DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant’s arguments with respect to claim(s) 1-20 have been considered but are moot because the new ground of rejection does not rely on all the reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is 

Claim 1-4, 7-12, and 15-19 are rejected under 35 U.S.C. 103 as being unpatentable over Kempf et al (US 20130125124) in view of Mittal et al (US 20200177654).

As to claim 1 Kempf discloses a method comprising identifying a connection of a virtual machine to a port of a virtual switch on a host(Kempf ¶0017- 2nd sentence- CNM is coupled to a first virtualized server for hosting one or more virtual machines ("VM"), wherein the first virtualized server comprises a first virtual switch; Kempf Fig.2, ¶0067- 2nd – 4th sentences- virtual switch 217A provides virtual network ports to the VMs); identifying a tenant of a plurality of tenants associated with the virtual machine(Kempf ¶0115- last sentence- the VM's that belong to different tenants can have same network (IP/MAC) addresses); 
Kempf however is silent in determining that a tunnel endpoint is not allocated to the tenant on the host; and when in response to determining that a tunnel endpoint is not allocated to the tenant: initiating a tunnel endpoint on the host for the tenant; and directing traffic for the virtual machine to the initiated tunnel endpoint. However in an analogous art Mittal remedies this deficiency: (Mittal s300, s302 and s304 of Fig.3A, ¶0063- redirect criteria,….a specific network interface on a network element must be redirected to a service device ..(iii) a specific host or virtual machine. ¶0064 and ¶0065). 
Therefore it would have been obvious to one of ordinary skills in the art before the effective filing date of the invention to modify the teachings of Kempf with that of Mittal for the purpose of steering or redirecting network traffic towards a service device (Mittal ¶0063- 1st sentence) 
As to claim 2 the combined teachings of Kemp and Mittal disclose the method of claim 1 further  comprising: identifying a second connection of a second virtual machine to a second port of the virtual switch on the host (Kempf Fig.2, ¶0067- 2nd – 4th sentences- virtual switch 217A provides virtual network ports to the VMs ); identifying a second tenant of the plurality of tenants associated with the second virtual machine (Kempf ¶0023- 3rd sentence- plurality of databases to generate tenant specific labels that are added to packets sent between tenant (VMs) ) determining that a second tunnel endpoint is allocated to the second tenant on the host; and in response to determining that a second tunnel endpoint is allocated to the tenant, directing traffic for the second virtual machine to the second tunnel endpoint(Mittal s300, s302 and s304 of Fig.3A, ¶0063- redirect criteria, ¶0064 and ¶0065). 

As to claim 3 the combined teachings of Kemp and Mittal disclose the method of claim 1, wherein the tunnel endpoint is associated with a tenant identifier (Kempf ¶0021- 4th sentence- tenant identifier. .¶0073- 1st sentence).

As to claim 4 the combined teachings of Kemp and Mittal discloses the method of claim 1, wherein the tunnel endpoint is associated with a tenant identifier, and wherein the tenant identifier comprises at least a source encapsulation internet protocol (IP) address and a virtual local area network (VLAN) tag (Kemp ¶0015- ¶0016, ¶0021-2nd sentence; Mittal ¶0056- 2nd sentence-206A-206N) may include an original VL2 broadcast domain tag (e.g., a VLAN tag))

As to claim 7 the combined teachings of Kemp and Mittal disclose  The method of claim 1 further comprising: identifying a second connection of a second virtual machine to a second port of the virtual switch on the host (Kempf Fig.2, ¶0067- 2nd – 4th sentences- virtual switch 217A provides virtual network ports to the VMs); identifying a second tenant of the plurality of tenants associated with the second virtual machine determining whether a second tunnel endpoint is allocated to the second tenant on the host (Kempf ¶0023- 3rd sentence- plurality of databases to generate tenant specific labels that are added to packets sent between tenant (VMs); and in response to determining that a second tunnel endpoint is not allocated to the tenant; initiating a second tunnel endpoint on the host to the second tenant; and directing traffic for the second virtual machine to the second initiated tunnel  endpoint (Mittal s300, s302 and s304 of Fig.3A, ¶0063- redirect criteria, ¶0064 and ¶0065).

