[특허]Using virtual networking devices to manage substrate devices

Using virtual networking devices to manage substrate devices 원문보기

IPC분류정보
국가/구분	United States(US) Patent 등록
국제특허분류(IPC7판)	G06F-015/177
출원번호	US-0091986 (2011-04-21)
등록번호	US-8117289 (2012-02-14)
발명자 / 주소	Miller, Kevin Christopher Brandwine, Eric Jason Doane, Andrew J.
출원인 / 주소	Amazon Technologies, Inc.
대리인 / 주소	Seed IP Law Group PLLC
인용정보	피인용 횟수 : 23 인용 특허 : 11

초록 ▼

Techniques are described for providing managed virtual computer networks that may have a configured logical network topology with one or more virtual networking devices, with corresponding networking functionality provided for communications between multiple computing nodes of the virtual computer network by emulating functionality that would be provided by the networking devices if they were physically present. In some situations, the emulating of networking device functionality includes receiving routing communications directed to the networking devices and using included routing information to update the configured network topology for the managed computer network. In addition, the techniques may further include supporting interactions with devices that are external to the virtual computer network, including remote physical networking devices that are part of a remote computer network configured to interoperate with the virtual computer network, and/or specialized network devices that are accessible via a substrate network on which the virtual computer network is overlaid.

