Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
 Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on December 16, 2020 has been entered.
                                                        Response to Amendment
       The amendment filed on November 17, 2020 is acknowledged. Claims 1, 8 and 15 are amended. Claims 1-21 are currently pending.
                                                Information Disclosure Statement
The information disclosure statement (IDS) submitted on February 24, 2021 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-2, 5-6, 8-9, 12-13, 15-16 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Shah et al. (US 2016/0232019 A1) in view of Malloy et al. (US 2018/0159771 A1).
Regarding claim 1, Shah discloses a method for a host to perform queue filter configuration for multicast packet handling in a software-defined networking (SDN) environment (Fig. 1 discloses the mechanism of a host system that support multiple applications participated in local area network where a host may contain virtual stations, support the functioning of software defined networking and host system include one or more processor to support the execution of virtual network), 
the method comprises: generating and sending a request for the host to join an outer multicast group address (Paragraphs 0021, 0025 and 0036 discloses In various OSs, such as Linux the hypervisor may receive advertisements for multiple traffic queues.  However, a single queue may be provided.  The hypervisor may generate a policy (e.g., a set of rules) that may be used to assign incoming packets to a particular queue or ring.  OSs and hypervisors may use different or similar queuing types (e.g. NDIS Virtual Machine Queues (VMQ), VMware NetQueues, and/or other  to one or more multicast-enabled network devices that are capable of multicast forwarding based on the outer multicast group address (Paragraphs 0044-0045 disclose the CFA 250 may handle offloaded flows for which actions are defined.  For the transmit path, the CFA may perform flow processing for offloaded flows (e.g., access control lists, or other flow identifiers) and aids in traffic management like shaping, metering, and scheduling.  For the receive path, the CFA 250 may perform flow processing and fine grained steering to VMs 202, 204, 206, 208 or the virtual switch 114.  The virtual switch may perform exception processing for special cases such as unknown flows and/or unsupported keys.  The CFA may also support execution of Software Defined Networking); 
configuring a queue filter based on the outer multicast group address (Paragraph 0031 discloses CFA apply the filtering technique for virtual entities for transmitting/receiving multicast and unicast data); and in response to detecting, from the one or more multicast-enabled network devices, an ingress encapsulated multicast packet that includes an outer header addressed to the outer multicast group address (Paragraph 0022, 0026 discloses the mechanism of header encapsulation) 
based on the queue filter, assigning the ingress encapsulated multicast packet to a particular NIC queue from the multiple NIC queues (Paragraph 0022, 0026 and 0035 disclose the CFA may also support forwarding unicast frames based on one or more identifiers (e.g., Tunnel ID, DMAC, VLAN ID, or other identifier).  In some cases, a tunnel ID may include an identifier determined using fields in an encapsulation header and send the multicast /unicast frames to a network port); and retrieving, from the particular NIC queue, the ingress encapsulated multicast packet to generate and send a decapsulated multicast packet to a virtualized computing instance supported by the host (Paragraphs 0055-0060 disclose for network overlays and tunneling, the CFA provides support for encapsulation and/or de-capsulation of specific tunnels.  Encapsulation and de-capsulation actions for a specific tunneling mechanism may be specified for individual flows.  The CFA support may support IP-in-IP, NVGRE, VXLAN, Geneve, GRE, and multiple-protocol label switching (MPLS), and/or network overlay schemes.  The VLAN PRI (priority) field may be remapped through the use of VLAN tag encapsulation processing.  For example, a PRI field remapping may be applied to the outermost VLAN tag after VLAN insertions/encapsulations are complete).
Shah does not disclose the mechanism of following limitation. In an analogous art, Malloy discloses wherein the host includes multiple network interface controller (NIC) queues (Figs. 2-3, Paragraphs 0032, 0036, 0041 and 0046 disclose host includes NIC circuitry 136. The network interface 36 includes NIC, connection convertor and other input/output acceptance components. The  network interface can be implemented with multi-stage network processing load balancing in hardware to improve the throughput of applications. The host can also include a RSS switch to further distribute the network processing loads of packets from the network interface. The network interface 136 can include one or more NICs.  One suitable NIC for the network interface 136 can 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to provide the technique of Malloy to the system of Shah to provide systems, methods, and software to enhance the management of host computing systems by implementing hardware/software hybrid network processing load balancing in a server having a NIC operatively coupled to multiple cores in a server (Abstract, Malloy). 
Regarding claims 8 and 15, Claims 8 and 15 comprises substantially similar limitations as recited in claim 1, claimed as a non-transitory computer readable medium and a host configured to follow the steps as cited above in claim 1.
Regarding claims 2, 9 and 16, Shah discloses wherein configuring the queue filter comprises: configuring the queue filter to filter ingress traffic based on at least one of the following: the outer multicast group address in the form of an outer multicast group Internet Protocol (IP) address, and an outer multicast group Media Access Control (MAC) address associated with the outer multicast group IP address (Paragraph 0021-0023, 0046 discloses traffic flows may be identified using the destination MAC address and/or optional VLAN ID, or other network parameter. The CFA, via the flow processing logic 300, may identify a flow based on an exact match (EM) and/or a wild card match (WM).  The CFA may implement pre-defined key formats that can be used for flexible key selection.  For example, TCP/IPv4 (Transmission control 

