Patents by Inventor Sami Boutros

Sami Boutros has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11516037
    Abstract: The disclosure provides an approach for reducing multicast traffic within a network by optimizing placement of virtual machines within subnets and within hosts, and by optimizing mapping of overlay multicast groups to underlay multicast groups. In one embodiment, substantially all VMs of a multicast group are migrated to the same subnet of the network. Thereafter or independently, VMs in the same subnet are migrated to the same host, ideally to the subnet proxy endpoint of that subnet. In the same or in another embodiment, if multiple overlay groups map to the same underlay group, one or more of the overlay groups may be remapped to a separate underlay group to improve network performance.
    Type: Grant
    Filed: February 17, 2020
    Date of Patent: November 29, 2022
    Assignee: Nicira, Inc.
    Inventors: Subin Cyriac Mathew, Alexander Tessmer, Sami Boutros, Chidambareswaran Raman
  • Patent number: 11516112
    Abstract: Systems and methods include determining one or more Layer 3 Virtual Private Networks (L3VPNs) supported at the router; and advertising the one or more L3 VPNs to one or more routers in the Segment Routing network with each advertisement including a service Segment Identifier (SID) for each of the one or more L3VPNs and one of a node SID for the router or an Anycast SID when the router is connected to a Multi-Home site. The steps can further include transmitting a Layer 3 (L3) packet for an L3 VPN of the one or more L3 VPNs with a destination SID and a service SID of the L3VPN. The advertisement can include encapsulation as an IPv6 prefix containing both the node SID for the router and the service SID, and wherein prefixes are treated as attributes of a route.
    Type: Grant
    Filed: October 20, 2020
    Date of Patent: November 29, 2022
    Assignee: Ciena Corporation
    Inventors: Sami Boutros, Muthurajah Sivabalan, Pranav Mehta
  • Patent number: 11509581
    Abstract: A method for a hypervisor to implement flow-based local egress in a multisite datacenter is disclosed. The method comprises: determining whether a first data packet of a first data flow has been received. If the first data packet has been received, then the hypervisor determines a MAC address of a first local gateway in a first site of a multisite datacenter that communicated the first data packet, and stores the MAC address of the first local gateway and a 5-tuple for the first data flow. Upon determining that a response for the first data flow has been received, the hypervisor determines whether the response includes the MAC address of the first local gateway. If the response includes a MAC address of another local gateway, then the hypervisor replaces, in the response, the MAC address of another local gateway with the MAC address of the first local gateway.
    Type: Grant
    Filed: January 22, 2021
    Date of Patent: November 22, 2022
    Assignee: NICIRA, INC.
    Inventors: Jayant Jain, Anirban Sengupta, Minjal Agarwal, Sami Boutros
  • Patent number: 11496354
    Abstract: A switching circuit includes circuitry configured to manage a plurality of Equal Cost Multiple Paths (ECMPs) through a plurality of shared protection group objects, wherein each of the plurality of shared protection group objects is connected to two paths in the ECMPs, and wherein a number of shared protection group objects equals a number of next-hops, cause distribution of packets based on a setting of the shared protection group object for each next-hop, and responsive to a failure of a next-hop, change the setting of the shared protection group object for the failed next-hop.
    Type: Grant
    Filed: June 16, 2020
    Date of Patent: November 8, 2022
    Assignee: Ciena Corporation
    Inventors: Sami Boutros, Kambiz Frounchi, Tao Wang
  • Publication number: 20220337517
    Abstract: A node in a Segment Routing network includes circuitry configured to signal first service Segment Identifiers (SIDs), for one or more first Ethernet services configured at the node, to other nodes in the Segment Routing network, receive second service SIDs for one or more second Ethernet services configured at the other nodes in the Segment Routing network, and configure the second service SIDs for one or more second Ethernet services. The first service SIDs and the second service SIDs can be signaled by one of Interior Gateway Protocol (IGP) and Border Gateway Protocol (BGP).
