Patent Grant
10623194
Multicast is the delivery of a message or information to a group of destination computers simultaneously in a single transmission from the source. Copies of the message are automatically replicated and forwarded by other network elements. Forwarding and replicating multicast packets are usually done by intermediate nodes in the network—switches fulfill multicast forwarding inside a layer 2 network while (multicast) routers fulfill multicast routing across layer 3 networks. Typically, switches that support multicast use IGMP (Internet Group Management Protocol) snooping, while routers that support multicast use PIM (Protocol Independent Multicast) as the routing protocol.
Though previously not very many applications use multicast, many IP multicast applications have been developed and deployed like financial software, video service, etc. A use case worth noting is overlay based network virtualization (layer 2 tunneling), with VXLAN to be an important technology proposed. VXLAN can support a large number of logical layer 2 networks over a physical IP network. It is based on MAC-over-UDP encapsulation, and requires an IP multicast group to be allocated for encapsulation of BUM (broadcast, unknown unicast, and multicast) traffic inside a logical network. As a result, a large number of multicast groups may be consumed, especially in a cloud environment in which each tenant may create a number of logical networks. These created logical networks and corresponding multicast groups may span across physical layer 3 networks and even datacenters.
Unfortunately, use of IP multicast is limited by lack of infrastructure to support it. Low end switches and routers usually do not support IGMP and PIM, and they usually do not support a large number of multicast groups. Moreover, even when the physical network hardware has the capabilities to support multicast, users generally eschew enabling multicast in the datacenter networks due to the complexity in the manageability and the scalability of IP multicast. Enabling multicast across datacenters and provider networks is even more difficult.
What is needed is a network system for enabling a large number of multicast groups across physical networks that may include data centers or provider networks. Such a network system should support network virtualization without relying on built-in multicast capabilities of the physical network, while nevertheless leverage the multicast capabilities offered by the physical network to achieve higher efficiency, even when multicast is not fully enabled in the physical network.
Some embodiments of the invention provide a method for performing replication of messages across a network to a selected group of endpoints (i.e., multicast replication). The network includes multiple endpoints that receive messages from the network and generate messages for the network. The endpoints are located in different segments of the network, each segment including one or more of the endpoints. For a source endpoint to replicate a particular message (e.g., a data packet) to all endpoints belonging to a particular replication group (i.e., multicast group) within the network, the source endpoint replicates the particular message to each endpoint within the source endpoint's own segment and to a proxy endpoint in each of the other segments. Each proxy endpoint in turn replicates the particular message to all endpoints belonging to the particular replication group within the proxy endpoint's own segment.
In some embodiments, multicast replication by endpoints is performed into three steps: (1) local replication in the source segment, in which a multicast packet is sent to local receiver endpoints in the same segment with the sender; (2) cross segment replication, in which the packet is replicated to every remote segment that has receivers of the multicast group; (3) local replication in remote segments, in which the packet is sent to every receiver endpoint in a remote segment.
To obtain all of the relevant information for multicast replication, endpoints in some embodiments exchange information with each other. In some embodiments, endpoints exchange information in a distributed way using a control plane protocol with each other. In some embodiments, a set of separate entities (e.g. centralized controllers) collect information from endpoints and publish (proactively or in response to queries from endpoints) to endpoints the information about the physical network and other endpoints that is needed for an endpoint to perform multicast replication.
Some embodiments select proxies in a manner that balances the traffic load in the remote segments. In some embodiments, this is accomplished by choosing an endpoint from the pool by random for each multicast group. Some embodiments perform proxy selection intelligently by intentionally avoiding endpoints that are already busy
In some embodiments, multicast replication is used to implement overlay based network virtualization solutions such as VXLAN. In an overlay network, logical layer 2 networks may be created on top of the physical network, and full messed layer 2 tunnels may be established between endpoints that join a same logical layer 2 network. In some embodiments, a BUM packet originating from one tunnel endpoint in the logical layer 2 network is replicated to all other member endpoints of the network.
In some embodiments, VMs are consumers of the logical layer 2 networks, and hypervisors are tunnel endpoints. Some of these embodiments map the scope of a multicast replication operation (i.e., a multicast group) to a logical layer 2 network and multicast endpoints to tunnel endpoints. As such, BUM packet replication in a logical network is implemented as multicast replication to a multicast group in the physical network. In other words, the replication scope of a logical network in these embodiments is mapped to include only the receiver endpoints of a multicast group.
The preceding Summary is intended to serve as a brief introduction to some embodiments of the invention. It is not meant to be an introduction or overview of all inventive subject matter disclosed in this document. The Detailed Description that follows and the Drawings that are referred to in the Detailed Description will further describe the embodiments described in the Summary as well as other embodiments. Accordingly, to understand all the embodiments described by this document, a full review of the Summary, Detailed Description and the Drawings is needed. Moreover, the claimed subject matters are not to be limited by the illustrative details in the Summary, Detailed Description and the Drawings, but rather are to be defined by the appended claims, because the claimed subject matters can be embodied in other specific forms without departing from the spirit of the subject matters.
The novel features of the invention are set forth in the appended claims. However, for purpose of explanation, several embodiments of the invention are set forth in the following figures.
In the following description, numerous details are set forth for the purpose of explanation. However, one of ordinary skill in the art will realize that the invention may be practiced without the use of these specific details. In other instances, well-known structures and devices are shown in block diagram form in order not to obscure the description of the invention with unnecessary detail.
Some embodiments of the invention provide a method for performing replication of messages across a network to a selected group of endpoints (i.e., multicast replication). The network includes multiple endpoints that receive messages from the network and generate messages for the network. The endpoints are located in different segments of the network, each segment including one or more of the endpoints. For a source endpoint to replicate a particular message (e.g., a data packet) for all endpoints belonging to a particular replication group (i.e., multicast group) within the network, the source endpoint replicates the particular message to each endpoint within the source endpoint's own segment and to a proxy endpoint in each of the other segments. Each proxy endpoint in turn replicates the particular message to all endpoints belonging to the particular replication group within the proxy endpoint's own segment.
For some embodiments,
As illustrated, the network 100 is divided into at least four segments 101-104. Each of the network segments 101-104 includes a number of endpoints that generate and receive network data traffic. Specifically, the segment 101 includes endpoints 111-116, the segment 102 includes endpoints 121-126, the segment 103 includes endpoints 131-136, and the segment 104 includes endpoints 141-146. Data traffic between the segments goes through inter-segment routing 150.
