Patent application number | Description | Published |
20080240140 | Network interface with receive classification - A network interface that provides improved processing of received packets in a networked computer by classifying packets as they are received. Further, both the characteristics used by the network interface to classify packets and the processing performed on those packets once classified may be programmed. The network interface contains multiple receive queues and one type of processing that may be performed is assigning packets to queues based on classification. A network stack within an operating system of the networked computer can route packets classified by the network interface to application level destinations with reduced processing. Additionally, the priority with which packets of certain classifications are processed may be used to allocate processing power to certain types of packets. As a specific example, a computer subjected to a particular type of denial of service attack sometimes called a “SYN attack” may lower the priority of processing SYN packets to reduce the effect of such an attack. | 10-02-2008 |
20080310419 | Network interface selection using historical connection information - A computer may be capable of communicating with devices via network through multiple interfaces. When a new connection is to be established, the computer may select an interface to use for the connection. In some embodiments, the interface may be selected based on historical connection information representing the performance of previous network connections that the computer has established through the interfaces. | 12-18-2008 |
20090022055 | SYSTEMS AND METHODS FOR IMPROVING TCP-FRIENDLINESS OF DELAY-BASED CONGESTION CONTROL - Disclosed herein is a novel technique that greatly improves the TCP-friendliness of CTCP over such under-buffered network links without degrading the protocol efficiency to utilize the link capacity. Instead of using a pre-defined threshold, the disclosed approach, which may be referred to herein as “CTCP-TUBE,” dynamically adjusts the threshold based on the network setting in which the flow is operating. The backlogged packets of a regular TCP may be estimated along the same path by emulating the behavior of a regular TCP flow in runtime. Based on this, a threshold is set so as to ensure good TCP-friendliness. CTCP-TUBE can automatically adapt to different network configurations and also concurrent competing flows. | 01-22-2009 |
20090157866 | TRANSPARENT AUTO-DISCOVERY OF NETWORK DEVICES LOGICALLY LOCATED BETWEEN A CLIENT AND SERVER - Discovery of intermediate network devices is performed using a technique that piggybacks upon the existing standard TCP (Transport Control Protocol) “SACK” (Selective Acknowledgment) option in a SYN/ACK packet so that discovery information may be shared between pair-wise-deployed peer intermediate devices when a TCP/IP connection (Transport Control Protocol/Internet Protocol) is first established between network endpoints using a conventional three-way handshake. Use of the SACK option is combined with another technique which comprises modifying the original 16-bit value of the TCP receive window size to a special arbitrary value to mark a SYN packet as being generated by a first peer device. The marked SYN when received by the second peer device triggers that device's discovery information to be piggybacked in the SACK option of the SYN/ACK packet. The first device then piggybacks its discovery information in the SACK option of the ACK packet which completes the three-way handshake. | 06-18-2009 |
20090319667 | Optimal Source Interface Selection - Aspects of the subject matter described herein relate to selecting a source interface with which to establish a connection. In aspects, a profile for each network location a host has seen is maintained in a data store. The profile includes information about the network interfaces available to a source host at the network location. This information indicates, among other things, the reliability of each interface of the source host. Based on the profile, an interface is selected with which to establish a connection. If the interface is unsuccessful in establishing the connection, the interface is de-prioritized and another interface may be selected. | 12-24-2009 |
20090323681 | POLICY-BASED ROUTING IN A MULTI-HOMED COMPUTER - Policy-based routing system and method for a multi-homed computer. Policy-based routing permits or blocks usage of system level route(s) based on user credentials and/or network application(s) associated with a data transfer. The credentials can include information associated with an application, a user, and the like. Optionally, one or more filter(s) can be configured over classifiable field(s), such as credential(s), information associated with a determined proposed route, to statically permit/block route usage and/or to invoke an inspection module (e.g., custom inspection routine) when the filter condition(s) are met. | 12-31-2009 |