대표청구항 ▼

1. A non-transitory computer-readable storage medium whose contents configure a computing system to perform a method, the method comprising: under control of the configured computing system, receiving information from a first client for use in configuring a first virtual computer network for the first client, the configuring including specifying interconnections between multiple computing nodes of the first virtual computer network and including providing an indicated type of functionality for handling at least some communications between the multiple computing nodes; andautomatically providing the configured first virtual computer network in accordance with the configuring by overlaying the first virtual computer network on a distinct substrate network, the providing of the first virtual computer network including: selecting one or more network devices that are accessible via the substrate network and that are configured to provide the indicated type of functionality; andforwarding multiple communications between the multiple computing nodes in accordance with the configuring, the forwarding including routing at least one of the multiple communications to at least one of the selected devices to enable the at least one selected device to provide the indicated type of functionality for the at least one communication. 2. The non-transitory computer-readable storage medium of claim 1 wherein the configured computing system is part of a configurable network service that provides multiple virtual computer networks to multiple remote clients, wherein the selected network devices are provided by the configurable network service for use in supporting at least some of the provided multiple virtual computer networks, and wherein the method further comprises, for a second of the multiple virtual computer networks provided to a second remote client, receiving information from the second client for use in configuring the second virtual computer network by providing the indicated type of functionality for handling at least some communications between computing nodes of the second virtual computer network, automatically determining to provide the indicated type of functionality for handling the at least some communications for the second virtual computer network using one or more configured software modules in lieu of the one or more accessible network devices, and automatically providing the second virtual computer network by overlaying the second virtual computer network on the substrate network and forwarding multiple communications between the computing nodes of the second virtual computer network using the one or more configured software modules to provide the indicated type of functionality. 3. The non-transitory computer-readable storage medium of claim 2 wherein the selecting of the one or more network devices to use for the forwarding of the at least one communications for the first virtual computer network includes determining to use the one or more network devices based at least in part on a quantity of the at least one communications for the first virtual computer network exceeding a determined threshold, and wherein the determining to provide the indicated type of functionality for handling the at least some communications for the second virtual computer network using the one or more configured software modules in lieu of the one or more accessible network devices is based at least in part on a quantity of the at least one communications for the second virtual computer network not exceeding the determined threshold. 4. The non-transitory computer-readable storage medium of claim 1 wherein the configured computing system is part of a configurable network service that provides multiple virtual computer networks to multiple remote clients, wherein the selected network devices are provided by the configurable network service for use in supporting at least some of the provided multiple virtual computer networks, wherein the configurable network service provides a plurality of co-located computing nodes for use with the multiple virtual computer networks, wherein each of the multiple virtual computer networks uses a subset of multiple of the plurality of computing nodes, and wherein at least two of the multiple virtual computer networks each uses the selected one or more network devices to provide the indicated type of functionality for communications for that virtual computer network. 5. The non-transitory computer-readable storage medium of claim 1 wherein the one or more network devices are configurable to perform multiple types of functionality, and wherein the selecting of the one or more network devices includes configuring the selected network devices to provide the indicated type of functionality. 6. The non-transitory computer-readable storage medium of claim 1 wherein the indicated type of functionality includes at least one of load balancing functionality, firewall functionality, and intrusion detection functionality. 7. The non-transitory computer-readable storage medium of claim 1 wherein the information received from the first client is configuration information for the first virtual computer network that specifies one or more networking devices that are part of the specified interconnections for the first virtual computer network, wherein the overlaying of the first virtual computer network on the substrate network is performed without physically providing the one or more networking devices, wherein the forwarding of the multiple communications between the multiple computing nodes in accordance with the specified interconnections is performed in a manner to emulate functionality that would be performed by the one or more networking devices if the one or more networking devices were physically provided, and wherein the method further comprises: receiving one or more routing communications that are each directed to at least one of the one or more networking devices, the one or more routing communications being sent by at least one remote device associated with a remote computer network that interoperates with the first virtual computer network and including network routing information related to the remote computer network;updating the specified interconnections of the first virtual computer network based on the network routing information included in the received one or more routing communications to enable one or more additional communications to be forwarded from the multiple computing nodes to the remote computer network in accordance with the updated specified interconnections. 8. The non-transitory computer-readable storage medium of claim 7 wherein the method further comprises: before the receiving of the one or more routing communications, establishing a connection between the first virtual computer network and the remote computer network, the remote computer network including multiple computing systems and one or more physical networking devices located at one or more geographical locations distinct from a geographical location of the substrate network, wherein the at least one remote device that sends the one or more routing communications being at least one of the one or more physical networking devices, and wherein the one or more routing communications are received via the established connection; andafter the updating of the specified interconnections of the first virtual computer network, forwarding the one or more additional communications from the multiple computing nodes to the remote computer network over the established connection in accordance with the updated specified interconnections. 9. The non-transitory computer-readable storage medium of claim 1 wherein the computer-readable medium is a memory of the configured computing system that stores the contents, and wherein the contents are instructions that when executed program the configured computing system to perform the method. 10. The non-transitory computer-readable storage medium of claim 1 wherein the indicated type of functionality is load balancing functionality, and wherein the selected network devices are each configured to perform load balancing functionality for one or more virtual computer networks that include the configured first virtual computer network. 11. The non-transitory computer-readable storage medium of claim 1 wherein the indicated type of functionality is firewall functionality, and wherein the selected network devices are each configured to perform firewall functionality for one or more virtual computer networks that include the configured first virtual computer network. 12. The non-transitory computer-readable storage medium of claim 1 wherein the indicated type of functionality is intrusion detection functionality, and wherein the selected network devices are each configured to perform intrusion detection functionality for one or more virtual computer networks that include the configured first virtual computer network. 13. The non-transitory computer-readable storage medium of claim 1 wherein the configured computing system is part of a configurable network service that provides multiple virtual computer networks to multiple remote clients, wherein the configurable network services provides a plurality of network devices performing a plurality of types of functionality that are accessible via the substrate network, and wherein the selecting of the one or more network devices includes identifying the one or more network devices from the plurality of network devices based at least in part on those one or more network devices being available to provide the indicated type of functionality and further includes configuring those one or more network devices in a manner specific to the configured first virtual computer network. 