Patents by Inventor Mukesh Hira
Mukesh Hira has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11929897Abstract: In an embodiment, a computer-implemented method for highly-scalable, in-network multicasting of statistics data is disclosed. In an embodiment, a method comprises: receiving, from an underlay controller, a match-and-action table that is indexed using one or more multicast (“MC”) group identifiers and includes one or more special MC headers; detecting a packet carrying statistics data; determining whether the packet includes an MC group identifier; in response to determining that the packet includes the MC group identifier: using the MC group identifier, retrieving a special MC header, of the one or more special MC headers, from the match-and-action table; generating an encapsulated packet by encapsulating the packet with the special MC header; and providing the encapsulated packet to an interface controller for transmitting the encapsulated packet to one or more physical switches.Type: GrantFiled: October 25, 2021Date of Patent: March 12, 2024Assignee: VMware, Inc.Inventors: Muhammad Shahbaz, Mukesh Hira, Lalith Suresh
-
Patent number: 11923996Abstract: A novel method for performing replication of messages in a network that bridges one or more physical networks to an overlay logical network is provided. A physical gateway provides bridging between network nodes of a physical network and virtual machines in the overlay logical network by serving as an endpoint of the overlay logical network. The physical gateway does not replicate messages from the bridged physical network to destination endpoints in the overlay logical network directly, but instead tunnels the message-to-be-replicated to a designated tunnel endpoint in the overlay logical network. The designated tunnel endpoint in turn replicates the message that was tunneled to it to other endpoints in the overlay logical network.Type: GrantFiled: May 3, 2021Date of Patent: March 5, 2024Assignee: Nicira, Inc.Inventors: Alexander Tessmer, Mukesh Hira, Rajiv Krishnamurthy, Ram Dular Singh, Xuan Zhang, Hua Wang
-
Publication number: 20240022515Abstract: Example methods are provided for a first switch to perform congestion-aware load balancing in a data center network. The method may comprise: receiving probe packets from multiple next-hop second switches that connect the first switch with a third switch via multiple paths. The method may also comprise: processing congestion state information in each probe packet to select a selected next-hop second switch from the multiple next-hop second switches, the selected next-hop second switch being associated with a least congested path from the first switch to the third switch. The method may further comprise: in response to receiving data packets from a fourth switch that are destined for a destination connected with the third switch, sending the data packets to the selected next-hop second switch such that the data packets travel to the third switch along the least congested path.Type: ApplicationFiled: September 20, 2023Publication date: January 18, 2024Applicant: Nicira, Inc.Inventors: Mukesh HIRA, Naga KATTA
-
Patent number: 11876675Abstract: Some embodiments provide a method of migrating a first software defined (SD) network managed by a first network manager to a second SD network managed by a second network manager. The method of some embodiments is performed by a third network manager that provides an interface that allows a set of users to specify and review logical network components, which the first and second network managers can then respectively deploy in the first and second SD networks. The third network manager in some embodiments identifies for a migration manager a first group of two or more logical network components that the third network manager previously specified for the first network manager to deploy in the first SD network.Type: GrantFiled: February 3, 2022Date of Patent: January 16, 2024Assignee: VMware LLCInventors: Valentina Reutova, Petro Rudy, Poonam Chugh, Mukesh Hira, Vivek Ganesan, Ankur Dubey, Bo Hu
-
Publication number: 20230421509Abstract: Some embodiments provide a method for a first data compute node (DCN) operating in a public datacenter. The method receives an encryption rule from a centralized network controller. The method determines that the network encryption rule requires encryption of packets between second and third DCNs operating in the public datacenter. The method requests a first key from a secure key storage. Upon receipt of the first key, the method uses the first key and additional parameters to generate second and third keys. The method distributes the second key to the second DCN and the third key to the third DCN in the public datacenter.Type: ApplicationFiled: September 9, 2023Publication date: December 28, 2023Inventors: Ganesan Chandrashekhar, Mukesh Hira, Su Wang, Akshay Katrekar
-
