专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

71. 发明申请

US20100040063A1 GENERALIZED SERIALIZATION QUEUE FRAMEWORK FOR PROTOCOL PROCESSING 有权
标题翻译：用于协议处理的通用串行化队列框架
公开(公告)号：US20100040063A1
公开(公告)日：2010-02-18
申请号：US12581595
申请日：2009-10-19
申请人： Thirumalai Srinivasan , Sunay Tripathi , Nicolas G. Droux
发明人： Thirumalai Srinivasan , Sunay Tripathi , Nicolas G. Droux
IPC分类号： H04L12/56
CPC分类号： H04L49/90 , H04L45/00 , H04L63/1458
摘要： A method for processing packets. The method includes receiving a first packet, wherein the first packet is associated with a first protocol, classifying the first packet using a protocol associated with the first packet, sending the first packet to a first receive ring based on the classification, sending the first packet from the first receive ring to a first virtual network interface card (VNIC) based on an operating mode, sending the first packet from the first VNIC to a first protocol specific virtual network stack (VNS), wherein the first protocol specific VNS is configured to only process packets associated with the first protocol, and processing the first packet by the first protocol specific VNS to obtain a first processed packet.
摘要翻译：一种处理数据包的方法。该方法包括接收第一分组，其中第一分组与第一协议相关联，使用与第一分组相关联的协议对第一分组进行分类，基于分类将第一分组发送到第一接收环，发送第一分组从所述第一接收环到基于操作模式的第一虚拟网络接口卡（VNIC），将所述第一分组从所述第一VNIC发送到第一协议特定虚拟网络栈（VNS），其中所述第一协议特定VNS被配置为仅处理与第一协议相关联的分组，以及通过第一协议特定VNS处理第一分组以获得第一处理分组。

72. 发明授权

US07640591B1 Method and apparatus for limiting denial of service attack by limiting traffic for hosts 有权
标题翻译：通过限制主机流量来限制拒绝服务攻击的方法和装置
公开(公告)号：US07640591B1
公开(公告)日：2009-12-29
申请号：US11112328
申请日：2005-04-22
申请人： Sunay Tripathi , Nicolas G. Droux , Yuzo Watanabe
发明人： Sunay Tripathi , Nicolas G. Droux , Yuzo Watanabe
IPC分类号： G06F11/00 , G06F11/30
CPC分类号： H04L63/1416 , H04L63/1458
摘要： A method for controlling a denial of service attack involves receiving a plurality of packets from a network, identifying an attacking host based on a severity level of the denial of service attack from the network, wherein the attacking host is identified by an identifying attack characteristic associated with one of the plurality of packets associated with the attacking host, analyzing each of the plurality of packets by a classifier to determine to which of a plurality of temporary data structures each of the plurality of packet is forwarded, forwarding each of the plurality of packets associated with the identifying attack characteristic to one of the plurality of temporary data structures matching the severity level of the denial of service attack as determined by the classifier, requesting a number of packets from the one of the plurality of temporary data structures matching the severity level by the virtual serialization queue, and forwarding the number of packets to the virtual serialization queue.
摘要翻译：用于控制拒绝服务攻击的方法包括从网络接收多个分组，基于来自网络的拒绝服务攻击的严重性级别识别攻击主机，其中攻击主机通过相关联的识别攻击特征来识别与所述攻击主机相关联的所述多个分组中的一个分组，通过分类器分析所述多个分组中的每一个，以确定所述多个分组中的每一个被转发到多个临时数据结构中的哪一个，转发所述多个分组中的每个分组与所述多个临时数据结构中的一个临时数据结构中的一个临时数据结构相关联，所述临时数据结构与由所述分类器确定的所述拒绝服务攻击的严重性级别匹配，请求从所述多个临时数据结构中的一个临时数据结构匹配严重性级别通过虚拟序列化队列，并将数据包的数量转发到virtua l序列化队列