14. The non-transitory computer-readable storage medium of claim 1 wherein the configured computing system is part of a configurable network service that provides multiple virtual computer networks to multiple remote clients and that supplies a plurality of computing nodes for use in the provided multiple virtual computer networks, wherein the configured first virtual computer network is one of the provided multiple virtual computer networks and the multiple computing nodes are a subset of the supplied plurality of computing nodes, wherein communications sent between the plurality of computing nodes for the multiple virtual computer networks are transmitted on the substrate network and are encoded to use information specific to the substrate network during transmission, and wherein the configurable network service provides multiple modules that manage communications between the plurality of computing nodes by modifying outgoing communications from the plurality of computing nodes to be encoded with the information specific to the substrate network before transmission over the substrate network and by modifying incoming communications to the plurality of computing nodes to remove the encoded information specific to the substrate network after the transmission over the substrate network. 15. The non-transitory computer-readable storage medium of claim 1 wherein the configured computing system is part of a configurable network service that provides multiple virtual computer networks to multiple remote clients and that supplies a plurality of computing nodes for use in the provided multiple virtual computer networks, wherein the configured first virtual computer network is one of the provided multiple virtual computer networks and the multiple computing nodes are a subset of the supplied plurality of computing nodes, wherein the multiple computing nodes are each a virtual machine hosted on one of multiple physical computing systems of the configurable network service, and wherein the providing of the configured first virtual computer network includes configuring one or more virtual machine communication manager modules that execute on one or more of the physical computing systems to manage communications for the hosted virtual machines. 16. A computed-implemented method comprising: receiving information from a first client for use in configuring a first virtual computer network for the first client, the configuring including specifying interconnections between multiple computing nodes of the first virtual computer network and including providing an indicated type of functionality for handling at least some communications between the multiple computing nodes, the receiving of the information being performed by one or more configured computing systems of a configurable network service that provides multiple virtual computer networks to multiple clients; andautomatically providing the configured first virtual computer network for the first client in accordance with the configuring by overlaying the first virtual computer network on a distinct substrate network, the multiple computing nodes being connected to the substrate network, and the automatic providing of the first virtual computer network being performed by the one or more configured computing systems and including: selecting one or more network devices that are accessible via the substrate network and that are configured to provide the indicated type of functionality; andforwarding multiple communications between the multiple computing nodes in accordance with the configuring, the forwarding including routing at least one of the multiple communications to at least one of the selected devices to enable the at least one selected device to provide the indicated type of functionality for the at least one communication. 17. The computer-implemented method of claim 16 wherein the selected network devices are a subset of a plurality of network devices provided by the configurable network service for use in supporting at least some of the provided multiple virtual computer networks, and wherein the method further comprises, for a second of the multiple virtual computer networks provided to a second remote client, receiving information from the second client for use in configuring the second virtual computer network by providing the indicated type of functionality for handling at least some communications between computing nodes of the second virtual computer network, automatically determining to provide the indicated type of functionality for handling the at least some communications for the second virtual computer network using one or more configured software modules in lieu of the plurality of network devices, and automatically providing the second virtual computer network by overlaying the second virtual computer network on the substrate network and forwarding multiple communications between the computing nodes of the second virtual computer network using the one or more configured software modules to provide the indicated type of functionality. 18. The computer-implemented method of claim 17 wherein the configurable network service provides a plurality of co-located computing nodes for use with the provided multiple virtual computer networks, wherein each of the multiple virtual computer networks uses a subset of multiple of the plurality of computing nodes, and wherein at least two of the multiple virtual computer networks each uses the selected one or more network devices to provide the indicated type of functionality for communications for that virtual computer network. 19. The computer-implemented method of claim 16 wherein the indicated type of functionality includes at least one of load balancing functionality, firewall functionality, and intrusion detection functionality. 20. A computing system comprising: one or more processors; anda manager module of a configurable network service that is configured to, when executed by at least one of the processors, provide a virtual computer network for each of one or more clients, the providing of the virtual computer network for each of the one or more clients including: receiving information from the client for use in configuring the virtual computer network for the client, the configuring including specifying interconnections between multiple computing nodes of the virtual computer network and including providing an indicated type of functionality for handling at least some communications between the multiple computing nodes; andautomatically providing the configured virtual computer network for the client in accordance with the configuring by overlaying the virtual computer network on a distinct substrate network, the multiple computing nodes being connected to the substrate network, and the automatic providing of the virtual computer network including: selecting one or more network devices that are accessible via the substrate network and that are configured to provide the indicated type of functionality; andforwarding multiple communications between the multiple computing nodes in accordance with the configuring, the forwarding including routing at least one of the multiple communications to at least one of the selected devices to enable the at least one selected device to provide the indicated type of functionality for the at least one communication. 21. The computing system of claim 20 wherein the selected network devices are a subset of a plurality of network devices provided by the configurable network service, and wherein the manager module is further configured to, for a second remote client distinct from the one or more clients, provide a second virtual computer network for the second client by receiving information from the second client for use in configuring the second virtual computer network to provide the indicated type of functionality for handling at least some communications between computing nodes of the second virtual computer network, by automatically determining to provide the indicated type of functionality for handling the at least some communications for the second virtual computer network using one or more configured software modules in lieu of the plurality of network devices, and by automatically providing the second virtual computer network by overlaying the second virtual computer network on the substrate network and forwarding multiple communications between the computing nodes of the second virtual computer network using the one or more configured software modules to provide the indicated type of functionality, and wherein the determining to provide the indicated type of functionality for handling the at least some communications for the second virtual computer network using the one or more configured software modules in lieu of the one or more accessible network devices is based at least in part on a quantity of the at least one communications for the second virtual computer network not exceeding a determined threshold. 22. The computing system of claim 21 wherein the configurable network service provides a plurality of co-located computing nodes for use with multiple provided virtual computer networks that includes the second virtual computer network and the virtual computer network provided for each of the one or more clients, wherein each of the multiple virtual computer networks uses a subset of multiple of the plurality of computing nodes, and wherein at least two of the multiple virtual computer networks each uses the selected one or more network devices to provide the indicated type of functionality for communications for that virtual computer network. 23. The computing system of claim 20 wherein the indicated type of functionality includes at least one of load balancing functionality, firewall functionality, and intrusion detection functionality. 24. The computing system of claim 20 wherein the one or more clients include multiple remote clients, and wherein the manager module includes software instructions that when executed performs the providing of the virtual computer network for each of the one or more clients and that further performs providing a programmatic interface for use by the multiple remote clients to configure the virtual computer networks provided for use by the clients.

