Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Communication
1.	This office Action is in response to a communication received on January 01, 2021.
Claims 1-5, 7-15, and 17-21 are pending in this application.
Examiner’s Amendment
2.	An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee. Examiner had contacted applicant’s representative and authorization for this examiner's amendment was given by the applicant's representative Mani Adeli (Reg. No. 39,585), on 03/09/2021.

Amendments to the Claims
This listing of the following claims replaces all prior versions and listings of claims in the application:
(Currently Amended) A method of performing services for data messages associated with   guest machines executing on host computers, the method comprising:
on a first host computer,
configuring a first service logical forwarding element (LFE) that spans a first set of host computers in a datacenter including the first host computer, in order to forward data messages associated with a first guest machine executing on the first host computer to a first set of service nodes executing on the first set of host computers to perform a first set of services on the data messages; and
configuring a second service LFE that spans a second set of host computers in the datacenter including the first host computer, in order to forward data messages associated with a second guest machine executing on the first host computer to a second set of service nodes executing on the second set of host computers to perform a second set of services on the data messages,
[AltContent: rect]wherein each service LFE belongs to a different logical network, and configuring each service LFE comprises defining a service virtual network identifier (SVNI) that identifies the logical network to 
wherein the first and second machines are guest machines of two different tenants
in a multi-tenant datacenter, and the two different LFEs segregate the different tenant’s data
message traffic for purposes of security.

(Original) The method of claim 1, wherein the first and second sets of host computers include the same host computers.

(Original) The method of claim 1, wherein the first set of host computers include at least one host computer not in the second set of host computers.

(Currently Amended) A method of performing services for data
messages associated with guest machines executing on host computers, the method comprising:
on a first host computer,
configuring a first service logical forwarding element (LFE) that spans a first set of
host computers in a datacenter including the first host computer, in order to forward data messages
associated with a first guest machine executing on the first host computer to a first set of service
nodes executing on the first set of host computers to perform a first set of services on the data
messages; and
configuring a second service LFE that spans a second set of host computers in the
datacenter including the first host computer, in order to forward data messages associated with a
second guest machine executing on the first host computer to a second set of service nodes
executing on the second set of host computers to perform a second set of services on the data
messages,
wherein each service LFE belongs to a different logical network, and configuring
each service LFE comprises defining a service virtual network identifier (SVNI) that identifies the
logical network to which the service LFE belongs;
wherein the first and second LFEs implement first and second service planes, the first service plane associated with different QoS (quality of service) policies than the second service plane.
(Original) The method of claim 1, wherein the first and second LFEs implement first and second service planes, the first service plane associated with different SLA (service level agreement) policies than the second service plane.
(Canceled)
(Original) The method of claim 1, wherein each LFE is implemented by at least one software forwarding element executing (SFE) on the first host computer and at least one other SFE executing on at least one other host computer.
(Original) The method of claim 7, wherein one SFE on the host computer is configured to implement both the first and second LFEs.
(Original) The method of claim 7, wherein first and second SFEs on the host computer are configured to implement respectively the first and second LFEs.
(Original) The method of claim 7, wherein the SFE is a software switch, the LFEs are logical switches, the machines are virtual machines or containers, and the service nodes are service virtual machines or containers.
(Currently Amended) A non-transitory machine readable medium storing a program for execution by at least one processing unit of a host computer and for performing services for data messages associated with guest machines executing on host computers, the program comprising sets of instructions for:
configuring a first service logical forwarding element (LFE) that spans a first set of host computers in a datacenter including the first host computer, in order to forward data messages associated with a first guest machine executing on the first host computer to a first set of service nodes executing on the first set of host computers to perform a first set of services on the data messages; and
configuring a second service LFE that spans a second set of host computers in the 
[AltContent: rect]wherein each service LFE belongs to a different logical network, and configuring each service LFE comprises defining a service virtual network identifier (SVNI) that identifies the logical network to which the service LFE belongs;
wherein the first and second machines are guest machines of two different tenants
in a multi-tenant datacenter, and the two different LFEs segregate the different tenant’s data
message traffic for purposes of security.

