Using virtual networking devices and routing information to initiate external actions
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-015/177
H04L-029/06
H04L-012/46
H04L-012/24
출원번호
US-0542441
(2012-07-05)
등록번호
US-9497040
(2016-11-15)
발명자
/ 주소
Miller, Kevin Christopher
Brandwine, Eric Jason
Doane, Andrew J.
출원인 / 주소
Amazon Technologies, Inc.
대리인 / 주소
Seed IP Law Group LLP
인용정보
피인용 횟수 :
0인용 특허 :
61
초록▼
Techniques are described for providing managed virtual computer networks that have a configured logical network topology with virtual networking devices, such as by a network-accessible configurable network service, with corresponding networking functionality provided for communications between mult
Techniques are described for providing managed virtual computer networks that have a configured logical network topology with virtual networking devices, such as by a network-accessible configurable network service, with corresponding networking functionality provided for communications between multiple computing nodes of the virtual computer network by emulating functionality that would be provided by the virtual networking devices if they were physically present. In some situations, the networking functionality provided for a managed computer network of a client includes receiving routing communications directed to the virtual networking devices, and using included routing information to identify and initiate external actions whose effects are not related to how network communications between computing nodes of the managed computer network are configured to be routed or otherwise forwarded through the managed computer network, such as external actions that affect devices that are not part of the managed computer network, or other types of external actions.
대표청구항▼
1. A non-transitory computer-readable medium having stored contents that configure a computing system to: provide a virtual computer network for a client in accordance with information received from the client by overlaying the virtual computer network on a distinct substrate network and by emulatin
1. A non-transitory computer-readable medium having stored contents that configure a computing system to: provide a virtual computer network for a client in accordance with information received from the client by overlaying the virtual computer network on a distinct substrate network and by emulating functionality of one or more virtual routers of the virtual computer network, and wherein the stored contents that configure the computing system to provide the virtual computer network further include contents that configure the configured computing system to: intercept one or more routing communications that include network routing information and are directed to the one or more virtual routers; andinitiate one or more actions that are based at least in part on the network routing information and that are not related to forwarding communications between computing nodes of the virtual computer network. 2. The non-transitory computer-readable medium of claim 1 wherein the stored contents further configure the configured computing system to analyze the network routing information and identify the one or more actions based at least in part on the analyzing. 3. The non-transitory computer-readable medium of claim 1 wherein the stored contents further configure the configured computing system to forward multiple communications between multiple computing nodes of the virtual computer network in accordance with specified interconnections between the multiple computing nodes that are indicated in the received information from the client. 4. The non-transitory computer-readable medium of claim 1 wherein the configured computing system is part of a configurable network service that provides multiple virtual computer networks to multiple remote clients using a plurality of co-located computing nodes. 5. The non-transitory computer-readable medium of claim 1 wherein the configured computing system is part of a configurable network service that provides a programmatic interface for use in supplying configuration information, and wherein the information received from the client is configuration information for the virtual computer network that is received via the programmatic interface. 6. The non-transitory computer-readable medium of claim 5 wherein the received configuration information specifies the one or more virtual routers. 7. The non-transitory computer-readable medium of claim 5 wherein the received configuration information includes information about allowable types of actions, and wherein the stored contents that configure the computing system to initiate the one or more actions further configure the computing system to perform the initiating of the one or more actions based at least in part on the information about the allowable types of actions. 8. The non-transitory computer-readable medium of claim 1 wherein the stored contents further configure the configured computing system to, after the initiating of the one or more actions, forward one or more communications over the substrate network between multiple computing nodes of the virtual computer network in a manner that is not affected by the initiated one or more actions. 9. The non-transitory computer-readable medium of claim 1 wherein the configured computing system is part of a configurable network service that enables multiple remote clients to configure multiple virtual computer networks, and wherein the stored contents that configure the computing system to initiate the one or more actions further configure the computing system to configure one or more devices of the configurable network service that are not part of the virtual computer network provided for the client. 10. The non-transitory computer-readable medium of claim 9 wherein the network routing information indicates a first public network address related to one or more computing nodes of the virtual computer network, and wherein the configuring of the one or more devices includes configuring a device that performs network address translation (“NAT”) functionality for incoming communications from computing systems external to the configurable network service to associate the first public network address with the virtual computer network. 