    Type: Application
    Filed: July 6, 2022
    Publication date: October 20, 2022
    Inventors: Sami Boutros, Siva Sivabalan, Himanshu Shah, Peng He
  • Patent number: 11451413
    Abstract: Some embodiments of the invention provide a novel network architecture for advertising routes in an availability zone (AZ). The novel network architecture includes a set of route servers for receiving advertisements of network addresses as being available in the AZ from different routers in the AZ. The novel network architecture also includes multiple host computers that each execute a router that (i) identifies network addresses available on the host computer, (ii) sends advertisements of the identified network addresses to the set of route servers, and (iii) receives advertisements from the set of route servers regarding network addresses available on other host computers. The identified network addresses, in some embodiments, include at least one of network addresses associated with data compute nodes (DCNs) and network addresses associated with services available at the host computer. The route servers advertise the received network addresses to other routers in the AZ.
    Type: Grant
    Filed: July 28, 2020
    Date of Patent: September 20, 2022
    Assignee: VMWARE, INC.
    Inventors: Sami Boutros, Anirban Sengupta, Mani Kancherla, Jerome Catrouillet, Sri Mohana Singamsetty
  • Patent number: 11431635
    Abstract: Some embodiments provide a method for a host computer that executes a set of data compute nodes (DCNs), for identifying a designated router for a multicast group. The method receives a membership request message to join the multicast group from a particular DCN of the set of DCNs, the membership request message including an address associated with the multicast group. The method identifies a logical router gateway from a set of logical router gateways as the designated router for the multicast group, based at least in part on the address associated with the multicast group, where different logical router gateways from the set of logical router gateways are assigned as designated routers for different multicast groups with different associated addresses. The method forwards the membership request message to the identified logical router gateway.
    Type: Grant
    Filed: March 9, 2020
    Date of Patent: August 30, 2022
    Assignee: VMWARE, INC.
    Inventors: Vijayalaxmi Basavaraj, Ankur Dubey, Sami Boutros
  • Publication number: 20220272037
    Abstract: The technology disclosed herein enables a dynamic chain of service functions for processing network traffic. In a particular embodiment, a method includes, in a logical router for a logical network connecting service functions, receiving a network packet from a service function over the logical network after the network packet has been processed by the service function. The method further includes determining a new classification of the network packet and determining a next service function based on application of a service chain policy to the new classification. The method also includes directing the network packet to the next service function over the logical network.
    Type: Application
    Filed: May 11, 2022
    Publication date: August 25, 2022
    Inventors: Sami Boutros, Mani Kancherla, Dharmaraja Rajan, Philip Kippen, Yashika Narang, Chidambareswaran Raman
  • Patent number: 11418436
    Abstract: A node in a Segment Routing network includes a plurality of ports and a switching fabric between the plurality of ports, wherein, for an Ethernet Tree (E-tree) service, a port is configured to transmit a packet with a plurality of Segment Identifiers (SID) including a first SID, a second SID, and a third SID, wherein the first SID identifies one of multicast, ingress replication for broadcast, and a destination node including any of a node SID and an anycast SID, wherein the second SID identifies a service including the E-tree service, and wherein the third SID identifies a source of the packet. A second port of the node is connected to a customer edge, and wherein the third SID is based on whether the customer edge is a leaf node or a root node in the E-tree service.
    Type: Grant
    Filed: August 31, 2020
    Date of Patent: August 16, 2022
    Assignee: Ciena Corporation
    Inventors: Sami Boutros, Siva Sivabalan, Himanshu Shah, Peng He
  • Patent number: 11405352
    Abstract: The technology disclosed herein enables remote gateways to quickly re-learn MAC addresses of workloads for a gateway that has taken over for another gateway. In a particular embodiment, a method provides determining that a backup gateway should begin handling communications exchanged with one or more workloads of an active gateway for a logical network. The method further provides transferring a control message to one or more remote gateways in communication with the backup gateway. The control message instructs the remote gateways to change MAC addresses learned from, and associated with, the active gateway to being associated with the backup gateway. The method also provides, in the backup gateway, receiving network communications directed to one or more of the workloads from one or more of the remote gateways.
    Type: Grant
    Filed: April 14, 2020
    Date of Patent: August 2, 2022
    Assignee: Nicira, Inc.
