Using hardware profiles of hardware components to determine performance issues of user devices
Granted: March 19, 2024
Patent Number:
11936516
Systems and methods are described for providing recommendations for a user experience in online meetings. A recommendation engine can aggregate data from user devices to make recommendations before, during and after online meetings. Before a meeting, the recommendation engine can recommend which of a user's devices to use for the meeting. During the meeting, the recommendation engine can identify current or anticipated issues and recommend changes the user can make to correct or prevent…
Port management in a horizontally scaled file transfer system
Granted: March 19, 2024
Patent Number:
11936754
An example method of file transfer between a client and a server includes: initiating, by the client, a front-end control connection between the client and a horizontally scaled proxy service; creating, by a first proxy instance of a plurality of proxy instances of the horizontally scaled proxy service, a back-end control connection between the first proxy instance and the server; returning, to the client from the first proxy instance, a unique client parameter associated with the…
Seamless hand-off of data traffic in public cloud environments
Granted: March 19, 2024
Patent Number:
11936721
The disclosure provides an approach for seamless hand-off of data traffic in public cloud environments. Techniques are provided for activating an edge services gateway (ESG) virtual computing instance (VCI) on a new host. Prior to activating the ESG VCI on the new host, an underlay routing table is reprogrammed to associate a first IP address of a first tunnel endpoint (TEP) with a first network interface of an old host and to associate a second IP address of a second TEP with a second…
Method of distributing client certificates to machines with shared cloud account access
Granted: March 19, 2024
Patent Number:
11936640
Some embodiments provide a method for providing a resource to a particular virtual private cloud that is deployed in a set of datacenters that host multiple virtual private clouds. At a resource issuer, the method receives a resource request from a particular machine deployed in the particular virtual private cloud, the resource request including a first set of cloud-specific data. The method obtains a cloud identifier for the particular machine from a registry service of the particular…
System and method for creating a secure hybrid overlay network
Granted: March 19, 2024
Patent Number:
11936629
A system and method for creating a secure overlay network on top of the public Internet, optionally by creating an identity-based network in which user identities are the identifiers rather than IP addresses, and whereas only authenticated and authorized users whose identity has been established have visibility and access to the network; establishing fully encrypted and private network segments; providing superior performance through improved protocols and routing; and implementing a…
Port and loopback IP addresses allocation scheme for full-mesh communications with transparent TLS tunnels
Granted: March 19, 2024
Patent Number:
11936613
The method for a virtual machine to use a port and loopback IP addresses allocation scheme for full-mesh communications with transparent transport layer security tunnels is presented. In an embodiment, the method comprises detecting, at a redirect agent implemented in a first machine, a packet that is sent from a client application executing on the first machine toward a server application executing on a second machine; and determining, by the redirect agent, whether a first redirect…
Address resolution handling at logical distributed routers
Granted: March 19, 2024
Patent Number:
11936612
Example methods for a network device to perform address resolution handling. The method may comprise: in response to a first distributed router (DR) port of a first DR instance detecting an address resolution request from a second DR port of a second DR instance, generating a modified address resolution request that is addressed from a first address associated with the first DR port instead of a second address associated with the second DR port. The modified address resolution request…
Enhanced network stack
Granted: March 19, 2024
Patent Number:
11936563
Some embodiments of the invention provide a new networking data path framework that employs one or more dedicated kernel threads to process network traffic on a host computer executing multiple machines (such as virtual machines or containers). This new framework is referred to as an Enhanced Networking Stack (ENS) in this document. In some embodiments, the dedicated kernel threads execute on dedicated CPU cores (e.g., one kernel thread per CPU core) to proactively poll physical NICs…
Virtual machine packet processing offload
Granted: March 19, 2024
Patent Number:
11936562
A method to offload network function packet processing from a virtual machine onto an offload destination is disclosed. In an embodiment, a method comprises: defining an application programing interface (“API”) for capturing, in a packet processor offload, a network function packet processing for a data flow by specifying how to perform the network function packet processing on data packets that belong to the data flow. Based on capabilities of the packet processor offload and…
Live traffic tracing for pods in a network
Granted: March 19, 2024
Patent Number:
11936546
The disclosure provides an example method for live packet tracing. Some embodiments of the method include configuring a first network interface of a first pod to mark each of a plurality of packets, with a corresponding flow tag and a corresponding packet identifier, receiving, from one or more observation points, at least one of copies or metadata of the plurality of packets each marked with the corresponding flow tag and the corresponding packet identifier. In some embodiments, the…
