Abstract: Contents of client-initiated handshake messages of a security protocol are obtained at a handshake processing offloader configured for an application. The offloader uses a first security artifact (which is inaccessible from a front-end request processor of the application) and the contents of the handshake messages to generate a second security artifact. The second security artifact is transmitted to the front-end request processor, which uses it to perform cryptographic operations for client-server interactions of the application.

Abstract: Contents of client-initiated handshake messages of a security protocol are obtained at a handshake processing offloader configured for an application. The offloader uses a first security artifact (which is inaccessible from a front-end request processor of the application) and the contents of the handshake messages to generate a second security artifact. The second security artifact is transmitted to the front-end request processor, which uses it to perform cryptographic operations for client-server interactions of the application.

Abstract: A distributed load balancer in which a router receives packets from at least one client and routes packet flows to multiple load balancer nodes. The router exposes a public IP address and the load balancer nodes all advertise the same public IP address to the router. The router may implement a per-flow hashed multipath routing technique, for example an equal-cost multipath (ECMP) routing technique, to distribute the flows across the load balancer nodes. Thus, the multiple load balancer nodes may service a single public endpoint. The load balancer nodes may advertise to the router according to the Border Gateway Protocol (BGP). Rather than advertising itself, however, a load balancer node may be advertised to the router by one or more neighbor load balancer nodes; the neighbor nodes may terminate the BGP sessions with the router in response to determining that the load balancer node has failed.

Abstract: Methods and apparatus for handling failure of servers in traffic forwarding (TF) systems between networks. A TF system may include units each including multiple servers. Outbound and inbound traffic for a local network may be distributed among the units according to a routing technique, with each unit responsible for an allocated portion of the traffic. Servers in a unit may participate in a health check protocol to detect servers that are not healthy. If the healthy servers in a unit drops below a threshold at which the unit cannot reliably handle its allocated portion of the traffic, the servers may automatically take the unit out of service, for example by stopping advertisement of routes, and the traffic may be reallocated across the remaining units. This may help prevent congestion-related delays, high latency, packet losses, and other problems on connections through the unhealthy unit.

Abstract: A distributed load balancer in which a router receives packets from at least one client and routes packet flows to multiple load balancer nodes. The router exposes a public IP address and the load balancer nodes all advertise the same public IP address to the router. The router may implement a per-flow hashed multipath routing technique, for example an equal-cost multipath (ECMP) routing technique, to distribute the flows across the load balancer nodes. Thus, the multiple load balancer nodes may service a single public endpoint. The load balancer nodes may advertise to the router according to the Border Gateway Protocol (BGP). Rather than advertising itself, however, a load balancer node may be advertised to the router by one or more neighbor load balancer nodes; the neighbor nodes may terminate the BGP sessions with the router in response to determining that the load balancer node has failed.

Abstract: A health check method for a distributed load balancer in which a router receives packets from at least one client and routes packet flows to multiple load balancer (LB) nodes, which in turn distribute the packet flows among multiple server nodes. Each LB node may be responsible for health checking one or more other LB nodes. In addition, each LB node may health check one or more of the server nodes. Heartbeat information for the nodes may be disseminated among the LB nodes according to a gossip protocol. The LB nodes may send LB node membership information to the server nodes. Failure of a node may be detected by the LB nodes according to the heartbeat information, and appropriate actions taken.

Abstract: Methods and apparatus for handling failure of traffic forwarding (TF) systems in networks that include multiple zones each including a TF system between a production network and a border network. A TF system advertises routes in its zone and handles egress of packets from sources on the local production network onto the border network. TF systems may also advertise low-priority routes in other zones. If a TF system in a zone fails, sources in the zone may make connection requests to the low-priority routes. Instead of egressing the packets onto the border network, the requests on the low-priority routes are responded to with reset messages. Thus, the sources do not have to wait for a connection timeout, and packets for destinations in the zone are not egressed onto local border networks in other zones and sent through thin pipes between the local border networks.