    Inventors: Sami Boutros, Jerome Catrouillet, Ankur Kumar Sharma
  • Patent number: 11394643
    Abstract: A node includes one or more line cards interconnected to one another via a switching fabric and configured to implement a data plane; and a first router processor and a second router processor communicatively coupled to the one or more line cards, and each configured to implement a separate control plane, such that the node appears in a link-state database as two separate nodes. Responsive to an in-service software upgrade, the first router processor is upgraded and down while the second router processor is active, thereby preserving routing and forwarding. The one or more line cards include a first Virtual Local Area Networking (VLAN) for the first router processor and a second VLAN for the second router processor, and the first VLAN and the second VLAN are associated with a same physical interface on the one or more line cards.
    Type: Grant
    Filed: August 19, 2020
    Date of Patent: July 19, 2022
    Assignee: Ciena Corporation
    Inventors: Sami Boutros, Pranav Mehta, Jayant Kumar Bhardwaj, Michael J. Barnes
  • Publication number: 20220224643
    Abstract: In some embodiments, a method inserts, by a first computing device, a first value for a capability in a first message that is used in a process to automatically exchange capability values with a second computing device. The first value for the capability indicates the first computing device requires a default route to reach the second computing device as a next hop for sending a packet to a destination. The first computing device sends the first message to the second computing device; and receives a second value for the capability in a second message from the second computing device. The second value indicating the second computing device will send the default route to reach the second computing device. When the default route is received from the second computing device, the first computing device stores the default route from the second computing device in a route table.
    Type: Application
    Filed: March 1, 2022
    Publication date: July 14, 2022
    Inventors: Santosh PALLAGATTI KOTRABASAPPA, Sami BOUTROS, Jerome CATROUILLET, George MATHEW
  • Publication number: 20220200903
    Abstract: Systems and methods in a node in an MPLS network include determining a plurality of services supported at the node; determining a bitmask to represent the plurality of services supported at the node, wherein the bitmask includes a starting service and each subsequent bit representing another service of the plurality of services and with each bit in the bitmask set based on the plurality of services supported at the node; and transmitting an advertisement to other nodes in the network with the bitmask based on the plurality of services supported at the node. The steps can further include transmitting a packet associated with a service of the plurality of services with an MPLS label stack including one or more transport labels for a destination of the packet, a service label identifying the service, and a source label identifying a source Internet Protocol (IP) address of the packet.
    Type: Application
    Filed: December 18, 2020
    Publication date: June 23, 2022
    Inventors: Sami Boutros, Muthurajah Sivabalan
  • Publication number: 20220191126
    Abstract: Some embodiments provide a method for configuring an edge computing device to implement a logical router belonging to a logical network. The method configures a datapath executing on the edge computing device to use a first routing table associated with the logical router for processing data messages routed to the logical router. The method configures a routing protocol application executing on the edge computing device to (i) use the first routing table for exchanging routes with a network external to the logical network and (ii) use a second routing table for exchanging routes with other edge computing devices that implement the logical router.
    Type: Application
    Filed: March 3, 2022
    Publication date: June 16, 2022
    Inventors: Ankur Dubey, Sami Boutros, Yashika Narang, Vinay Kumar Ganeshmal Jain, Meenakshi Sundaram Selvaraj
  • Patent number: 11336556
    Abstract: Some embodiments provide a method for a first edge device in a first datacenter that implements a centralized routing component of a logical router that spans multiple datacenters and handles data traffic between a logical network implemented across the multiple datacenters and external networks. From a second edge device in a second datacenter, the method receives via routing protocol a route having a particular routing protocol tag. When the first datacenter is a primary datacenter for the logical router such that all data traffic between the logical network and the external networks is handled by one or more centralized routing components implemented at the first datacenter, the method uses the routing protocol tag to determine whether to advertise the received route to the external networks.
    Type: Grant
    Filed: June 19, 2020
    Date of Patent: May 17, 2022
    Assignee: VMWARE, INC.
