Patents by Inventor Gurudeep Kamat
Gurudeep Kamat has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9391888Abstract: The system, method, and article of manufacture of the present invention allows multiple customers connected to a common external network to each implement a layer 2 redundancy protocol, such as the spanning tree protocol, in order to prevent layer 2 loops. Accordingly, a method is presented for providing an independent loop free layer 2 topology between a external network and a customer network comprising tagging control packets originating on the customer network with a unique identifier and tunneling the control packets received from the customer network between a plurality of boundary interface devices at the external network such that the control packets are routed back to the customer network based on the presence of the unique identifier in the control packet. The layer 2 redundancy protocol on the customer network converges based at least in part on the presence of control packets appearing on more than one port on the customer network.Type: GrantFiled: May 13, 2013Date of Patent: July 12, 2016Assignee: Foundry Networks, LLCInventors: Andrew Tai-Chin Kuo, Gurudeep Kamat, Jordi Moncada-Elias, Ivy Pei-Shan Hsu, Rajkumar Jalan
-
Publication number: 20160173579Abstract: In providing packet forwarding policies in a virtual service network that includes a network node and a pool of service load balancers serving a virtual service, the network node: receives a virtual service session request from a client device, the request including a virtual service network address for the virtual service; compares the virtual service network address in the request with the virtual service network address in each at least one packet forwarding policy; in response to finding a match between the virtual service network address in the request and a given virtual service network address in a given packet forwarding policy, determines the given destination in the given packet forwarding policy; and sends the request to a service load balancer in the pool of service load balancers associated with the given destination, where the service load balancer establishes a virtual service session with the client device.Type: ApplicationFiled: February 19, 2016Publication date: June 16, 2016Inventors: Rajkumar Jalan, Gurudeep Kamat
-
Patent number: 9338225Abstract: In providing packet forwarding policies in a virtual service network that includes a network node and a pool of service load balancers serving a virtual service, the network node: receives a virtual service session request from a client device, the request including a virtual service network address for the virtual service; compares the virtual service network address in the request with the virtual service network address in each of a plurality of packet forwarding policies; in response to finding a match between the virtual service network address in the request and a given virtual service network address in a given packet forwarding policy, determines the given destination in the given packet forwarding policy; and sends the request to a service load balancer in the pool of service load balancers associated with the given destination, where the service load balancer establishes a virtual service session with the client device.Type: GrantFiled: December 6, 2012Date of Patent: May 10, 2016Assignee: A10 Networks, Inc.Inventors: Rajkumar Jalan, Gurudeep Kamat
-
Publication number: 20160094433Abstract: A method for routing Internet traffic is disclosed. The method comprises receiving an IPv6 packet. Further, the method comprises determining if the IPv6 packet comprises an extension header with geo-location information. Finally, responsive to a determination that the IPv6 packet comprises an extension header with geo-location information, the method comprises performing an action based on the geo-location information, wherein the action is selected from the group consisting of: authenticating the IPv6 packet, prioritizing the IPv6 packet relative to other packets, routing the IPv6 packet, and monitoring of the IPv6 packet.Type: ApplicationFiled: September 30, 2014Publication date: March 31, 2016Inventors: Michael FRIEDEL, Hasnain KARAMPURWALA, Gurudeep KAMAT
-
Publication number: 20160044095Abstract: Provided are methods and systems for distributing service sessions from a client device in a service data network. A packet of the service session is received by a forwarding node. The forwarding node determines whether the packet matches a service address associated with the service session. Responsive to the determining, a servicing node associated with the service address is selected based on a forwarding policy. The packet is sent to the selected servicing node. The servicing node determines whether the packet is a service request packet. A server is selected based on a service policy, wherein the server is configured to serve the service session. The packet is sent to the server. Before being received by a forwarding node, the packet is received by a gateway node. The gateway node determines whether the packet matches the service address and selects the forwarding node based on a notification.Type: ApplicationFiled: May 15, 2014Publication date: February 11, 2016Applicant: A10 Networks, Inc.Inventors: Swaminathan Sankar, Hasnain Karampurwala, Rahul Gupta, Gurudeep Kamat, Rajkumar Jalan