The source endpoint 111 is in the network segment 101, and the endpoint replicates the data packet to other members of the replication group within the network segment 101, namely to endpoints 112, 114, and 115. The same data packet is also replicated to endpoints in network segments 102, 103, and 104. However, the source endpoint 111 does not forward the data packet 190 directly to endpoints in these other network segments. Instead, the source endpoint 111 forwards the replication data packet 190 to a proxy endpoint in each of these other network segments. Specifically, the source endpoint 111 has chosen the endpoint 121 as the proxy for the network segment 102, the endpoint 131 as the proxy for the network segment 103, and the endpoint 141 as the proxy for the network segment 104. Each of these proxies in turn replicates and forwards the data packet 190 to endpoints belonging to the particular replication group within each respective network segments, (e.g., the proxy 141 forward the data packet 190 to endpoints 141, 144, 145, and 146.) The selection of proxy endpoints will be further described in Section III below.
The use of the proxies in different network segments allows the source endpoint 111 to forward the data packet 190 to endpoints in other network segments without having to expend computing resources in order to reach endpoints in remote segment. It also allows the replication and forwarding of messages to fully utilize the local network structure of each network segment, some of which has hardware configured to support multicast in some embodiments. Doing so leverages the multicast capabilities offered by the physical network to achieve higher efficiency while supporting optimized replication and delivery paths based on the physical network topology.
The network 100 provides the physical infrastructure for data communication between entities that are connected to the network 100. In some embodiments, the network 100 includes numerous physically distinct sets of communication pathways that are communicatively interlinked to form the network 100. In some embodiments, at least some of these physically distinct sets of communication pathways have different topologies and/or use different communication protocols. In some embodiments, the network 100 spans across one or more data centers and/or (internet service) provider networks such that at least some of the physically distinct sets of communication pathways are in the data centers or provider networks. In some embodiments, the network 100 is a physical IP network that may be divided into multiple physical layer 2's (VLANs), IP subnets, and multicast islands. Multicast forwarding is supported inside a multicast island, but is not supported (or could not be done at good enough performance) across islands. In some embodiments, multicast is not supported by the network at all.
A network endpoint such as 111 in some embodiments is an entity that generates and receives data traffic on the network 100. Such an entity can be a computing device, data storage, or a device of another type that provides or consumes data traffic on the network.
A network endpoint that replicates and forwards messages to multiple recipients is referred to as a multicast endpoint. In some embodiments, a multicast endpoint performs multicast replication itself in different modes depending on physical network topology and multicast capabilities. In some embodiments, a multicast endpoint can be a hypervisor that sends and receives multicast traffic to and from a physical network on behalf of its virtual machines (VMs) running on a host machine.
In some embodiments, a multicast endpoint can be an entity in a network segment that does not generate and consume multicast traffic. Some of these multicast endpoints intercepts locally originated multicast traffic and replicates the intercepted traffic to multicast endpoints of remote segments and receives multicast traffic from remote segments and injects the received traffic to the local segment.
A network segment such as the segments 101-104 is a subset of the network which encompasses a collection of endpoints. In some embodiments, each network segment is able to support multicast traffic between the encompassed multicast endpoints. In some embodiments, at least some of the network segments do not support multicast traffic and must rely on unicast to replicate and forward multicast packets to each receiver endpoint in the multicast group.
Multicast messages are replicated and forwarded differently among endpoints of a same segment than between endpoints across different segments. For example, in some embodiments, cost of network communication between endpoints of a same segment is less than between endpoints in different segments. In some embodiments, the network supports higher communication bandwidth between endpoints of a same segment than between endpoints in different segments. In some embodiments, a segment is defined by the multicast capabilities of the physical network. In some of these embodiments, multicast traffic (sending network traffic to multiple recipients at the same time) within a segment can reliably utilize the multicast capability of the physical network, while multicast traffic across segments are either not supported by the physical network at all or are supported in a more limited fashion.
In some embodiments, a segment can be a VLAN (Virtual Local Area Network) or an IP subnet inside a VLAN. (In some embodiments, a VLAN contains only one IP subnet. In some embodiments, multiple IP subnets are allocated in a VLAN.) In some embodiments, a network segment includes a set of adjacent VLANs that have high bandwidth and/or low cost links between each other.
In some embodiments, a segment is a “multicast island”. In some embodiments, a multicast island is a physical network that supports IP-multicast, or a physical network in which all routers support multicast routing protocols. In some embodiments, a segment is a multicast island that is a VLAN, in which IGMP snooping is supported by switches while multicast routing is not supported by the routers, and hence multicast forwarding is limited to be inside a VLAN. In some embodiments, a multicast island includes multiple VLANs and subnets. Such a multicast island in some embodiments includes internal routers (or layer 3 switches) that support multicast routing, so multicast traffic can be routed among the internal VLANs, but cannot be routed out of the island or into the island from the outside.
The inter-segment routing 150 includes portions of the network 100 that provides communication pathways among the different network segments 101-104. In some embodiments, the multicast traffic that takes place within each network segment cannot be directly routed across the inter-segment routing 150, or cannot be routed over without incurring additional cost in terms of time, bandwidth or computing power. In some embodiments, the inter-segment routing 150 includes data centers or provider networks that do not allow multicast traffic. In some of these embodiments, the multicast traffic of one segment can only propagate through the inter-segment routing 150 as unicast traffic, specifically to proxy endpoints in different segments.
The above description introduces distributed multicast replication by endpoints of some embodiments. Several more detailed embodiments are described below. First, Section I describes in further detail multicast replication by endpoints of some embodiments, while Section II describes the collection and the exchange of information necessary for supporting distributed multicast replication according to some embodiments. Next, Section III describes the selection of proxy endpoints and the balancing of network load according to some embodiments. Section IV describes some embodiments of network virtualization schemes based on the distributed multicast replication as described in other sections. Finally, Section V describes an electronic system with which some embodiments of the invention are implemented.
In some embodiments, multicast replication by endpoints includes the following three steps: (1) local replication in the source segment, in which a multicast packet is sent to local receiver endpoints in the same segment with the sender; (2) cross segment replication, in which the packet is replicated to every remote segment that has receivers of the multicast group; (3) local replication in remote segments, in which the packet is sent to every receiver endpoint in a remote segment.
Steps (1) and (2) are initiated by sender endpoints. In step (2), the sender endpoint chooses one endpoint in every remote receiving segment to be a proxy before replicating a multicast packet, and then replicates the packet to every proxy endpoint with unicast. After receiving the replicated packet, a proxy will continue the replication procedure to the step (3).
In four stages 201-204,
At the first stage 201, the source endpoint 211 forwarded a data packet by multicast to all other endpoints belonging to the same multicast group within the local network segment 210 (which is the network segment of the source end point). In some embodiments, this replication and forwarding is accomplished by utilizing the multicast capabilities of the physical network underlying the network segment 210.