As to claim 8 the combined teachings of Kemp and Mittal disclose the method of claim 1, wherein the second packet comprises a Virtual Extensible Local Area Network (VXLAN) packet (Mittal ¶0033- 3rd sentence).

As to claim 9 Kempf disclose a computing apparatus comprising: one or more non-transitory computer readable storage media (Kempf ¶0059- 2nd sentence- non-transitory tangible machine readable medium) a processing system operatively coupled to the one or more non-transitory computer readable storage media (Kempf ¶059- 3rd sentence- one or more processors); and program instructions stored on the one or more non-transitory computer readable storage media that, when executed by the processing system, direct the processing system to: identify a connection of a virtual machine to a port of a virtual switch on a host (Kempf ¶0017- 2nd sentence- CNM is coupled to a first virtualized server for hosting one or more virtual machines ("VM"), wherein the first virtualized server comprises a first virtual switch; Fig.2, ¶0067- 2nd – 4th sentences- virtual switch 217A provides virtual network ports to the VMs) ; identify a tenant associated with the virtual machine (Kempf ¶0115- last sentence- the VM's that belong to different tenants can have same network (IP/MAC) addresses); 
Mittal s300, s302 and s304 of Fig.3A, ¶0063- redirect criteria, ¶0064 and ¶0065). 
Therefore it would have been obvious to one of ordinary skills in the art before the effective filing date of the invention to modify the teachings of Kempf with that of Mittal for the purpose of steering or redirecting network traffic towards a service device (Mittal ¶0063- 1st sentence)

As to claim 10 the combined teachings of Kempf and Nakagawa disclose the computing apparatus of claim 9, wherein the program instructions further direct the processing system to, identify a second connection of a second virtual machine to a second port of the virtual switch on the host (Kempf Fig.2, ¶0067- 2nd – 4th sentences- virtual switch 217A provides virtual network ports to the VMs); identify a second tenant of the plurality of tenants associated with the second virtual machine (Kempf ¶0023- 3rd sentence- plurality of databases to generate tenant specific labels that are added to packets sent between tenant (VMs) ) determining that a second tunnel endpoint is allocated to the second tenant on the host; and in response to determining that a second tunnel endpoint is allocated to the tenant, directing traffic for the second virtual machine to the second tunnel endpoint(Mittal s300, s302 and s304 of Fig.3A, ¶0063- redirect criteria, ¶0064 and ¶0065). 
 
As to claim 11 the combined teachings of Kempf and Mittal discloses the computing apparatus of claim 9 wherein the tunnel endpoint is associated with a tenant identifier (Kempf ¶0021- 4th sentence- tenant identifier.¶0073- 1st sentence).

As to claim 12 the combined teachings of Kempf and Mittal disclose the computing apparatus of claim 9, wherein the tunnel endpoint is associated with a tenant identifier, and wherein the tenant identifier comprises at least a source encapsulation internet protocol (IP) address and a virtual local area network (VLAN) tag (Kemp ¶0015- ¶0016, ¶0021-2nd sentence; Mittal ¶0056- 2nd sentence-206A-206N) may include an original VL2 broadcast domain tag (e.g., a VLAN tag)).

As to claim 15 the combined teachings of Kempf and Mittal disclose the computing apparatus of claim 9, wherein the program instructions further direct the processing system to: identify a second connection of a second virtual machine to a second port of the virtual switch on the host ((Kempf Fig.2, ¶0067- 2nd – 4th sentences- virtual switch 217A provides virtual network ports to the VMs)); identify a second tenant of the plurality of tenants associated with the second virtual machine (Kempf ¶0023- 3rd sentence- plurality of databases to generate tenant specific labels that are added to packets sent between tenant (VMs); determine whether a second tunnel endpoint is allocated to the second tenant on the host; and when a second tunnel endpoint is not allocated to the tenant: allocate a second tunnel endpoint on the host to the second tenant; and map the second virtual machine to the second tunnel endpoint (Mittal s300, s302 and s304 of Fig.3A, ¶0063- redirect criteria, ¶0064 and ¶0065).

