Patents by Inventor Andrew Bruce Dickinson

Andrew Bruce Dickinson has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11115322
    Abstract: Disclosed are various embodiments of a stateful network router. In one embodiment, a stateful network router intercepts a network data connection between a first host and a second host on a network. The stateful network router routes first data packets from the network data connection sent by the first host to the second host to a target. The stateful network router also routes second data packets from the network data connection sent by the second host to the first host to the target.
    Type: Grant
    Filed: March 27, 2019
    Date of Patent: September 7, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Andrew Bruce Dickinson, Anoop Dawani, Joseph Elmar Magerramov, Nishant Mehta, Lee Spencer Dillard
  • Publication number: 20210160218
    Abstract: Methods and apparatus for private network peering in virtual network environments in which peerings between virtual client private networks on a provider network may be established by clients via an API to a peering service. The peering service and API 104 may allow clients to dynamically establish and manage virtual network transit centers on the provider network at which virtual ports may be established and configured, virtual peerings between private networks may be requested and, if accepted, established, and routing information for the peerings may be specified and exchanged. Once a virtual peering between client private networks is established, packets may be exchanged between the respective client private networks via the peering over the network substrate according to the overlay network technology used by the provider network, for example an encapsulation protocol technology.
    Type: Application
    Filed: January 8, 2021
    Publication date: May 27, 2021
    Applicant: Amazon Technologies, Inc.
    Inventors: Bashuman Deb, Andrew Bruce Dickinson, Christopher Ian Hendrie
  • Publication number: 20210152392
    Abstract: In accordance with a designation of a private alias endpoint as a routing target for traffic directed to a service from within an isolated virtual network of a provider network, a tunneling intermediary receives a baseline packet generated at a compute instance. The baseline packet indicates a public IP (Internet Protocol) address of the service as the destination, and a private IP address of the compute instance as the source. In accordance with a tunneling protocol, the tunneling intermediary generates an encapsulation packet comprising at least a portion of the baseline packet and a header indicating the isolated virtual network. The encapsulation packet is transmitted to a node of the service.
    Type: Application
    Filed: November 19, 2020
    Publication date: May 20, 2021
    Applicant: Amazon Technologies, Inc.
    Inventors: Kevin Christopher Miller, Richard Alexander Sheehan, Douglas Stewart Laurence, Marwan Salah El-Din Oweis, Andrew Bruce Dickinson
  • Publication number: 20210135991
    Abstract: Route tables may be associated with ingress traffic for logically isolated networks. A routing device at the edge of a logically isolated network may receive a route to include in a route table that is associated with ingress traffic to the logically isolated network to forward the ingress traffic to a network appliance hosted in the logically isolated network. Network packets received at the edge routing device may have a destination of a computing resource hosted in the logically isolated network. The edge routing device may identify the route in the route table to override the destination in the network packet with the network appliance and forward the network packet to the network appliance according to the route.
    Type: Application
    Filed: November 9, 2020
    Publication date: May 6, 2021
    Applicant: Amazon Technologies, Inc.
    Inventor: Andrew Bruce Dickinson
  • Patent number: 10893024
    Abstract: Methods and apparatus for private network peering in virtual network environments in which peerings between virtual client private networks on a provider network may be established by clients via an API to a peering service. The peering service and API 104 may allow clients to dynamically establish and manage virtual network transit centers on the provider network at which virtual ports may be established and configured, virtual peerings between private networks may be requested and, if accepted, established, and routing information for the peerings may be specified and exchanged. Once a virtual peering between client private networks is established, packets may be exchanged between the respective client private networks via the peering over the network substrate according to the overlay network technology used by the provider network, for example an encapsulation protocol technology.