The second stage 202 shows the cross segment replication, in which the packet is replicated to every remote segment that has receiver endpoints of the multicast group. Specifically, the source endpoint 211 is replicating and forwarding the data packet to proxy endpoints 221, 231, and 241 that are in remote segments 220, 230, and 240, respectively. In some embodiments, the cross segment replication takes place across physical communication pathways that are configured for multicast and does utilize the available built-in multicast capabilities. However, in some embodiments, this cross segment replication takes place across physical communication pathways that are not configured for multicast. In some of these embodiments, the forwarding of the multicast packet from one segment to another is performed by unicast communications protocols.
The third stage 203 shows the local replication in remote segments, in which the packet is sent to every receiver endpoint in a remote segment. Specifically, this replication is performed by proxy endpoints in each of those remote segments. Namely, the endpoint 221, selected as the proxy for the segment 220, replicates and forwards the packet to endpoints 222-224. Likewise, the endpoint 231 as the proxy for the segment 230 replicates and forwards the packet to endpoints 232-234, and the endpoint 241 as the proxy for the segment 240 replicates and forwards the packet to endpoints 242-244. In some embodiments, the replication and forwarding of the multicast packet in some of these remote segments is accomplished by utilizing the multicast capabilities of the physical network underlying these remote network segments. The fourth and final stage 204 shows the completion of the replication and forwarding of the data packet, in which every endpoint in the multicast group has received the data packet.
As mentioned, in some embodiments, multicast replication in a segment is accomplished by local multicast replication supported by the underlying physical network for the segment. In some embodiments, this is so when the segment is a multicast island such that the sender/proxy endpoint sends out a multicast packet which will be replicated by the physical network to every receiver of the multicast group in the local multicast island. In some embodiments, a multicast island does not allow a multicast packet to leave the island, and the sender endpoint would send the original packet out of the island without using multicast (e.g., by using unicast). Some embodiments prevent the multicast packet from being forwarded outside the segment by forcing routers to drop the multicast packet, even if the router supports multicast.
In some embodiments, at least some of the segments do not support multicast protocols locally. In some of these embodiments, the sender/proxy endpoint replicates the original multicast packet to every local receiver endpoint with unicast. So for each local receiver, the sender/proxy replicates the original packet and converts it to a unicast packet to the receiver endpoint.
As illustrated, the network 300 has four network segments 310, 320, 330, and 340, the segment 310 having endpoints 311-314, the segment 320 having endpoints 321-324, the segment 330 having endpoints 331-334, and the segment 340 having endpoints 341-344. The source endpoint 311 has chosen endpoints 321, 331, and 341 as proxies for replicating and forward multicast message for remote segments 320, 330, and 340, respectively. For purpose of illustrative simplicity, all of the endpoints are illustrated as belonging to a same particular multicast group, though one of ordinary skill would understand that some of segments may include endpoints that do not belong to the same multicast group.
In order to complete the multicast replication and forwarding of data packet to remaining members of the multicast group in the segment 310, the source endpoints perform unicast forwarding to endpoints 313 and 314. The second stage 302 and the third stage 303 illustrate the unicast forwarding to endpoints 313 and 314, respectively.
The fourth stage 304 illustrates a cross segment message replication/forwarding from the source endpoint 311 in the segment 310 to the chosen proxy endpoint 321 for the segment 320. The example of
The fifth stage 305 illustrates a cross segment message replication/forwarding from the source endpoint 311 to the chosen proxy endpoint 331 for the segment 330. The stage 305 also illustrates the start of message replication/forwarding by the proxy 321 to endpoints in the segments 320.
The sixth stage 306 illustrates a cross segment message replication/forwarding from the source endpoint 311 to the chosen proxy endpoint 341 for the segment 340. In this stage, the proxy 321 continues to replicate/forward the message by unicast to endpoints in the segment 320, while the proxy 331 start to replicate/forward the message by unicast to endpoints in the segment 330.
At the seventh stage 307, the source endpoint 311 has completed sending the message to all of its destinations (i.e., all endpoints in its local segment 310 of the same multicast group as well as all proxy endpoints in remote segments), while proxies 321 and 331 continue to replicate and forward the data packet by unicast to endpoints of the same multicast group in their respective network segments. The proxy 341 starts to replicate/forward the message by unicast to endpoints in the segment 340.
The replication and forwarding by proxies continues in the eighth stages 308 and the ninth stage 309. The tenth and final stage 399 shows the completion of the replication and forwarding of the data packet, in which every endpoint in the multicast group has received the data packet.
Though
Replicating/forwarding of multicast packet by performing multicast requires multicast supported by the physical network inside the local segment. Doing so exploits the multicast capabilities of the physical network, which allows more efficient multicast forwarding and replication than relying on unicast by endpoints. When multicast is not available, replicating/forwarding of multicast packet by unicast (as illustrated in
For some embodiments,
The process then determines (at 420) whether to replicate the received data packet. For an endpoint that receives data originated from an entity that uses the endpoint to connect to the network, the endpoint can determine whether this data packet is destined for multiple recipients from information provided the source of the data. For an endpoint that receives data as a packet from the network, the process needs to determine whether the data packet is from a multicast group that uses the endpoint as a proxy to replicate and forward data packets. In some embodiments, a proxy endpoint distinguishes received packets that need further replication locally from other normal unicast traffic. Some embodiments facilitate this by encapsulating the original multicast packet before sending to the receiver/proxy endpoint. When a receiver/proxy endpoint receives the encapsulated packet, it decapsulates the packet and restores the original multicast packet. The encapsulation header in some embodiments includes a flag that tells the proxy the packet needs further local replication. In some embodiments, the sender/proxy endpoint converts the original multicast packet to a unicast packet and adds an IP option to the packet which contains the original destination multicast address.
If the data packet requires further replication by the endpoint, the process proceeds to 430. Otherwise, the process 400 identifies (at 480) the receiver for the data packet, sends (at 490) the data packet to the identified receiver and ends.
At 430, the process 400 identifies a multicast group for the data packet. In some embodiments, such information is derived or extracted from the received data packet. The process then identifies (at 440) endpoints that are to receive the data packet that belong to the identified multicast group. In some embodiments, the information that is needed by an endpoint to identify member endpoints of a multicast group is provided by a central entity that collects such information from endpoints in network and distributes it. In some embodiments, the endpoints in the network exchange such information amongst themselves beforehand. The collection and exchange of such information is described further in Section II below. An example of the information used by endpoints for identifying multicast group membership is described below by reference to
Next, the process determines (at 450) whether any of the identified receiver endpoints are in the local segment. If so the process proceeds to 455 to replicate and forward the data packet to all identified receiver endpoints (of the identified multicast group) in the local segment. In some embodiments, the process 400 determines whether the local segment supports multicast. If so, the process uses multicast protocols to send the data packet to all members of the multicast group in the local segment. Otherwise, the process uses unicast protocols to send the data packet to each identified receiver endpoint individually.
