Detailed Action
This action is in response to RCE filed on 06/20/2025.
This application was filed on 07/25/2022.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are pending.
Claims 1-20 are rejected.
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 06/20/2025 has been entered.
Applicant's Response
In Applicant's Response dated 06/20/2025, Applicant amended claims 1-2, 11-12. Applicant argued against various rejections previously set forth in the Office Action mailed on 03/27/2025.
In light of Applicant's amendments/remarks and in view of specification paragraphs 0001-0006, 0048-0049, all rejection of claims under 35 U.S.C. 101 previously are withdrawn.
In light of Applicant's amendments/remarks, all objections to claims set forth previously are withdrawn.
Claim Objections
The examiner suggests amending claim 1, line 14 in the following manner for clarification purposes:
“a hash value determined using to [[a]] teaming policy for the source TEPG…”.
Claim 11 includes similar language as noted above, and the examiner suggests similar amendments as noted for claim 1.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claim 1, 8-9, 11, and 18-19 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. For instance:
Claim 1 recites the limitation "the source TEP" in line 8, “the TEP” in line 12. There is insufficient antecedent basis for this limitation in the claim.
Appropriate amendments/remarks required.
Claims 8, and 9 recite “one TEP”. It is not clear, if the “one TEP” is the same or different “one TEP” as recited in the parent claim.
Appropriate amendments/remarks required.
Claims 11, and 18-19 includes similar language as noted above for claim 1, and 8-9, and are therefore rejected under the same rational as note above.
Appropriate amendments/remarks required.
Additionally, at least due to dependency, claims depending on claims 1, and 11 are rejected under the same rational as noted for claims 1, and 11.
Examiner Notes
Examiner cites particular columns, paragraphs, figures and line numbers in the references as applied to the claims below for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested that, in preparing responses, the applicant fully consider the references in their entirety as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner.
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-20 are rejected under 35 U.S.C 103 as being unpatentable over Shen et al. (US 20200334069 A1, referred hereinafter as D1) in view of Jiang et al. (US 20190332408 A1, referred hereinafter as D2).
As per claim 1, D1 discloses,
A method of forwarding data messages between source and destination host computers that execute source and destination machines, the method comprising, (D1, title, abstract, 0003 discloses communicating information between different devices/hosts/vms.).
at a source computer on which a source machine for a data message flow executes: identifying a source tunnel endpoint group (TEPG) associated with the source machine, the source TEPG comprising a plurality of tunnel endpoints (TEPs), selecting, for the flow, one TEP as the source TEP from the TEPG, (D1, figure 2-3, 9, 0003-0007, 0037-0044, 0056 discloses at a source computer (e.g. host) on which a source machine (e.g. vm) for a data message flow executes: identifying a source tunnel endpoint group (TEPG) associated with the source machine, the source TEPG comprising a plurality of tunnel endpoints (TEPs) (e.g. D1 identifies VTEP from plurality of VTEP to be associated with one or more VM, see table as shown in figure 3.), selecting, for the flow, one TEP as the source TEP from the TEPG;).
using the source TEP to forward the flow to the destination computer on which the destination machine executes, (D1, figure 2-3, 9 and accompanying text, 0003-0007, 0037-0044 discloses using the source TEP (E.g., VTEP) to forward the flow to the destination computer on which the destination machine executes as shown in figure 2, and 9).
physical network interface card being deployed by the destination computer for the flow, (D1, figure 1-2 and accompanying text shows/discloses host machines (e.g., sources/destinations) including pNIC/physical network interface card used for sending/receiving data).
wherein the TEP is selected based on a first load balancing operation and a second load balancing operation, (D1, fig. 11, 0003-0007, 0030, 0037-0044, 0095-0096 discloses wherein the source TEP(VTEP) and destination TEP(VTEP) are selected based on a first load balancing operation and a second load balancing operation corresponding to the source/destination VTEPs.).
the first load balancing operation being associated with a hash value determined using to a [data] for the source TEPG, the second load balancing operation being based on a hash value determined using a [data] for a destination TEPG, (D1, fig. 11, 0003-0007, 0030, 0037-0044, 0095-0096 discloses wherein the source TEP(VTEP) and destination TEP(VTEP) are selected based on a first load balancing operation and a second load balancing operation corresponding to the source/destination VTEPs, where first and second load balancing includes hashing the source MAC address to determine the source VTEP and the destination MAC address to determine the destination VTEP, and additionally discloses [0095] the MFE 1110 hashes the connection 5-tuple of source and destination IP addresses (e.g., the IP addresses of VM 1105 and VM 1110), source and destination transport layer port numbers, and the transport layer protocol (e.g., TCP, UDP, etc., which is specified in the IP header of the packet). Based on this hash (and, e.g., using a modulo function to select a VTEP from each group), the MFE 1110 determines that for packets in this flow, the source VTEP is VTEP2 1120. In addition, for at least the first packet, the MFE will use VTEP4 1170 as the destination VTEP.).