As to claim 16 the combined teachings of Kempf and Nakagawa disclose the computing apparatus of claim 9, wherein the second packet comprises a Virtual Extensible Local Area Network (VXLAN) packet or a Generic Network Virtualization Encapsulation (GENEVE) packet (Mittal ¶0033- 3rd sentence).

As to claim 17 the combined teachings of Kempf and Nakagawa disclose the computing apparatus of claim 9, wherein the tunnel endpoint is associated with a tenant identifier Kempf ¶0021- 4th sentence- tenant identifier.¶0073- 1st sentence), and wherein the program instructions further direct the processing system to notify a control system of the tenant identifier associated with the tenant (Kempf -¶0028- 4th sentence-  CNM receives a message including a tenant identifier (ID), a tenant MAC, and a server MAC)

As to claim 18 Kempf discloses an apparatus comprising: one or more non-transitory computer readable storage media (Kempf ¶0059- 2nd sentence- non-transitory tangible machine readable medium);
a processing system operatively coupled to the one or more non-transitory computer readable storage media (Kempf ¶059- 3rd sentence- one or more processors); and program instructions stored on the one or more non-transitory computer readable storage media that, when executed by the processing system, direct the processing system to: identify a connection of a virtual machine to a port of a virtual switch on a host (Kempf ¶0017- 2nd sentence- CNM is coupled to a first virtualized server for hosting one or more virtual machines ("VM"), wherein the first virtualized server comprises a first virtual switch; Fig.2, ¶0067- 2nd – 4th sentences- virtual switch 217A provides virtual network ports to the VMs); identify a tenant associated with the virtual machine (Kempf ¶0115- last sentence- the VM's that belong to different tenants can have same network (IP/MAC) addresses); 
Kempf however is silent in determining that a tunnel endpoint is not allocated to the tenant on the host; and when in response to determining that a tunnel endpoint is not allocated to the tenant: initiating a tunnel endpoint on the host for the tenant; and directing traffic for the virtual machine to the initiated tunnel endpoint; and when a tunnel endpoint is allocated to the tenant, directing traffic for the virtual machine to the initiated tunnel endpoint. However in an analogous art Mittal remedies this deficiency: (Mittal s300, s302 and s304 of Fig.3A, ¶0063- redirect criteria, ¶0064 and ¶0065). Therefore it would have been obvious to one of ordinary skills in the art before the effective filing date of the invention to modify the teachings of Kempf with that of Mittal  or redirecting network traffic towards a service device (Mittal ¶0063- 1st sentence)

As to claim 19 the combined teachings of Kempf and Mittal disclose the apparatus of claim 18, wherein the tunnel endpoint is associated with a tenant identifier, and wherein the tenant identifier comprises at least a source encapsulation internet protocol (IP) address and a virtual local area network (VLAN) tag (Kemp ¶0009- tenant VPNs are implemented using IP encapsulation; ¶0063- 4th sentence- a specific source IP/MAC address specific VL2 broadcast domain (e.g., a specific virtual local area network (VLAN)) and IP/MAC address pair (e.g., a service policy may require that any 
network traffic including a specific VL2 broadcast domain broadcast domain (e.g., a specific VLAN tag)).

Claims 5, 6, 13, 14, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Kempf in view of Mittal and further in view of NAKAGAWA (US 20140208317).