The process then determines (460) whether any of the identified receiver endpoints are in remote segments. If so, the process proceeds to 470 to replicate and forward the data packet to the proxy endpoints for those remote segments. After sending the packet to receiver endpoints in the local segment and/or proxies for endpoints in the identified remote segments, the process 400 ends.
In some embodiments, an endpoint performing multicast replication and forwarding as described above in Section I needs information about multicast group membership and physical network topology. A sender endpoint of a multicast group needs to know all the remote segments that have receivers of this group and at least one endpoint in each of these segments, so it can choose an endpoint per remote segment as the proxy.
In the unicast replication mode, when a sender or proxy endpoint is performing multicast by unicast replication (as described above by reference to
To obtain all of the relevant information for multicast replication, endpoints in some embodiments exchange information with each other. In some embodiments, endpoints exchange information in a distributed way using a control plane protocol with each other. In some embodiments, a set of separate entities (e.g. centralized controllers) collect information from endpoints and publish (proactively or in response to queries from endpoints) to endpoints the information about the physical network and other endpoints that is needed for an endpoint to perform multicast replication.
During the first operation (labeled ‘1’), the endpoint 531 submits a report 562 to the central controller entities 550 that it wants to join the multicast group 100. In some embodiments, such a report includes an identifier for the desired multicast group, an identifier for the endpoint (e.g., its MAC address), as well as information for locating the endpoint within the network (e.g., its network IP address.)
During the second operation (labeled ‘2’), the central controller entity 550 updated its record for the multicast group 100 to include information for the endpoint 531 based on the received report 562. In some embodiments, the central controller entity maintains a directory or table for each multicast group. In some embodiments, the central controller resolves raw information submitted by individual endpoints and compile them into optimized table or directory for members of the multicast group. An example of such directories will be further described below by reference to
During the third operation (labeled ‘3’), the central controller entity 550 distributes the updated member information 552 for the multicast group 100 to all members endpoints of the multicast group in different segments. Consequently, existing members 511, 512, 521, 532 knows that a new member endpoint 531 has just joined the multicast group, and that this new member endpoint is in segment C (530). The newly joined endpoint 531 also receives membership information regarding group 100 from the central controller, which lets it know about other existing members of the multicast group and their location (e.g., which segment) in the network.
Thus, when the endpoint 591 (identified as endpoint XN in a segment X of the network 500, not illustrated in
The endpoint 591 also uses the tables 622 and 624 to identify proxies for replicating multicast traffic in remote segments. Each entry in the table 622 and 624 corresponds to a remote segment and identifies an endpoint as the proxy for replicating multicast traffic from the endpoint 591 to that remote segment. It is worth noting that in some embodiments, for a same remote segment, an endpoint can have different proxies for different multicast groups. For example, for segment B, the endpoint 591 selects endpoint B2 as the proxy for multicast group “100” while selecting endpoint B3 as the proxy for the multicast group “300”. It is also worth noting that, in some embodiments, an endpoint keeps track of only proxies in remote segments instead of maintaining information on all endpoints in all segments. It is further worth noting that in some embodiments, two endpoints in the same segment can select different proxies for replicating multicast traffic to a given remote segment.
In some embodiments, not only endpoints need information detailing the topology of the network (i.e., remote segments), switches and routers in the underlying physical network also need to discover and maintain a record of local receivers of a multicast group in order to forward multicast packets of that group to all the receiver endpoints. In some embodiments, IGMP is used for allowing an endpoint to join a multicast group as a receiver. Some embodiments use switches that feature IGMP snooping to learn multicast group membership from the received IGMP messages. In some embodiments, routers (or switches with layer 3 capabilities) act as IGMP querier that periodically sends out IGMP query messages to request receiver endpoints or downstream switches/routers to report multicast group membership information. In some embodiments, Routers run multicast routing protocols to exchange the multicast membership information and to define delivery paths of multicast packets across layer 3 networks. Some embodiments uses protocol such as PIM (Protocol Independent Multicast), DVMRP, or MOSPF.
In some embodiments, IGMP snooping is supported by switches while multicast routing is not supported by the routers. In some of these embodiments, there may be no IGMP querier in the segment. In this case, each receiver endpoint may periodically send out IGMP reports into the physical network for the multicast groups it joins to keep the multicast forwarding entries in the switches alive, even if it never receives an IGMP query.
Is some embodiments, the multicast island forms a tree topology, and each router (or layer 3 switch) in the tree queries and snoops multicast membership from its downstream interfaces through IGMP and proxies IGMP to its upstream node. In some of these embodiments, a multicast routing protocol is not running among different segments, so multicast traffic could not be routed across segments. Some embodiments runs a multicast routing protocol such as PIM in only a part of the whole IP network, isolated in some individual segments.
As mentioned, a sender endpoint in some embodiments needs to choose a proxy in every remote receiving segment to replicate a multicast packet. Each sender endpoint can make the proxy choices independently based on different strategies. For example, a sender endpoint in some embodiments chooses a fixed proxy in every segment for all multicast traffic. Alternatively, a sender endpoint in some embodiments chooses a fixed proxy per multicast group in every segment. In some other embodiments, the sender chooses a fixed proxy per multicast flow (e.g. identified by the <source IP, destination IP, protocol>, or <source IP, destination IP, source port, destination port> for UDP) in every segment.
These different methods of proxy selection in some embodiments are able to balance the network traffic load among different endpoints of a segment. In some embodiments, a sender endpoint uses “heartbeat” communication from the proxies it has chosen to detect proxy failures. Some embodiments detect endpoint failures by separate control plane implementations.
In some embodiments, a sender can choose any endpoint in a remote segment to be the proxy. In some of these embodiments, an endpoint chooses one of the receiver endpoints in the remote segment for each specific multicast group. Doing so has the advantage of minimizing the impact by one multicast group over other multicast groups and other types of network data traffic (since this makes it less likely that an endpoint has to handle multicast traffic for multicast groups that the endpoint is not a receiver of). It also has the advantage of minimizing the interference upon the physical network's multicast forwarding states. In some embodiments, the choice of proxy is determined by control plane implementation (i.e., central controller such as 550), which in some embodiments may choose not to provide information on all of the endpoints in remote segments. In some of these embodiments, the central controller assigns specific proxies to each endpoint rather than letting each endpoint decides for itself.