-
Publication number: 20160042014Abstract: Provided are methods and systems for implementing a distributed database in a data network. The method comprises receiving node data associated with one or more nodes of a plurality of nodes, updating the distributed database and replicating the distributed database to each of the plurality of nodes. The plurality of nodes comprises one or more cluster device, a cluster master, a traffic classification engine, a service node, and an orchestrator. The node data comprises node health, a number of total connections, node processing unit utilization, node memory status, destination server address, destination server capacity, destination server network connectivity, node dynamic state, node responsiveness. The distributed database comprises tables containing traffic map, node health information, traffic classification mapping, and service policy.Type: ApplicationFiled: June 30, 2014Publication date: February 11, 2016Inventors: Rajkumar Jalan, Gurudeep Kamat, Swaminathan Sankar, Hasnain Karampurwala
-
Publication number: 20160043901Abstract: Provided are methods and systems for graceful scaling of data networks. In one example, an indication of removal of a node from a plurality of nodes of the data network is received. A service policy is generated to reassign service requests associated with the node to another node in the plurality of nodes. The service policy is then sent to each of the plurality of nodes of the data network. To scale out a data network, an indication of presence of a further node in the data network is received, and a further node service policy is generated and sent to each of the plurality of nodes of the data network and to the further node. Additional actions can be taken in order to prevent interruption of an existing heavy-duty connection while scaling the data network.Type: ApplicationFiled: July 8, 2014Publication date: February 11, 2016Inventors: Swaminathan Sankar, Rahul Gupta, Gurudeep Kamat, Rajkumar Jalan
-
Publication number: 20160014126Abstract: Facilitation of secure network traffic over an application session by an application delivery controller is provided herein. In some examples, a network device receives a TCP SYN packet from a client device, to establish a TCP connection. The network device transmits a SYN/ACK packet to the client device, including a SYN cookie with identifying information to authenticate the client device to the application as a trusted source for the network. The client device then returns an ACK packet directly to the application server to establish the TCP connection.Type: ApplicationFiled: September 18, 2015Publication date: January 14, 2016Inventors: Rajkumar Jalan, Gurudeep Kamat
-
Publication number: 20150333988Abstract: Exemplary embodiments for a distributed system for determining a server's health are disclosed. The systems and methods provide for a network controller to direct one or more servicing nodes to check the health of one or more servers, and report a health score to the network controller. The network controller may then calculate, update and maintain a health score for each server in the network from the various health scores reported to it from the servicing nodes. This allows a distributed system to be used to facilitate network operations, as a single device is not relied on for periodically determining each server's health.Type: ApplicationFiled: May 16, 2014Publication date: November 19, 2015Applicant: A10 Networks, Inc.Inventors: Rajkumar Jalan, Swaminathan Sankar, Gurudeep Kamat
-
Publication number: 20150312322Abstract: Provided are methods and systems for processing a data packet associated with a service session. The data packet directed to a first servicing node can be received by a forwarding node. The forwarding node can determine that the first servicing node is unavailable. Based on the determination, the forwarding node can select a second servicing node from a plurality of servicing nodes. The selection can be based on a high availability policy. The forwarding node can then send the data packet to the second servicing node.Type: ApplicationFiled: April 24, 2014Publication date: October 29, 2015Inventors: Gurudeep Kamat, Swaminathan Sankar
-
