Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Allowable Subject Matter
Claims 1-24 are allowed.
The following is an examiner’s statement of reasons for allowance: 
Regarding claims 1, 8, 15, TUBALTSEV et al. (US 20150263946) teaches a method for a computer system to validate routing information in a software- defined networking (SDN) environment that includes a first autonomous system and a second autonomous system (fig. 1, 10, par. 49, logical router in logical network architecture or software defined network receives routes advertised from physical router, which is external router part of different network as in par. 148, 157), wherein the method comprises: 
obtaining routing information associated with a logical router in the first autonomous system (par. 47, 50, receiving or reading configuration including the routing table), wherein the routing information specifies multiple first routes to respective multiple first networks (par. 70, 93, 94, 137, 146, reading or obtaining the configuration with routing information of the logical router indicating routes to multiples name spaces, logical switches and VMs, as further indicated by par. 112, 125, 132, 147, 148); 
obtaining network topology information associated with the first autonomous system (par. 113, 125, 135, 137, par. 144, 145, receives or obtaining new configuration or routing table), wherein the network topology information specifies multiple second routes that connect the logical router to respective multiple second networks in which multiple virtualized computing instances are located in the first autonomous system (par. 113, 125, 135, 137, par. 144, 145, receives or obtaining new configuration or routing table, which is topology information of the associated AS with the VM and logical switches as in par. 52, 113); 
prior to configuring the logical router to generate any route advertisement information destined for the second autonomous system (par. 146, determines the differences between its current operating configuration and the configuration specified in the binary file, and applies these changes to the existing configuration such that the new operating configuration matches that in the configuration file, the determines the differences is prior to applies the changes or configuring; par. 92, wherein the modification advertises to the peer autonomous system by logical router (par. 159)),
validating the routing information based on the network topology information to determine whether the multiple first routes are validated based on the multiple second routes (par. 52, equal cost; par. 125; par. 137, routing table par. 146, determines the different between the current configuration and new configuration or validating the routing table is up to dated and applies the changes to the current configuration with the new configuration including routing table); and 
in response to determination that the multiple first routes is invalid (par. 137, 138, 141, 146, current routing table of the AS does not match the routing table definition of the AS or the current routing table is not up to date due to modification, which one of the route is removed or the route is invalid as indicated by par. 140), configuring the logical router to generate route advertisement information destined for the second autonomous system including the multiple first routes but excluding the particular first route (par. 92, wherein the modification advertises to the peer autonomous system by logical router (par. 159), which the current routing table that is not include the removed route as further indicated by par. 49, 113, 125, 137, 140, 146, 148, 149, 150, 151).
MEHTA et al. (US 20170207963) teaches validating the routing information based on the network topology information to determine whether the multiple first routes are validated based on the multiple second routes (par. 78, 117, 118, matching the criteria such as routing domain, source IP, destination network, next hop IP address to determine the route eligible to be used); and 
in response to determination that a particular first route from the multiple first routes is invalid (par. 78, 117, 118, matching the criteria such as routing domain, source IP, destination network, next hop IP address, and wherein the path or route is dead or ineligible or invalid), configuring the logical router to exclude the particular first route from route advertisement information destined (par. 115, 120, 121, 141, wherein the route updates are advertised without the delete route to BGP neighboring). 


WANG et al. (US 20100153537) teaches Current hijacking detection approaches monitor IP prefixes on the control plane of a network and detect inconsistencies in route (par. 2). misbehaved routers (e.g., routers performing the hijacking) can arbitrarily advertise routes for prefixes and/or fabricate Autonomous System (AS) paths associated with the prefixes (par. 17).

JI et al. (US 20110153801) teaches a BGP router in an AS, provides a BGP update with a prefix that the AS does not own. In other words, prefix hijacking can occur when an AS indicates that it owns an AS that it does not, in fact, own. Prefix hijacking can occur intentionally or accidentally due to a BGP router malfunction. In either case, the hijacking can result in communications being misrouted (par. 12).

PEI et al. (US 8521904) teaches these cases can be caused by BGP misconfigurations (e.g. route leakages) or prefix hijacks. As used herein, the phrase cause means to bring about, provoke, precipitate, produce, elicit, be the reason for, result in, and/or effect. After filtering all routes with a lifetime of less than 2 days, 5,239 links were excluded, ending up with a total of 65,459 provider-customer links (col. 10 lines 60-67).

Seto et al. (“Detecting and Recovering Prefix Hijacking using Multi-agent Inter-AS Diagnostic system”) teaches detecting by comparing each BGP routing information update by comparing it with BGP routing information stored in an IRR database (page 883, section III. DETECTION METHOD). 

(abstract).
However, it would have not been obvious to combine the references to the claims as amended to “obtaining routing information associated with a logical router in the first autonomous system, wherein the routing information specifies multiple first routes to respective multiple first networks, and wherein the multiple first routes specified in the routing information include a particular first route injected by a malicious hacker through prefix hijacking;
obtaining network topology information associated with the first autonomous system, wherein the network topology information specifies currently deployed multiple second routes that connect the logical router to respective multiple second networks in which multiple virtualized computing instances are located in the first autonomous system;
prior to configuring the logical router to generate any route advertisement information destined for the second autonomous system, validating the routing information based on the network topology information by determining whether attributes associated with the multiple first routes specified by the routing information match attributes associated with the multiple second routes specified by the network topology information; and
in response to determination that the particular first route from amongst the multiple first routes is invalid due to a mismatch with the attributes associated with the 
Claims 2-7, 9-14, 16-24 are allowed because of the dependency on the allowed claims. 

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to THINH D TRAN whose telephone number is (571)270-3934.  The examiner can normally be reached on mon-fri 9-6.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/THINH D TRAN/for /Thinh Tran/, Patent Examiner of Art Unit 2466                                                                                                                                                                                                        01/30/2021