    Type: Grant
    Filed: January 25, 2019
    Date of Patent: January 12, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Bashuman Deb, Andrew Bruce Dickinson, Christopher Ian Hendrie
  • Patent number: 10868758
    Abstract: Bypass flow may be enabled for network traffic between devices. A source device may include a flow identifier in an outbound packet that is sent to a destination device. An inbound packed sent from the destination device may include information that describes a network path between the source device and the destination device. Subsequent outbound packets bound for the destination device may be rewritten based on the information describing the network path to bypass one or more network devices in the network path.
    Type: Grant
    Filed: September 20, 2018
    Date of Patent: December 15, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Brett Steven Nash, Andrew Bruce Dickinson, Rajagopal Subramaniyan, Avik Kumar Saha, Todd Freed
  • Patent number: 10862709
    Abstract: A flow policy service that allows clients to define policies for packet flows to, from, and within their virtual networks on a provider network. Logic may be embedded in a flow policy that dictates what happens to a packet as it enters the network, or after the packet leaves an appliance. Via the service, a client may define conditional rules that specify different paths that packets should follow on the provider network according to conditional evaluations of information about the packets, for example source and/or destination endpoints of the packets, or output codes from appliances that process the packets.
    Type: Grant
    Filed: January 18, 2017
    Date of Patent: December 8, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Andrew Bruce Dickinson, Kevin Christopher Miller, Eric Wayne Schultze
  • Patent number: 10862796
    Abstract: A flow policy service that allows clients to define policies for packet flows to, from, and within their virtual networks on a provider network. Via the service, a client may define rules that specify appliances that inbound, outbound, and/or internal virtual network traffic should flow through. The rules may, for example, be attached to the virtual network, to subnets within the virtual network, and/or to resource instances within the virtual network. The rules may be specified in a descriptive, domain-specific language. The service determines how and where on the provider network to implement the rules in order to apply the specified policy. Thus, the actual implementation of the policy may be hidden from the client. The service may generate flow reports that may be used to confirm that traffic to, from, or within a virtual network is flowing through the correct network appliances according to the policy.
    Type: Grant
    Filed: January 18, 2017
    Date of Patent: December 8, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Andrew Bruce Dickinson, Kevin Christopher Miller, Eric Wayne Schultze
  • Patent number: 10848346
    Abstract: In accordance with a designation of a private alias endpoint as a routing target for traffic directed to a service from within an isolated virtual network of a provider network, a tunneling intermediary receives a baseline packet generated at a compute instance. The baseline packet indicates a public IP (Internet Protocol) address of the service as the destination, and a private IP address of the compute instance as the source. In accordance with a tunneling protocol, the tunneling intermediary generates an encapsulation packet comprising at least a portion of the baseline packet and a header indicating the isolated virtual network. The encapsulation packet is transmitted to a node of the service.
    Type: Grant
    Filed: April 5, 2019
    Date of Patent: November 24, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Kevin Christopher Miller, Richard Alexander Sheehan, Douglas Stewart Laurence, Marwan Salah EL-Din Oweis, Andrew Bruce Dickinson
  • Patent number: 10833992
    Abstract: Route tables may be associated with ingress traffic for logically isolated networks. A routing device at the edge of a logically isolated network may receive a route to include in a route table that is associated with ingress traffic to the logically isolated network to forward the ingress traffic to a network appliance hosted in the logically isolated network. Network packets received at the edge routing device may have a destination of a computing resource hosted in the logically isolated network. The edge routing device may identify the route in the route table to override the destination in the network packet with the network appliance and forward the network packet to the network appliance according to the route.
    Type: Grant
    Filed: December 14, 2018
    Date of Patent: November 10, 2020
    Assignee: Amazon Technologies, Inc.
    Inventor: Andrew Bruce Dickinson
  • Patent number: 10812384
    Abstract: Techniques are described for managing customer-specified routing policies for network-accessible computing resources. In some situations, the customer-specified routing policies may be based at least in part on DNS (“Domain Name System”) information specified by a customer, such as if the customer specifies one or more target destinations to use with an indicated DNS domain name that are different from the destination IP address(es) provided for that DNS domain name by DNS servers—if so, the managing of such a DNS-based routing policy for that customer may include identifying when network-accessible computing resources provided to the customer send electronic communications to that DNS domain name, and causing those electronic communications to be redirected to the customer-specified target destination(s). Such customer-specified target destinations may include, in different situations, final destinations, intermediate destinations, etc., as well as identify particular routes.