Different embodiments select proxies differently.
The process then updates (at 720) a list or pool of endpoints that are available to serve as proxies for each of the remote segments. In some embodiments, this list or pool of potential proxies is based on the information received from the central controller. In some embodiments, this list is based on the exchange of information (such as heartbeat) between this endpoint and other endpoints.
Next, the process selects (at 730) a proxy for each remote segment for each multicast group. In some embodiments, this selection process is performed in a manner that balances the network traffic load in the remote segments. In some embodiments, this is accomplished by choosing an endpoint from the pool by random for each multicast group. Some embodiments perform proxy selection intelligently by intentionally avoiding endpoints that are already busy (because of e.g., multicast traffic of other multicast groups, or other types of network traffic).
The process then monitors (at 740) the endpoints selected as proxies and determines (at 745) whether there is a proxy failure (e.g., by heartbeat). If so the process 701 returns to 720 to update the list of available endpoints as proxies by removing the failed endpoint from the pool and to select a replacement proxy. Otherwise the process returns to 740 to continue monitoring the selected proxies.
The process then determines (at 770) whether the assignment of proxies needs updating. Some embodiments decide to make new proxy assignment when there is an endpoint that just joined the multicast group (hence available to serve as a proxy) or when an endpoint has failed. Other events in the network can also cause the process to make new proxy assignments, such as when performance degradation due to imbalance in the traffic load has been detected. If there is a need to update assignment of proxies, the process proceeds to 780. Otherwise, the process 702 ends.
At 780, the process makes a new proxy assignment for at least one endpoint for one segment of one multicast group. As in the case for proxy selection performed by endpoints, a centrally performed proxy selection in some embodiments also uses random selection from a pool of available endpoints for load balancing. Some embodiments perform proxy selection intelligently by intentionally avoiding endpoints that are already busy (because of e.g., multicast traffic of other multicast groups, or other types of network traffic). After making the new proxy assignment, the process 702 ends.
In some embodiments, multicast replication methods as described above are used to implement overlay based network virtualization solutions such as VXLAN. In an overlay network, logical layer 2 networks may be created on top of the physical network, and full messed layer 2 tunnels may be established between endpoints that join a same logical layer 2 network. In some embodiments, a BUM packet originating from one tunnel endpoint in the logical layer 2 network is replicated to all other member endpoints of the logical network.
In some embodiments, VMs are consumers of the logical layer 2 networks, and hypervisors are tunnel endpoints. Some of these embodiments map the scope of a multicast replication operation (i.e., a multicast group) to a logical layer 2 network and multicast endpoints to tunnel endpoints. As such, BUM packet replication in a logical network is implemented as multicast replication to a multicast group in the physical network. In other words, the replication scope of a logical network in these embodiments is mapped to include only the receiver endpoints of a multicast group. In some embodiments, the hypervisors include managed network switches whose forwarding operations are managed by controllers.
The physical network 805 is in some embodiments, similar to the network 100 of
The network virtualization of
In some embodiments, the encapsulated data packet 890 is created according to a network virtualization standard such as VXLAN.
VXLAN encapsulation is done by VTEP (VXLAN tunnel endpoint), which is a hypervisor (or the vSwitch on the hypervisor), while VMs are users of VXLAN networks. When a VM on one VTEP sends an ethernet frame to another VM in the same VXLAN network but on a different VTEP, the source VTEP will encapsulate the fame before injecting it to the physical network, using the source VTEP's IP address to be the source IP in the outer header and the VXLAN network's VNI. The destination VTEP decapsulates the packet and forwards only the original inner frame to the destination VM. For a normal unicast frame (whose destination MAC is known to the source VTEP), the destination VTEP's IP address will be used as the outer destination IP. A VTEP should maintain the VM MAC-VTEP IP mapping of the VXLAN networks that its VMs connect to, typically through traffic learning or some kinds of control plane implementation.
For BUM traffic, VXLAN leverages IP multicast. Each VXLAN network is allocated a physical multicast group. A BUM frame is encapsulated using the VXLAN network's multicast IP to be the outer destination IP. A VTEP should join the multicast groups of the VXLAN networks on it, typically by sending out IGMP reports to the physical network.
For some embodiments,
The physical network 900 has at least three segments 910, 920, and 930. The segment 910 includes hypervisors 941-943 (hypervisors A, B, C). The segment 920 includes hypervisors 944-946 (hypervisors D, E, and F). The segment 930 includes hypervisors 947-949 (hypervisors G, H, and I). The hypervisor A is running VMs 911-913, the hypervisor B is running VMs 914-916, the hypervisor C is running VMs 917-919, the hypervisor D is running VMs 921-923, the hypervisor E is running VMs 924-926, the hypervisor F is running VMs 927-929, the hypervisor G is running VMs 931-933, the hypervisor H is running VMs 934-936, and the hypervisor I is running VMs 937-939.
Network virtualization allows the physical network 900 to simultaneously support multiple logical networks 901-909. VMs 913, 914, 919, 921, 923, 925, 928, 929, 932, 934, 935, and 937 are in the logical network 901 (logical network ‘1’). VMs 912, 916, 918, 924, 927, 931, and 938 are in the logical network 902 (logical network ‘2’). VMs 911, 915, 917, 922, 926, 933, 936, and 939 are in the logical network 909 (logical network ‘n’). Each of the logical networks 901-909 is mapped to a multicast group in the physical network 900. Each of these mapped multicast groups is used to handle the BUM traffic of the corresponding logical network.
In some embodiments, the hypervisors are the endpoints of the physical network 900. In some of these embodiments, it is the hypervisors that perform the tasks of replicating and forwarding multicast packets, and it is the hypervisors that act as the proxies for the various multicast groups (i.e., logical networks) in different network segments on behalf of other hypervisors. In some embodiments, it is also the hypervisors, as endpoints of the network 900, that join multicast groups in order to establish logical networks. In some of these embodiments, a hypervisor joins a multicast group by reporting to a central controller entity, receives multicast group membership information, and selects proxies for replicating and forwarding multicast packets to different segments. In some embodiments, a hypervisor joins a particular multicast group when at least one of its VMs wants to connect to a logical network that uses the particular multicast group.
