Patents by Inventor Yashika Narang
Yashika Narang has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230388200Abstract: For a multi-tenant environment, some embodiments of the invention provide a novel method for forwarding tenant traffic through a set of service machines to perform a set of service operations on the tenant traffic. In some embodiments, the method performs a classification operation on a data message flow of a tenant, in order to identify a set of service operations to perform on the data message flow. For some data message flows, the classification operation selects the identified set of service operations from several candidate sets of service operations that are viable service operation sets for similar data message flows of the tenant. In some embodiments, the classification operation is based on a set of attributes associated with the data message flow (e.g., five tuple identifier, i.e., protocol and source and destination ports and IP addresses).Type: ApplicationFiled: July 28, 2023Publication date: November 30, 2023Inventors: Sami Boutros, Pere Monclus, Philip Kippen, Dharma Rajan, Yashika Narang
-
Patent number: 11824778Abstract: The technology disclosed herein enables a dynamic chain of service functions for processing network traffic. In a particular embodiment, a method includes, in a logical router for a logical network connecting service functions, receiving a network packet from a service function over the logical network after the network packet has been processed by the service function. The method further includes determining a new classification of the network packet and determining a next service function based on application of a service chain policy to the new classification. The method also includes directing the network packet to the next service function over the logical network.Type: GrantFiled: May 11, 2022Date of Patent: November 21, 2023Assignee: Nicira, Inc.Inventors: Sami Boutros, Mani Kancherla, Dharmaraja Rajan, Philip Kippen, Yashika Narang, Chidambareswaran Raman
-
Publication number: 20230370360Abstract: Some embodiments provide a method for configuring an edge computing device to implement a logical router belonging to a logical network. The method configures a datapath executing on the edge computing device to use a first routing table associated with the logical router for processing data messages routed to the logical router. The method configures a routing protocol application executing on the edge computing device to (i) use the first routing table for exchanging routes with a network external to the logical network and (ii) use a second routing table for exchanging routes with other edge computing devices that implement the logical router.Type: ApplicationFiled: July 28, 2023Publication date: November 16, 2023Inventors: Ankur Dubey, Sami Boutros, Yashika Narang, Vinay Kumar Ganeshmal Jain, Meenakshi Sundaram Selvaraj
-
Patent number: 11750476Abstract: For a multi-tenant environment, some embodiments of the invention provide a novel method for forwarding tenant traffic through a set of service machines to perform a set of service operations on the tenant traffic. In some embodiments, the method performs a classification operation on a data message flow of a tenant, in order to identify a set of service operations to perform on the data message flow. For some data message flows, the classification operation selects the identified set of service operations from several candidate sets of service operations that are viable service operation sets for similar data message flows of the tenant. In some embodiments, the classification operation is based on a set of attributes associated with the data message flow (e.g., five tuple identifier, i.e., protocol and source and destination ports and IP addresses).Type: GrantFiled: October 9, 2020Date of Patent: September 5, 2023Assignee: NICIRA, INC.Inventors: Sami Boutros, Pere Monclus, Philip Kippen, Dharma Rajan, Yashika Narang
-
Patent number: 11743168Abstract: Some embodiments provide a method for configuring an edge computing device to implement a logical router belonging to a logical network. The method configures a datapath executing on the edge computing device to use a first routing table associated with the logical router for processing data messages routed to the logical router. The method configures a routing protocol application executing on the edge computing device to (i) use the first routing table for exchanging routes with a network external to the logical network and (ii) use a second routing table for exchanging routes with other edge computing devices that implement the logical router.Type: GrantFiled: March 3, 2022Date of Patent: August 29, 2023Assignee: VMWARE, INC.Inventors: Ankur Dubey, Sami Boutros, Yashika Narang, Vinay Kumar Ganeshmal Jain, Meenakshi Sundaram Selvaraj
-
