[특허]Using virtual networking devices to manage routing communications between connected computer networks

Using virtual networking devices to manage routing communications between connected computer networks 원문보기

IPC분류정보
국가/구분	United States(US) Patent 등록
국제특허분류(IPC7판)	G06F-015/16
출원번호	US-0407726 (2012-02-28)
등록번호	US-8370488 (2013-02-05)
발명자 / 주소	Miller, Kevin Christopher Brandwine, Eric Jason Doane, Andrew J.
출원인 / 주소	Amazon Technologies, Inc.
인용정보	피인용 횟수 : 4 인용 특허 : 26

초록 ▼

Techniques are described for providing managed virtual computer networks whose configured logical network topology may have one or more virtual networking devices, such as by a network-accessible configurable network service, with corresponding networking functionality provided for communications between multiple computing nodes of a virtual computer network by emulating functionality that would be provided by the networking devices if they were physically present. The networking functionality provided for a managed computer network may include supporting a connection between that managed computer network and one or more other managed computer networks, such as via a provided virtual peering router to which each of the managed computer networks may connect, with the functionality of the virtual peering router being emulated by modules of the configurable network service without physically providing the virtual peering router, including to manage routing communications between the inter-connected managed computer networks in accordance with client-specified configuration information.

대표청구항 ▼

1. A computer-implemented method comprising: configuring one or more computing systems of a configurable network service to emulate functionality of a virtual peering router device, the virtual peering router device being indicated to inter-connect multiple virtual computer networks provided by the configurable network service, the configuring of the one or more computing systems being based at least in part on configuration information specified for the virtual peering router device;receiving, by the configured one or more computing systems, information about one or more communications that are directed to the virtual peering router device from a first virtual computer network of the multiple virtual computer networks;determining, by the configured one or more computing systems, whether to forward the one or more communications to one or more second virtual computer networks of the multiple virtual computer networks that are distinct from the first virtual computer network, the determining being based at least in part on the specified configuration information; andif it is determined to forward the one or more communications to the one or more second virtual computer networks, initiating forwarding of the one or more communications to the one or more second virtual computer networks, and otherwise not initiating forwarding of the one or more communications to the one or more second virtual computer networks. 2. The method of claim 1 wherein the multiple virtual computer networks include one or more third virtual computer networks that are distinct from the first virtual computer network and from the one or more second virtual computer networks, and wherein the method further comprises: determining to not forward the one or more communications to the one or more third virtual computer networks based at least in part on the specified configuration information; andinhibiting forwarding of the one or more communications to the one or more third virtual computer networks. 3. The method of claim 2 wherein the specified configuration information includes first peering configuration information specified for the one or more second virtual computer networks that allows the one or more communications to be forwarded to the one or more second virtual computer networks, and includes second peering configuration information specified for the one or more third virtual computer networks that blocks the one or more communications from being forwarded to the one or more third virtual computer networks, and wherein the determining whether to forward the one or more communications to the one or more second virtual computer networks includes determining to forward the one or more communications to the one or more second virtual computer networks based at least in part on the first peering configuration information. 4. The method of claim 1 further comprising: receiving, by the configured one or more computing systems, information about one or more second communications that are directed to the virtual peering router device from one of the one or more second virtual computer networks;determining to not forward the one or more second communications to the first virtual computer network based at least in part on the specified configuration information; andinhibiting forwarding of the one or more second communications to the first virtual computer network. 5. The method of claim 4 wherein the specified configuration information includes first peering configuration information specified for the first virtual computer network that blocks communications of one or more specified types. 6. The method of claim 1 wherein the one or more communications are routing communications that include routing information for the first virtual computer network corresponding to one or more first computing nodes of the first virtual computer network, wherein the determining whether to forward the one or more communications to the one or more second virtual computer networks includes determining to forward the one or more communications to the one or more second virtual computer networks, and wherein the initiating forwarding of the one or more communications to the one or more second virtual computer networks includes using the routing information to enable subsequent communications from one or more second computing nodes of the one or more second virtual computer networks to be sent to the one or more first computing nodes of the first virtual computer network. 7. The method of claim 1 wherein the one or more communications are routing communications that include routing information for the first virtual computer network, wherein the determining whether to forward the one or more communications to the one or more second virtual computer networks includes determining to forward the one or more communications to the one or more second virtual computer networks, and wherein the initiating forwarding of the one or more communications to the one or more second virtual computer networks includes forwarding the one or more communications to one or more second computing nodes of the one or more second virtual computer networks that participate in a routing protocol. 8. The method of claim 7 wherein the one or more communications are specified in accordance with a first routing protocol, wherein the routing protocol that the one or more second computing nodes participate in is a distinct second routing protocol, and wherein the forwarding of the one or more communications to the one or more second computing nodes includes modifying the forwarded one or more communications to be specified in accordance with the second routing protocol. 9. The method of claim 1 wherein the one or more communications are data communications that are sent from one or more first computing nodes of the first virtual computer network to one or more second computing nodes of the one or more second virtual computer networks, wherein the determining whether to forward the one or more communications to the one or more second virtual computer networks includes determining to forward the one or more communications to the one or more second virtual computer networks, and wherein the initiating forwarding of the one or more communications to the one or more second virtual computer networks includes forwarding the one or more communications to the one or more second computing nodes. 