Publication number: 20150281087Abstract: Methods and systems are provided for forwarding data packets in a service network using a service-based policy. A gateway node may receive data packets from a service session and send the data packets for a forwarding node. The forwarding node may match the service session data packet against a service address and forwarding policy, the forwarding policy being based on capabilities and service configurations of the servicing nodes in the service network. Forwarding node may then forward the service session data packet to a servicing node in accordance with the forwarding policy, and send the service session data packet to a server for processing.Type: ApplicationFiled: March 25, 2014Publication date: October 1, 2015Applicant: A10 NETWORKS, INC.Inventors: Rajkumar Jalan, Gurudeep Kamat, Swaminathan Sankar, Hasnain Karampurwala
-
Patent number: 9106561Abstract: Configuration of a virtual service network by a configuring node includes: determining that the virtual service is to be configured; determining a configuration associated with the virtual service and including packet forwarding policies associated with the virtual service, each packet forwarding policy including a virtual service network address and a destination; and sending the packet forwarding policies in the configuration to a network node. The network node: stores the packet forwarding policies; receives a data packet for the virtual service and including a virtual service network address; determines a match between the virtual service network address in the data packet with the virtual service network address in a given packet forwarding policy of the stored packet forwarding policies; obtains a given destination in the given packet forwarding policy; and sends the data packet to a service load balancer associated with the given destination by the network node.Type: GrantFiled: December 15, 2012Date of Patent: August 11, 2015Assignee: A10 Networks, Inc.Inventors: Rajkumar Jalan, Gurudeep Kamat
-
Publication number: 20140330982Abstract: Facilitation of secure network traffic by an application delivery controller is provided herein. In some examples, a method includes: (a) receiving a data packet with information from a client indicating that the client is a trusted source; (b) embedding in the data packet a transmission control protocol (TCP) options header, the TCP options header comprising information including at least a sequence number for a protocol connection; and (c) forwarding the embedded data packet to a server.Type: ApplicationFiled: May 2, 2014Publication date: November 6, 2014Applicant: A10 Networks, Inc.Inventors: Rajkumar Jalan, Gurudeep Kamat
-
Publication number: 20140269728Abstract: Methods and systems are provided for processing data packets in a data network using a policy based network path. A policy enforcing point receives a data packet associated with a service session and routes it toward its destination along a network path which is determined according to data packet information and one or more packet processing criteria. The data packet information may include one or more of information associated with the packet, information associated with prior packets, and information obtained from a network computer. The network path may be selected from a database of network paths. The network path may include an order list of further policy enforcing points and corresponding network application appliances. The policy enforcing point may generate a new data packet based on the data packet and the policy based network path and send the new data packet to a next policy enforcing point.Type: ApplicationFiled: March 14, 2014Publication date: September 18, 2014Inventors: Rajkumar Jalan, Gurudeep Kamat
-
Publication number: 20140164617Abstract: In providing packet forwarding policies in a virtual service network that includes a network node and a pool of service load balancers serving a virtual service, the network node: receives a virtual service session request from a client device, the request including a virtual service network address for the virtual service; compares the virtual service network address in the request with the virtual service network address in each of a plurality of packet forwarding policies; in response to finding a match between the virtual service network address in the request and a given virtual service network address in a given packet forwarding policy, determines the given destination in the given packet forwarding policy; and sends the request to a service load balancer in the pool of service load balancers associated with the given destination, where the service load balancer establishes a virtual service session with the client device.Type: ApplicationFiled: December 6, 2012Publication date: June 12, 2014Applicant: A10 NETWORKS, INC.Inventors: Rajkumar Jalan, Gurudeep Kamat
-