Publication number: 20220272037Abstract: The technology disclosed herein enables a dynamic chain of service functions for processing network traffic. In a particular embodiment, a method includes, in a logical router for a logical network connecting service functions, receiving a network packet from a service function over the logical network after the network packet has been processed by the service function. The method further includes determining a new classification of the network packet and determining a next service function based on application of a service chain policy to the new classification. The method also includes directing the network packet to the next service function over the logical network.Type: ApplicationFiled: May 11, 2022Publication date: August 25, 2022Inventors: Sami Boutros, Mani Kancherla, Dharmaraja Rajan, Philip Kippen, Yashika Narang, Chidambareswaran Raman
-
Publication number: 20220191126Abstract: Some embodiments provide a method for configuring an edge computing device to implement a logical router belonging to a logical network. The method configures a datapath executing on the edge computing device to use a first routing table associated with the logical router for processing data messages routed to the logical router. The method configures a routing protocol application executing on the edge computing device to (i) use the first routing table for exchanging routes with a network external to the logical network and (ii) use a second routing table for exchanging routes with other edge computing devices that implement the logical router.Type: ApplicationFiled: March 3, 2022Publication date: June 16, 2022Inventors: Ankur Dubey, Sami Boutros, Yashika Narang, Vinay Kumar Ganeshmal Jain, Meenakshi Sundaram Selvaraj
-
Dynamic chain of service functions for processing network traffic in a virtual computing environment
Patent number: 11336572Abstract: The technology disclosed herein enables a dynamic chain of virtual service functions for processing network traffic in a virtual computing environment. In a particular embodiment, a method includes providing a service chain policy to a virtual routing element connecting the respective service functions and determining an initial classification of a network packet entering the dynamic service chain. The initial classification indicates at least a first service function in a sequence of the service functions for processing the network packet. The method further includes providing a service chain policy to a virtual routing element connecting the respective service functions.Type: GrantFiled: May 12, 2017Date of Patent: May 17, 2022Assignee: Nicira, Inc.Inventors: Sami Boutros, Mani Kancherla, Dharmaraja Rajan, Philip Kippen, Yashika Narang, Chidambareswaran Raman -
Patent number: 11336556Abstract: Some embodiments provide a method for a first edge device in a first datacenter that implements a centralized routing component of a logical router that spans multiple datacenters and handles data traffic between a logical network implemented across the multiple datacenters and external networks. From a second edge device in a second datacenter, the method receives via routing protocol a route having a particular routing protocol tag. When the first datacenter is a primary datacenter for the logical router such that all data traffic between the logical network and the external networks is handled by one or more centralized routing components implemented at the first datacenter, the method uses the routing protocol tag to determine whether to advertise the received route to the external networks.Type: GrantFiled: June 19, 2020Date of Patent: May 17, 2022Assignee: VMWARE, INC.Inventors: Ganesan Chandrashekhar, Abhishek Goliya, Ankur Dubey, Sami Boutros, Yashika Narang
-
Patent number: 11316773Abstract: Some embodiments provide a method for configuring an edge computing device to implement a logical router belonging to a logical network. The method configures a datapath executing on the edge computing device to use a first routing table associated with the logical router for processing data messages routed to the logical router. The method configures a routing protocol application executing on the edge computing device to (i) use the first routing table for exchanging routes with a network external to the logical network and (ii) use a second routing table for exchanging routes with other edge computing devices that implement the logical router.Type: GrantFiled: June 19, 2020Date of Patent: April 26, 2022Assignee: VMWARE, INC.Inventors: Ankur Dubey, Sami Boutros, Yashika Narang, Vinay Kumar Ganeshmal Jain, Meenakshi Selvaraj
-
