Patents by Inventor Jagwinder Singh Brar

Jagwinder Singh Brar has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11425147
    Abstract: A method of executing in-session encryption verification includes receiving a plurality of client data packets for transmission through a network; receiving one or more test data packets for verifying an encryption device; merging the client data packets and the one or more test packets into a data stream; selecting security parameters for each packet in the data stream based on a corresponding packet type; encrypting each packet in the data stream using the encryption device and the corresponding security parameters; and transmitting the data stream comprising encrypted packets through the network. The method also includes decrypting the encrypted packets at a receiving system using congruent techniques.
    Type: Grant
    Filed: February 20, 2020
    Date of Patent: August 23, 2022
    Assignees: Oracle International Corporation, Infinera Corporation
    Inventors: Kannan Raj, Jagwinder Singh Brar, Abhinava Sadasivarao, Radhakrishna Valiveti, Sharfuddin Syed, Loukas Paraschis
  • Publication number: 20220263791
    Abstract: Systems and methods for a virtual network routing gateway that supports address translation for data plane as well as dynamic routing protocols are disclosed herein. The method can include coupling a gateway with a plurality of ports to a network having a plurality of first IP addresses in a private address space, generating a Network Address Translation (“NAT”) function in the gateway, inputting translation information into the NAT function, advertising routes based on the translation information, populating a unified routing table in the gateway based on the plurality of first IP addresses in the private address space and on translated route advertisements, receive an inbound network packet at the gateway, translating an inbound address of the inbound network packet with the NAT function, and delivering the network packet according to the routing table and based on the translated inbound address.
    Type: Application
    Filed: March 10, 2021
    Publication date: August 18, 2022
    Applicant: Oracle International Corporation
    Inventors: Jagwinder Singh Brar, Myron Decker King, James Cunio Salem, Peter Croft Jones
  • Publication number: 20220263713
    Abstract: Techniques for managing the distribution of configuration information that supports the flow of packets in a cloud environment are described. In an example, a virtual network interface card (VNIC) hosted on a network virtualization device NVD receives a first packet from a compute instance associated with the VNIC. The VNIC determines that flow information to send the first packet on a virtual network is unavailable from a memory of the NVD. The VNIC sends, via the NVD, the first packet to a network interface service, where the network interface service maintains configuration information to send packets on the substrate network and is configured to send the first packet on the substrate network based on the configuration information. The NVD receives the flow information from the network interface service, where the flow information is a subset of the configuration information. The NVD stores the flow information in the memory.
    Type: Application
    Filed: April 22, 2021
    Publication date: August 18, 2022
    Applicant: Oracle International Corporation
    Inventors: Leonard Thomas Tracy, Lucas Michael Kreger-Stickles, Jagwinder Singh Brar, Bryce Eugene Bockman
  • Publication number: 20220263789
    Abstract: Techniques are disclosed for scaling an IP address in overlay networks without using load balancers. In certain implementations, an overlay IP address can be attached to multiple compute instances via virtual network interface cards (VNICs) associated with the multiple compute instances. Traffic directed to the multi-attached IP address is distributed across the multiple compute instances. In some other implementations, ECMP techniques in overlay networks are used to scale an overlay IP address. In forwarding tables used for routing packets, the IP address being scaled is associated with multiple next hop paths to multiple network virtualization devices (NVDs) associated with the multiple compute instances. When a particular packet directed to the overlay IP address is to be routed, one of the multiple next hop paths is selected for routing the packet. This enables packets directed to the IP address to be distributed across the multiple compute instances.
    Type: Application
    Filed: February 12, 2021
    Publication date: August 18, 2022
    Applicant: Oracle International Corporation
    Inventors: Myron Decker King, Lucas Michael Kreger-Stickles, Jagwinder Singh Brar, Leonard Thomas Tracy
  • Publication number: 20220263754
    Abstract: Techniques for managing the distribution of configuration information that supports the flow of packets in a cloud environment are described. In an example, a virtual network interface card (VNIC) hosted on a network virtualization device NVD receives a first packet from a compute instance associated with the VNIC. The VNIC determines that flow information to send the first packet on a virtual network is unavailable from a memory of the NVD. The VNIC sends, via the NVD, the first packet to a network interface service, where the network interface service maintains configuration information to send packets on the substrate network and is configured to send the first packet on the substrate network based on the configuration information. The NVD receives the flow information from the network interface service, where the flow information is a subset of the configuration information. The NVD stores the flow information in the memory.