이 특허에 인용된 특허 (11)

Dugan Andrew J. ; McDysan David E., ATM virtual private networks.
상세보기
Gelvin, David C.; Girod, Lewis D.; Kaiser, William J.; Merrill, William M.; Newberg, Fredric; Pottie, Gregory J.; Sipos, Anton I.; Vardhan, Sandeep, Apparatus for internetworked hybrid wireless integrated network sensors (WINS).
상세보기
Kreiner, Barrett Morris; Hodges, Donna K.; Peterson, Jonathan M., Edge side assembler.
상세보기
Forsl？w,Jan, Extranet workgroup formation across multiple mobile virtual private networks.
상세보기
LeBlanc Frederick W. ; Dupray Dennis J. ; Karr Charles L., Location of a mobile station using a plurality of commercial wireless infrastructures.
상세보기
Luo,Wei; Rosen,Eric, Method and system for providing authorization, authentication, and accounting for a virtual private network.
상세보기
Guichard, James N.; Wainner, W. Scott; Weis, Brian E.; Khalid, Mohamed, Methods and apparatus for providing multiple policies for a virtual private network.
상세보기
Guichard, James N.; Behringer, Michael H., Methods and apparatus to configure network nodes supporting virtual connections.
상세보기
Rajagopalan, Nara, System and method for managing interworking communications protocols.
상세보기
Yuasa Hiroyoshi,JPX ; Satake Tadashi,JPX ; Cardona Mario Jose,JPX ; Fujii Hisataka,JPX ; Yasuda Akira,JPX ; Yamashita Koji,JPX ; Suzaki Satoru,JPX ; Ikezawa Hideki,JPX ; Ohno Masami,JPX ; Matsuzaki A, Virtual LAN system.
상세보기
Johnson, Darrin P.; Nordmark, Erik; Belgaied, Kais, Virtual network testing and deployment using network stack instances and containers.
상세보기

이 특허를 인용한 특허 (23)