Patent number: 11153122Abstract: For a set of gateway devices at the edge of a logical network, some embodiments provide a method for ensuring that data messages from an external network requiring a stateful service are received at an active gateway device. The method advertises the availability of a set of internet protocol (IP) addresses from standby gateway devices with a higher cost than the cost advertised by an active gateway device. In some embodiments, the advertisement is made using a border gateway protocol. Data messages may be unexpectedly received on a standby node despite the higher advertised cost. This could happen due to asymmetric network failures. The method determines if a stateful service is needed for the data messages received on standby node. Based on the determination, the method forwards the received data message to the active gateway device for the active gateway device to provide the stateful service.Type: GrantFiled: February 19, 2018Date of Patent: October 19, 2021Assignee: NICIRA, INC.Inventors: Ankur Dubey, Sami Boutros, Vijayalaxmi Basavaraj, Yashika Narang, Sharath Bhat
-
Publication number: 20210314256Abstract: Some embodiments provide a method for a first edge device in a first datacenter that implements a centralized routing component of a logical router that spans multiple datacenters and handles data traffic between a logical network implemented across the multiple datacenters and external networks. From a second edge device in a second datacenter, the method receives via routing protocol a route having a particular routing protocol tag. When the first datacenter is a primary datacenter for the logical router such that all data traffic between the logical network and the external networks is handled by one or more centralized routing components implemented at the first datacenter, the method uses the routing protocol tag to determine whether to advertise the received route to the external networks.Type: ApplicationFiled: June 19, 2020Publication date: October 7, 2021Inventors: Ganesan Chandrashekhar, Abhishek Goliya, Ankur Dubey, Sami Boutros, Yashika Narang
-
Publication number: 20210314251Abstract: Some embodiments provide a method for configuring an edge computing device to implement a logical router belonging to a logical network. The method configures a datapath executing on the edge computing device to use a first routing table associated with the logical router for processing data messages routed to the logical router. The method configures a routing protocol application executing on the edge computing device to (i) use the first routing table for exchanging routes with a network external to the logical network and (ii) use a second routing table for exchanging routes with other edge computing devices that implement the logical router.Type: ApplicationFiled: June 19, 2020Publication date: October 7, 2021Inventors: Ankur Dubey, Sami Boutros, Yashika Narang, Vinay Kumar Ganeshmal Jain, Meenakshi Selvaraj
-
Publication number: 20210226869Abstract: One example may comprise a computer system receiving a request to perform an offline connectivity check between a source endpoint and a destination endpoint; and obtaining logical network information associated with a production environment in which multiple logical network elements are deployed. Based on the logical network information, the computer system may identify a logical network path connecting the source endpoint and the destination endpoint and perform an offline traversal of the logical network path outside of the production environment. In response to detecting a connectivity issue during the offline traversal, report information identifying the logical network path and the connectivity issue may be generated.Type: ApplicationFiled: January 21, 2020Publication date: July 22, 2021Applicant: VMware, Inc.Inventors: Sharath BHAT, Yashika NARANG, Xinghua HU, Xinhua HONG, Vinay JAIN, Neeraj DIXIT
-
Patent number: 10951656Abstract: Methods, apparatus and articles of manufacture to use artificial intelligence to define encryption and security policies in a software defined data center are disclosed. Example apparatus include a language parser to parse a natural language statement into a policy statement that defines a distributed network encryption policy or a distributed network security policy. Example apparatus also include a comparator to compare the policy statement to a set of reference policy templates and a template configurer to select a first policy template from the set of reference policy templates in response to the comparator determining the first policy template corresponds to the policy statement. A policy distributor distributes a policy rule defined by the first policy template for enforcement at network nodes of a software defined data center. The policy rule is a distributed network encryption policy rule or a security policy rule.Type: GrantFiled: August 16, 2017Date of Patent: March 16, 2021Assignee: NICIRA, INC.Inventors: Gang Xu, Xinghua Hu, Yong Wang, Shadab Shah, Sharath Bhat, Yashika Narang
-