Opportunistic exclusive affinity for threads in a virtualized computing system
Granted: March 19, 2024
Patent Number:
11934890
An example method of managing exclusive affinity for threads executing in a virtualized computing system includes: determining, by an exclusive affinity monitor executing in a hypervisor of the virtualized computing system, a set of threads eligible for exclusive affinity; determining, by the exclusive affinity monitor, for each thread in the set of threads, impact on performance of the threads for granting each thread exclusive affinity; and granting, for each thread of the set of…
Supporting execution of a computer program by using a memory page of another computer program
Granted: March 19, 2024
Patent Number:
11934857
Example methods are provided to identify unused memory regions in pages that are allocated for storing executable code. One or more of the unused memory regions are usable as a secure location to store confidential information shared between a hypervisor on the host and a guest (such as a guest virtual computing instance) that runs on the host. The one or more unused memory regions may also be used to store executable code (such as valid executable code of antivirus software or other…
Accelerating data message classification with smart NICs
Granted: March 12, 2024
Patent Number:
11928062
Some embodiments provide a method for performing data message processing at a smart NIC of a computer that executes a software forwarding element (SFE). The method determines whether a received data message matches an entry in a data message classification cache stored on the smart NIC based on data message classification results of the SFE. When the data message matches an entry, the method determines whether the matched entry is valid by comparing a timestamp of the entry to a set of…
Egress cost optimization for multi-cloud network
Granted: March 12, 2024
Patent Number:
11929838
Some embodiments provide a method for evaluating locations of applications in a multi-cloud network with applications located in different cloud datacenters of one or more cloud providers. The method receives data for flows collected from the cloud datacenters. The data for each flow indicates a source and destination of the flow and applications to which at least one of the source and destination of the flow belong. The method uses network topology data to identify a subset of the flows…
Unsupervised anomaly detection by self-prediction
Granted: March 12, 2024
Patent Number:
11928857
Techniques for implementing unsupervised anomaly detection by self-prediction are provided. In one set of embodiments, a computer system can receive an unlabeled training data set comprising a plurality of unlabeled data instances, where each unlabeled data instance includes values for a plurality of features. The computer system can further train, for each feature in the plurality of features, a supervised machine learning (ML) model using a labeled training data set derived from the…
Increasing page sharing on non-uniform memory access (NUMA)-enabled host systems
Granted: March 12, 2024
Patent Number:
11928510
In one set of embodiments, a hypervisor of a host system can determine that a delta between local and remote memory access latencies for each of a subset of NUMA nodes of the host system is less than a threshold. In response, the hypervisor can enable page sharing across the subset of NUMA nodes, where enabling page sharing comprises associating the subset of NUMA nodes with a single page sharing table, and where the single page sharing table holds entries identifying host physical…
Optimized networking thread assignment
Granted: March 12, 2024
Patent Number:
11928502
Some embodiments provide a method for scheduling networking threads associated with a data compute node (DCN) executing at a host computer. When a virtual networking device is instantiated for the DCN, the method assigns the virtual networking device to a particular non-uniform memory access (NUMA) node of multiple NUMA nodes associated with the DCN. Based on the assignment of the virtual networking device to the particular NUMA node, the method assigns networking threads associated with…
Distributed representations of computing processes and events
Granted: March 12, 2024
Patent Number:
11928466
Techniques for generating distributed representations of computing processes and events are provided. According to one set of embodiments, a computer system can receive occurrence data pertaining to a plurality of computing processes and a plurality of events associated with the plurality of computing processes. The computer system can then generate, based on the occurrence data, (1) a set of distributed process representations that includes, for each computing process, a representation…
3D printing verification using audio snippets
Granted: March 12, 2024
Patent Number:
11928371
Systems and methods for 3D printer management can verify the printing of a 3D object based on instructions inserted into the 3D object file that cause the 3D printer to perform extra actions, thus emitting certain sounds while printing. In one example, a print server can receive a request to print a 3D object. The print server can insert snippets of instructions at random into the 3D object file. A recording device can record audio of the 3D printer printing the 3D object. The recording…
Protecting an entire system disk by encrypting data stored in a portion of the system disk
Granted: March 12, 2024
Patent Number:
11928216
A method for protecting an OS disk of a computing device without block encrypting the OS disk. The method identifies one or more files that store configuration data associated with OS binaries executed on the computing device. The method encrypts the configuration data stored in the one or more files using an encryption key and seals the encryption key to a TPM of the computing device. The method then boots the computing device by attempting to unseal the encryption key by authenticating…