Patent number: 11848800Abstract: A system and method for connecting virtual computer networks in a public cloud computing environment using a transit virtual computer network uses a cloud gateway device in the transit virtual computer network that includes a first-tier logical router and a plurality of second-tier logical routers connected to the virtual computer networks. A source Internet Protocol (IP) address of outgoing data packets from a particular virtual computer network is translated at a particular second-tier logical router of the cloud gateway device from an IP address of the particular virtual computer network to an internal IP address from a particular pool of IP addresses. The outgoing data packets are then routed to the first-tier logical router of the cloud gateway device, where the outgoing data packets are transmitted a destination network from a particular interface of the first-tier logical router of the cloud gateway device.Type: GrantFiled: October 25, 2021Date of Patent: December 19, 2023Assignee: VMWARE, INC.Inventors: Rahul Jain, Mukesh Hira
-
Publication number: 20230393881Abstract: Systems, apparatus, articles of manufacture, and methods are disclosed to manage a deployment of virtual machines in a cluster by, in a first host of a plurality of hosts, monitor, with first control plane services, an availability of second control plane services at a second host of the plurality of hosts, wherein the first control plane services and the second control plane services support implementation of application programming interface (API) requests in association with managing a cluster, after a determination that the second control plane services at the second host is not available, assign the first control plane services at the first host to operate in place of the second control plane services at the second host, and in the first host, assign, via the first control plane services at the first host, resources of one or more hosts in the cluster to support the API request.Type: ApplicationFiled: May 26, 2023Publication date: December 7, 2023Inventors: Brian Masao Oki, George Gregory Hicken, Mukesh Hira, Leonid Livshin, Ivaylo Vladimirov Loboshki, Ivaylo Radoslavov Radev, Alkesh Shah, Jianjun Shen, Abhishek Ajit Srivastava, Konstantinos Roussos, Stanimir Plamenov Lukanov, Anton Valentinov Donchevski, Georgi Lyubomirov Dimitrov
-
Patent number: 11831610Abstract: A system and method for using private native security groups and private native firewall policy rules for a private cloud computing environment and a public cloud computing environment uses a public cloud gateway for routing data traffic between at least a cloud network created in the public cloud computing environment and the private cloud computing environment. For each of some private native firewall policy rules that has any of newly created private native security groups as one of source and destination, a cloud native security group (CNSG) rule object with an CNSG outbound rule object and an CNSG inbound rule object for the public cloud is created and at least one of the CNSG outbound rule object and the CNSG inbound rule object is updated so that the private native firewall policy rule can be used in the cloud network.Type: GrantFiled: July 26, 2020Date of Patent: November 28, 2023Assignee: VMWARE, INC.Inventors: Vaibhav Kulkarni, Ganesan Chandrashekhar, Mukesh Hira, Akshay Katrekar, Prashant Mane, Rompicherla Sai Pavan Kumar, Sachin Kalkur, Amey Borkar
-
Patent number: 11792138Abstract: Some embodiments provide a method for a first data compute node (DCN) operating in a public datacenter. The method receives an encryption rule from a centralized network controller. The method determines that the network encryption rule requires encryption of packets between second and third DCNs operating in the public datacenter. The method requests a first key from a secure key storage. Upon receipt of the first key, the method uses the first key and additional parameters to generate second and third keys. The method distributes the second key to the second DCN and the third key to the third DCN in the public datacenter.Type: GrantFiled: May 4, 2021Date of Patent: October 17, 2023Assignee: NICIRA, INC.Inventors: Jia Yu, Su Wang, Akshay Katrekar, Mukesh Hira, Saurabh Shah
-
Patent number: 11777853Abstract: Example methods are provided for a first switch to perform congestion-aware load balancing in a data center network. The method may comprise: receiving probe packets from multiple next-hop second switches that connect the first switch with a third switch via multiple paths. The method may also comprise: processing congestion state information in each probe packet to select a selected next-hop second switch from the multiple next-hop second switches, the selected next-hop second switch being associated with a least congested path from the first switch to the third switch. The method may further comprise: in response to receiving data packets from a fourth switch that are destined for a destination connected with the third switch, sending the data packets to the selected next-hop second switch such that the data packets travel to the third switch along the least congested path.Type: GrantFiled: April 11, 2017Date of Patent: October 3, 2023Assignee: NICIRA, INC.Inventors: Mukesh Hira, Naga Katta
