Nicira, Inc.

Patent Trials and Appeals Board

Dec 30, 2021

2020005986 (P.T.A.B. Dec. 30, 2021)

UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 15/406,249 01/13/2017 Jayant Jain N367 3997 152691 7590 12/30/2021 Setter Roche LLP 1860 Blake Street Suite 100 Denver, CO 80202 EXAMINER YOUNG, STEVE R ART UNIT PAPER NUMBER 2477 NOTIFICATION DATE DELIVERY MODE 12/30/2021 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): ipadmin@vmware.com uspto@setterroche.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte JAYANT JAIN, GANESAN CHANDRASHEKHAR, ANIRBAN SENGUPTA, PANKAJ THAKKAR, and ALEXANDER TESSMER Appeal 2020-005986 Application 15/406,249 Technology Center 2400 BEFORE BRADLEY W. BAUMEISTER, CHRISTA P. ZADO, and DAIVD J. CUTITTA II, Administrative Patent Judges. ZADO, Administrative Patent Judge. DECISION ON APPEAL STATEMENT OF THE CASE Pursuant to 35 U.S.C. § 134(a), Appellant1 appeals from the Examiner’s decision to reject claims 1-20. We have jurisdiction under 35 U.S.C. § 6(b). We REVERSE. 1 “Appellant” refers to “applicant” as defined in 37 C.F.R. § 1.42(a). Appellant identifies the real party in interest as VMware, Inc., and Nicira, Inc. Appeal Br. 2. Appeal 2020-005986 Application 15/406,249 2 CLAIMED SUBJECT MATTER The instant application relates to virtual switches that direct communications on a network by inspecting packets before passing them to nodes within the network. Spec. ¶ 1. Claim 1, reproduced below with certain language italicized for emphasis, illustrates the claimed subject matter: 1. A method of operating a virtual computing environment to provide packet enforcement using logical ports, the method comprising: in each of a first host computing system and second host computing system, maintaining a data plane forwarding configuration based on forwarding rules and logical port status information for virtual machines in the virtual computing environment; in the first host computing system, identifying a packet to be transferred from a virtual machine executing on the first host computing system to a virtual machine executing on the second host computing system; in the first host computing system, identifying a source logical port allocated to the virtual machine on the first host computing system, wherein the source logical port corresponds to a logical network link between a virtual switch on the first host computing system and the virtual machine executing on the first host computing system; in the first host computing system, transferring a communication to the second host computing system, wherein the communication comprises a second packet that encapsulates the packet in a payload for the second packet and places a source logical port identifier in a header for the second packet, the source logical port identifier uniquely identifying the source logical port; in the second host computing system, receiving the communication; and Appeal 2020-005986 Application 15/406,249 3 in the second host computing system, determining a forwarding action for the packet in the communication based at least on the source logical port identified in the header for the second packet and the data plane forwarding configuration. Appeal Br. 11 (Claims App.). REFERENCES The prior art relied upon by the Examiner is: Name Reference Date Casado US 2012/0044762 A1 Feb. 21, 2013 Hira US 2015/0381484 A1 Dec. 31, 2015 REJECTION The claims stand rejected as follows: Claims Rejected 35 U.S.C. § Reference(s)/Basis 1-20 103 Casado, Hira OPINION Background The instant application generally relates to virtual switches that direct communications on a network by inspecting packets before passing them to nodes within the network. Spec. ¶ 1. More specifically, virtual switches may be configured to take certain packet forwarding actions concerning a received packet that is addressed to a virtual machine within the network, wherein the actions depend at least in part on the source of the packet. Id. ¶¶ 14-15. In particular, the packet includes in its header a logical source port identifier that corresponds to the virtual machine that sent the packet. Id. In this manner, the virtual switch can identify the source/sender of the Appeal 2020-005986 Application 15/406,249 4 packet, and take appropriate forwarding actions. Id. Figure 1, reproduced below, illustrates a system in accordance with the alleged invention. Spec., Fig. 1. Figure 1 illustrates computing environment 100, including host machines 110 and 111. Id. ¶ 17. Each host machine includes multiple virtual machines, 120-122 and 123-125, respectively. Id. Each