Publication number: 20210044502Abstract: For a multi-tenant environment, some embodiments of the invention provide a novel method for forwarding tenant traffic through a set of service machines to perform a set of service operations on the tenant traffic. In some embodiments, the method performs a classification operation on a data message flow of a tenant, in order to identify a set of service operations to perform on the data message flow. For some data message flows, the classification operation selects the identified set of service operations from several candidate sets of service operations that are viable service operation sets for similar data message flows of the tenant. In some embodiments, the classification operation is based on a set of attributes associated with the data message flow (e.g., five tuple identifier, i.e., protocol and source and destination ports and IP addresses).Type: ApplicationFiled: October 9, 2020Publication date: February 11, 2021Inventors: Sami Boutros, Pere Monclus, Philip Kippen, Dharma Rajan, Yashika Narang
-
Patent number: 10805181Abstract: For a multi-tenant environment, some embodiments of the invention provide a novel method for forwarding tenant traffic through a set of service machines to perform a set of service operations on the tenant traffic. In some embodiments, the method performs a classification operation on a data message flow of a tenant, in order to identify a set of service operations to perform on the data message flow. For some data message flows, the classification operation selects the identified set of service operations from several candidate sets of service operations that are viable service operation sets for similar data message flows of the tenant. In some embodiments, the classification operation is based on a set of attributes associated with the data message flow (e.g., five tuple identifier, i.e., protocol and source and destination ports and IP addresses).Type: GrantFiled: January 26, 2018Date of Patent: October 13, 2020Assignee: NICIRA, INC.Inventors: Sami Boutros, Pere Monclus, Philip Kippen, Dharma Rajan, Yashika Narang
-
Patent number: 10797966Abstract: For a multi-tenant environment, some embodiments of the invention provide a novel method for forwarding tenant traffic through a set of service machines to perform a set of service operations on the tenant traffic. In some embodiments, the method performs a classification operation on a data message flow of a tenant, in order to identify a set of service operations to perform on the data message flow. For some data message flows, the classification operation selects the identified set of service operations from several candidate sets of service operations that are viable service operation sets for similar data message flows of the tenant. In some embodiments, the classification operation is based on a set of attributes associated with the data message flow (e.g., five tuple identifier, i.e., protocol and source and destination ports and IP addresses).Type: GrantFiled: January 26, 2018Date of Patent: October 6, 2020Assignee: NICIRA, INC.Inventors: Sami Boutros, Pere Monclus, Philip Kippen, Dharma Rajan, Yashika Narang
-
Publication number: 20190260610Abstract: For a set of gateway devices at the edge of a logical network, some embodiments provide a method for ensuring that data messages from an external network requiring a stateful service are received at an active gateway device. The method advertises the availability of a set of internet protocol (IP) addresses from standby gateway devices with a higher cost than the cost advertised by an active gateway device. In some embodiments, the advertisement is made using a border gateway protocol. Data messages may be unexpectedly received on a standby node despite the higher advertised cost. This could happen due to asymmetric network failures. The method determines if a stateful service is needed for the data messages received on standby node. Based on the determination, the method forwards the received data message to the active gateway device for the active gateway device to provide the stateful service.Type: ApplicationFiled: February 19, 2018Publication date: August 22, 2019Inventors: Ankur Dubey, Sami Boutros, Vijayalaxmi Basavaraj, Yashika Narang, Sharath Bhat
-
Publication number: 20190132221Abstract: For a multi-tenant environment, some embodiments of the invention provide a novel method for forwarding tenant traffic through a set of service machines to perform a set of service operations on the tenant traffic. In some embodiments, the method performs a classification operation on a data message flow of a tenant, in order to identify a set of service operations to perform on the data message flow. For some data message flows, the classification operation selects the identified set of service operations from several candidate sets of service operations that are viable service operation sets for similar data message flows of the tenant. In some embodiments, the classification operation is based on a set of attributes associated with the data message flow (e.g., five tuple identifier, i.e., protocol and source and destination ports and IP addresses).Type: ApplicationFiled: January 26, 2018Publication date: May 2, 2019Inventors: Sami Boutros, Pere Monclus, Philip Kippen, Dharma Rajan, Yashika Narang