wherein the source host computer has a plurality of physical network interface controllers (PNICs) associated with the plurality of TEPs, and using the source, (D1, figure 2-3, 9 and accompaniment text,0003-0007, 0037-0044 discloses/shows host computer has a plurality of physical network interface controllers (PNICs) associated with the plurality of TEPs (e.g. VTEP, see figure 2), and using the source TEP comprises).
the selection of the one TEP based on a hash computation performed by a virtual switch executing on the source machine, the hash computation using predetermined teaming parameters… , (D1, fig. 11, 0003-0007, 0030, 0037-0044, 0095-0096 discloses wherein the source TEP(VTEP) and destination TEP(VTEP) are selected based on a first load balancing operation and a second load balancing operation corresponding to the source/destination VTEPs, where first and second load balancing includes hashing the source MAC address to determine the source VTEP and the destination MAC address to determine the destination VTEP, and additionally discloses [0095] the MFE 1110 hashes the connection 5-tuple of source and destination IP addresses (e.g., the IP addresses of VM 1105 and VM 1110), source and destination transport layer port numbers, and the transport layer protocol (e.g., TCP, UDP, etc., which is specified in the IP header of the packet). Based on this hash (and, e.g., using a modulo function to select a VTEP from each group), the MFE 1110 determines that for packets in this flow, the source VTEP is VTEP2 1120. In addition, for at least the first packet, the MFE will use VTEP4 1170 as the destination VTEP which clearly reads on the selection of the one TEP based on a hash computation performed by a virtual switch (e.g. MFE) executing on the source machine, the hash computation using predetermined teaming parameters (e.g. IP, TCP, UDP).).
and each uplink port being selected by the computed hash value is directly mapped to a unique PNIC, (D1, figure 2, fig. 11, 0003-0007, 0030, 0037-0044, 0095-0096 discloses [0095] the MFE 1110 hashes the connection 5-tuple of source and destination IP addresses (e.g., the IP addresses of VM 1105 and VM 1110), source and destination transport layer port numbers, and the transport layer protocol (e.g., TCP, UDP, etc., which is specified in the IP header of the packet). Based on this hash (and, e.g., using a modulo function to select a VTEP from each group), the MFE 1110 determines that for packets in this flow, the source VTEP is VTEP2 1120. In addition, for at least the first packet, the MFE will use VTEP4 1170 as the destination VTEP, where as shown in figure 2, each uplink port/VTEP being selected by/based on the the computed hash value is directly mapped to a unique PNIC (E.g. VTEP1[Wingdings font/0xE0]pNIC1 and VTEP2[Wingdings font/0xE0]pNIC2 as shown in fig. 2.).
As noted above, D1 discloses hashing the connection 5-tuple of source and destination IP addresses which can fairly construed as functionally equivalent to a “teaming policy”, nevertheless, D2 (0043-0044) explicitly discloses - teaming policy… wherein the teaming policy defines [based on any suitable criterion… such as source IP address, MAC address, source port ID]…, parameters specified by the teaming policy (e.g. teaming policies defines use of source IP address, MAC address, source port ID)
Accordingly, it would have been obvious to one having ordinary skill in the art at before the effective filing date of the invention, disclosed in D1, to include teachings of D2 as noted above. This would have obvious with predicable results of making selection decision between various network devices based teaming policy as disclosed by D2.
As per claim 2, the rejection of claim 1 further incorporated, D1 discloses,
and using the source TEP comprises, (D1, figure 2-3, 9 and accompaniment text,0003-0007, 0037-0044 discloses/shows host computer has a plurality of physical network interface controllers (PNICs) associated with the plurality of TEPs (e.g. VTEP, see figure 2), and using the source TEP comprises).
encapsulating the data messages of the flow with an encapsulating header; forwarding the encapsulated data messages through a PNIC associated with the selected source TEP, (D1, figure 2-3, 9 and accompaniment text,0003-0007, 0037-0044, 0058 discloses encapsulating the data messages of the flow with an encapsulating header (e.g., outer header); forwarding the encapsulated data messages through a PNIC associated with the selected source TEP (e.g., figure 2-3).)
As per claim 3, the rejection of claim 2 further incorporated, D1 discloses,
further comprising storing a first TEP identifier identifying the source TEP in the encapsulating header, (D1, figure 2-3, 9 and accompaniment text,0003-0007, 0037-0044, 0058 discloses storing a first TEP identifier identifying the source TEP in the encapsulating header (e.g., outer header includes source and destination addresses associated with source/destination VTEP)); forwarding the encapsulated data messages through a PNIC associated with the selected source TEP (e.g., figure 2-3).)
As per claim 4, the rejection of claim 3 further incorporated, D1 discloses,
comprising storing a second TEP identifier identifying the destination TEP in the encapsulating header, (D1, figure 2-3, 9 and accompaniment text,0003-0007, 0037-0044, 0058 discloses storing a second TEP identifier identifying the destination TEP in the encapsulating header (e.g., outer header includes source and destination addresses associated with source/destination VTEP)); forwarding the encapsulated data messages through a PNIC associated with the selected source TEP (e.g., figure 2-3).)