10. The method of claim 1 wherein the configuration information is specified for the virtual peering router device by a client of the configurable network service, wherein at least one of the multiple virtual computer networks are provided for the client by the configurable network service, and wherein the configuring of the one or more computing systems is performed in response to a received request from the client to create the virtual peering router device for use with the at least one virtual computer networks. 11. The method of claim 10 further comprising: providing the at least one virtual computer networks to the client; andestablishing a logical connection between each of the provided at least one virtual computer networks and the virtual peering router device. 12. The method of claim 1 wherein the configuration information specified for the virtual peering router device indicates one or more filters to use in limiting communications that are allowed to be sent between the multiple virtual computer networks via the virtual peering router device, and wherein the determining whether to forward the one or more communications to the one or more second virtual computer networks includes determining that the one or more filters authorize the forwarding of the one or more communications to the one or more second virtual computer networks. 13. The method of claim 1 wherein the multiple virtual computer networks are overlaid on one or more substrate networks, and wherein the receiving of the information about the one or more communications includes intercepting the one or more communications before the one or more communications are forwarded over the one or more substrate networks. 14. A configured computing system, comprising: one or more processors; andone or more modules configured to, when executed by at least one of the one or more processors, emulate functionality of a virtual peering router that is indicated to inter-connect multiple computer networks, the emulating of the functionality including: receiving information about one or more communications that are directed to the virtual peering router from a first computer network of the multiple computer networks;determining whether to forward the received one or more communications to one or more second computer networks of the multiple computer networks, the determining being based at least in part on specified configuration information for the virtual peering router; andif it is determined to forward the received one or more communications to the one or more second computer networks, initiating forwarding of the received one or more communications to the one or more second computer networks, and otherwise inhibiting forwarding of the received one or more communications to the one or more second computer networks. 15. The computing system of claim 14 wherein one or more of the multiple computer networks are each a virtual computer network that has a configured network topology that includes a logical connection to the virtual peering router. 16. A non-transitory computer-readable medium having stored contents that configure one or more computing systems to perform a method, the method comprising: receiving, by the configured one or more computing systems, information about a communication that is directed to a virtual peering router device from a first virtual computer network, the virtual peering router device being indicated to inter-connect multiple virtual computer networks provided by a configurable network service associated with the configured computing system, the first virtual computer network being one of the multiple virtual computer networks;determining, by the configured one or more computing systems, one or more destinations of the communication in one or more second virtual computer networks of the multiple virtual computer networks that are distinct from the first virtual computer network,modifying, by the configured one or more computing systems, the communication to emulate functionality of the virtual peering router device without physically providing the virtual peering router device, the modified communication including information that would be added by the virtual peering router device if the virtual peering router device was physically provided and was forwarding the communication to the one or more destinations; andinitiating forwarding of the modified communication directly to the one or more destinations in the one or more second virtual computer networks. 17. The non-transitory computer-readable medium of claim 16 wherein the modifying of the communication includes modifying address information in a header of the communication so that the virtual peering router device is indicated to be a sender of the forwarded modified communication. 18. The non-transitory computer-readable medium of claim 16 wherein the modifying of the communication includes modifying network hop information in a header of the communication. 19. The non-transitory computer-readable medium of claim 16 wherein an overlap exists between first virtual network addresses used by the first virtual computer network and second virtual network addresses used by the one or more second virtual computer networks, and wherein the modifying of the communication includes translating at least one of a virtual network address of a sender of the communication and a virtual network address of at least one of the determined one or more destinations to eliminate the overlap for the modified communication. 20. The non-transitory computer-readable medium of claim 16 wherein the modifying of the communication is based at least in part on peering configuration information for use by the virtual peering router device that is specified for at least one of the first virtual computer network and the one or more second virtual computer networks. 21. The non-transitory computer-readable medium of claim 16 wherein the communication is a routing communication that includes routing information for the first virtual computer network corresponding to one or more first computing nodes of the first virtual computer network, and wherein the determined one or more destinations include one or more second computing nodes of the one or more second virtual computer networks that participate in a routing protocol. 22. The non-transitory computer-readable medium of claim 16 wherein the multiple virtual computer networks are overlaid on one or more substrate networks, and wherein the receiving of the information about the communication includes intercepting the communication before the communication is forwarded over the one or more substrate networks. 23. A configured computing system, comprising: one or more processors; andone or more modules configured to, when executed by at least one of the one or more processors, emulate functionality of a virtual peering router that is indicated to inter-connect multiple computer networks, the emulating of the functionality including: receiving information about a communication that is directed to the virtual peering router from a first computer network of the multiple computer networks and is intended for one or more destinations in one or more second computer networks of the multiple computer networks that are distinct from the first computer network;modifying the communication to include information that would be added by the virtual peering router if the virtual peering router was physically forwarding the communication to the one or more destinations; andinitiating forwarding of the modified communication to the one or more destinations in the one or more second computer networks. 24. The computing system of claim 23 wherein one or more of the multiple computer networks are provided by a configurable network service to one or more clients, and wherein the one or more modules are part of the configurable network service and include software instructions for execution by the one or more processors. 25. The computing system of claim 23 wherein one or more of the multiple computer networks are each a virtual computer network that has a configured network topology that includes a logical connection to the virtual peering router.