73. 发明授权

US07631182B1 Secure protocol handshake offload using TNICs 有权
标题翻译：使用TNIC安全协议握手卸载
公开(公告)号：US07631182B1
公开(公告)日：2009-12-08
申请号：US11165990
申请日：2005-06-24
申请人： Nicolas G. Droux , Sunay Tripathi , Hsiao-Keng Jerry Chu
发明人： Nicolas G. Droux , Sunay Tripathi , Hsiao-Keng Jerry Chu
IPC分类号： H04L29/06
CPC分类号： H04L63/06 , H04L63/166
摘要： A method for offloading a secure protocol handshake. The method includes establishing a connection between a host system and a remote peer, and determining whether the secure protocol handshake is offloaded to a network interface card (NIC). When the secure protocol handshake is offloaded to the NIC, an offload request is sent to offload the secure protocol handshake, where the offload request includes a value of at least one cryptographic key. The method further includes performing cryptographic operations associated with the secure protocol handshake using the value of at least one cryptographic key to obtain at least one secret key, and returning a status of the secure protocol handshake to the host system.
摘要翻译：一种卸载安全协议握手的方法。该方法包括建立主机系统和远程对等体之间的连接，以及确定安全协议握手是否被卸载到网络接口卡（NIC）。当安全协议握手被卸载到NIC时，发送卸载请求以卸载安全协议握手，其中卸载请求包括至少一个加密密钥的值。该方法还包括使用至少一个加密密钥的值来执行与安全协议握手相关联的加密操作，以获得至少一个秘密密钥，以及将安全协议握手的状态返回给主机系统。

74. 发明授权

US07591011B1 Assigning higher priority to transactions based on subscription level 有权
标题翻译：根据订阅级别为交易分配更高的优先级
公开(公告)号：US07591011B1
公开(公告)日：2009-09-15
申请号：US11112947
申请日：2005-04-22
申请人： Nicolas G. Droux , Sunay Tripathi , Eric T. Cheng
发明人： Nicolas G. Droux , Sunay Tripathi , Eric T. Cheng
IPC分类号： G06F9/00 , G06F15/16 , G06F17/00
CPC分类号： H04L12/4641
摘要： A computing system is configured to receive incoming packets at a first priority designated for use when receiving packets that are not associated with specific subscription levels. Incoming packets are examined to determine whether they are associated with a particular subscription level. Responsive to a determination that a given packet received over a particular connection is associated with a particular subscription level, the computing system is reconfigured to process packets subsequently received over the same connection at a different priority associated with the particular subscription level.
摘要翻译：计算系统被配置为当接收到与特定订阅级别不相关联的分组时，以指定用于的第一优先级接收输入分组。检查进入的分组以确定它们是否与特定订阅级别相关联。响应于通过特定连接接收到的给定分组与特定订阅级别相关联的确定，计算系统被重新配置为处理随后在与特定订阅级别相关联的不同优先级在相同连接上接收的分组。

75. 发明申请

US20090222567A1 METHOD AND SYSTEM FOR MEDIA-BASED DATA TRANSFER 有权
标题翻译：基于媒体数据传输的方法和系统
公开(公告)号：US20090222567A1
公开(公告)日：2009-09-03
申请号：US12040105
申请日：2008-02-29
申请人： Sunay Tripathi , Nicolas G. Droux
发明人： Sunay Tripathi , Nicolas G. Droux
IPC分类号： G06F15/16
CPC分类号： H04L29/08846 , H04L45/00 , H04L69/18
摘要： A method for media-based data transfer involves obtaining data, by a first virtual network interface card (VNIC) selected from multiple VNICs, where the multiple VNICs are associated with multiple virtual machines, where each of the multiple virtual machines is located in one of multiple computers communicatively coupled with each other via a chassis interconnect, and where the multiple computers share a physical network interface. The method further involves determining a media type connecting the first VNIC with a second VNIC selected from the multiple VNICs, where the first VNIC and the second VNIC are nodes of a virtual network path, where the first VNIC is located in a first computer selected from the multiple computers, and where the second VNIC is located in a second computer selected from the multiple computers. The method further involves choosing a transfer protocol based on the media type, and transferring the data from the first VNIC to the second VNIC using the transfer protocol.
摘要翻译：用于基于媒体的数据传输的方法涉及通过从多个VNIC中选择的第一虚拟网络接口卡（VNIC）获取数据，其中多个VNIC与多个虚拟机相关联，其中多个虚拟机中的每一个位于多个计算机经由机箱互连彼此通信地耦合，并且其中多个计算机共享物理网络接口。该方法还包括确定连接第一VNIC与从多个VNIC中选择的第二VNIC的媒体类型，其中第一VNIC和第二VNIC是虚拟网络路径的节点，其中第一VNIC位于选自多个计算机，以及第二VNIC位于从多个计算机中选择的第二计算机中的位置。该方法还涉及基于媒体类型选择传输协议，并使用传输协议将数据从第一VNIC传输到第二VNIC。

