Patents by Inventor Rustam Xing Lalkaka
Rustam Xing Lalkaka has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240129273Abstract: A map of IP addresses of a distributed cloud computing network to one or more groupings is stored. The IP addresses are anycast IP addresses for which compute servers of the distributed cloud computing network share. These IP addresses are to be used as source IP addresses when transmitting traffic to destinations external to the cloud computing network. The map is made available to external destinations. Traffic is received at the distributed cloud computing network that is destined to an external destination. An IP address is selected based on the characteristic(s) applicable for the traffic and the map. The distributed cloud computing network transmits the traffic to the external destination using the selected IP address.Type: ApplicationFiled: December 21, 2023Publication date: April 18, 2024Inventors: Marek Przemyslaw Majkowski, Braden Michael Ehrat, Sergi Isasi, Dane Orion Knecht, Dina Kozlov, Rustam Xing Lalkaka, Eric Reeves, Oliver Zi-gang Yu
-
Patent number: 11894947Abstract: A GRE tunnel is configured between multiple computing devices of a distributed cloud computing network and a single origin router of the origin network. The GRE tunnel has a first GRE endpoint that has an IP address that is shared among the computing devices of the distribute cloud computing network and a second GRE endpoint that has a publicly routable IP address of the origin router. A first computing device receives an IP packet from a client that is destined to an origin server. The first computing device processes the received IP packet and encapsulates the IP packet inside an outer packet to generate a GRE encapsulated packet whose source address is the first GRE endpoint and the destination address is the second GRE endpoint. The GRE encapsulated packet is transmitted over the GRE tunnel to the single origin router.Type: GrantFiled: December 18, 2022Date of Patent: February 6, 2024Assignee: CLOUDFLARE, INC.Inventors: Nicholas Alexander Wondra, Achiel Paul van der Mandele, Alexander Forster, Eric Reeves, Joaquin Madruga, Rustam Xing Lalkaka, Marek Przemyslaw Majkowski
-
Patent number: 11882199Abstract: A request is received from a client device over a Virtual Private Network (VPN) tunnel. The request is received at a first one of a plurality of edge servers of a distributed cloud computing network. A destination of the request is determined and an optimized route for transmitting the request toward an origin server is determined. The optimized route is based at least in part on probe data between edge servers of the distributed cloud computing network. The request is transmitted to a next hop as defined by the optimized route.Type: GrantFiled: August 22, 2022Date of Patent: January 23, 2024Assignee: CLOUDFLARE, INC.Inventors: Christopher Philip Branch, Naga Sunil Tripirineni, Rustam Xing Lalkaka, Nick Wondra, Mohd Irtefa, Matthew Browning Prince, Andrew Taylor Plunk, Oliver Yu, Vlad Krasnov
-
Patent number: 11855958Abstract: A map of IP addresses of a distributed cloud computing network to one or more groupings is stored. The IP addresses are anycast IP addresses for which compute servers of the distributed cloud computing network share. These IP addresses are to be used as source IP addresses when transmitting traffic to destinations external to the cloud computing network. The map is made available to external destinations. Traffic is received at the distributed cloud computing network that is destined to an external destination. An IP address is selected based on the characteristic(s) applicable for the traffic and the map. The distributed cloud computing network transmits the traffic to the external destination using the selected IP address.Type: GrantFiled: September 6, 2022Date of Patent: December 26, 2023Assignee: CLOUDFLARE, INC.Inventors: Marek Przemyslaw Majkowski, Braden Michael Ehrat, Sergi Isasi, Dane Orion Knecht, Dina Kozlov, Rustam Xing Lalkaka, Eric Reeves, Oliver Zi-gang Yu
-
Patent number: 11647031Abstract: An edge server receives a request from a client network application for a web page hosted at an origin server. The edge server transmits the requested web page in a response. The edge server accesses an edge server request log to retrieve a log entry associated with the request for the web page, where the log entry associated with the request for the web page includes information regarding the request and the response. The edge server retrieves one or more characteristics of an asset of the web page, where each characteristics has an expected value. The edge server determines whether the origin server is compromised when a value for a characteristic is not within a threshold range of the expected value for the characteristic of the asset and performs a mitigation action in response.Type: GrantFiled: February 8, 2022Date of Patent: May 9, 2023Assignee: CLOUDFLARE, INC.Inventors: Jonathan Philip Levine, Rustam Xing Lalkaka, Evan Johnson