    Inventors: Ganesan Chandrashekhar, Abhishek Goliya, Ankur Dubey, Sami Boutros, Yashika Narang
  • Patent number: 11336572
    Abstract: The technology disclosed herein enables a dynamic chain of virtual service functions for processing network traffic in a virtual computing environment. In a particular embodiment, a method includes providing a service chain policy to a virtual routing element connecting the respective service functions and determining an initial classification of a network packet entering the dynamic service chain. The initial classification indicates at least a first service function in a sequence of the service functions for processing the network packet. The method further includes providing a service chain policy to a virtual routing element connecting the respective service functions.
    Type: Grant
    Filed: May 12, 2017
    Date of Patent: May 17, 2022
    Assignee: Nicira, Inc.
    Inventors: Sami Boutros, Mani Kancherla, Dharmaraja Rajan, Philip Kippen, Yashika Narang, Chidambareswaran Raman
  • Publication number: 20220131721
    Abstract: Systems and methods include obtaining a plurality of services supported at the node; determining a bitmask to represent the plurality of services supported at the node, wherein the bitmask includes a starting service and each subsequent bit representing another service of the plurality of services and with each bit in the bitmask set based on the plurality of services supported at the node; and transmitting an advertisement to nodes in the Segment Routing network with a starting Service SID value and the bitmask based on the plurality of services supported at the node. The plurality of services can include any of a Virtual Private Wire Service (VPWS) and a Flexible Cross Connect (FXC) service.
    Type: Application
    Filed: October 22, 2020
    Publication date: April 28, 2022
    Inventors: Sami Boutros, Muthurajah Sivabalan, Himanshu Shah, Peng He
  • Patent number: 11316773
    Abstract: Some embodiments provide a method for configuring an edge computing device to implement a logical router belonging to a logical network. The method configures a datapath executing on the edge computing device to use a first routing table associated with the logical router for processing data messages routed to the logical router. The method configures a routing protocol application executing on the edge computing device to (i) use the first routing table for exchanging routes with a network external to the logical network and (ii) use a second routing table for exchanging routes with other edge computing devices that implement the logical router.
    Type: Grant
    Filed: June 19, 2020
    Date of Patent: April 26, 2022
    Assignee: VMWARE, INC.
    Inventors: Ankur Dubey, Sami Boutros, Yashika Narang, Vinay Kumar Ganeshmal Jain, Meenakshi Selvaraj
  • Publication number: 20220124019
    Abstract: Systems and methods include determining one or more Layer 3 Virtual Private Networks (L3VPNs) supported at the router; and advertising the one or more L3 VPNs to one or more routers in the Segment Routing network with each advertisement including a service Segment Identifier (SID) for each of the one or more L3VPNs and one of a node SID for the router or an Anycast SID when the router is connected to a Multi-Home site. The steps can further include transmitting a Layer 3 (L3) packet for an L3 VPN of the one or more L3 VPNs with a destination SID and a service SID of the L3VPN. The advertisement can include encapsulation as an IPv6 prefix containing both the node SID for the router and the service SID, and wherein prefixes are treated as attributes of a route.
    Type: Application
    Filed: October 20, 2020
    Publication date: April 21, 2022
    Inventors: Sami Boutros, Muthurajah Sivabalan, Pranav Mehta
  • Patent number: 11283637
    Abstract: The technology disclosed herein enables multicast network traffic to pass an RPF check in a logical router having separated packet handlers. In a particular embodiment, a method includes, in a north/south packet handler of a first logical router, receiving first network traffic from an east/west packet handler of the logical router. The first network traffic is multicast network traffic and the logical router is a first hop router for the first network traffic from a source of the first network traffic. The method further includes identifying an entry for the source in unicast routing information for unicast network traffic. Identifying the entry indicates that the first network traffic passes a reverse path forwarding (RPF) check. In response to the first network traffic passing the RPF check, the method includes transferring the first network traffic from the north/south packet handler to a next hop for the first network traffic indicated by first multicast routing information.
    Type: Grant
    Filed: April 7, 2020
    Date of Patent: March 22, 2022
    Assignee: VMWARE, INC.
    Inventors: Vijayalaxmi Basavaraj, Ankur Dubey, Sami Boutros