20100070642 | OFFLOADING NETWORK PROTOCOL OPERATIONS TO NETWORK INTERFACE IN SLEEP STATE - A computing device participates in network protocol operations when the computing device is in an inactive state. A main processor of the computing device transfers protocol mode instructions and data corresponding to a selected network protocol to a network interface of the computing device, and the network interface executes the protocol mode instructions on behalf of the main processor when the main processor is in the inactive state. The main processor may select a network protocol from two or more network protocols and may download protocol mode instructions and data corresponding the selected network protocol to the network interface. The network interface may compare a received packet to at least one received packet pattern and may respond to the received packet in accordance with a result of the comparison. | 03-18-2010 |
20100299349 | Reducing Latency in Returning Online Search Results - An embodiment of the invention is directed to reducing search-response latency. The closest intermediate server can be located between a client computing device and a search engine. A search query is sent to the intermediate server in a first packet of a transport protocol handshake. A plurality of packets are received from the intermediate server. The plurality of packets are used to open a window associated with a transport protocol. A response related to the search query is received by the client. | 11-25-2010 |
20110211449 | COMMUNICATION TRANSPORT OPTIMIZED FOR DATA CENTER ENVIRONMENT - Methods and apparatus for congestion control in computer networks achieve high burst tolerance, low latency and high throughput with shallow-buffered switches. A method for controlling congestion includes transmitting a set of data packets on a network connection from a first computing device to a second computing device, identifying each data packet in the set of data packets that experienced congestion on the network connection, sending, by the second computing device to the first computing device, a sequence of bits that represents the number of data packets in the set of data packets that were identified as having experienced congestion, and adjusting a rate of transmitting data packets on the network connection based on the sequence of bits sent to the first computing device. | 09-01-2011 |
20110252281 | TRANSPARENT AUTO-DISCOVERY OF NETWORK DEVICES LOGICALLY LOCATED BETWEEN A CLIENT AND SERVER - Discovery of intermediate network devices is performed using a technique that piggybacks upon the existing standard TCP (Transport Control Protocol) “SACK” (Selective Acknowledgment) option in a SYN/ACK packet so that discovery information may be shared between pair-wise-deployed peer intermediate devices when a TCP/IP connection (Transport Control Protocol/Internet Protocol) is first established between network endpoints using a conventional three-way handshake. Use of the SACK option is combined with another technique which comprises modifying the original 16-bit value of the TCP receive window size to a special arbitrary value to mark a SYN packet as being generated by a first peer device. The marked SYN when received by the second peer device triggers that device's discovery information to be piggybacked in the SACK option of the SYN/ACK packet. The first device then piggybacks its discovery information in the SACK option of the ACK packet which completes the three-way handshake. | 10-13-2011 |
20120155468 | MULTI-PATH COMMUNICATIONS IN A DATA CENTER ENVIRONMENT - Various technologies related to multi-path communications in a data center environment are described herein. Network infrastructure devices communicate traffic flows amongst one another, wherein a traffic flow includes a plurality of data packets intended for a particular recipient computing device that are desirably transmitted and received in a certain sequence. Indications that data packets in the traffic flow have been received outside of the certain sequence are processed in a manner to prevent a network infrastructure device from retransmitting a particular data packet. | 06-21-2012 |
20130013805 | TRANSPARENT AUTO-DISCOVERY OF NETWORK DEVICES LOGICALLY LOCATED BETWEEN A CLIENT AND SERVER - Discovery of intermediate network devices is performed using a technique that piggybacks upon the existing standard TCP (Transport Control Protocol) “SACK” (Selective Acknowledgment) option in a SYN/ACK packet so that discovery information may be shared between pair-wise-deployed peer intermediate devices when a TCP/IP connection (Transport Control Protocol/Internet Protocol) is first established between network endpoints using a conventional three-way handshake. Use of the SACK option is combined with another technique which comprises modifying the original 16-bit value of the TCP receive window size to a special arbitrary value to mark a SYN packet as being generated by a first peer device. The marked SYN when received by the second peer device triggers that device's discovery information to be piggybacked in the SACK option of the SYN/ACK packet. The first device then piggybacks its discovery information in the SACK option of the ACK packet which completes the three-way handshake. | 01-10-2013 |