(Original) The non-transitory machine readable medium of claim 11, wherein the first and second sets of host computers include the same host computers.
(Original) The non-transitory machine readable medium of claim 11, wherein the first set of host computers include at least one host computer not in the second set of host computers.
(Currently Amended) A non-
transitory machine readable medium storing a program for execution by at least one processing
unit of a host computer and for performing services for data messages associated with guest
machines executing on host computers, the program comprising sets of instructions for:
configuring a first service logical forwarding element (LFE) that spans a first set of
host computers in a datacenter including the first host computer, in order to forward data messages
associated with a first guest machine executing on the first host computer to a first set of service
nodes executing on the first set of host computers to perform a first set of services on the data
messages; and
configuring a second service LFE that spans a second set of host computers in the
datacenter including the first host computer, in order to forward data messages associated with a
second guest machine executing on the first host computer to a second set of service nodes
executing on the second set of host computers to perform a second set of services on the data
messages,
wherein each service LFE belongs to a different logical network, and configuring
each service LFE comprises defining a service virtual network identifier (SVNI) that identifies the
logical network to which the service LFE belongs;
wherein the first and second LFEs implement first and second service planes, the first service plane associated with different QoS (quality of service) policies than the second service plane.

(Original) The non-transitory machine readable medium of claim 11, wherein the first and second LFEs implement first and second service planes, the first service plane associated with different SLA (service level agreement) policies than the second service plane.
(Canceled)

(Original) The non-transitory machine readable medium of claim 11, wherein each LFE is implemented by at least one software forwarding element executing (SFE) on the first host computer and at least one other SFE executing on at least one other host computer.
(Previously Presented) The non-transitory machine readable medium of claim 17, wherein the SFE is a software router, the LFEs are logical routers, the machines are virtual machines or containers, and the service nodes are service virtual machines or containers.
(Original) The non-transitory machine readable medium of claim 11, wherein
the program further comprises a set of instructions for configuring a third LFE to span a third set of host computers, in order to forward data messages associated with the first machine to a third set of service nodes executing on the third set of host computers,


(Original) The non-transitory machine readable medium of claim 11, wherein
the program further comprises a set of instructions for configuring a third LFE to span a third set of host computers, in order to forward data messages associated with the first machine to a third set of service nodes executing on the third set of host computers,
the data messages forwarded by the third LFE are different types of data messages than the data messages forwarded by the first LFE, and the third LFE implements a different set of SLA (service level agreement) policies than the first LFE for the different types of data messages that it forwards.

(Previously Presented) The non-transitory machine readable medium of claim 11, wherein the program further comprising a set of instructions for configuring a third LFE to span a third set of host computers, in order to forward data messages associated with the first machine to a destination specified in the data messages, after the first set of service nodes perform a first set of services on the data messages.

Reasons for allowance
3.	The following is an Examiner's statement of reasons for allowance:
The examiner conducted a completed search of available patent literature and non-patent literature. The Applicant’s replies make evident the reasons for allowance, satisfying the “record as a whole” proviso of the rule 37 CFR 1.104(e). The grounds of claim rejection was reconsidered and claim rejections were withdrawn based on the substance of applicant’s amendments, remarks and arguments (see remarks, filed January 01, 2021, pp. 8-11), and examiner’s amendment as such the reasons for allowance are in all probability evident  from the record and no statement is deemed necessary (see MPEP 1302.14).
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submission should be clearly labeled "Comments on Statement of Reasons for Allowance.”

Allowable Subject Matter
4.       Claims 1-5, 7-15, and 17-21are allowed.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure that
is directed to a computerized system useful for implementing a virtual private network (VPN) including an edge device that automatically establishes an Internet Protocol Security (IPsec) tunnel alongside an unsecure Multipath Protocol (MP) tunnel with a gateway device in preparation for a transmission of a secure traffic communication. The edge device has a list of local subnets. The edge device sends the list of local subnets to the gateway during an initial MP tunnel establishment handshake message exchange between the edge device and the gateway device: 
US 20210029088 A1
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SM AZIZUR RAHMAN whose telephone number is (571)270-7360.  The examiner can normally be reached on M, F - Telework; T-Th - On Campus. 
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kevin Bates can be reached on 571-272-3980.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/SM A RAHMAN/Primary Examiner, Art Unit 2458