Facilitating distributed SNAT service
Granted: March 11, 2025
Patent Number:
12250194
Some embodiments of the invention provide novel methods for facilitating a distributed SNAT (dSNAT) middlebox service operation for a first network at a host computer in the first network on which the dSNAT middlebox service operation is performed and a gateway device between the first network and a second network. The novel methods enable dSNAT that provides stateful SNAT at multiple host computers, thus avoiding the bottleneck problem associated with providing stateful SNAT at gateways…
Rate proportional scheduling to reduce packet loss in virtualized network function chains
Granted: March 11, 2025
Patent Number:
12250159
Disclosed are various embodiments for rate proportional scheduling to reduce packet loss in virtualized network function chains. A congestion monitor executed by a first virtual machine executed by a host computing device can detect congestion in a receive queue associated with a first virtualized network function implemented by a first virtual machine. The congestion monitor can send a pause signal to a rate controller executed by a second virtual machine executed by the host computing…
Discovering and onboarding edge devices
Granted: March 11, 2025
Patent Number:
12250126
Solutions for discovering and onboarding edge devices at scale include: receiving, by a device aggregator, edge device state information including state information for a first edge device; based on at least the state information for the first edge device, configuring the first edge device to perform as a software-defined wide area network (SD-WAN) node; based on at least the edge device state information, determining a first device profile for the first edge device; and transmitting the…
Bandwidth utilization-based congestion control
Granted: March 4, 2025
Patent Number:
12244506
Some embodiments of the invention provide a method for performing congestion control for a particular packet flow associated with a source first host computer operating in a network. The method is performed at the first source host computer. The method determines a bandwidth threshold specified for the particular packet flow. Based on the bandwidth threshold, the method allocates an amount of bandwidth to the particular packet flow. The method periodically receives sets of contextual…
Running services in SDL of a RIC
Granted: March 4, 2025
Patent Number:
12244466
To provide a low latency near RT RIC, some embodiments separate the RIC's functions into several different components that operate on different machines (e.g., execute on VMs or Pods) operating on the same host computer or different host computers. Some embodiments also provide high speed interfaces between these machines. Some or all of these interfaces operate in non-blocking, lockless manner in order to ensure that critical near RT RIC operations (e.g., datapath processes) are not…
Guest cluster deployed as virtual extension of management cluster in a virtualized computing system
Granted: March 4, 2025
Patent Number:
12242882
An example virtualized computing system includes: a host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs); an orchestration control plane integrated with the virtualization layer, the orchestration control plane including a master server executing in a first VM of the VMs; guest cluster infrastructure software (GCIS) executing in the master server, the GCIS configured to…
Polling regulation for storage input/output in a computer system
Granted: March 4, 2025
Patent Number:
12242398
An example method of input/output (IO) between system software executing in a computer and a storage device includes: sending, from the system software, IO commands to the storage device; handling, by the system software, IO completion messages from the storage device in an interrupt mode; determining, while processing the IO commands, a first value for a measure of IO operations per second (IOPs) of the storage device; determining, by a device driver of the system software, that a first…
Implementing state change in a hierarchy of resources in an SDDC
Granted: February 25, 2025
Patent Number:
12235726
Some embodiments provide a hierarchical data service (HDS) that manages many resource clusters that are in a resource cluster hierarchy. In some embodiments, each resource cluster has its own cluster manager, and the cluster managers are in a cluster manager hierarchy that mimics the hierarchy of the resource clusters. In some embodiments, both the resource cluster hierarchy and the cluster manager hierarchy are tree structures, e.g., a directed acyclic graph (DAG) structure that has one…
Method for modifying an SD-WAN using metric-based heat maps
Granted: February 25, 2025
Patent Number:
12237990
Some embodiments provide a method for dynamically deploying a managed forwarding element (MFE) in a software-defined wide-area network (SD-WAN) for a particular geographic region across which multiple SaaS applications is distributed. The method determines, based on flow patterns for multiple flows destined for the multiple SaaS applications distributed across the particular geographic region, that an additional MFE is needed for the particular geographic region. The method configures…
Route aggregation for virtual datacenter gateway
Granted: February 25, 2025
Patent Number:
12237989
Some embodiments provide a method for configuring a gateway router of a virtual datacenter. The method is performed at a network management component of a virtual datacenter that is defined in a public cloud and comprises a set of network management components and a set of network endpoints connected by a logical network managed by the network management components of the virtual datacenter. The method receives a set of network addresses of the network endpoints. The method aggregates at…