11. The non-transitory computer-readable medium of claim 9 wherein the network routing information indicates a routing path to one or more computing systems external to the virtual computer network, and wherein the configuring of the one or more devices includes configuring a device that filters at least some communications sent to the virtual computer network to modify filtering for future communications that use the indicated routing path for at least a temporary time. 12. The non-transitory computer-readable medium of claim 1 wherein the stored contents that configure the computing system to initiate the one or more actions further configure the computing system to modify operations performed by one or more computing nodes of the virtual computer network. 13. The non-transitory computer-readable medium of claim 1 wherein the stored contents that configure the computing system to initiate the one or more actions further configure the computing system to configure operations to be performed external to the virtual computer network for at least some communications sent between the virtual computer network and at least one other provided virtual computer network. 14. The non-transitory computer-readable medium of claim 1 wherein the stored contents that configure the computing system to initiate the one or more actions further configure the computing system to modify which computing nodes are part of the virtual computer network. 15. The non-transitory computer-readable medium of claim 1 wherein the stored contents that configure the computing system to initiate the one or more actions further configure the computing system to send a notification message to a target external to the virtual computer network that is indicated by the client, the notification message including at least some of the network routing information included in the one or more routing communications. 16. The non-transitory computer-readable medium of claim 1 wherein the stored contents that configure the computing system to initiate the one or more actions further configure the computing system to update one or more Domain Name System (“DNS”) servers external to the virtual computer network to change an association of one or more DNS domain names with one or more computing nodes of the virtual computer network, the one or more DNS domain names being available to computer systems external to the virtual computer network to access the one or more computing nodes of the virtual computer network. 17. The non-transitory computer-readable medium of claim 16 wherein the changing of the association of the one or more DNS domain names with the one or more computing nodes includes adding a first computing node of the virtual computer network to a group of multiple computing nodes associated with a first DNS domain name, the one or more DNS servers being configured to select a member of the group for use for the first DNS domain name in response to a request by one of the external computer systems. 18. The non-transitory computer-readable medium of claim 1 wherein the stored contents further configure the configured computing system to identify an absence for at least a predetermined amount of time of network routing information corresponding to one or more routing targets, and to initiate one or more additional actions for the virtual computer network while the virtual computer network is operating that are based at least in part on the identified absence. 19. A computer-implemented method comprising: providing, by one or more configured computing systems, a virtual computer network for a client in accordance with information received from the client, the providing of the virtual computer network including overlaying the virtual computer network on a distinct substrate network and emulating functionality of one or more virtual routers of the virtual computer network;receiving, by the one or more configured computing systems, one or more routing communications that include network routing information and are directed to the one or more virtual routers; andinitiating, by the one or more configured computing systems, one or more actions that are based at least in part on the network routing information and that are not related to forwarding communications between computing nodes of the virtual computer network. 20. The method of claim 19 wherein the initiating of the one or more actions includes analyzing the network routing information and identifying the one or more actions based at least in part on the analyzing. 21. The method of claim 19 wherein the one or more configured computing systems are part of a configurable network service that provides a programmatic interface for use in supplying configuration information, and wherein the information received from the client is configuration information for the virtual computer network that is received via the programmatic interface. 22. The method of claim 21 wherein the received configuration information includes information about allowable types of actions, and wherein the initiating of the one or more actions is based at least in part on the information about the allowable types of actions. 23. The method of claim 19 wherein the one or more configured computing systems are part of a configurable network service that enables multiple remote clients to configure multiple virtual computer networks, and wherein the initiated one or more actions include configuring one or more devices of the configurable network service, the configured one or more devices providing functionality to perform network address translation (“NAT”) functionality for incoming communications from computing systems external to the configurable network service based on a first public network address associated with the virtual computer network, and to filter at least some communications sent to the virtual computer network based on an indicated routing path. 24. The method of claim 19 wherein the initiated one or more actions include at least one action from a group that includes modifying operations performed by one or more computing nodes of the virtual computer network, configuring operations to be performed external to the virtual computer network for at least some communications sent between the virtual computer network and at least one other provided virtual computer network, modifying which computing nodes are part of the virtual computer network, sending a notification message including at least some of the network routing information to a target external to the virtual computer network that is indicated by the client, and updating one or more Domain Name System (“DNS”) servers external to the virtual computer network to change an association of one or more DNS domain names with one or more computing nodes of the virtual computer network, the one or more DNS domain names being available to computer systems external to the virtual computer network to access the one or more computing nodes of the virtual computer network. 