Regarding claims 5, 12 and 19, Shah discloses wherein generating and sending the request to join the outer multicast group address comprises: detecting, from the virtualized computing instance, a request to join an inner multicast group address; and obtaining an outer multicast group address that is assigned to the inner multicast group address (Paragraphs 0044-0050 disclose the CFA 250 may handle offloaded flows for which actions are defined.  For the transmit path, the CFA may perform flow processing for offloaded flows (e.g., access control lists, or other flow identifiers) and aids in traffic management like shaping, metering, and scheduling.  For the receive path, the CFA 250 may perform flow processing and fine grained steering to VMs 202, 204, 206, 208 or the virtual switch 114.  The virtual switch may perform exception processing for special cases such as unknown flows and/or unsupported keys.  The CFA may also support execution of Software Defined Networking).
Regarding claims 6, 13 and 20, Shah discloses wherein generating and sending the request to join the outer multicast group address comprises: detecting an attachment of the virtualized computing instance to a logical forwarding element supported by the host (Paragraphs 0044-0050 disclose the CFA 250 may handle offloaded flows for which actions are defined.  For the transmit path, the CFA may perform flow processing for offloaded flows (e.g., access control lists, or other flow identifiers) and aids in traffic management like shaping, metering, and scheduling.  For the receive path, the CFA 250 may perform flow processing and fine grained steering to VMs 202, 204, 206, 208 or the virtual switch 114.  The virtual switch may perform exception processing for ; and obtaining an outer multicast group address that is assigned to the logical forwarding element (Paragraphs 0044-0050).


Claims 3, 10 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Shah et al. in view of Malloy et al. and further in view of Jain et al. (US 2017/0250954 A1).
Regarding claims 3, 10 and 17, Shah and Malloy don’t disclose the mechanism of claims 3, 10 and 17. Jain discloses wherein configuring the queue filter comprises: configuring the queue filter for a default NIC queue from the multiple NIC queues of the host (Paragraph 0036 disclose the packet analyzer 162 inspects the packets and updates its local packet statistics accordingly.  Information about packet features identified by the packet analyzer 162 are passed to the overlay interface 163.  The overlay interface 163 hooks the host/NIC into the overlay 12). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to provide the technique of Jain to the modified system of Shah and Malloy to provide an overlay or control server collects and combines the local occurrence-measures to derive the network-wide occurrence-measures which can be used to automatically detect and mitigate completely new types of attack packets (Abstract, Jain).

Claims 4, 11 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Shah et al. in view of Malloy et al. and further in view of Rimmer et al. (US 2003/0217183 A1).
Regarding claims 4, 11 and 18, Shah and Malloy do not specifically disclose the mechanism of claims 4, 11 and 18. In an analogous art, Rimmer discloses performing load balancing to move the queue filter from the default queue to a non-default queue from the multiple NIC queues of the host, wherein the non-default queue configured with a receive side scaling (RSS) feature (Paragraph 0047 disclose the mechanism of load balancing which is important for networks where it is difficult to predict the number of requests that will be issued by a server.  Steps 408, 410, and 412 and performed at an output port. For each data packet, checksums are computed and filtering is performed for inbound traffic). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to provide the technique of Rimmer to the modified system of Shah and Malloy to provide a shareable, centralized I/O subsystem to an existing network configuration without disrupting the operation of the current infrastructure, and in a manner that complements the incumbent technologies (Abstract, Rimmer).

Claims 7, 14 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over Shah et al. in view of Malloy et al. and further in view of Tsirkin et al. (US 2019/0068555 A1)
Regarding claims 7, 14 and 21, Shah and Malloy do not specifically disclose the mechanism of claims 7, 14 and 21. In an analogous art, Tsirkin discloses wherein the method further comprises: generating and sending a request to leave the outer multicast group address to one or more multicast-enabled network devices (Paragraphs 0025-0026); and removing the queue filter that is configured based on the outer multicast group address (Paragraph 0026). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to provide the technique of Tsirkin to the modified system of Shah and Malloy to provide the technique of using logic on the virtual machine to determine whether packets are malicious and using logic on a hypervisor to create a filtering rule for the malicious packet to filter subsequent packets that match characteristics of the malicious packet (Abstract, Tsirkin).