-
Publication number: 20230124628Abstract: A GRE tunnel is configured between multiple computing devices of a distributed cloud computing network and a single origin router of the origin network. The GRE tunnel has a first GRE endpoint that has an IP address that is shared among the computing devices of the distribute cloud computing network and a second GRE endpoint that has a publicly routable IP address of the origin router. A first computing device receives an IP packet from a client that is destined to an origin server. The first computing device processes the received IP packet and encapsulates the IP packet inside an outer packet to generate a GRE encapsulated packet whose source address is the first GRE endpoint and the destination address is the second GRE endpoint. The GRE encapsulated packet is transmitted over the GRE tunnel to the single origin router.Type: ApplicationFiled: December 18, 2022Publication date: April 20, 2023Inventors: Nicholas Alexander Wondra, Achiel Paul van der Mandele, Alexander Forster, Eric Reeves, Joaquin Madruga, Rustam Xing Lalkaka, Marek Przemyslaw Majkowski
-
Publication number: 20230088115Abstract: An intermediary server receives a request from a client that identifies an asset that is handled by an origin server. The intermediary server generates an informational response that includes one or more link header fields that reference one or more pieces of content respectively that are predicted by the intermediary server to be linked within a final response for the asset. The intermediary server transmits the generated informational response to the client prior to a final response for the request. The intermediary server transmits the request to the origin server and receives a final response to the request. The intermediary server transmits the final response to the request to the client.Type: ApplicationFiled: May 2, 2022Publication date: March 23, 2023Inventors: Alex Krivit, Rustam Xing Lalkaka, Samantha Aki Shugaeva, Edward H. Wang, Yuchen Wu
-
Publication number: 20220417211Abstract: A map of IP addresses of a distributed cloud computing network to one or more groupings is stored. The IP addresses are anycast IP addresses for which compute servers of the distributed cloud computing network share. These IP addresses are to be used as source IP addresses when transmitting traffic to destinations external to the cloud computing network. The map is made available to external destinations. Traffic is received at the distributed cloud computing network that is destined to an external destination. An IP address is selected based on the characteristic(s) applicable for the traffic and the map. The distributed cloud computing network transmits the traffic to the external destination using the selected IP address.Type: ApplicationFiled: September 6, 2022Publication date: December 29, 2022Inventors: Marek Przemyslaw Majkowski, Braden Michael Ehrat, Sergi Isasi, Dane Orion Knecht, Dina Kozlov, Rustam Xing Lalkaka, Eric Reeves, Oliver Zi-gang Yu
-
Patent number: 11533197Abstract: A GRE tunnel is configured between multiple computing devices of a distributed cloud computing network and a single origin router of the origin network. The GRE tunnel has a first GRE endpoint that has an IP address that is shared among the computing devices of the distribute cloud computing network and a second GRE endpoint that has a publicly routable IP address of the origin router. A first computing device receives an IP packet from a client that is destined to an origin server. The first computing device processes the received IP packet and encapsulates the IP packet inside an outer packet to generate a GRE encapsulated packet whose source address is the first GRE endpoint and the destination address is the second GRE endpoint. The GRE encapsulated packet is transmitted over the GRE tunnel to the single origin router.Type: GrantFiled: September 21, 2021Date of Patent: December 20, 2022Assignee: CLOUDFLARE, INC.Inventors: Nicholas Alexander Wondra, Achiel Paul van der Mandele, Alexander Forster, Eric Reeves, Joaquin Madruga, Rustam Xing Lalkaka, Marek Przemyslaw Majkowski
-
Publication number: 20220400166Abstract: A request is received from a client device over a Virtual Private Network (VPN) tunnel. The request is received at a first one of a plurality of edge servers of a distributed cloud computing network. A destination of the request is determined and an optimized route for transmitting the request toward an origin server is determined. The optimized route is based at least in part on probe data between edge servers of the distributed cloud computing network. The request is transmitted to a next hop as defined by the optimized route.Type: ApplicationFiled: August 22, 2022Publication date: December 15, 2022Inventors: Christopher Philip Branch, Naga Sunil Tripirineni, Rustam Xing Lalkaka, Nick Wondra, Mohd Irtefa, Matthew Browning Prince, Andrew Taylor Plunk, Oliver Yu, Vlad Krasnov