이 특허에 인용된 특허 (26)

Dugan Andrew J. ; McDysan David E., ATM virtual private networks.
상세보기
Monaghan, John; Hunter, Donald Iain, Analyzing virtual private network failures.
상세보기
Gilbrech Sidney A., Apparatus for implementing virtual private networks.
상세보기
Gelvin, David C.; Girod, Lewis D.; Kaiser, William J.; Merrill, William M.; Newberg, Fredric; Pottie, Gregory J.; Sipos, Anton I.; Vardhan, Sandeep, Apparatus for internetworked hybrid wireless integrated network sensors (WINS).
상세보기
Sullivan Mark K., Computer system having virtual circuit address altered by local computer to switch to different physical data link to increase data transmission bandwidth.
상세보기
Kreiner, Barrett Morris; Hodges, Donna K.; Peterson, Jonathan M., Edge side assembler.
상세보기
Evans Jae A., Electronic medical records system.
상세보기
Iloglu,Ali Murat; Nguyen,Han Q., Externally controlled reachability in virtual private networks.
상세보기
Forsl？w,Jan, Extranet workgroup formation across multiple mobile virtual private networks.
상세보기
LeBlanc Frederick W. ; Dupray Dennis J. ; Karr Charles L., Location of a mobile station using a plurality of commercial wireless infrastructures.
상세보기
Rajagopalan, Nara, Managing interworking communications protocols.
상세보기
Liu Quentin C., Method and apparatus for managing a virtual private network.
상세보기
Hoke, Mark R.; Arrow, Leslie J., Method and apparatus for processing communications in a virtual private network.
상세보기
Luo,Wei; Rosen,Eric, Method and system for providing authorization, authentication, and accounting for a virtual private network.
상세보기
O'Neill,Alan, Methods and apparatus for efficient VPN server interface, address allocation, and signaling with a local addressing domain.
상세보기
Guichard, James N.; Wainner, W. Scott; Weis, Brian E.; Khalid, Mohamed, Methods and apparatus for providing multiple policies for a virtual private network.
상세보기
Guichard, James N.; Behringer, Michael H., Methods and apparatus to configure network nodes supporting virtual connections.
상세보기
Khalil, Mohamed; Muhanna, Ahmad, Mobile IP over VPN communication protocol.
상세보기
Moberg,Kenneth A; Lin,Steven; Greene,Spencer; Murphy,James, Providing services for multiple virtual private networks.
상세보기
Marques, Pedro R., Providing transparent virtual private network connectivity across intermediate networks.
상세보기
Ould Brahim,Hamid; Fedyk,Donald, Resource allocation using an auto-discovery mechanism for provider-provisioned layer-2 and layer-3 virtual private networks.
상세보기
Rajagopalan, Nara, System and method for managing interworking communications protocols.
상세보기
Miller, Kevin Christopher; Brandwine, Eric Jason; Doane, Andrew J., Using virtual networking devices to manage routing communications between connected computer networks.
상세보기
Kakemizu,Mitsuaki; Yamamura,Shinya; Igarashi,Yoichiro; Murata,Kazunori; Wakamoto,Masaaki, VPN system in mobile IP network, and method of setting VPN.
상세보기
Yuasa Hiroyoshi,JPX ; Satake Tadashi,JPX ; Cardona Mario Jose,JPX ; Fujii Hisataka,JPX ; Yasuda Akira,JPX ; Yamashita Koji,JPX ; Suzaki Satoru,JPX ; Ikezawa Hideki,JPX ; Ohno Masami,JPX ; Matsuzaki A, Virtual LAN system.
상세보기
Johnson, Darrin P.; Nordmark, Erik; Belgaied, Kais, Virtual network testing and deployment using network stack instances and containers.
상세보기