20130031544 | VIRTUAL MACHINE MIGRATION TO MINIMIZE PACKET LOSS IN VIRTUALIZED NETWORK - Methods and apparatus are provided for controlling live migration of a virtual machine from a first host to a second host in a data center. A virtual machine manager may distribute to at least one host in a virtual network an updated mapping policy that maps a customer address of the virtual machine to a provider address of the migrated virtual machine. The updated mapping policy enables hosts in the virtual network to communicate with the migrated virtual machine. The updated mapping policy can be a shadow policy. The shadow policy is transmitted to hosts in the virtual network by the virtual machine manager before live migration of the virtual machine completes and is maintained by recipient hosts in an inactive state until triggered. The virtual machine manager notifies hosts in the virtual network to activate the shadow policy when live migration completes. | 01-31-2013 |
20130047151 | VIRTUALIZATION GATEWAY BETWEEN VIRTUALIZED AND NON-VIRTUALIZED NETWORKS - Methods and apparatus are provided for controlling communication between a virtualized network and non-virtualized entities using a virtualization gateway. A packet is sent by a virtual machine in the virtualized network to a non-virtualized entity. The packet is routed by the host of the virtual machine to a provider address of the virtualization gateway. The gateway translates the provider address of the gateway to a destination address of the non-virtualized entity and sends the packet to the non-virtualized entity. The non-virtualized entity may be a physical resource, such as a physical server or a storage device. The physical resource may be dedicated to one customer or may be shared among customers. | 02-21-2013 |
20130055270 | PERFORMANCE OF MULTI-PROCESSOR COMPUTER SYSTEMS - Embodiments of the invention may improve the performance of multi-processor systems in processing information received via a network. For example, some embodiments may enable configuration of a system such that information received is distributed among multiple processors for efficient processing. A user may select from among multiple configuration options, each configuration option being associated with a particular mode of processing information received. By selecting a configuration option, the user may specify how information received is processed to capitalize on the system's characteristics, such as by aligning processors on the system with certain NICs. As such, the processor(s) aligned with a NIC may perform networking-related tasks associated with information received by that NIC. If initial alignment causes one or more processors to become over-burdened, processing tasks may be dynamically re-distributed to other processors. | 02-28-2013 |
20130058346 | Distributed Routing Domains in Multi-Tenant Datacenter Virtual Networks - A distributed routing domain is disclosed wherein each user or tenant can deploy a multi-subnet routing topology in a network-virtualized datacenter. A virtualization module implements the distributed routing domain and enforces a multi-subnet routing topology in a distributed fashion without requiring a standalone physical router or VM router. The topology and the routing rules are distributed in a network virtualization module on each hypervisor host, and collectively realize the multi-subnet topology for a virtual network over any physical network topology. | 03-07-2013 |
20130061047 | SECURE AND EFFICIENT OFFLOADING OF NETWORK POLICIES TO NETWORK INTERFACE CARDS - Techniques for efficient and secure implementation of network policies in a network interface controller (NIC) in a host computing device operating a virtualized computing environment. In some embodiments, the NIC may process and forward packets directly to their destinations, bypassing a parent partition of the host computing device. In particular, in some embodiments, the NIC may store network policy information to process and forward packets directly to a virtual machine (VM). If the NIC is unable to process a packet, then the NIC may forward the packet to the parent partition. In some embodiments, the NIC may use an encapsulation protocol to transmit address information in packet headers. In some embodiments, this address information may be communicated by the MC to the parent partition via a secure channel. The NIC may also obtain, and decrypt, encrypted addresses from the VMs for routing packets, bypassing the parent partition. | 03-07-2013 |
20130232272 | Optimal Source Interface Selection - Aspects of the subject matter described herein relate to selecting a source interface with which to establish a connection. In aspects, a profile for each network location a host has seen is maintained in a data store. The profile includes information about the network interfaces available to a source host at the network location. This information indicates, among other things, the reliability of each interface of the source host. Based on the profile, an interface is selected with which to establish a connection. If the interface is unsuccessful in establishing the connection, the interface is de-prioritized and another interface may be selected. | 09-05-2013 |
20140115186 | RECEIVE WINDOW AUTO-TUNING - Methods of tuning a receive window. A receiving device and a sending device may be in communication over a network. The receiving device may advertise a receive window to the sending device. The size of the receive window may be adjusted over time based on one or more connection parameters, application parameters and/or operating system parameters. | 04-24-2014 |