As illustrated, for the logical network 901 (logical network ‘1’), the hypervisor B has been selected by hypervisor D as the proxy of segment 910, the hypervisor D has been selected by hypervisor A as the proxy of segment 920, and the hypervisors H and I have been respectively selected by hypervisors A and D as the proxy of segment 930. For the logical network 902 (logical network ‘2’), the hypervisor A has been selected by hypervisor D as the proxy of segment 910, the hypervisor E has been selected by hypervisor A as the proxy of segment 920, the hypervisors G and I have been respectively selected by hypervisors A and D as the proxy of segment 930. For the logical network 909 (logical network ‘n’), the hypervisor C has been selected by hypervisor D as the proxy of segment 910, the hypervisor D has been selected by hypervisor A as the proxy of segment 920, the hypervisors G and H have been respectively selected by hypervisors D and A as the proxy of segment 930.
It is worth noting that, in some embodiments, a hypervisor can support multiple VMs belonging to different logical networks (such as the hypervisor A, which operates VMs in logical networks 1, 2 and n). Additionally, a hypervisor can be the proxy for multiple hypervisors in a same multicast group or different multicast groups, though proxy selection process in some embodiments would seek to assign proxies in a way that balances network traffic load.
During the second operation (labeled ‘2’), the VM hypervisor encapsulates the broadcast packet 1010 into an encapsulated packet 1020. In some embodiments, this encapsulation includes an identifier for the logical network that is appended by the hypervisor A. In some embodiments, the hypervisor A also appends its own IP address as part of the encapsulated packet. In some embodiments, this encapsulation is in a format specified by a network virtualization protocol such as VXLAN as discussed above by reference to
During the third operation (labeled ‘3’), the hypervisor A replicates and forwards the packet encapsulated for the logical network 901 to other VMs running on hypervisors of local network segment 910. For example, the VM 914 running on the hypervisor B (942) is also on the network segment 910, and hence the hypervisor A replicate and forward the encapsulated packet 1020 to the hypervisor B. The hypervisor B in the fourth operation (labeled ‘4’) in turn decapsulates the packet 1020 and delivers the original broadcast packet to the VM 914. In some embodiments, a sender endpoint such as hypervisor A leverages IP multicast capability offered by the network segment 910 and replicates the encapsulated packet by local multicast to multiple recipients at the same time. In some embodiments, a hypervisor uses unicast to accomplish multicast forwarding within a segment when multicast forwarding is not available in the underlying physical network.
During the fifth operation (labeled ‘5’), the hypervisor A replicates and forwards the encapsulated packet 1020 to remote segments. Specifically, for the remote segment 920, the hypervisor A forwards the packet 1020 to the chosen proxy hypervisor D (944). The proxy hypervisor D in turn in the sixth operation (labeled ‘6’) replicates and forwards the packet that it received from hypervisor A to other hypervisors in segment 920 that belong to the same multicast group (i.e., logical network 901). One of these recipients is hypervisor E (945). In some embodiments, a proxy endpoint such as hypervisor D leverages IP multicast capability offered by the network segment 910 and replicates the encapsulated packet by local multicast to multiple recipients at the same time. In some embodiments, a proxy hypervisor uses unicast to accomplish multicast forwarding within its segment when multicast forwarding is not available in the underlying physical network.
During the seventh operation (labeled ‘7’), the hypervisor E decapsulates the received packet and sends the VM 925 the decapsulated packet 1010. In this example, the proxy hypervisor D has its own VM 921 that belongs to the same logical network and will also receive the decapsulated packet. However, in some embodiments, an endpoint chosen as a proxy for a particular multicast group/logical network may not be a hypervisor, or may be a hypervisor that does not have a VM that operates in that particular logical network. In these instances, the proxy would not consume the received multicast traffic itself.
Many of the above-described features and applications are implemented as software processes that are specified as a set of instructions recorded on a computer readable storage medium (also referred to as computer readable medium). When these instructions are executed by one or more processing unit(s) (e.g., one or more processors, cores of processors, or other processing units), they cause the processing unit(s) to perform the actions indicated in the instructions. Examples of computer readable media include, but are not limited to, CD-ROMs, flash drives, RAM chips, hard drives, EPROMs, etc. The computer readable media does not include carrier waves and electronic signals passing wirelessly or over wired connections.
In this specification, the term “software” is meant to include firmware residing in read-only memory or applications stored in magnetic storage, which can be read into memory for processing by a processor. Also, in some embodiments, multiple software inventions can be implemented as sub-parts of a larger program while remaining distinct software inventions. In some embodiments, multiple software inventions can also be implemented as separate programs. Finally, any combination of separate programs that together implement a software invention described here is within the scope of the invention. In some embodiments, the software programs, when installed to operate on one or more electronic systems, define one or more specific machine implementations that execute and perform the operations of the software programs.
The bus 1105 collectively represents all system, peripheral, and chipset buses that communicatively connect the numerous internal devices of the electronic system 1100. For instance, the bus 1105 communicatively connects the processing unit(s) 1110 with the read-only memory 1130, the system memory 1125, and the permanent storage device 1135.
From these various memory units, the processing unit(s) 1110 retrieves instructions to execute and data to process in order to execute the processes of the invention. The processing unit(s) may be a single processor or a multi-core processor in different embodiments.
The read-only-memory (ROM) 1130 stores static data and instructions that are needed by the processing unit(s) 1110 and other modules of the electronic system. The permanent storage device 1135, on the other hand, is a read-and-write memory device. This device is a non-volatile memory unit that stores instructions and data even when the electronic system 1100 is off. Some embodiments of the invention use a mass-storage device (such as a magnetic or optical disk and its corresponding disk drive) as the permanent storage device 1135.
Other embodiments use a removable storage device (such as a floppy disk, flash drive, etc.) as the permanent storage device. Like the permanent storage device 1135, the system memory 1125 is a read-and-write memory device. However, unlike storage device 1135, the system memory is a volatile read-and-write memory, such a random access memory. The system memory stores some of the instructions and data that the processor needs at runtime. In some embodiments, the invention's processes are stored in the system memory 1125, the permanent storage device 1135, and/or the read-only memory 1130. From these various memory units, the processing unit(s) 1110 retrieves instructions to execute and data to process in order to execute the processes of some embodiments.
The bus 1105 also connects to the input and output devices 1140 and 1145. The input devices enable the user to communicate information and select commands to the electronic system. The input devices 1140 include alphanumeric keyboards and pointing devices (also called “cursor control devices”). The output devices 1145 display images generated by the electronic system. The output devices include printers and display devices, such as cathode ray tubes (CRT) or liquid crystal displays (LCD). Some embodiments include devices such as a touchscreen that function as both input and output devices.