이 특허를 인용한 특허 (4)

Kanevsky, Zosim, Low-impact proactive monitoring of customer access to virtualized network elements in a cloud platform.
상세보기
Begwani, Vimal; Sundaramurthy, Shekar C., Method and system to monitor a network.
상세보기
Begwani, Vimal; Sundaramurthy, Shekar C., Method and system to monitor a network.
상세보기
Ilan, Dan; Dayan, Uri, Network device and method for packet processing.
상세보기

IPC	Description
A	생활필수품
A62	인명구조; 소방(사다리 E06C)
A62B	인명구조용의 기구, 장치 또는 방법(특히 의료용에 사용되는 밸브 A61M 39/00; 특히 물에서 쓰이는 인명구조 장치 또는 방법 B63C 9/00; 잠수장비 B63C 11/00; 특히 항공기에 쓰는 것, 예. 낙하산, 투출좌석 B64D; 특히 광산에서 쓰이는 구조장치 E21F 11/00)
A62B-1/08	.. 윈치 또는 풀리에 제동기구가 있는 것

내보내기 구분	파일저장 인쇄 메일전송
구성항목	기본정보 상세정보 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표IPC 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 공고번호, 공고일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표출원인, 출원인국적, 출원인주소, 발명자, 발명자E, 발명자코드, 발명자주소, 발명자 우편번호, 발명자국적, 대표IPC, IPC코드, 요약, 미국특허분류, 대리인주소, 대리인코드, 대리인(한글), 대리인(영문), 국제공개일자, 국제공개번호, 국제출원일자, 국제출원번호, 우선권, 우선권주장일, 우선권국가, 우선권출원번호, 원출원일자, 원출원번호, 지정국, Citing Patents, Cited Patents
저장형식	Text(ASCII format) Excel format PIAS분석(.xls)
메일정보	받는사람 (필수) @ 보내는사람 (선택) @ 제목 내용 KISTI 검색결과 이메일 서비스
안내	총 건의 자료가 검색되었습니다. 다운받으실 자료의 인덱스를 입력하세요. (1-10,000) 검색결과의 순서대로 최대 10,000건 까지 다운로드가 가능합니다. 데이타가 많을 경우 속도가 느려질 수 있습니다.(최대 2~3분 소요) 다운로드 파일은 UTF-8 형태로 저장됩니다. 파일의 내용이 제대로 보이지 않을실 때는 웹브라우저 상단의 보기 -> 인코딩 -> 자동선택 여부를 확인하십시오. ~ Text(ASCII format) Excel format

연합인증

Using virtual networking devices to manage routing communications between connected computer networks 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

이 특허에 인용된 특허 (26)

이 특허를 인용한 특허 (4)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트

연합인증

Using virtual networking devices to manage routing communications between connected computer networks 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

전체(0) 논문(0) 특허(0) 보고서(0)

전체(0) 논문(0) 특허(0) 보고서(0)

이 특허에 인용된 특허 (26)

이 특허를 인용한 특허 (4)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트