Patent application number | Description | Published |
20100128598 | SYSTEMS AND METHODS FOR MAINTAINING PERSISTENCE BY A BACKUP VIRTUAL SERVER - The present disclosure presents systems and methods for maintaining persistence of a backup virtual server on connections currently serviced by the backup virtual server. A virtual server operating on an intermediary network device and identified as a primary virtual server for a first connection may receive a request via the first connection. The intermediary device may forward the first request to a backup virtual server of the virtual server in response to identifying that the virtual server is unavailable. The intermediary device may later identify that the virtual server is available. The virtual server may establish a new connection responsive to receiving a connection request while the intermediary device may forward a second request received via the first connection to the backup virtual server instead of the virtual server responsive to identifying that the virtual server is configured not to preempt the backup virtual server from maintaining connections currently maintained by the backup virtual server. | 05-27-2010 |
20100131946 | SYSTEMS AND METHODS FOR HEALTH BASED SPILLOVER - The present solution provides a spillover management technique for virtual servers of an appliance based on health. Using a health based spillover technique, a network appliance may direct requests to a backup or second virtual server upon determining that a predetermined percentage of services being load balanced are down. In this manner, the spillover will occur based on a user controlled determination of a level of services being down to the number of services enabled. Instead of waiting for a last service of a virtual server to be marked down to spillover to another virtual server, the spillover may occur based on a user specified percentage. For example, the appliance may spillover from one virtual server to another virtual server when the number of services marked down relative to the number of enabled services falls below a specified percentage. | 05-27-2010 |
20100138551 | SYSTEMS AND METHODS FOR APPLYING TRANSFORMATIONS TO IP ADDRESSES OBTAINED BY DOMAIN NAME SERVICE (DNS) - Described herein are systems and methods for improving networked communication systems by transforming IP addresses. In particular, an intermediary device disposed in a network between a plurality of clients and a plurality of servers can receive a request for a service offered at a specified domain name. The appliance can also receive a DNS-resolved primary address for a server associated with the domain name, and transform the primary address to a secondary address for the server. The address transformation can be done by the intermediary to prevent service interruption between a client and server due, for example, to server maintenance. | 06-03-2010 |
20100322088 | SYSTEMS AND METHODS FOR MONITOR DISTRIBUTION IN A MULTI-CORE SYSTEM - The present invention is directed towards systems and methods for monitoring services in a multi-core system. The systems and methods distribute the monitors for a service and the ownership of a service across the cores of the multi-core device. The greater resources of the multi-core device process the workload of the monitors for the services and the workload for monitoring the states of the services more efficiently than a single packet engine on a core. | 12-23-2010 |
20100325268 | SYSTEMS AND METHODS FOR SPILLOVER IN A MULTI-CORE SYSTEM - The present invention is directed towards systems and methods for spillover threshold management in a multi-core system. A pool manager divides the spillover threshold limit of connections for vServers into an exclusive quota pool and a shared quota pool. Each vServer operating on a core is allocated an exclusive number of connections from the exclusive quota pool. If a vServer wishes to create connections beyond its exclusive number, the vServer can borrow from the shared quota pool. When the vServers are using at least a first predetermined threshold of their exclusive number of connections and the number of available connections in the shared quota pool has reached a second predetermined threshold, the multi-core system establishes a backup vServer. | 12-23-2010 |
20100325277 | SYSTEMS AND METHODS FOR HANDLING LIMIT PARAMETERS FOR A MULTI-CORE SYSTEM - The present invention is directed towards systems and methods for handling limit parameters for multi-core systems. A pool manager divides the limited number of uses of a resource into an exclusive quota pool and a shared quota pool. Each packet processing engine operating on a core is allocated an exclusive number of uses of the resource from the exclusive quota pool. If a packet processing engine wishes to use the resource beyond its exclusive number, the packet processing engine must borrow from the shared quota pool. | 12-23-2010 |
