profile, for the request, bound to one of the service executing on the server and managed by the device or the virtual server executing on the device managing the service, and establishes, responsive to the request, a second transport layer connection between the device and the server using an IP address hosted by the device from the one or more IP addresses specified by the net profile as the source IP address. 12. The system of claim 11 , wherein the net profile is bound to a virtual server executing on the device. 13. The system of claim 11 , wherein the net profile is bound to a service of the server managed by the device. 14. The system of claim 11 , wherein the net profile is bound to a monitor executing on the device, the monitor monitoring a service on the server. 15. The system of claim 11 , wherein the net profile specifies a name of an IP set, the IP set comprises the one or more IP addresses. 16. The system of claim 11 , wherein the one or more IP addresses for the net profile are identified from a pool of the plurality of IP addresses hosted by and routable to the device as a destination. 17. The system of claim 11 , wherein the device receives the request from the client to establish a transport layer connection with the server and responsive to the request establishing the first transport layer connection and the second transport layer connection. 18. The system of claim 11 , wherein the device identifies for the second transport layer connection the net profile bound to a virtual server executing on the device. 19. The system of claim 11 , wherein the device identifies for the second transport layer connection the net profile bound to a service managed by a virtual server executing on the device. 20. The system of claim 11 , wherein the device selects as the source IP address for the second transport layer connection the IP address from a plurality of IP addresses specified by the net profile.
Assignees
Inventors
Classifications
- H04L67/28Primary
Electricity · mapped topic
Entity profiles · CPC title
Electricity · mapped topic
Electricity · mapped topic
- H04L69/163Primary
In-band adaptation of TCP data exchange; In-band control procedures · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9742857B2 cover?
- The present solution is directed to a system for specifying a source internet protocol (IP) address used by an intermediary device for a connection to a server. The system includes a device intermediary to a plurality of clients and a server. The device may have a net profile for sending traffic to servers. The net profile specifies one or more internet protocol (IP) addresses to use as a sourc…
- Who is the assignee on this patent?
- Mohammed Salauddin, Kurma Jyotheesh Rao, Citrix Systems Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L67/28. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Aug 22 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).