25. A system comprising: one or more processors of one or more computing systems; andone or more modules that are configured to, when executed by at least one of the one or more processors, provide a virtual computer network for a client in accordance with information received from the client by overlaying the virtual computer network on a distinct substrate network and by emulating functionality of one or more virtual routers of the virtual computer network, the one or more modules being further configured to: intercept one or more routing communications that include network routing information and are directed to the one or more virtual routers; andinitiate one or more actions that are based at least in part on the network routing information and that are not related to forwarding communications between computing nodes of the virtual computer network. 26. The system of claim 25 wherein the one or more modules are further configured to perform the initiating of the one or more actions by analyzing the network routing information and identifying the one or more actions based at least in part on the analyzing, and wherein the one or more modules include executable software instructions. 27. The system of claim 26 wherein the one or more modules are part of a configurable network service that provides a programmatic interface for use in supplying configuration information, and wherein the information received from the client is configuration information for the virtual computer network that is received via the programmatic interface. 28. The system of claim 27 wherein the received configuration information includes information about allowable types of actions, and wherein the one or more modules are further configured to perform the initiating of the one or more actions in a manner based at least in part on the information about the allowable types of actions. 29. The system of claim 25 wherein the one or more modules are part of a configurable network service that enables multiple remote clients to configure multiple virtual computer networks, and wherein the initiated one or more actions include configuring one or more devices of the configurable network service, the configured one or more devices providing functionality to perform network address translation (“NAT”) functionality for incoming communications from computing systems external to the configurable network service based on a first public network address associated with the virtual computer network, or to filter at least some communications sent to the virtual computer network based on an indicated routing path. 30. The system of claim 25 wherein the initiated one or more actions include multiple actions from a group that includes modifying operations performed by one or more computing nodes of the virtual computer network, configuring operations to be performed external to the virtual computer network for at least some communications sent between the virtual computer network and at least one other provided virtual computer network, modifying which computing nodes are part of the virtual computer network, sending a notification message including at least some of the network routing information to a target external to the virtual computer network that is indicated by the client, and updating one or more Domain Name System (“DNS”) servers external to the virtual computer network to change an association of one or more DNS domain names with one or more computing nodes of the virtual computer network, the one or more DNS domain names being available to computer systems external to the virtual computer network to access the one or more computing nodes of the virtual computer network.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (61)
Dugan Andrew J. ; McDysan David E., ATM virtual private networks.
Gelvin, David C.; Girod, Lewis D.; Kaiser, William J.; Merrill, William M.; Newberg, Fredric; Pottie, Gregory J.; Sipos, Anton I.; Vardhan, Sandeep, Apparatus for internetworked hybrid wireless integrated network sensors (WINS).
Ebrom, Matthew P.; Feldbruegge, Robert J.; Glotzbach, Mark E.; McCoy, Richard A.; Moes, Christopher S.; Whipple, Andrew D., Client for an appliance network.
Sullivan Mark K., Computer system having virtual circuit address altered by local computer to switch to different physical data link to increase data transmission bandwidth.
Garcia, Kelley K.; Hamilton, II, Rick A.; Newhook, Richard J.; Ramsey, Martin S.; Rangel, Raull; Seaman, James W., Creating and using secure communications channels for virtual universes.
Waters, Christopher; de Haaff, Brian; Lockhart, Andrew, Hosted searching of private local area network information with support for add-on applications.
Mukherjee,Sarit; Paul,Sanjoy; Rangarajan,Sampath; Takkallapalli,Anil, Method and apparatus for providing adaptive VPN to enable different security levels in virtual private networks (VPNs).
Bhavanam, Kotilingareddy; Suriyanarayanan, Muthukumar; Mandavilli, Swamy Jagannadha, Method and system for determining network topology of a virtual private network in multi protocol label switching (MPLS) based virtual private networks (VPNs).
Mandavilli, Swamy J.; Horner, Damian; Kuriakose, Anil A.; Menon, Sunil; Lamb, Richard David; Walding, Andrew; Odenwald, Joseph M., Method and system for managing network nodes which communicate via connectivity services of a service provider.
Larson, Victor; Short, III, Robert Dunham; Munger, Edmund Colby; Williamson, Michael, Method for establishing secure communication link between computers of virtual private network.
Guichard, James N.; Wainner, W. Scott; Weis, Brian E.; Khalid, Mohamed, Methods and apparatus for providing multiple policies for a virtual private network.
Chu, Thomas P.; Magee, Francis R.; Richman, Steven H., Methods and devices for converting routing data from one protocol to another in a virtual private network.
Khalid, Mohamed; Asati, Rajiv; Patil, Shashidhar P.; Akhter, Aamer, Methods and systems for dynamically updating a routing table in a virtual private network.
Ould Brahim,Hamid; Fedyk,Donald, Resource allocation using an auto-discovery mechanism for provider-provisioned layer-2 and layer-3 virtual private networks.
Mazarick, Michael E, System and method for initializing and maintaining a series of virtual local area networks contained in a clustered computer system.
Miller, Kevin Christopher; Brandwine, Eric Jason; Doane, Andrew J., Using virtual networking devices to manage routing communications between connected computer networks.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.