20110149737 | SYSTEMS AND METHODS FOR MANAGING SPILLOVER LIMITS IN A MULTI-CORE SYSTEM - The present disclosure is directed to a a system for managing spillover via a plurality of cores of a multi-core device intermediary to a plurality of clients and one or more services. The system may include a device intermediary to a plurality of clients and one or more services. The system may include a spillover limit of a resource. The device may also include a plurality of packet engines operating on a corresponding core of a plurality of cores of the device. The system may include a pool manager allocating to each of the plurality of packet engines a number of resource uses from an exclusive quota pool and shared quota pool based on the spillover limit. The device may also include a virtual server of a packet engine of the plurality of packet engines. The virtual server manages client requests to one or more services. The device determines that the number of resources used by a packet engine of the plurality of packet engine has reached the allocated number of resource uses of the packet engine, and responsive to the determination, forwards to a backup virtual server a request of a client of the plurality of clients received by the device for the virtual server. | 06-23-2011 |
20110153827 | SYSTEMS AND METHODS FOR MIXED MODE HANDLING OF IPV6 AND IPV4 TRAFFIC BY A VIRTUAL SERVER - The present invention is directed towards systems and methods for mixed-mode load balancing by a virtual server in a network supporting a plurality of internet protocols. In various embodiments, a mixed-mode virtual server receives service requests based on two or more internet layer protocols. The mixed-mode virtual server is configured to detect an IP address type of the client issuing the service request, and identify the internet protocol of the service request based on the detected IP address type. The mixed-mode virtual server can then forward the request to a server supporting the identified internet protocol. In this manner, the mixed-mode virtual server can bind load balance servers supporting a plurality of internet protocols. | 06-23-2011 |
20130239116 | SYSTEMS AND METHODS FOR SPILLOVER IN A MULTI-CORE SYSTEM - The present invention is directed towards systems and methods for spillover threshold management in a multi-core system. A pool manager divides the spillover threshold limit of connections for vServers into an exclusive quota pool and a shared quota pool. Each vServer operating on a core is allocated an exclusive number of connections from the exclusive quota pool. If a vServer wishes to create connections beyond its exclusive number, the vServer can borrow from the shared quota pool. When the vServers are using at least a first predetermined threshold of their exclusive number of connections and the number of available connections in the shared quota pool has reached a second predetermined threshold, the multi-core system establishes a backup vServer. | 09-12-2013 |
20130311608 | SYSTEMS AND METHODS FOR APPLYING TRANSFORMATIONS TO IP ADDRESSES OBTAINED BY DOMAIN NAME SERVICE (DNS) - Described herein are systems and methods for improving networked communication systems by transforming IP addresses. In particular, an intermediary device disposed in a network between a plurality of clients and a plurality of servers can receive a request for a service offered at a specified domain name. The appliance can also receive a DNS-resolved primary address for a server associated with the domain name, and transform the primary address to a secondary address for the server. The address transformation can be done by the intermediary to prevent service interruption between a client and server due, for example, to server maintenance. | 11-21-2013 |
20130315070 | SYSTEMS AND METHODS FOR MONITOR DISTRIBUTION IN A MULTI-CORE SYSTEM - The present invention is directed towards systems and methods for monitoring services in a multi-core system. The systems and methods distribute the monitors for a service and the ownership of a service across the cores of the multi-core device. The greater resources of the multi-core device process the workload of the monitors for the services and the workload for monitoring the states of the services more efficiently than a single packet engine on a core. | 11-28-2013 |
20140032750 | SYSTEMS AND METHODS FOR HEALTH BASED SPILLOVER - The present solution provides a spillover management technique for virtual servers of an appliance based on health. Using a health based spillover technique, a network appliance may direct requests to a backup or second virtual server upon determining that a predetermined percentage of services being load balanced are down. In this manner, the spillover will occur based on a user controlled determination of a level of services being down to the number of services enabled. Instead of waiting for a last service of a virtual server to be marked down to spillover to another virtual server, the spillover may occur based on a user specified percentage. For example, the appliance may spillover from one virtual server to another virtual server when the number of services marked down relative to the number of enabled services falls below a specified percentage. | 01-30-2014 |