76. 发明申请

US20080019365A1 Host operating system bypass for packets destined for a virtual machine 有权
标题翻译：主机操作系统绕过去往虚拟机的数据包
公开(公告)号：US20080019365A1
公开(公告)日：2008-01-24
申请号：US11489943
申请日：2006-07-20
申请人： Sunay Tripathi , Tim P. Marsland , Nicolas G. Droux , Kais Belgaied
发明人： Sunay Tripathi , Tim P. Marsland , Nicolas G. Droux , Kais Belgaied
IPC分类号： H04L12/56 , H04L12/66
CPC分类号： H04L12/4641
摘要： A method for processing packets that includes receiving a first packet for a first virtual machine by a network interface card (NIC), classifying the first packet using a hardware classifier, where the hardware classifier is located on the NIC, sending the first packet to a first one of a plurality of receive rings based on the classification, sending the first packet from the first one of the plurality of receive rings to a first virtual network interface card (VNIC), sending the first packet from the first VNIC to a first interface, and sending the first packet from the first interface to the first virtual machine, where the first virtual machine is associated with the first interface, where the first VNIC and the first virtual machine are executing on a host.
摘要翻译：一种处理分组的方法，包括通过网络接口卡（NIC）接收第一虚拟机的第一分组，使用硬件分类器对硬件分类器进行分类，其中硬件分类器位于NIC上，将第一分组发送到将第一分组从多个接收环中的第一个发送到第一虚拟网络接口卡（VNIC），将第一分组从第一VNIC发送到第一接口以及将所述第一分组从所述第一接口发送到所述第一虚拟机，其中所述第一虚拟机与所述第一接口相关联，其中所述第一VNIC和所述第一虚拟机在主机上执行。

77. 发明授权

US08625431B2 Notifying network applications of receive overflow conditions 有权
标题翻译：通知网络应用程序接收溢出情况
公开(公告)号：US08625431B2
公开(公告)日：2014-01-07
申请号：US13226535
申请日：2011-09-07
申请人： Nicolas G. Droux , Kais Belgaied , Sunay Tripathi
发明人： Nicolas G. Droux , Kais Belgaied , Sunay Tripathi
IPC分类号： G06F11/00
CPC分类号： H04L12/42
摘要： A method for notifying a packet destination that includes receiving a packet by a network interface card (NIC), where the packet destination is a destination of the packet, classifying the packet, forwarding the packet to one of a plurality of receive rings on the NIC, determining whether the one of the plurality of receive rings comprises space to store the packet, dropping the packet if the receive ring does not comprise the space to store the packet, and sending a notification message to the packet destination, where the notification message indicates that the packet was dropped by the receive ring.
摘要翻译：一种用于通知包目的地的方法，包括通过网络接口卡（NIC）接收分组，其中分组目的地是分组的目的地，对分组进行分类，将分组转发到NIC上的多个接收环中的一个确定所述多个接收环中的一个是否包括用于存储所述分组的空间，如果所述接收环不包括用于存储所述分组的空间，则丢弃所述分组，并且向所述分组目的地发送通知消息，其中所述通知消息指示数据包被接收环丢弃。

78. 发明授权

US08478877B2 Architecture-aware allocation of network buffers 有权
标题翻译：网络缓冲区的架构感知分配
公开(公告)号：US08478877B2
公开(公告)日：2013-07-02
申请号：US12711711
申请日：2010-02-24
申请人： Nicolas G. Droux , Sunay Tripathi
发明人： Nicolas G. Droux , Sunay Tripathi
IPC分类号： G06F15/16 , G06F12/00
CPC分类号： H04L47/10 , H04L49/9047 , H04L69/32
摘要： A computer readable medium comprising software instructions for: obtaining an allocation policy by a MAC layer executing on a host; receiving, a request for a transmit kernel buffer (TxKB) by a sending application executing on at least one processor of the host; obtaining a location of a plurality of available TxKBs on the host; obtaining a location of at least one available network interface on the host; obtaining a location of the sending application; allocating one of the plurality of available TxKBs to obtain an allocated TxKB, wherein the one of the plurality of available TxKBs is selected according to the allocation policy using the location of the plurality of available TxKB, the location of the at least one available network interface, and the location of the sending application, to obtain an allocated TxKB; and providing, to the sending application, the location of the allocated TxKB.
摘要翻译：一种计算机可读介质，包括用于通过在主机上执行的MAC层获得分配策略的软件指令; 通过在所述主机的至少一个处理器上执行的发送应用来接收对发送内核缓冲器（TxKB）的请求; 获得主机上多个可用TxKB的位置; 获得主机上至少一个可用网络接口的位置; 获取发送应用程序的位置; 分配多个可用TxKB之一以获得分配的TxKB，其中根据分配策略选择多个可用TxKB之一，使用多个可用TxKB的位置，至少一个可用网络接口的位置，以及发送应用程序的位置，以获得分配的TxKB; 并向发送应用提供所分配的TxKB的位置。