Finally, as shown in
Some embodiments include electronic components, such as microprocessors, storage and memory that store computer program instructions in a machine-readable or computer-readable medium (alternatively referred to as computer-readable storage media, machine-readable media, or machine-readable storage media). Some examples of such computer-readable media include RAM, ROM, read-only compact discs (CD-ROM), recordable compact discs (CD-R), rewritable compact discs (CD-RW), read-only digital versatile discs (e.g., DVD-ROM, dual-layer DVD-ROM), a variety of recordable/rewritable DVDs (e.g., DVD-RAM, DVD-RW, DVD+RW, etc.), flash memory (e.g., SD cards, mini-SD cards, micro-SD cards, etc.), magnetic and/or solid state hard drives, read-only and recordable Blu-Ray® discs, ultra density optical discs, any other optical or magnetic media, and floppy disks. The computer-readable media may store a computer program that is executable by at least one processing unit and includes sets of instructions for performing various operations. Examples of computer programs or computer code include machine code, such as is produced by a compiler, and files including higher-level code that are executed by a computer, an electronic component, or a microprocessor using an interpreter.
While the above discussion primarily refers to microprocessor or multi-core processors that execute software, some embodiments are performed by one or more integrated circuits, such as application specific integrated circuits (ASICs) or field programmable gate arrays (FPGAs). In some embodiments, such integrated circuits execute instructions that are stored on the circuit itself.
As used in this specification, the terms “computer”, “server”, “processor”, and “memory” all refer to electronic or other technological devices. These terms exclude people or groups of people. For the purposes of the specification, the terms display or displaying means displaying on an electronic device. As used in this specification, the terms “computer readable medium,” “computer readable media,” and “machine readable medium” are entirely restricted to tangible, physical objects that store information in a form that is readable by a computer. These terms exclude any wireless signals, wired download signals, and any other ephemeral signals.
While the invention has been described with reference to numerous specific details, one of ordinary skill in the art will recognize that the invention can be embodied in other specific forms without departing from the spirit of the invention. In addition, a number of the figures (including
This application is a continuation application of U.S. patent application Ser. No. 15/885,749, filed Jan. 31, 2018, now published as U.S. Patent Publication 2018/0159696. U.S. patent application Ser. No. 15/885,749 is a continuation application of U.S. patent application Ser. No. 15/232,621, filed Aug. 9, 2016, now issued as U.S. Pat. No. 9,887,851. U.S. patent application Ser. No. 15/232,621 is a continuation application of U.S. patent application Ser. No. 14/020,369, filed Sep. 6, 2013, now issued as U.S. Pat. No. 9,432,204. U.S. patent application Ser. No. 14/020,369 claims the benefit of U.S. Provisional Patent Application 61/869,704, filed Aug. 24, 2013. U.S. Patent Publication 2018/0159696 and U.S. Pat. Nos. 9,887,851 and 9,432,204 are incorporated herein by reference.
| Number | Name | Date | Kind |
|---|---|---|---|
| 5224100 | Lee et al. | Jun 1993 | A |
| 5331634 | Fischer | Jul 1994 | A |
| 5729685 | Chatwani et al. | Mar 1998 | A |
| 5831975 | Chen et al. | Nov 1998 | A |
| 5926463 | Ahearn et al. | Jul 1999 | A |
| 6018526 | Liu et al. | Jan 2000 | A |
| 6104699 | Holender et al. | Aug 2000 | A |
| 6181697 | Nurenberg et al. | Jan 2001 | B1 |
| 6192417 | Block et al. | Feb 2001 | B1 |
| 6728777 | Lee et al. | Apr 2004 | B1 |
| 6804263 | Okawa | Oct 2004 | B1 |
| 6836481 | Hotta | Dec 2004 | B1 |
| 6862263 | Simmons | Mar 2005 | B1 |
| 6901510 | Srivastava | May 2005 | B1 |
| 6917985 | Madruga et al. | Jul 2005 | B2 |
| 6934252 | Mehrotra et al. | Aug 2005 | B2 |
| 6950428 | Horst et al. | Sep 2005 | B1 |
| 7046630 | Abe et al. | May 2006 | B2 |
| 7209439 | Rawlins et al. | Apr 2007 | B2 |
| 7286490 | Saleh et al. | Oct 2007 | B2 |
| 7333487 | Novaes | Feb 2008 | B2 |
| 7529199 | Wijnands et al. | May 2009 | B1 |
| 7606187 | Zeng et al. | Oct 2009 | B2 |
| 7792099 | Yasukawa et al. | Sep 2010 | B2 |
| 7792987 | Vohra et al. | Sep 2010 | B1 |
| 7813340 | Novaes | Oct 2010 | B2 |
| 7876754 | Novaes | Jan 2011 | B2 |
| 7937438 | Miller et al. | May 2011 | B1 |
| 7961646 | Liu et al. | Jun 2011 | B2 |
| 8089964 | Lo et al. | Jan 2012 | B2 |
| 8223649 | Rangarajan et al. | Jul 2012 | B2 |
| 8224971 | Miller et al. | Jul 2012 | B1 |
| 8310957 | Rekhter | Nov 2012 | B1 |
| 8312129 | Miller et al. | Nov 2012 | B1 |
| 8391185 | Wijnands et al. | Mar 2013 | B2 |
| 8553689 | Bachmann et al. | Oct 2013 | B2 |
| 8612627 | Brandwine | Dec 2013 | B1 |
| 8625603 | Ramakrishnan et al. | Jan 2014 | B1 |
| 9432204 | Shen et al. | Aug 2016 | B2 |
| 9602385 | Tessmer et al. | Mar 2017 | B2 |