20140108660 | SYSTEMS AND METHODS FOR HANDLING LIMIT PARAMETERS FOR A MULTI-CORE SYSTEM - The present invention is directed towards systems and methods for handling limit parameters for multi-core systems. A pool manager divides the limited number of uses of a resource into an exclusive quota pool and a shared quota pool. Each packet processing engine operating on a core is allocated an exclusive number of uses of the resource from the exclusive quota pool. If a packet processing engine wishes to use the resource beyond its exclusive number, the packet processing engine must borrow from the shared quota pool. | 04-17-2014 |
20140304352 | SYSTEMS AND METHODS FOR CLUSTER PARAMETER LIMIT - The present disclosure is directed towards a system and method for handling limit parameters for spillover conditions of virtual servers across multiple nodes in a cluster system. The cluster system may comprise a plurality of nodes, wherein one node may be elected as a master node and the remaining nodes are designated as slave nodes. The master node may monitor the cluster system and establish limit parameters for the cluster system and apply them to the plurality of nodes. The limit parameters may be based upon the number of open connections in the cluster system and the number of nodes. The master node may establish an ideal quota value for each node to balance the number of open connections in the cluster. | 10-09-2014 |
20140304399 | SYSTEMS AND METHODS FOR PROVIDING MONITORING IN A CLUSTER SYSTEM - The present application is directed towards systems and methods for providing monitoring in a cluster system. The systems and methods distribute the monitors for a service and the ownership of a service across a cluster system comprising a plurality of nodes. The nodes in the cluster can be configured to have different sets of virtual servers (sometimes referred to as “vservers”) and services. The ownership and monitoring of the services can be distributed among all the nodes in the cluster. The system can identify a service in a cluster system and identify a master node that has ownership of the service. The master node can transmit a service status update to other nodes in the cluster system. | 10-09-2014 |
20140344925 | SYSTEMS AND METHODS FOR REDUCING DENIAL OF SERVICE ATTACKS AGAINST DYNAMICALLY GENERATED NEXT SECURE RECORDS - In one aspect, the present disclosure is directed to a method for reducing denial of service (DoS) attacks against dynamically generated next secure (NSEC) records. A domain name system (DNS) proxy may prevent spoofed IP addresses by forcing clients to transmit DNS queries via transmission control protocol (TCP), by replying to a user datagram protocol (UDP) DNS request with a blank or predetermined resource record with a truncation bit set to indicate that the record is too large to fit within a single UDP packet payload. Under the DNS specification, the client must re-transmit the DNS request via TCP. Upon receipt of the retransmitted request via TCP, the DNS proxy may generate fictitious neighbor addresses and a signed NSEC record and transmit the record to the client. Accordingly, the DNS Proxy need not waste time and processor cycles generating and signing records for requests from spoofed IP addresses via UDP. | 11-20-2014 |
20150039763 | SYSTEMS AND METHODS FOR LEAST CONNECTION LOAD BALANCING BY MULTI-CORE DEVICE - The present invention is directed towards systems and methods for load balancing by a multi-core device intermediary between clients and services. The device may establish sub-slots in each slot of the device's packet engines. The number of sub-slots may correspond to the packet engine count. Each slot may track a different number of active connections allocated to a service. The device may assign a first and second service to each packet engine in a first slot corresponding to no active connections. These services may be assigned to different sub-slots in adjacent packet engines. The device may update, responsive to allocation of a first active connection to the first service, the first service from a sub-slot in the first slot of a first packet engine, to a corresponding sub-slot in a second slot. The second slot may correspond to one active connection allocated to the first service. | 02-05-2015 |
20150339164 | SYSTEMS AND METHODS FOR MANAGING SPILLOVER LIMITS IN A MULTI-CORE SYSTEM - The present disclosure is directed to a system for managing spillover via a plurality of cores of a multi-core device intermediary to a plurality of clients and one or more services. The system may include a device intermediary to a plurality of clients and one or more services. The system may include a spillover limit of a resource. The device may also include a plurality of packet engines operating on a corresponding core of a plurality of cores of the device. The system may include a pool manager allocating to each of the plurality of packet engines a number of resource uses from an exclusive quota pool and shared quota pool based on the spillover limit. The device may also include a virtual server of a packet engine of the plurality of packet engines. The virtual server manages client requests to one or more services. The device determines that the number of resources used by a packet engine of the plurality of packet engine has reached the allocated number of resource uses of the packet engine, and responsive to the determination, forwards to a backup virtual server a request of a client of the plurality of clients received by the device for the virtual server. | 11-26-2015 |