    Type: Application
    Filed: April 22, 2021
    Publication date: August 18, 2022
    Applicant: Oracle International Corporation
    Inventors: Leonard Thomas Tracy, Lucas Michael Kreger-Stickles, Jagwinder Singh Brar, Bryce Eugene Bockman
  • Publication number: 20220255854
    Abstract: Techniques for controlling packet flows are described. In an example, a packet is sent on a virtual network. The packet's header includes scoping data that indicates a network boundary within which the packet is permitted and/or prohibited to flow. A network virtualization device of a substrate network receives the packet. The network virtualization device determines the scoping data from the header and, based on network configuration information, determines the forward flow of the packet. If the forward flow falls within a permitted network boundary indicated by the scoping data, the network virtualization device sends the packet forward. Otherwise, the packet is dropped.
    Type: Application
    Filed: February 5, 2021
    Publication date: August 11, 2022
    Applicant: Oracle International Corporation
    Inventors: Shane Baker, Santosh Narayan Shilimkar, Jagwinder Singh Brar
  • Publication number: 20220231943
    Abstract: The present disclosure provides dynamic routing for data flows to a customer network hosted in the cloud. A plurality of compute instances may share a common virtual IP address. Each of the plurality of compute instances may advertise information to a respective network virtualization device (NVD). The information may include the IP address, cost, and/or active/standby status of the compute instance. The NVD may then provide the information to the control plane of a virtual cloud network (VCN), which may aggregate the information from the plurality of compute instances and generate a forwarding table, which may be sent to the NVDs. These techniques may allow a customer to automatically remove a compute instance whose service host has failed. These techniques may also allow a customer to add compute instances and to route data flows according to an active-standby operation, an equal cost active-active operation, or an unequal cost active-active operation.
    Type: Application
    Filed: January 20, 2021
    Publication date: July 21, 2022
    Applicant: Oracle International Corporation
    Inventors: Jagwinder Singh Brar, Shahab Zahedi, Myron Decker King, Ravi Sastry Aysola
  • Publication number: 20220210070
    Abstract: Techniques are described for communications in an L2 virtual network. In an example, the L2 virtual network includes a plurality of L2 compute instances hosted on a set of host machines and a plurality of L2 virtual network interfaces and L2 virtual switches hosted on a set of network virtualization devices. An L2 virtual network interface emulates an L2 port of the L2 virtual network. Storm control information applicable to the L2 port is sent to a network virtualization device that hosts the L2 virtual network interface.
    Type: Application
    Filed: October 5, 2021
    Publication date: June 30, 2022
    Applicant: Oracle International Corporation
    Inventors: Jagwinder Singh Brar, Lucas Michael Kreger-Stickles, Bryce Eugene Bockman, Peter Croft Jones, Shane Baker
  • Publication number: 20220206908
    Abstract: A Network Virtualization Device (NVD) executes a set of Virtual Network Interface Cards (VNICs). The set of VNICs includes a first VNIC that forwards packets for a set of one or more packet flows. The NVD stores a first VNIC-related information that includes information identifying a first set of one or more packet flows and associated state information The NVD in response to determining that the state information for the first VNIC is to be synchronized with another NVD, identifies a first backup NVD for the first VNIC, wherein the first backup NVD is a backup for the first VNIC, and communicates to the first backup NVD, a portion of the state information stored by the NVD for the first VNIC.
    Type: Application
    Filed: December 14, 2021
    Publication date: June 30, 2022
    Applicant: Oracle International Corporation
    Inventors: Jagwinder Singh Brar, Eugene Nalimov, Steven Chervets, Abhay Patil, Michal Aleksander Karczmarek
  • Publication number: 20220210059
    Abstract: Techniques are described for communications in an L2 virtual network. In an example, the L2 virtual network includes a plurality of L2 compute instances hosted on a set of host machines and a plurality of L2 virtual network interfaces and L2 virtual switches hosted on a set of network virtualization devices. An L2 virtual network interface emulates an L2 port of the L2 virtual network. IGMP configuration is distributed to the L2 virtual switches.