Response to Arguments
Applicant's arguments filed November 17, 2020  have been fully considered but they are not persuasive.  Regarding claim 1, Applicant argued that “generating and sending a request to join an outer multicast group address to one or more multicast-enabled network devices that are capable of multicast forwarding based on the outer multicast group address; configuring a queue filter based on the outer multicast group address.... based on the queue filter, assigning the ingress encapsulated multicast packet to a particular NIC queue from the multiple NIC queues.” It is respectfully submitted that Shah does not teach at least these elements. Examiner respectfully disagrees. 
Shah discloses in paragraph 0044-0045, the CFA 250 may handle offloaded flows for which actions are defined.  For the transmit path, the CFA may perform flow processing for offloaded flows (e.g., access control lists, or other flow identifiers) and aids in traffic management like shaping, metering, and scheduling.  For the receive path, the CFA 250 may perform flow processing and fine grained steering to VMs 202, 204, 206, 208 or the virtual switch 114.  The virtual switch may perform exception processing for special cases such as unknown flows and/or unsupported keys.  Paragraph 0035 discloses the CFA may also support forwarding unicast frames based on one or more identifiers (e.g., Tunnel ID, DMAC, VLAN ID, or other identifier).  In some 
cases, a tunnel ID may include an identifier determined using fields in an encapsulation header, e.g., NVGRE or VXLAN headers.  In some cases, the CFA may send the multicast or unicast frames to a network port, VM, or an embedded processor. Further paragraph 0046 discloses the CFA, via the flow processing logic 300, may identify a flow based on an exact match (EM) and/or a wild card match (WM).  The CFA may implement pre-defined key formats that can be used for flexible key selection.  For example, TCP/IPv4 (Transmission control protocol/Internet Protocol 
Paragraphs 0021, 0025 and 0036 discloses In various OSs, such as Linux the hypervisor may receive advertisements for multiple traffic queues.  However, a single queue may be provided.  The hypervisor may generate a policy (e.g., a set of rules) that may be used to assign incoming packets to a particular queue or ring.  OSs and hypervisors may use different or similar queuing types (e.g. NDIS Virtual Machine Queues (VMQ), VMware NetQueues, and/or other queue types).  The different queue types may interoperate because the functionality between different queue types may be similar at the hardware layer.  For example, traffic flows may be identified using the destination MAC address (read on outer multicast address) and/or optional VLAN ID, or other network parameter. The CFA may support reception of specific types of traffic (unicast, broadcast, or multicast), traffic for a specific flow, based on origin, destination, or flow, (e.g., for all traffic, traffic for a specific flow, specific VLAN traffic, specific virtual entity traffic, and/or other traffic classifications) Additionally or alternatively, the mirroring may be specified by traffic type (e.g., unicast, broadcast, multicast, and/or other traffic types). 
Thus Shah disclosed the mechanism of generating and sending a request to join an outer multicast group address to one or more multicast-enabled network devices that are capable of multicast forwarding based on the outer multicast group address; configuring a queue filter based on the outer multicast group address. 
Shah further discloses the mechanism of ingress encapsulated multicast packet to a particular NIC queue from the multiple NIC queue in paragraphs 0018, 0022, 0026 and 0035 disclose the CFA may also support forwarding unicast frames based on one or more identifiers (e.g., Tunnel ID, DMAC, VLAN ID, or other identifier).  In some cases, a tunnel ID may include an identifier determined using fields in an encapsulation header and send the multicast /unicast frames to a network port. Examiner cited Malloy reference to teach the mechanism of host comprising multiple NIC’s. 
Thus Shah discloses the argued limitations of claim 1. Similar arguments are applied to claims 8 and 15. Thus rejection of claims 1-21 is maintained. 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Holla et al. (US 2019/0132286 A1), Fig. 1 discloses Host includes NIC circuitry 150 and 151, first physical network interface and second physical network interface. The load balancers works in conjunction with these physical interfaces to filter and classify packets as they are received from the physical network. Load balancer operation 200 may be used to configure physical network interfaces 150-151, such that packets received at the interface are placed in processing queues based on attributes within the packets, wherein the queues are each accessed by a thread executing on one core of a central processing unit (CPU) (not shown) of host 100, thus distributing the load of processing the queues across multiple CPU cores.  As a result of this configuration, load balancer operation 200 is responsible for configuring the physical network interface, but does not sit in the data path for the communicating packets ). 


Any inquiry concerning this communication or earlier communications from the examiner should be directed to ROMANI OHRI whose telephone number is (571)272-5420.  The examiner can normally be reached on 8:00am-5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/ROMANI OHRI/Primary Examiner, Art Unit 2413