    Type: Grant
    Filed: July 2, 2018
    Date of Patent: October 20, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Kyle Tailor Akers, Chao Yuan, Kevin Christopher Miller, Andrew Bruce Dickinson, Michael Siaosi Voegele, Daniel Lee McCarriar, Yohanes Santoso, David Brian Lennon
  • Patent number: 10764168
    Abstract: Techniques are disclosed for determining for determining parameters for a Transmission Control Protocol (TCP) connection between two computing nodes before the connection is established. In embodiments, the latency of data transmission between two computing nodes and the throughput capacity of a network link are measured, and from this data, TCP parameters for a future network connection between two computing nodes are determined. This information is sent to a TCP stack that stores it in its route table. Then, the TCP stack uses TCP parameters based on the information stored in the route table.
    Type: Grant
    Filed: September 30, 2013
    Date of Patent: September 1, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Andrew Bruce Dickinson, Matthew Shawn Wilson
  • Patent number: 10735499
    Abstract: A control-plane component of a virtual network interface (VNI) multiplexing service assigns one or more VNIs as members of a first interface group. A first VNI of the interface group is attached to a first compute instance. Network traffic directed to a particular endpoint address associated with the first interface group is to be distributed among members of the first interface group by client-side components of the service. The control-plane component propagates membership metadata of the first interface group to the client-side components. In response to a detection of an unhealthy state of the first compute instance, the first VNI is attached to a different compute instance by the control-plane component.
    Type: Grant
    Filed: March 22, 2019
    Date of Patent: August 4, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Tobias Lars-Olov Holgers, Kevin Christopher Miller, Andrew Bruce Dickinson, David Carl Salyers, Xiao Zhang, Shane Ashley Hall, Christopher Ian Hendrie, Aniket Deepak Divecha, Ralph William Flora
  • Patent number: 10666606
    Abstract: A customer may request a service endpoint for a service in their virtual network on a provider network. In response, a service endpoint is generated in the customer's virtual network, a local IP address in the IP address range of the customer's virtual network is assigned to the service endpoint, and a DNS name is assigned to the service endpoint. Resources on the customer's virtual network resolve the DNS name of the service endpoint to obtain the local IP address of the service endpoint and send service requests for the service to the local IP address of the service endpoint. The service endpoint adds routing information to the service requests and sends the service requests over the network substrate to be routed to the service.
    Type: Grant
    Filed: June 28, 2017
    Date of Patent: May 26, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Michael Siaosi Voegele, Kevin Christopher Miller, Justin Canfield Crites, Andriy Palamarchuk, Andrew Bruce Dickinson, Christopher Carson Thomas, Rebecca Claire Weiss
  • Patent number: 10581728
    Abstract: A method and apparatus for rate limiting network traffic are provided. A plurality of network devices may receive network traffic and route the network traffic to a destination. Rate limits may be imposed on the output rate of the plurality of network devices. The rate limits may be adjusted as the flow of the network traffic changes.
    Type: Grant
    Filed: September 20, 2013
    Date of Patent: March 3, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Joseph Paul Zipperer, Andrew Bruce Dickinson, Kirk Arlo Petersen
  • Publication number: 20190356587
    Abstract: Methods and apparatus that allow clients to connect resource instances to virtual networks in provider network environments via private IP. Via private IP linking methods and apparatus, a client of a provider network can establish private IP communications between the client's resource instances on the provider network and the client's resource instances provisioned in the client's virtual network via links from the private IP address space of the virtual network to the private IP address space of the provider network. The provider network client resource instances remain part of the client's provider network implementation and may thus also communicate with other resource instances on the provider network and/or with entities on external networks via public IP while communicating with the virtual network resource instances via private IP.