79. 发明授权

US08312544B2 Method and apparatus for limiting denial of service attack by limiting traffic for hosts 有权
标题翻译：通过限制主机流量来限制拒绝服务攻击的方法和装置
公开(公告)号：US08312544B2
公开(公告)日：2012-11-13
申请号：US12611467
申请日：2009-11-03
申请人： Sunay Tripathi , Nicolas G. Droux , Yuzo Watanabe
发明人： Sunay Tripathi , Nicolas G. Droux , Yuzo Watanabe
IPC分类号： G06F9/00 , G06F11/00
CPC分类号： H04L63/1416 , H04L63/1458
摘要： A method for controlling a denial of service attack involves receiving a plurality of packets from a network, identifying an attacking host based on a severity level of the denial of service attack from the network, wherein the attacking host is identified by an identifying attack characteristic associated with one of the plurality of packets associated with the attacking host, analyzing each of the plurality of packets by a classifier to determine to which of a plurality of temporary data structures each of the plurality of packet is forwarded, forwarding each of the plurality of packets associated with the identifying attack characteristic to one of the plurality of temporary data structures matching the severity level of the denial of service attack as determined by the classifier, requesting a number of packets from the one of the plurality of temporary data structures matching the severity level by the virtual serialization queue, and forwarding the number of packets to the virtual serialization queue.
摘要翻译：用于控制拒绝服务攻击的方法包括从网络接收多个分组，基于来自网络的拒绝服务攻击的严重性级别识别攻击主机，其中攻击主机通过相关联的识别攻击特征来识别与所述攻击主机相关联的所述多个分组中的一个分组，通过分类器分析所述多个分组中的每一个，以确定所述多个分组中的每一个被转发到多个临时数据结构中的哪一个，转发所述多个分组中的每个分组与所述多个临时数据结构中的一个临时数据结构中的一个临时数据结构相关联，所述临时数据结构与由所述分类器确定的所述拒绝服务攻击的严重性级别匹配，请求从所述多个临时数据结构中的一个临时数据结构匹配严重性级别通过虚拟序列化队列，并将数据包的数量转发到virtua l序列化队列

80. 发明授权

US08260588B2 Virtualizing complex network topologies 有权
标题翻译：虚拟化复杂的网络拓扑
公开(公告)号：US08260588B2
公开(公告)日：2012-09-04
申请号：US12580386
申请日：2009-10-16
申请人： Kais Belgaied , Sunay Tripathi , Nicolas G. Droux
发明人： Kais Belgaied , Sunay Tripathi , Nicolas G. Droux
IPC分类号： G06F17/50 , G06F13/00 , H04L12/28
CPC分类号： G06F17/509 , G06F2009/45595 , G06F2217/74 , H04L41/12 , H04L41/145
摘要： In general, the invention relates to a creating a network model on a host. The invention includes: gathering first component properties associated with a first physical network device on a target network; creating a first container using first component properties; determining that a second physical network device is operatively connected to the first physical network device via a physical network link; gathering second component properties associated with the physical network link; creating a first VNIC associated with the first container; determining that at least one virtual network device is executing on the second physical network device; gathering third component properties associated with the at least one virtual network device; creating a second container, wherein the second container is configured using the third component properties; and creating a second VNIC associated with the second container.
摘要翻译：通常，本发明涉及在主机上创建网络模型。本发明包括：收集与目标网络上的第一物理网络设备相关联的第一组件属性; 使用第一个组件属性创建第一个容器; 确定第二物理网络设备经由物理网络链路可操作地连接到所述第一物理网络设备; 收集与物理网络链接相关联的第二组件属性; 创建与第一容器相关联的第一VNIC; 确定至少一个虚拟网络设备正在所述第二物理网络设备上执行; 收集与所述至少一个虚拟网络设备相关联的第三组件属性; 创建第二容器，其中所述第二容器使用所述第三组分特性构造; 以及创建与所述第二容器相关联的第二VNIC。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式