-
Publication number: 20230246907Abstract: Some embodiments provide a method of migrating a first software defined (SD) network managed by a first network manager to a second SD network managed by a second network manager. The method of some embodiments is performed by a third network manager that provides an interface that allows a set of users to specify and review logical network components, which the first and second network managers can then respectively deploy in the first and second SD networks. The third network manager in some embodiments identifies for a migration manager a first group of two or more logical network components that the third network manager previously specified for the first network manager to deploy in the first SD network.Type: ApplicationFiled: February 3, 2022Publication date: August 3, 2023Inventors: Valentina Reutova, Petro Rudy, Poonam Chugh, Mukesh Hira, Vivek Ganesan, Ankur Dubey, Bo Hu
-
Patent number: 11695697Abstract: Some embodiments provide a novel way to insert a service (e.g., a third party service) in the path of a data message flow, between two machines (e.g., two VMs, two containers, etc.) in a public cloud environment. For a particular tenant of the public cloud, some embodiments create an overlay logical network with a logical overlay address space. To perform a service on data messages of a flow between two machines, the logical overlay network passes to the public cloud's underlay network the data messages with their destination address (e.g., destination IP addresses) defined in the logical overlay network. The underlay network (e.g., an underlay default downlink gateway) is configured to pass data messages with such destination addresses (e.g., with logical overlay destination addresses) to a set of one or more service machines. The underlay network (e.g.Type: GrantFiled: September 14, 2020Date of Patent: July 4, 2023Assignee: NICIRA, INC.Inventor: Mukesh Hira
-
Patent number: 11689522Abstract: System and computer-implemented method for secure hybrid cloud connectivity between an application in a public cloud service and an on-premises service supported by an on-premises appliance includes launching a public cloud gateway appliance in the public cloud service. The public cloud gateway appliance is configured with security information associated with the on-premises appliance. The on-premises appliance is provided with contact information associated with the public cloud gateway appliance. A communication channel is established, using an outbound port, from the on-premises appliance to the public cloud gateway appliance that is secured based on the security information associated with the on-premises appliance and the contact information associated with the public cloud gateway appliance.Type: GrantFiled: September 2, 2020Date of Patent: June 27, 2023Assignee: VMWARE, INC.Inventors: Vaibhav Kulkarni, Mukesh Hira, Akshay Katrekar, Suyash Vishwas Gogte, Prem Shankar Sharma, Nikolay Semenov, Saqib Raza
-
Publication number: 20230171193Abstract: Example methods and systems are provided a network device to perform tunnel-based service insertion in a public cloud environment. An example method may comprise establishing a tunnel between the network device and a service path. The method may also comprise: in response to receiving a first encapsulated packet, identifying the service path specified by a service insertion rule; generating and sending a second encapsulated packet over the tunnel to cause the service path to process an inner packet according to one or more services. The method may further comprise: in response to receiving, from the service path via the tunnel, a third encapsulated packet that includes the inner packet processed by the service path, sending the inner packet processed by the service path, or a fourth encapsulated packet, towards a destination address of the inner packet.Type: ApplicationFiled: January 30, 2023Publication date: June 1, 2023Inventors: Rahul Jain, Kantesh Mundaragi, Pierluigi Rolando, Jayant Jain, Mukesh Hira
-
Patent number: 11627080Abstract: Example methods are provided a network device to perform service insertion in a public cloud environment that includes a first virtual network and a second virtual network. In one example method, in response to receiving a first encapsulated packet from a first virtualized computing instance located in the first virtual network, the network device may generate a decapsulated packet by performing decapsulation to remove, from the first encapsulated packet. The method may also comprise identifying a service path specified by a service insertion rule, and sending the decapsulated packet to the service path to cause the service path to process the decapsulated packet according to one or more services. The method may further comprise: in response to the network device receiving the decapsulated packet processed by the service path, sending the decapsulated packet, or generating and sending a second encapsulated packet, towards a destination address.Type: GrantFiled: January 18, 2019Date of Patent: April 11, 2023Assignee: VMWARE, INC.Inventors: Mukesh Hira, Rahul Jain