-
Publication number: 20220286424Abstract: A map of IP addresses of a distributed cloud computing network to one or more groupings is stored. The IP addresses are anycast IP addresses for which compute servers of the distributed cloud computing network share. These IP addresses are to be used as source IP addresses when transmitting traffic to destinations external to the cloud computing network. The map is made available to external destinations. Traffic is received at the distributed cloud computing network that is destined to an external destination. An IP address is selected based on the characteristic(s) applicable for the traffic and the map. The distributed cloud computing network transmits the traffic to the external destination using the selected IP address.Type: ApplicationFiled: August 23, 2021Publication date: September 8, 2022Inventors: Marek Przemyslaw Majkowski, Braden Michael Ehrat, Sergi Isasi, Dane Orion Knecht, Dina Kozlov, Rustam Xing Lalkaka, Eric Reeves, Oliver Zi-gang Yu
-
Patent number: 11438302Abstract: A map of IP addresses of a distributed cloud computing network to one or more groupings is stored. The IP addresses are anycast IP addresses for which compute servers of the distributed cloud computing network share. These IP addresses are to be used as source IP addresses when transmitting traffic to destinations external to the cloud computing network. The map is made available to external destinations. Traffic is received at the distributed cloud computing network that is destined to an external destination. An IP address is selected based on the characteristic(s) applicable for the traffic and the map. The distributed cloud computing network transmits the traffic to the external destination using the selected IP address.Type: GrantFiled: August 23, 2021Date of Patent: September 6, 2022Assignee: CLOUDFLARE, INC.Inventors: Marek Przemyslaw Majkowski, Braden Michael Ehrat, Sergi Isasi, Dane Orion Knecht, Dina Kozlov, Rustam Xing Lalkaka, Eric Reeves, Oliver Zi-Gang Yu
-
Patent number: 11425216Abstract: A request is received from a client device over a Virtual Private Network (VPN) tunnel. The request is received at a first one of a plurality of edge servers of a distributed cloud computing network. A destination of the request is determined and an optimized route for transmitting the request toward an origin server is determined. The optimized route is based at least in part on probe data between edge servers of the distributed cloud computing network. The request is transmitted to a next hop as defined by the optimized route.Type: GrantFiled: March 31, 2020Date of Patent: August 23, 2022Assignee: CLOUDFLARE, INC.Inventors: Christopher Philip Branch, Naga Sunil Tripirineni, Rustam Xing Lalkaka, Nick Wondra, Mohd Irtefa, Matthew Browning Prince, Andrew Taylor Plunk, Oliver Yu, Vlad Krasnov
-
Publication number: 20220166786Abstract: An edge server receives a request from a client network application for a web page hosted at an origin server. The edge server transmits the requested web page in a response. The edge server accesses an edge server request log to retrieve a log entry associated with the request for the web page, where the log entry associated with the request for the web page includes information regarding the request and the response. The edge server retrieves one or more characteristics of an asset of the web page, where each characteristics has an expected value. The edge server determines whether the origin server is compromised when a value for a characteristic is not within a threshold range of the expected value for the characteristic of the asset and performs a mitigation action in response.Type: ApplicationFiled: February 8, 2022Publication date: May 26, 2022Inventors: Jonathan Philip Levine, Rustam Xing Lalkaka, Evan Johnson
-
Patent number: 11323537Abstract: An intermediary server determines, for an asset handled by an origin server, piece(s) of content for inclusion in link header field(s) in an informational response that signifies that the piece(s) of content are predicted to be linked within a final response for the asset. The intermediary server generates an informational response that includes the link header field(s) and responds to a request from a client with the informational response. The intermediary server transmits the request to the origin server. The intermediary server receives the final response to the request from the origin server, and transmits the final response to the client.Type: GrantFiled: September 15, 2021Date of Patent: May 3, 2022Assignee: CLOUDFLARE, INC.Inventors: Alex Krivit, Rustam Xing Lalkaka, Samantha Aki Shugaeva, Edward H. Wang, Yuchen Wu
-