As to claim 5 the combined teachings of Kemp and Mittal disclose the method of claim 1, wherein the tunnel endpoint is associated with a tenant identifier (Kempf ¶0021- 4th sentence- tenant identifier.), however silent wherein the method further comprises: after directing traffic for the virtual machine to the tunnel endpoint, obtaining a packet from the virtual machine; generating a second packet that encapsulates the first packet-, wherein the second packet comprises the tenant identifier. However in an analogous art Nakagawa remedies this deficiency: (Nakagawa ¶0066- 1st sentence- receives a packet; ¶0066- 1st sentence-encapsulates the received packet- second packet being an encapsulated packet). Therefore it would have been obvious to one of ordinary skills in the art before the effective filing date of the invention to modify the teachings of Kempf and Mittal with that of Nakagawa for (Nakagawa ¶0177- last sentence).

As to claim 6 the combined teachings of Kemp, Mittal and Nakagawa disclose The method of claim 5 further comprising: determining a quality of service associated with the second packet- encapsulated packet; and assigning the second packet to an egress queue based on the quality of service (Nakagawa ¶0014- last sentence- the VTEP 65 transmits the encapsulated packet to the server 67 via the layer 3 network 66- VXLAN technique for packet communication via layer 3; Nakagawa ¶0015- last sentence- and setting each of the terminating devices such that a packet is encapsulated in accordance with the created conversion information- conversion information being quality of service.).

As to claim 13 the combined teachings of Kempf and Nakagawa discloses the computing apparatus of claim 9, wherein the tunnel endpoint is associated with a tenant identifier (Kempf ¶0021- 4th sentence- tenant identifier. ¶0073- 1st sentence), however silent wherein the method further comprises: after directing traffic for the virtual machine to the tunnel endpoint, obtaining a packet from the virtual machine; generating a second packet that encapsulates the first packet-, wherein the second packet comprises the tenant identifier. However in an analogous art Nakagawa remedies this deficiency: (Nakagawa ¶0066- 1st sentence- receives a packet; ¶0066- 1st sentence-encapsulates the received packet- second packet being an encapsulated packet). Therefore it would have been obvious to one of ordinary skills in the art before the effective filing date of the invention to modify the teachings of Kempf and Mittal with that of Nakagawa for the purpose of managing allocation of VTEPs according to tenants on a host (Nakagawa ¶0177- last sentence).


As to claim 14 the combined teachings of Kempf, Mittal and Nakagawa disclose the computing apparatus of claim 13, wherein the program instructions further direct the processing system to: determine a quality of service associated with the second packet; and assign the second packet to an egress queue based on the quality of service (Nakagawa ¶0014- last sentence- the VTEP 65 transmits the encapsulated packet to the server 67 via the layer 3 network 66- VXLAN technique for packet communication via layer 3; Nakagawa ¶0015- last sentence- and setting each of the terminating devices such that a packet is encapsulated in accordance with the created conversion information- conversion information being quality of service.).

As to claim 20 the combined teachings of Kempf and Mittal disclose the apparatus of claim 18, wherein the tunnel endpoint is associated with a tenant identifier (Kempf ¶0021- 4th sentence- tenant identifier. ¶0073- 1st sentence), Kempf and Mittal however are silent wherein the program instructions further direct the processing system to: after directing traffic for the virtual machine to the tunnel endpoint, obtain a packet from the virtual machine generate a second packet that encapsulates the first packet, wherein the second packet comprises the tenant identifier. However in an analogous art Nakagawa remedies this deficiency: (Nakagawa ¶0066- 1st sentence- receives a packet; ¶0066- 1st sentence-encapsulates the received packet- second packet being an encapsulated packet). Therefore it would have been obvious to one of ordinary skills in the art before the effective filing date of the invention to modify the teachings of Kempf and Mittal with that of Nakagawa for the purpose of managing allocation of VTEPs according to tenants on a host (Nakagawa ¶0177- last sentence).


Conclusion
THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to DERRICK V ROSE whose telephone number is (571)270-7460.  The examiner can normally be reached on 8:30am- 6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, YEMANE MESFIN can be reached on 571-272-3927.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, 






/DERRICK V ROSE/Examiner, Art Unit 2462                                                                                                                                                                                                        
/KEVIN C. HARPER/Primary Examiner, Art Unit 2462