| 9602392 | Tessmer et al. | Mar 2017 | B2 |
| 9794079 | Tessmer et al. | Oct 2017 | B2 |
| 9887851 | Shen et al. | Feb 2018 | B2 |
| 10103980 | Tiwari | Oct 2018 | B1 |
| 10218526 | Shen et al. | Feb 2019 | B2 |
| 10333727 | Tessmer et al. | Jun 2019 | B2 |
| 20020138618 | Szabo | Sep 2002 | A1 |
| 20040267897 | Hill et al. | Dec 2004 | A1 |
| 20050111474 | Kobayashi | May 2005 | A1 |
| 20050147095 | Guerrero et al. | Jul 2005 | A1 |
| 20060045092 | Kubsch et al. | Mar 2006 | A1 |
| 20060182033 | Chen et al. | Aug 2006 | A1 |
| 20060187950 | Bou-Diab et al. | Aug 2006 | A1 |
| 20060239290 | Lin et al. | Oct 2006 | A1 |
| 20070058638 | Guichard et al. | Mar 2007 | A1 |
| 20070253409 | Fu et al. | Nov 2007 | A1 |
| 20080002727 | Yamane | Jan 2008 | A1 |
| 20080020758 | Nagarajan et al. | Jan 2008 | A1 |
| 20080059556 | Greenspan et al. | Mar 2008 | A1 |
| 20080071900 | Hecker et al. | Mar 2008 | A1 |
| 20080104273 | Bruck et al. | May 2008 | A1 |
| 20080175239 | Sistanizadeh et al. | Jul 2008 | A1 |
| 20080186962 | Sinha | Aug 2008 | A1 |
| 20080205302 | Florit et al. | Aug 2008 | A1 |
| 20080212496 | Zou | Sep 2008 | A1 |
| 20090285206 | Kawauchi et al. | Nov 2009 | A1 |
| 20100002698 | Clack | Jan 2010 | A1 |
| 20100106779 | Yamauchi | Apr 2010 | A1 |
| 20100157888 | Aggarwal et al. | Jun 2010 | A1 |
| 20100157889 | Aggarwal et al. | Jun 2010 | A1 |
| 20100271948 | Challapali et al. | Oct 2010 | A1 |
| 20100284402 | Narayanan | Nov 2010 | A1 |
| 20110022652 | Lai | Jan 2011 | A1 |
| 20110075664 | Lambeth et al. | Mar 2011 | A1 |
| 20110202920 | Takase | Aug 2011 | A1 |
| 20110280572 | Vobbilisetty et al. | Nov 2011 | A1 |
| 20110317696 | Aldrin et al. | Dec 2011 | A1 |
| 20120106950 | Madrahalli et al. | May 2012 | A1 |
| 20120155322 | Lamba et al. | Jun 2012 | A1 |
| 20120177042 | Berman | Jul 2012 | A1 |
| 20120185553 | Nelson | Jul 2012 | A1 |
| 20120233326 | Shaffer et al. | Sep 2012 | A1 |
| 20120236734 | Sampath et al. | Sep 2012 | A1 |
| 20120254943 | Li | Oct 2012 | A1 |
| 20120278804 | Narayanasamy et al. | Nov 2012 | A1 |
| 20120307826 | Matsuoka | Dec 2012 | A1 |
| 20130040677 | Lee et al. | Feb 2013 | A1 |
| 20130114597 | Ogisawa | May 2013 | A1 |
| 20130124750 | Anumala et al. | May 2013 | A1 |
| 20130159826 | Mason et al. | Jun 2013 | A1 |
| 20130266015 | Qu et al. | Oct 2013 | A1 |
| 20130318219 | Kancherla | Nov 2013 | A1 |
| 20140052877 | Mao | Feb 2014 | A1 |
| 20140092907 | Sridhar et al. | Apr 2014 | A1 |
| 20140098814 | Bansal | Apr 2014 | A1 |
| 20140169366 | Kotalwar | Jun 2014 | A1 |
| 20140192804 | Ghanwani | Jul 2014 | A1 |
| 20140195666 | Dumitriu et al. | Jul 2014 | A1 |
| 20140243035 | Jung et al. | Aug 2014 | A1 |
| 20140372624 | Wang | Dec 2014 | A1 |
| 20150055651 | Shen et al. | Feb 2015 | A1 |
| 20150131655 | Dayama et al. | May 2015 | A1 |
| 20150163100 | Graf et al. | Jun 2015 | A1 |
| 20150172132 | Tessmer et al. | Jun 2015 | A1 |
| 20150172165 | Tessmer et al. | Jun 2015 | A1 |
| 20150254190 | Yang et al. | Sep 2015 | A1 |
| 20150263862 | Sugyou et al. | Sep 2015 | A1 |
| 20150280928 | Tessmer et al. | Oct 2015 | A1 |
| 20160352531 | Shen et al. | Dec 2016 | A1 |
| 20170171061 | Tessmer et al. | Jun 2017 | A1 |
| 20180048478 | Tessmer et al. | Feb 2018 | A1 |
| 20180159696 | Shen et al. | Jun 2018 | A1 |
| 20190273625 | Tessmer et al. | Sep 2019 | A1 |
| Number | Date | Country |
|---|---|---|
| 2014201767 | Aug 2015 | AU |
| 2015261640 | Jun 2017 | AU |
| 101282338 | Aug 2011 | CN |
| 1855420 | Nov 2007 | EP |
| 2840736 | Sep 2016 | EP |
| 3113413 | Jan 2017 | EP |
| 2458154 | Sep 2009 | GB |
| 2001230774 | Aug 2001 | JP |
| 2005184234 | Jul 2005 | JP |
| 2006121517 | May 2006 | JP |
| 2006229967 | Aug 2006 | JP |
| 2009272803 | Nov 2009 | JP |
| 2010103757 | May 2010 | JP |
| 2011171874 | Sep 2011 | JP |
| 2015531212 | Oct 2015 | JP |
| 2004082221 | Sep 2004 | WO |
| 2006095391 | Sep 2006 | WO |
| 2013009850 | Jan 2013 | WO |
| 2013078979 | Jun 2013 | WO |
| 2014087591 | Jun 2014 | WO |
| 2015152976 | Oct 2015 | WO |
| Entry |
|---|
| Casado, Martin, et al. “Ethane: Taking Control of the Enterprise,” SIGCOMM'07, Aug. 27-31, 2007, 12 pages, ACM, Kyoto, Japan. |
| Casado, Martin, et al., “SANE: A Protection Architecture for Enterprise Networks,” Proceedings of the 15th USENIX Security Symposium, Jul. 31-Aug. 4, 2006, 15 pages, USENIX, Vancouver, Canada. |
| Dumitriu, Dan Mihai, et al., (U.S. Appl. No. 61/514,990), filed Aug. 4, 2011. |
| Gross, J., et al., “Geneve: Generic Network Virtualization Encapsulation,” Feb. 14, 2014, 24 pages, Internet Engineering Task Force (IETF). |
| Narten, Thomas, et al., “Address Resolution Problems in Large Data Center Networks,” Jan. 2013, 17 pages, Internet Engineering Task Force (IETF). |
| Number | Date | Country | |
|---|---|---|---|
| 20190190734 A1 | Jun 2019 | US |
| Number | Date | Country | |
|---|---|---|---|
| 61869704 | Aug 2013 | US |
| Number | Date | Country | |
|---|---|---|---|
| Parent | 15885749 | Jan 2018 | US |
| Child | 16270593 | US | |
| Parent | 15232621 | Aug 2016 | US |
| Child | 15885749 | US | |
| Parent | 14020369 | Sep 2013 | US |
| Child | 15232621 | US |