Patent number: 11245710Abstract: An edge server receives a request from a client network application for a web page hosted at an origin server. The edge server transmits the requested web page in a response. The edge server accesses an edge server request log to retrieve a log entry associated with the request for the web page, where the log entry associated with the request for the web page includes information regarding the request and the response. The edge server retrieves one or more characteristics of an asset of the web page, where each characteristics has an expected value. The edge server determines whether the origin server is compromised when a value for a characteristic is not within a threshold range of the expected value for the characteristic of the asset and performs a mitigation action in response.Type: GrantFiled: March 5, 2020Date of Patent: February 8, 2022Assignee: CLOUDFLARE, INC.Inventors: Jonathan Philip Levine, Rustam Xing Lalkaka, Evan Johnson
-
Publication number: 20220006671Abstract: A GRE tunnel is configured between multiple computing devices of a distributed cloud computing network and a single origin router of the origin network. The GRE tunnel has a first GRE endpoint that has an IP address that is shared among the computing devices of the distribute cloud computing network and a second GRE endpoint that has a publicly routable IP address of the origin router. A first computing device receives an IP packet from a client that is destined to an origin server. The first computing device processes the received IP packet and encapsulates the IP packet inside an outer packet to generate a GRE encapsulated packet whose source address is the first GRE endpoint and the destination address is the second GRE endpoint. The GRE encapsulated packet is transmitted over the GRE tunnel to the single origin router.Type: ApplicationFiled: September 21, 2021Publication date: January 6, 2022Inventors: Nicholas Alexander Wondra, Achiel Paul van der Mandele, Alexander Forster, Eric Reeves, Joaquin Madruga, Rustam Xing Lalkaka, Marek Przemyslaw Majkowski
-
Patent number: 11128491Abstract: A GRE tunnel is configured between multiple computing devices of a distributed cloud computing network and a single origin router of the origin network. The GRE tunnel has a first GRE endpoint that has an IP address that is shared among the computing devices of the distribute cloud computing network and a second GRE endpoint that has a publicly routable IP address of the origin router. A first computing device receives an IP packet from a client that is destined to an origin server. The first computing device processes the received IP packet and encapsulates the IP packet inside an outer packet to generate a GRE encapsulated packet whose source address is the first GRE endpoint and the destination address is the second GRE endpoint. The GRE encapsulated packet is transmitted over the GRE tunnel to the single origin router.Type: GrantFiled: August 13, 2020Date of Patent: September 21, 2021Assignee: CLOUDFLARE, INC.Inventors: Nicholas Alexander Wondra, Achiel Paul van der Mandele, Alexander Forster, Eric Reeves, Joaquin Madruga, Rustam Xing Lalkaka, Marek Przemyslaw Majkowski
-
Publication number: 20210281584Abstract: An edge server receives a request from a client network application for a web page hosted at an origin server. The edge server transmits the requested web page in a response. The edge server accesses an edge server request log to retrieve a log entry associated with the request for the web page, where the log entry associated with the request for the web page includes information regarding the request and the response. The edge server retrieves one or more characteristics of an asset of the web page, where each characteristics has an expected value. The edge server determines whether the origin server is compromised when a value for a characteristic is not within a threshold range of the expected value for the characteristic of the asset and performs a mitigation action in response.Type: ApplicationFiled: March 5, 2020Publication date: September 9, 2021Inventors: Jonathan Philip Levine, Rustam Xing Lalkaka, Evan Johnson
-
Publication number: 20210051044Abstract: A GRE tunnel is configured between multiple computing devices of a distributed cloud computing network and a single origin router of the origin network. The GRE tunnel has a first GRE endpoint that has an IP address that is shared among the computing devices of the distribute cloud computing network and a second GRE endpoint that has a publicly routable IP address of the origin router. A first computing device receives an IP packet from a client that is destined to an origin server. The first computing device processes the received IP packet and encapsulates the IP packet inside an outer packet to generate a GRE encapsulated packet whose source address is the first GRE endpoint and the destination address is the second GRE endpoint. The GRE encapsulated packet is transmitted over the GRE tunnel to the single origin router.Type: ApplicationFiled: August 13, 2020Publication date: February 18, 2021Inventors: Nicholas Alexander Wondra, Achiel Paul van der Mandele, Alexander Forster, Eric Reeves, Joaquin Madruga, Rustam Xing Lalkaka, Marek Przemyslaw Majkowski