-
Patent number: 11588689Abstract: Some embodiments provide a method of migrating a first software defined (SD) network managed by a first network manager to a second SD network managed by a second network manager. The method of some embodiments is performed by a third network manager that provides an interface that allows a set of users to specify and review logical network components, which the first and second network managers can then respectively deploy in the first and second SD networks. The third network manager in some embodiments identifies for a migration manager a first group of two or more logical network components that the third network manager previously specified for the first network manager to deploy in the first SD network.Type: GrantFiled: February 3, 2022Date of Patent: February 21, 2023Assignee: VMWARE, INC.Inventors: Valentina Reutova, Petro Rudy, Poonam Chugh, Mukesh Hira, Vivek Ganesan, Ankur Dubey, Bo Hu
-
Patent number: 11570104Abstract: Example methods and systems are provided a network device to perform tunnel-based service insertion in a public cloud environment. An example method may comprise establishing a tunnel between the network device and a service path. The method may also comprise: in response to receiving a first encapsulated packet, identifying the service path specified by a service insertion rule; generating and sending a second encapsulated packet over the tunnel to cause the service path to process an inner packet according to one or more services. The method may further comprise: in response to receiving, from the service path via the tunnel, a third encapsulated packet that includes the inner packet processed by the service path, sending the inner packet processed by the service path, or a fourth encapsulated packet, towards a destination address of the inner packet.Type: GrantFiled: December 23, 2020Date of Patent: January 31, 2023Assignee: VMWARE, INC.Inventors: Rahul Jain, Kantesh Mundaragi, Pierluigi Rolando, Jayant Jain, Mukesh Hira
-
Publication number: 20220413893Abstract: Some embodiments provide a method for a managed forwarding element (MFE). At the MFE, the method receives a first packet from a particular tunnel endpoint. The first packet originates from a particular data compute node associated with multiple tunnel endpoints including the particular tunnel endpoint. Based on the first packet, the method stores an association of the particular tunnel endpoint with the particular data compute node. The method uses the stored association to encapsulate subsequent packets received at the MFE and having the particular data compute node as a destination address with the particular tunnel endpoint as a destination tunnel endpoint.Type: ApplicationFiled: September 4, 2022Publication date: December 29, 2022Inventors: Jianjun Shen, Alexander Tessmer, Mukesh Hira, Pankaj Thakkar, Hua Wang
-
Publication number: 20220329461Abstract: Some embodiments provide a centralized overlay-network cloud gateway and a set of centralized services in a transit virtual cloud network (VCN) connected to multiple other compute VCNs hosting compute nodes (VMs, containers, etc.) that are part of (belong to) the overlay network. The centralized overlay-network cloud gateway provides connectivity between compute nodes of the overlay network (e.g., a logical network spanning multiple VCNs) and compute nodes in external networks. Some embodiments use the centralized overlay-network cloud gateway to provide transitive routing (e.g., routing through a transit VCN) in the absence of direct peering between source and destination VCNs. The overlay network, of some embodiments, uses the same subnetting and default gateway address for each compute node as the cloud provider network provided by the virtual private cloud provider.Type: ApplicationFiled: June 26, 2022Publication date: October 13, 2022Inventors: Mukesh Hira, Su Wang, Rahul Jain, Ganesan Chandrashekhar, Sandeep Siroya
-
Patent number: 11436037Abstract: Some embodiments provide a method for a managed forwarding element (MFE). At the MFE, the method receives a first packet from a particular tunnel endpoint. The first packet originates from a particular data compute node associated with multiple tunnel endpoints including the particular tunnel endpoint. Based on the first packet, the method stores an association of the particular tunnel endpoint with the particular data compute node. The method uses the stored association to encapsulate subsequent packets received at the MFE and having the particular data compute node as a destination address with the particular tunnel endpoint as a destination tunnel endpoint.Type: GrantFiled: July 2, 2020Date of Patent: September 6, 2022Assignee: NICIRA, INC.Inventors: Jianjun Shen, Alexander Tessmer, Mukesh Hira, Pankaj Thakkar, Hua Wang