host machine also includes hypervisor 130 and 131, respectively. Id. A hypervisor abstracts physical components of a host machine and provides virtual representation of such hardware to the virtual machines. Id. Finally, each host machine also includes a network interface. The Specification provides an example in which a data packet is sent from virtual machine 120 on host 110 to virtual machine 123 on host 111. Id. ¶ 20. Hypervisor 130 on host 110 identifies a source logical port corresponding to the sender of the packet, i.e., virtual machine 120, and encapsulates the packet inside a new packet that contains the source logical port in its header. Id. ¶ 20. When hypervisor 131 on host 111 receives the encapsulated packet, Appeal 2020-005986 Application 15/406,249 5 hypervisor 131 extracts the source logical port identifier and applies the appropriate forwarding action based on the port. Id. Discussion Appellant argues the Examiner has not shown the combination of Casado and Hira teaches or suggests various limitations of independent claim 1 relating to a “source logical port.” Appeal Br. 4-9. Appellant submits the Examiner likewise fails to show the combined art teaches similar limitations of independent claims 9 and 15. Id. On these bases, Appellant asks us to reverse the rejection of claims 1, 9, and 15, as well the rejection of claims depending therefrom-i.e., claims 2-8, 10-14, and 16-20. For reasons discussed below, we reverse the Examiner’s rejection. The method recited in claim 1 involves transferring a communication from a virtual machine on a first host computing system to a second host computing system. The method comprises “identifying a source logical port allocated to the virtual machine on the first host computing system.” The claim further specifies that the source logical port “corresponds to a logical network link between a virtual switch on the first host computing system and the virtual machine executing on the first host computing system.” The Examiner relies on Hira for teaching a source logical port as specified in the claims, i.e., a source logical port that “corresponds to a logical network link between a virtual switch on the first host computing system and the virtual machine executing on the first host computing system.” Final Act. 5. Specifically, the Examiner finds that Hira’s VXLAN Tunneling End Point IP (VTEP-IP) teaches a source logical port. Final Act. 5-6 (citing Hira Figs. 3, 5, ¶¶ 25, 29, 30, 49-51). Hira discloses a host machine operating one or more virtual machines (VMs) connected to a logical switch that acts as a VXLAN tunnel endpoint. Appeal 2020-005986 Application 15/406,249 6 Hira ¶ 29. Hira explains that a unique IP address is assigned to each VTEP, wherein the IP address is called VTEP-IP. Id. The VTEP-IP serves as the IP address for the host machine’s tunneling logic for all traffic received by the multiple VMs hosted on the host machine. Id. Appellant argues that the VTEP-IP is not a “source logical port,” because it does not correspond to a logical link between a virtual machine and virtual switch on the host machine. Appeal Br. 6-8. Rather, VTEP-IP is an IP address that identifies the host machine. Id. It does not identify a virtual machine within the host, or in any way relate to a correspondence between a virtual machine and virtual switch on the host. Id. Rather, it is only the tunneling endpoint of the host. Id. We find Hira supports Appellant’s argument, disclosing that VTEP-IP is an IP address for the tunneling endpoint on the host, and it serves as the endpoint for all VMs on the host. Hira ¶ 29. There is no indication that VTEP-IP serves as a logical link between a VM and virtual switch. Rather, VTEP-IP is just the identification of the endpoint in the host. Id. For the foregoing reasons, the Examiner has not shown that Hira teaches or suggests “wherein the source logical port corresponds to a logical network link between a virtual switch on the first host computing system and the virtual machine executing on the first host computing system,” as recited in claim 1, or similar recitations in the remaining independent claims-i.e., claims 8 and 15. We, therefore, reverse the Examiner’s rejection of claims 1-20. Because the above-discussed issue is dispositive of this appeal, we do not reach additional arguments raised by Appellant. CONCLUSION The Examiner’s rejection is reversed. Appeal 2020-005986 Application 15/406,249 7 DECISION SUMMARY In summary: Claims Rejected 35 U.S.C. § Reference(s)/Basis Affirmed Reversed 1-20 103 Casado, Hira 1-20 REVERSED