    Type: Application
    Filed: August 2, 2019
    Publication date: November 21, 2019
    Applicant: Amazon Technologies, Inc.
    Inventors: Kevin Christopher Miller, Andrew Bruce Dickinson, Eric Wayne Schultze, Ian Roger Searle, Shane Ashley Hall, Deepak Mohan, David Brian Lennon
  • Publication number: 20190305986
    Abstract: In accordance with a designation of a private alias endpoint as a routing target for traffic directed to a service from within an isolated virtual network of a provider network, a tunneling intermediary receives a baseline packet generated at a compute instance. The baseline packet indicates a public IP (Internet Protocol) address of the service as the destination, and a private IP address of the compute instance as the source. In accordance with a tunneling protocol, the tunneling intermediary generates an encapsulation packet comprising at least a portion of the baseline packet and a header indicating the isolated virtual network. The encapsulation packet is transmitted to a node of the service.
    Type: Application
    Filed: April 5, 2019
    Publication date: October 3, 2019
    Applicant: Amazon Technologies, Inc.
    Inventors: Kevin Christopher Miller, Richard Alexander Sheehan, Douglas Stewart Laurence, Marwan Salah EL-Din Oweis, Andrew Bruce Dickinson
  • Patent number: 10374949
    Abstract: Methods and apparatus that allow clients to connect resource instances to virtual networks in provider network environments via private IP. Via private IP linking methods and apparatus, a client of a provider network can establish private IP communications between the client's resource instances on the provider network and the client's resource instances provisioned in the client's virtual network via links from the private IP address space of the virtual network to the private IP address space of the provider network. The provider network client resource instances remain part of the client's provider network implementation and may thus also communicate with other resource instances on the provider network and/or with entities on external networks via public IP while communicating with the virtual network resource instances via private IP.
    Type: Grant
    Filed: November 27, 2017
    Date of Patent: August 6, 2019
    Assignee: Amazon Technologies, Inc.
    Inventors: Kevin Christopher Miller, Andrew Bruce Dickinson, Eric Wayne Schultze, Ian Roger Searle, Shane Ashley Hall, Deepak Mohan, David Brian Lennon
  • Publication number: 20190222636
    Abstract: A control-plane component of a virtual network interface (VNI) multiplexing service assigns one or more VNIs as members of a first interface group. A first VNI of the interface group is attached to a first compute instance. Network traffic directed to a particular endpoint address associated with the first interface group is to be distributed among members of the first interface group by client-side components of the service. The control-plane component propagates membership metadata of the first interface group to the client-side components. In response to a detection of an unhealthy state of the first compute instance, the first VNI is attached to a different compute instance by the control-plane component.
    Type: Application
    Filed: March 22, 2019
    Publication date: July 18, 2019
    Applicant: Amazon Technologies, Inc.
    Inventors: Tobias Lars-Olov Holgers, Kevin Christopher Miller, Andrew Bruce Dickinson, David Carl Salyers, Xiao Zhang, Shane Ashley Hall, Christopher Ian Hendrie, Aniket Deepak Divecha, Ralph William Flora
  • Publication number: 20190158466
    Abstract: Methods and apparatus for private network peering in virtual network environments in which peerings between virtual client private networks on a provider network may be established by clients via an API to a peering service. The peering service and API 104 may allow clients to dynamically establish and manage virtual network transit centers on the provider network at which virtual ports may be established and configured, virtual peerings between private networks may be requested and, if accepted, established, and routing information for the peerings may be specified and exchanged. Once a virtual peering between client private networks is established, packets may be exchanged between the respective client private networks via the peering over the network substrate according to the overlay network technology used by the provider network, for example an encapsulation protocol technology.
    Type: Application
    Filed: January 25, 2019
    Publication date: May 23, 2019
    Applicant: Amazon Technologies, Inc.
    Inventors: Bashuman Deb, Andrew Bruce Dickinson, Christopher Ian Hendrie