Publication number: 20140089500Abstract: Provided are methods and systems for load distribution in a data network. A method for load distribution in the data network may comprise retrieving network data associated with the data network and service node data associated with one or more service nodes. The method may further comprise analyzing the retrieved network data and service node data. Based on the analysis, a service policy may be generated. Upon receiving one or more service requests, the one or more service requests may be distributed among the service nodes according to the service policy.Type: ApplicationFiled: September 17, 2013Publication date: March 27, 2014Inventors: Swaminathan Sankar, Hasnain Karampurwala, Rahul Gupta, Gurudeep Kamat, Rishi Sampat, Rajkumar Jalan
-
Publication number: 20140050225Abstract: Systems and methods are described for providing network route redundancy through Layer 2 devices, such as a loop free Layer 2 network having a plurality of switching devices. A virtual switch is coupled to the loop free Layer 2 network, the virtual switch having two or more switches configured to transition between master and backup modes to provide redundant support for the loop free Layer 2 network, the switches communicating their status through use of a plurality of redundancy control packets. The system also includes means for allowing the redundancy control packets to be flooded through the Layer 2 network. The means may include time-to-live data attached to the redundancy control packet which is decremented only when the packets are transferred through devices which are configured to recognize the protocol used in redundancy control packets.Type: ApplicationFiled: October 23, 2013Publication date: February 20, 2014Applicant: BROCADE COMMUNICATIONS SYSTEMS, INC.Inventors: Andrew Tai-Chin Kuo, Ivy Pei-Shan Hsu, Jordi Moncada-Elias, Rajkumar Jalan, Gurudeep Kamat
-
Publication number: 20130315241Abstract: In processing Hypertext Transfer Protocol (HTTP) headers, a packet pre-processor is configured with at least one predetermined header field identifier. The packet pre-processor detects at least one header field identifier in a header field of an HTTP packet received over an HTTP session between a host and a server, matches the predetermined header field identifier to the header field identifier in the HTTP packet, generates a header report block comprising information corresponding to the header field identifier in the HTTP packet, and sends the HTTP packet and the header report block to a processor module for processing the HTTP packet based on the header report block. The processor module receives the HTTP packet and the header report block from the packet pre-processor, retrieves a service policy using the header report block, applies the service policy to the HTTP packet, and sends the HTTP packet to the host or the server.Type: ApplicationFiled: May 25, 2012Publication date: November 28, 2013Applicant: A10 NETWORKS, INC.Inventors: Gurudeep KAMAT, Ian E. DAVIS, Rajkumar JALAN
-
Patent number: 8593987Abstract: Systems and methods are described for providing network route redundancy through Layer 2 devices, such as a loop free Layer 2 network having a plurality of switching devices. A virtual switch is coupled to the loop free Layer 2 network, the virtual switch having two or more switches configured to transition between master and backup modes to provide redundant support for the loop free Layer 2 network, the switches communicating their status through use of a plurality of redundancy control packets. The system also includes means for allowing the redundancy control packets to be flooded through the Layer 2 network. The means may include time-to-live data attached to the redundancy control packet which is decremented only when the packets are transferred through devices which are configured to recognize the protocol used in redundancy control packets.Type: GrantFiled: July 19, 2011Date of Patent: November 26, 2013Assignee: Brocade Communications Systems, Inc.Inventors: Andrew Tai-Chin Kuo, Ivy Pei-Shan Hsu, Jordi Moncada-Elias, Rajkumar Jalan, Gurudeep Kamat
-
Patent number: 8462668Abstract: The system, method, and article of manufacture of the present invention allows multiple customers connected to a common external network to each implement a layer 2 redundancy protocol, such as the spanning tree protocol, in order to prevent layer 2 loops. Accordingly, a method is presented for providing an independent loop free layer 2 topology between a external network and a customer network comprising tagging control packets originating on the customer network with a unique identifier and tunneling the control packets received from the customer network between a plurality of boundary interface devices at the external network such that the control packets are routed back to the customer network based on the presence of the unique identifier in the control packet. The layer 2 redundancy protocol on the customer network converges based at least in part on the presence of control packets appearing on more than one port on the customer network.Type: GrantFiled: October 1, 2002Date of Patent: June 11, 2013Assignee: Foundry Networks, LLCInventors: Andrew Tai-Chin Kuo, Gurudeep Kamat, Jordi Moncada-Elias, Ivy Pei-Shan Hsu, Rajkumar Jalan