| 发明名称 | Secure tunnel infrastructure between hosts in a hybrid network environment | ||
| 摘要 | Technologies are described herein for establishing a secure tunnel infrastructure between host computers in a hybrid network environment. A first network tunnel is established between a border device in a first network and a border device in a second network. A second network tunnel is established between a first host computer in the first network and the border device in the first network. Similarly, a third network tunnel is established between the border device in the second network and a second host computer in the second network. The networking infrastructures of the first and second networks are then configured so that network packets from the first host computer arriving at the border device in the first network through the second network tunnel are sent through the first network tunnel to the border device in the second network, and then through the third network tunnel to the second host computer. | ||
| 申请公布号 | US9164795(B1) | 申请公布日期 | 2015.10.20 |
| 申请号 | US201213435257 | 申请日期 | 2012.03.30 |
| 申请人 | Amazon Technologies, Inc. | 发明人 | Vincent Pradeep |
| 分类号 | G06F15/16;G06F9/48;H04L12/46 | 主分类号 | G06F15/16 |
| 代理机构 | Lee & Hayes, PLLC | 代理人 | Lee & Hayes, PLLC |
| 主权项 | 1. A non-transitory computer-readable storage medium having computer-executable instructions stored thereon that, when executed by a computer, cause the computer to: assign a first unused substrate IP address from a first network to an endpoint of a first network tunnel at the first network, the first network tunnel comprising a contained substrate-level tunnel between a first border device in the first network and a second border device in the second network; assign a second unused substrate IP address from the second network to the endpoint of the first network tunnel at the second network; establish a second network tunnel between a first host computer in the first network and the first border device in the first network; and establish a third network tunnel between a second host computer in the second host network and the second border device in the second network, wherein network packets destined for the first unused substrate IP address from the first host computer are configured to be sent to the first border device through the second network tunnel and are further configured to be sent through the first network tunnel to the second border device, the network packets being used for a migration of a virtual machine from the first host computer to the second host computer, andwherein the network packets received at the second border device are configured to be forwarded to the second host computer using the third network tunnel. | ||
| 地址 | Seattle WA US | ||