Logical switch level load balancing of L2VPN traffic
Granted: February 18, 2025
Patent Number:
12231407
The disclosure provides an approach for logical switch level load balancing of Layer 2 virtual private network (L2VPN) traffic. A method of securing communications with a peer gateway generally includes establishing, at a virtual tunnel interface of a local gateway, a plurality of security tunnels with the peer gateway. Each of the plurality of security tunnels is associated with a different set of one or more layer 2 segments and with one or more security associations (SAs) with the…
Per-namespace IP address management method for container networks
Granted: February 18, 2025
Patent Number:
12231398
Some embodiments of the invention provide a method of sending data in a network that includes multiple worker nodes, each worker node executing at least one set of containers, a gateway interface, and a virtual local area network (VLAN) tunnel interface. The method configures the gateway interface of each worker node to associate the gateway interface with multiple subnets. Each subnet is associated with a namespace, a first worker node executes a first set of containers of a first…
Virtual tunnel endpoint (VTEP) mapping for overlay networking
Granted: February 18, 2025
Patent Number:
12231262
Example methods and systems for virtual tunnel endpoint (VTEP) mapping for overlay networking are described. One example may involve a computer system monitoring multiple VTEPs that are configured for overlay networking. In response to detecting a state transition associated with a first VTEP from a healthy state to an unhealthy state, the computer system may identify mapping information that associates a virtualized computing instance with the first VTEP in the unhealthy state; and…
Service insertion for multicast traffic at boundary
Granted: February 18, 2025
Patent Number:
12231252
Some embodiments of the invention provide novel methods for providing transparent services for multicast data messages traversing a network edge device operating at a boundary between two networks. The method analyzes data messages received at the network edge device to determine whether they require a service provided at the boundary and whether they are unicast or multicast (including broadcast). The method modifies a multicast destination media access control (MAC) address of a…
Memory-aware request placement for virtual GPU enabled systems
Granted: February 18, 2025
Patent Number:
12229602
Disclosed are aspects of memory-aware placement in systems that include graphics processing units (GPUs) that are virtual GPU (vGPU) enabled. In some examples, graphics processing units (GPU) are identified in a computing environment. Graphics processing requests are received. A graphics processing request includes a GPU memory requirement. The graphics processing requests are processed using a graphics processing request placement model that minimizes a number of utilized GPUs that are…
Teaming of smart NICs
Granted: February 18, 2025
Patent Number:
12229578
Some embodiments provide a method for a first smart NIC of multiple smart NICs of a host computer. Each of the smart NICs executes a smart NIC operating system that performs virtual networking operations for a set of data compute machines executing on the host computer. The method receives a data message sent by one of the data compute machines executing on the host computer. The method performs virtual networking operations on the data message to determine that the data message is to be…
Logical network platform install and upgrade in a virtualized computer system
Granted: February 18, 2025
Patent Number:
12229574
An example method of deploying a logical network platform in a virtualized computing system, the virtualized computing system including a host cluster and a virtualization management server connected to a physical network, the host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts is described. The method includes receiving, at the virtualization management server, a declarative specification describing a proposed state of the logical network…
Reconfiguration framework for byzantine fault tolerant (BFT) state machine replication (SMR) systems
Granted: February 18, 2025
Patent Number:
12229445
The present disclosure is directed to a novel reconfiguration framework for a BFT SMR system. With this framework, the configuration of both the system itself and the clients of the system can be modified in a live manner (i.e., without taking the system offline) while preserving correct system operation.
Avoiding data inconsistency in a file system using 2-level synchronization
Granted: February 11, 2025
Patent Number:
12222904
A method of synchronously executing input/output operations (IOs) for a plurality of applications using a storage device with a file system includes the steps of: receiving a first write IO including an instruction to write first data at a first address of the file system; determining that, within a first range of the file system comprising the first address, there are no pending unmap IOs for deallocating storage space of the storage device from files of the plurality of applications;…
Network-aware load balancing
Granted: February 4, 2025
Patent Number:
12218845
Some embodiments of the invention provide a method for network-aware load balancing for data messages traversing a software-defined wide area network (SD-WAN) (e.g., a virtual network) including multiple connection links between different elements of the SD-WAN. The method includes receiving, at a load balancer in a multi-machine site, link state data relating to a set of SD-WAN datapaths including connection links of the multiple connection links. The load balancer, in some embodiments,…