    Type: Application
    Filed: October 5, 2021
    Publication date: June 30, 2022
    Applicant: Oracle International Corporation
    Inventors: Jagwinder Singh Brar, Lucas Michael Kreger-Stickles, Bryce Eugene Bockman, Peter Croft Jones, Shane Baker
  • Publication number: 20220210063
    Abstract: Techniques are described for communications in an L2 virtual network of a customer. In an example, the L2 virtual network includes a plurality of L2 compute instances hosted on a set of host machines and a plurality of L2 virtual network interfaces and L2 virtual switches hosted on a set of network virtualization devices. An L2 virtual network interface emulates an L2 port of the L2 virtual network. Information associated with the L2 virtual switches is collected and provided to the customer.
    Type: Application
    Filed: October 5, 2021
    Publication date: June 30, 2022
    Applicant: Oracle International Corporation
    Inventors: Jagwinder Singh Brar, Lucas Michael Kreger-Stickles, Bryce Eugene Bockman, Peter Croft Jones, Shane Baker
  • Publication number: 20220209993
    Abstract: Techniques and apparatus for data networking are described. In one example, a method includes receiving a first Layer-2 Remote Direct Memory Access (RDMA) packet which includes a virtual local area network (VLAN) tag and a quality-of-service (QoS) data field; converting the first Layer-2 RDMA packet to a first Layer-3 encapsulated packet; and forwarding the first Layer-3 encapsulated packet to a switch fabric. In this method, the converting includes adding at least one header to the first Layer-2 RDMA packet, where the at least one header includes: a virtual network identifier that is based on information from the VLAN tag, and a QoS value that is based on information from the QoS data field.
    Type: Application
    Filed: February 2, 2021
    Publication date: June 30, 2022
    Applicant: Oracle International Corporation
    Inventors: Santosh Narayan Shilimkar, David Dale Becker, Jagwinder Singh Brar
  • Publication number: 20220210068
    Abstract: Systems and methods for highly-available host networking with active-active or active-backup traffic load-balancing are disclosed herein. The method can include selecting a compute instance from an overlay network residing on a substrate network, identifying a plurality of Network Virtualization Devices (“NVD”) for association with the compute instance, creating a loopback interface on each of the NVDs, each of which loopback interfaces can include a shared IP address that can be in the substrate layer, prepopulating a table in each of the NVDs, the table linking the shared IP address to the compute instance, and each of the plurality of NVDs advertising a unique route to the compute instance via the shared IP address.
    Type: Application
    Filed: January 11, 2021
    Publication date: June 30, 2022
    Applicant: Oracle International Corporation
    Inventors: Jagwinder Singh Brar, Bryce Eugene Bockman, Santosh Narayan Shilimkar
  • Publication number: 20220210158
    Abstract: Techniques are described for communications in an L2 virtual network. In an example, the L2 virtual network includes a plurality of L2 compute instances hosted on a set of host machines and a plurality of L2 virtual network interfaces and L2 virtual switches hosted on a set of network virtualization devices. An L2 virtual network interface emulates an L2 port of the L2 virtual network. Access control list (ACL) information applicable to the L2 port is sent to a network virtualization device that hosts the L2 virtual network interface.
    Type: Application
    Filed: October 5, 2021
    Publication date: June 30, 2022
    Applicant: Oracle International Corporation
    Inventors: Jagwinder Singh Brar, Lucas Michael Kreger-Stickles, Bryce Eugene Bockman, Peter Croft Jones, Shane Baker
  • Publication number: 20220210062
    Abstract: Techniques are described for communications in an L2 virtual network. In an example, the L2 virtual network includes a plurality of L2 compute instances hosted on a set of host machines and a plurality of L2 virtual network interfaces and L2 virtual switches hosted on a set of network virtualization devices. An L2 virtual network interface emulates an L2 port of the L2 virtual network. Span port information applicable to the L2 port is sent to a network virtualization device that hosts the L2 virtual network interface.
    Type: Application
    Filed: October 5, 2021
    Publication date: June 30, 2022
    Applicant: Oracle International Corporation
    Inventors: Jagwinder Singh Brar, Lucas Michael Kreger-Stickles, Bryce Eugene Bockman, Peter Croft Jones, Shane Baker
  • Publication number: 20220210225
    Abstract: Techniques and apparatus for data networking are described. In one example, a method of queuing Remote Direct Memory Access (RDMA) packets includes receiving a first RDMA packet having a first quality-of-service (QoS) data field; based on a value of the first QoS data field, queueing the first RDMA packet in a first queue of a plurality of queues; receiving a second RDMA packet having a second QoS data field; and based on a value of the second QoS data field, queueing the second RDMA packet in a second queue of the plurality of the queues, the second queue being different than the first queue.
