公开(公告)号：EP2569902A2

公开(公告)日：2013-03-20

申请号：EP11781010.1

申请日：2011-04-27

Applicant: Microsoft Corporation

Inventor： ALKHATIB, Hasan ,  KIM, Changhoon ,  OUTHRED, Geoff ,  BANSAL, Deepak ,  GREENBERG, Albert ,  MALTZ, Dave ,  PATEL, Parveen

IPC: H04L12/24 ,  H04L12/56 ,  H04L29/08 ,  H04L12/28 ,  G06F9/44

CPC classification number: H04L12/4641 ,  H04L12/4633 ,  H04L45/04 ,  H04L45/42 ,  H04L45/46 ,  H04L45/566 ,  H04L45/586

Abstract: Computerized methods, systems, and computer-readable media are provided for establishing and managing a virtual network (V-net) and virtual machine (VM) switches that enable protected and isolated interconnections between members of the V-net. The V-net members include an originating network adapter that generates data packets addressed to a destination network adapter. Upon detecting data-packet generation, a source-side VM switch accesses a forwarding table associated with the V-net, ascertains a destination-side, VM-switch locator that corresponds to an identifier of the destination network adapter, and modifies the data packets to include the identifier. The forwarding table represents a mapping between the members of the V-net and VM switches located on respective nodes within the data center. In operation, the mapping enforces communication policies that govern data-packet traffic. Upon receiving the data packets, the destination-side VM switch restores the data packets and forwards them to the destination network adapter.

公开(公告)号：EP2497229A2

公开(公告)日：2012-09-12

申请号：EP10828933.1

申请日：2010-10-28

Applicant: Microsoft Corporation

Inventor： ALKHATIB, Hasan ,  BANSAL, Deepak

IPC: H04L12/28

CPC classification number: H04L29/12349 ,  H04L45/64 ,  H04L61/2507 ,  H04L63/0272

Abstract: Computerized methods, systems, and computer-storage media for establishing and managing a virtual network overlay ("overlay") are provided. The overlay spans between a data center and a private enterprise network and includes endpoints, of a service application, that reside in each location. The service-application endpoints residing in the data center and in the enterprise private network are reachable by data packets at physical IP addresses. Virtual presences of the service-application endpoints are instantiated within the overlay by assigning the service-application endpoints respective virtual IP addresses and maintaining an association between the virtual IP addresses and the physical IP addresses. This association facilitates routing the data packets between the service-application endpoints, based on communications exchanged between their virtual presences within the overlay. Also, the association secures a connection between the service-application endpoints within the overlay that blocks communications from other endpoints without a virtual presence in the overlay.