Hill, Duncan Christopher, Cloud computing gateway, cloud computing hypervisor, and methods for implementing same.
상세보기
Hill, Duncan Christopher, Cloud computing gateway, cloud computing hypervisor, and methods for implementing same.
상세보기
Hill, Duncan Christopher, Cloud computing gateway, cloud computing hypervisor, and methods for implementing same.
상세보기
Hill, Duncan Christopher, Cloud computing gateway, cloud computing hypervisor, and methods for implementing same.
상세보기
Marr, Michael David; Corddry, Matthew R.; Hamilton, James R., Firmware updates during limited time period.
상세보기
Miller, Kevin Christopher; Dickinson, Andrew Bruce; Schultze, Eric Wayne; Searle, Ian Roger; Hall, Shane Ashley; Mohan, Deepak; Lennon, David Brian, Linking resource instances to virtual networks in provider network environments.
상세보기
Brandwine, Eric Jason, Managing encoded multi-part communications.
상세보기
Brandwine, Eric Jason, Managing encoded multi-part communications for provided computer networks.
상세보기
Corddry, Matthew T.; Marr, Michael David; Hamilton, James R.; DeSantis, Peter N., Managing hardware reboot and reset in shared environments.
상세보기
Acharya, Arup; Boivie, Richard H.; Cornejo, William; Donnellan, Sean, Method and apparatus for providing a test network as an IP accessible cloud service.
상세보기
Brandwine, Eric J.; Vaswani, Ameet N.; Nwokah, Ekechi Karl Edozie; Schultze, Eric W., Methods and apparatus for providing composed appliance services in virtualized private networks.
상세보기
Gabrielson, Jacob Adam; Brandwine, Eric Jason, Methods and apparatus for scalable private services.
상세보기
Gabrielson, Jacob; Brandwine, Eric J., Methods and apparatus for scalable private services.
상세보기
Miller, Kevin Christopher; Sheehan, Richard Alexander; Laurence, Douglas Stewart; Oweis, Marwan Salah El-Din; Dickinson, Andrew Bruce, Private alias endpoints for isolated virtual networks.
상세보기
Miller, Kevin Christopher; Sheehan, Richard Alexander; Laurence, Douglas Stewart; Oweis, Marwan Salah El-Din; Dickinson, Andrew Bruce, Private alias endpoints for isolated virtual networks.
상세보기
Schaefer, Edward Max; Shevade, Upendra Bhalchandra, Private network layering in provider network environments.
상세보기
Deb, Bashuman; Dickinson, Andrew Bruce; Hendrie, Christopher Ian, Private network peering in virtual network environments.
상세보기
Deb, Bashuman; Dickinson, Andrew Bruce; Hendrie, Christopher Ian, Private network peering in virtual network environments.
상세보기
Akers, Kyle Tailor; Voegele, Michael Siaosi; Miller, Kevin Christopher; Yuan, Chao; Lennon, David Brian; Stephenson, Patrick, Private service endpoints in isolated virtual networks.
상세보기
Joglekar, Sachin P.; Vosshall, Peter S.; Jenkins, Jonathan A., Remote browsing session management.
상세보기
Vincent, Pradeep; Marr, Michael David, Secure packet management for bare metal access.
상세보기
Martinez, Frank R.; Pulier, Eric, System and method for a cloud computing abstraction layer with security zone facilities.
상세보기
Martinez, Frank; Pulier, Eric, System and method for a cloud computing abstraction with self-service portal for publishing resources.
상세보기

IPC	Description
A	생활필수품
A62	인명구조; 소방(사다리 E06C)
A62B	인명구조용의 기구, 장치 또는 방법(특히 의료용에 사용되는 밸브 A61M 39/00; 특히 물에서 쓰이는 인명구조 장치 또는 방법 B63C 9/00; 잠수장비 B63C 11/00; 특히 항공기에 쓰는 것, 예. 낙하산, 투출좌석 B64D; 특히 광산에서 쓰이는 구조장치 E21F 11/00)
A62B-1/08	.. 윈치 또는 풀리에 제동기구가 있는 것

내보내기 구분	파일저장 인쇄 메일전송
구성항목	기본정보 상세정보 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표IPC 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 공고번호, 공고일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표출원인, 출원인국적, 출원인주소, 발명자, 발명자E, 발명자코드, 발명자주소, 발명자 우편번호, 발명자국적, 대표IPC, IPC코드, 요약, 미국특허분류, 대리인주소, 대리인코드, 대리인(한글), 대리인(영문), 국제공개일자, 국제공개번호, 국제출원일자, 국제출원번호, 우선권, 우선권주장일, 우선권국가, 우선권출원번호, 원출원일자, 원출원번호, 지정국, Citing Patents, Cited Patents
저장형식	Text(ASCII format) Excel format PIAS분석(.xls)
메일정보	받는사람 (필수) @ 보내는사람 (선택) @ 제목 내용 KISTI 검색결과 이메일 서비스
안내	총 건의 자료가 검색되었습니다. 다운받으실 자료의 인덱스를 입력하세요. (1-10,000) 검색결과의 순서대로 최대 10,000건 까지 다운로드가 가능합니다. 데이타가 많을 경우 속도가 느려질 수 있습니다.(최대 2~3분 소요) 다운로드 파일은 UTF-8 형태로 저장됩니다. 파일의 내용이 제대로 보이지 않을실 때는 웹브라우저 상단의 보기 -> 인코딩 -> 자동선택 여부를 확인하십시오. ~ Text(ASCII format) Excel format

연합인증

Using virtual networking devices to manage substrate devices 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

이 특허에 인용된 특허 (11)

이 특허를 인용한 특허 (23)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트

연합인증

Using virtual networking devices to manage substrate devices 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

전체(0) 논문(0) 특허(0) 보고서(0)

전체(0) 논문(0) 특허(0) 보고서(0)

이 특허에 인용된 특허 (11)

이 특허를 인용한 특허 (23)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트