    Type: Application
    Filed: February 3, 2021
    Publication date: June 30, 2022
    Applicant: Oracle International Corporation
    Inventors: Santosh Narayan Shilimkar, David Dale Becker, Jagwinder Singh Brar
  • Publication number: 20220200801
    Abstract: A network interface card, such as a SmartNIC, is used to provide encryption, such as network encryption virtual function (NEVF), for a virtual machine, so that a customer can control network keys in a virtual cloud network. The NEVF includes a memory device (e.g., SRAM) and a crypto processor (e.g., a crypto core). The memory device stores a crypto key. The crypto processor uses the crypto key to encrypt data to and from a virtual machine in the virtual cloud network. A key management system can be used to securely transfer crypto keys to the NEVF. Having one NEVF per virtual machine can enable a customer to manage the crypto key for a virtual cloud network.
    Type: Application
    Filed: December 23, 2020
    Publication date: June 23, 2022
    Applicant: Oracle International Corporation
    Inventors: Nachiketh Rao Potlapally, Pradeep Vincent, Jagwinder Singh Brar
  • Publication number: 20220197683
    Abstract: Aspects of the present application relate to systems, methods and non-transitory computer readable media for network virtualization in a rack-based switch. The method can include sending a communication from a first virtual machine (“VM”) instantiated on a first host machine to a first network virtualization Top of Rack (“ToR”) switch. The first network virtualization ToR can include a peripheral component interconnect express (“PCIe”) switch coupled to a plurality of host-side Ethernet ports, a virtualization device communicatingly coupled to the PCIe switch, which virtualization device can include a plurality of virtualization functions, and a switching ASIC coupled to the virtualization device and to a network-side Ethernet port. The method can include forming the communication into an Internet Protocol (“IP”) packet with a first virtualization function of the virtualization device, and sending the IP packet to a second VM with the switching ASIC.
    Type: Application
    Filed: December 22, 2020
    Publication date: June 23, 2022
    Applicant: Oracle International Corporation
    Inventors: Nachiketh Rao Potlapally, Pradeep Vincent, Jagwinder Singh Brar
  • Publication number: 20220200972
    Abstract: For end-to-end encryption of a virtual cloud network, a VPN tunnel from a customer device is terminated at a host network headend device using encryption keys secured in hardware and managed by the customer. The network headend device can be a card in a bare-metal server with one or more network virtualization devices. The network headend device is configured to receive a first key provisioned by a customer; receive a first data packet sent from a device of the customer; and decrypt the first data packet using the first key to obtain information. A network virtualization device is configured to receive the information from the network headend device; ascertain that the information is to be sent to a virtual machine in a virtual cloud network; ascertain that data in the virtual cloud network is configured to be encrypted; and encrypt the information with a second key to generate a second data packet before routing the second data packet to the virtual machine.
    Type: Application
    Filed: December 23, 2020
    Publication date: June 23, 2022
    Applicant: Oracle International Corporation
    Inventors: Nachiketh Rao Potlapally, Pradeep Vincent, Jagwinder Singh Brar
  • Publication number: 20220182301
    Abstract: Systems and methods for transparent high availability for multi-customer support with hypervisor based bond implementation. The method can include creating a network path bond between a plurality of compute instances and a plurality of Network Virtualization Devices (“NVD”), the network path bond comprising a plurality of network paths, identifying a monitoring bond coupling the plurality of NVDs to a monitoring agent, creating a number of monitoring VNICs, each of the number of monitoring VNICs residing in one of the plurality of NVDs, overlaying a unique IP address to each of the monitoring VNICs, determining with the monitoring agent a health of at least one of network paths, the network paths including an active network path and an inactive network path, and activating the inactive network path when the active network path fails.
    Type: Application
    Filed: March 31, 2021
    Publication date: June 9, 2022
    Applicant: Oracle International Corporation
    Inventors: Santosh Narayan Shilimkar, Bryce Eugene Bockman, Jagwinder Singh Brar