As per claim 5, the rejection of claim 4 further incorporated, D1 discloses,
wherein the first and second TEP identifiers are network addresses associated with the selected source and destination TEPs, (D1, figure 2-3, 9 and accompaniment text,0003-0007, 0037-0044, 0058 discloses the first and second TEP identifiers are network addresses associated with the selected source and destination TEPs (e.g., outer header includes source and destination addresses associated with source/destination VTEP)).)
As per claim 6, the rejection of claim 4 further incorporated, D1 discloses
wherein the first and second TEP identifiers are not L2, L3 and L4 addresses associated with the selected source and destination TEPs, (D1, figure 2-4, 9 and accompaniment text,0003-0007, 0037-0044, 0058, 0086 discloses the first and second TEP identifiers (e.g., logical network context information/identifier) are not L2, L3 and L4 addresses associated with the selected source and destination TEPs.)
As per claim 7, the rejection of claim 2 further incorporated, D1 discloses
further comprising storing a first TEPG identifier identifying the source TEPG in the encapsulating header, (D1, figure 2-3, 9 and accompaniment text,0003-0007, 0031-0044, 0058 discloses storing/encapsulating in header a first TEPG identifier/logical network identifier identifying which overlay network/source the MFE/VTEP belongs in.)
As per claim 8, the rejection of claim 7 further incorporated, D1 discloses,
further comprising at the source computer: identifying a destination TEPG associated with the destination machine, the destination TEPG comprising a plurality of tunnel endpoints (TEPs); selecting, for the flow, one TEP as the destination TEP from the destination TEPG; and storing a second TEPG identifier identifying the destination TEPG in the encapsulating header, (D1, figure 2-4, 9 and accompaniment text,0003-0007, 0037-0044, 0058, 0086 discloses identifying a destination TEPG (e.g. logical network context/identifier) associated with the destination machine, the destination TEPG comprising a plurality of tunnel endpoints (TEPs) (e.g. destination logical network includes plurality of VTEPs); selecting, for the flow, one TEP as the destination TEP from the destination TEPG (E.g. selecting one VTEP that’s part of destination of logical network); and storing a second TEPG identifier (e.g. logical network information/identification) identifying the destination TEPG in the encapsulating header (e.g., logical network context information/identifier is encapsulated).)
As per claim 9, the rejection of claim 1 further incorporated, D1 discloses,
further comprising at the source computer: identifying a destination TEPG associated with the destination machine, the destination TEPG comprising a plurality of tunnel endpoints (TEPs); selecting, for the flow, one TEP as the destination TEP from the destination TEPG; and encapsulating the data messages of the flow with an encapsulating header; forwarding the encapsulated data messages to the selected destination TEP, (D1, figure 2-4, 9 and accompaniment text,0003-0007, 0037-0044, 0058, 0086 discloses identifying a destination TEPG (e.g. logical network context/identifier) associated with the destination machine, the destination TEPG comprising a plurality of tunnel endpoints (TEPs) (e.g. destination logical network includes plurality of VTEPs); selecting, for the flow, one TEP as the destination TEP from the destination TEPG (E.g. selecting one VTEP that’s part of destination of logical network); and encapsulating the data messages of the flow with an encapsulating header; forwarding the encapsulated data messages to the selected destination TEP (e.g., logical network context information/identifier and VTEP source/destination data are encapsulated and the message is transmitted to destination.).)
As per claim 10, the rejection of claim 1 further incorporated, D1 discloses,
wherein the TEPs of a host computer are uplink ports of a software switch executing on the host computer, (D1, figure 2-3, 9 and accompaniment text,0003-0007, 0031-0044, 0058 discloses the TEPs (VTEP) of a host computer are uplink ports/outward-facing ports of a software switch executing on the host computer).
As per claims 11-20:
Claims 11-20 are medium claims corresponding to method claims 1-10 and are of substantially same scope.
Accordingly, claims 11-20 are rejected under the same rational as set forth for claims 1-10.
Response to Arguments
Applicant’s arguments filed on 06/26/2025 have been fully considered but they are not persuasive and/or moot in view of new/modified rational/grounds of rejections.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure.
OPTIMIZING UTILIZATION OF SECURITY PARAMETER INDEX (SPI) SPACE
DOCUMENT ID
US 20190166109 A1
DATE PUBLISHED
2019-05-30
Abstract
Certain embodiments described herein are generally directed to methods and apparatus for providing a security parameter index (SPI) value for use in establishing a security association between a source tunnel endpoint and a destination tunnel endpoint. In some embodiments, utilization of the SPI bit space is optimized to allow the scaling of key policies within a network. In some embodiment, using an SPI derivation formula, a server in the network is able to generate SPI values whose bit spaces are optimized to allow key policies to scale out.
See form 892.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MUSTAFA A AMIN whose telephone number is (571)270-3181. The examiner can normally be reached on Monday-Friday from 8:00 AM to 5:00 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kevin Young, can be reached on 571-270-3180. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from Patent Center. Status information for published applications may be obtained from Patent Center. Status information for unpublished applications is available through Patent Center for authorized users only. Should you have questions about access to Patent Center, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) Form at https://www.uspto.gov/patents/uspto-automated- interview-request-air-form.
/MUSTAFA A AMIN/Primary Examiner, Art Unit 2194