DETAILED ACTION
It is hereby acknowledged that the following papers have been received and placed of record in the file: Amendment date 03/04/2021.
Claims 1-17 are presented for examination. 
The rejections are respectfully maintained and reproduced infra for applicant's convenience.
Response to Arguments
Applicant's arguments filed 03/04/2021 have been fully considered but they are not persuasive. 
Applicant argues the following limitation(s):
Applicant argues, stated in the remark on page 3,  “Ram does not qualify as prior art under 35 U.S.C. § 102(a)(2) according to the exception described in 35 U.S.C. § 102(b)(2)(C)” based on “NICIRA, INC. has been owned by VMWARE, INC., the assignee of the present application, since August 24, 2012, which is prior to the filing date of Ram. Therefore, Ram is owned by VMWARE, INC., at least as of April 26, 2018”. With respect to the common ownership of described in 35 U.S.C. § 102(b)(2)(C), examiner suggests applicant to submit the statement on a separate paper to ensure examiner notices the statement. 
As discloses in MPEP 717.02(a) discloses
“The statement concerning common ownership should be clear and conspicuous (e.g., on a separate paper) to ensure the examiner notices the statement.”
Applicant argues, stated in the remark on page 4, “As discussed above, independent claim 1 is patentable over Ram since Ram does not qualify as prior art. In 
Examiner’s Note

The Examiner further reviewed the claims and the Applicant’s Specification in order to determine ways to place this case in better condition for allowance. The Examiner would like to bring two things to the Applicant's attention. First, reconsider the allowable subject matter of claims 5 and 8-17. Second, in advance of prosecution, examiner further search and found a reference that very similar to the current invention: 
Li et al. (US 20188/0302243 A1) which discloses a data packet processing method includes cloud management platform sends virtual private cloud (VPC) network information of a computing instance running on a host to a network processing device, a virtual switch receives a data packet from the computing instance using a virtual port of the computing instance, and the data packet carries a network address of the computing instance and a virtual local area network (VLAN) identifier of the virtual port sending the data packet, the virtual switch sends the data packet according to the VLAN identifier, and routes the data packet to the network processing device, the network processing device determines the VPC network information of the computing instance according to the network address of the computing instance, and performs network .

Allowable Subject Matter
Claim 5 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Claims 8-17 are allowed.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of pre-AIA  35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claim(s) 1-2 and 6 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Ram et al. (US 2019/0068689 A1).
Regarding claim 1, Ram teaches a host machine (provider host 205 see Ram: Fig.3) comprising: 
a physical network interface card (PNIC) (Physical NIC 245 see Ram: Fig.3);
a memory; at least one processor (electronic system 900 include system memory 920 and processing unit 910 see Ram: Fig.9) configured to implement a virtual switch (MFE kernel driver 395 as software switch see Ram: Fig.3; ¶[0005]), wherein: 
0089]); 
the virtual switch includes a first port coupled to a network manager configured to manage a logical overlay network (MFE kernel driver includes port 335 connect to a network manager application 255 to manage overlay network to enforce security polices for tenant applications 250  see Ram: Fig.3; ¶[0061]; ¶[0055]; Fig.4); 
the virtual switch includes a second port coupled to a virtual computing instance (VCI) configured as coupled to the logical overlay network (MFE kernel driver 395 include port 330 to tenant applications (corresponding to VCI) to configured tenant applications 250 see Ram: Fig.3; ¶[0055]); 
the virtual switch is configured to forward a first plurality of packets to a first tunneling endpoint configured to encapsulate and decapsulate the first plurality of packets for the VCI as part of communication over the logical overlay network (MFE kernel driver 395 configured to forward packet traffic for encapsulation and decapsulation on the packet from and to port 330 for tenant applications 250 “Based on the tunneling protocols chosen by the user, one or more tunnel ports 340 (referred to herein as overlay ports) are created on the integration bridge that are responsible for encapsulation and decapsulation of tunnel headers on packets from and to port 330 respectively” see Ram: Fig.3; ¶[0055]); 
the virtual switch is configured to communicate traffic of the network manager and the VCI over the uplink port (MFE kernel driver 395 configured to network manager channel 385 and Tenant applications 250 via port 330 see Ram: Fig.3; ¶0055-0056]
Regarding claim 2, Ram taught the host machine of claim 1 as described hereinabove. Ram further teaches wherein the network manager is configured to use a first addressing corresponding to a physical network to which the PNIC is coupled (network manager application use port 335 to communicate with physical NIC 245 that use network manager channel 385 see  Ram: Fig.3; ¶[0058]; ¶[0060]), and wherein the VCI is configured to use a second addressing corresponding to the logical overlay network (tenant application 250 use port 330 via virtual adapter to access overlay network see Ram: Fig.3; ¶[0053]).  
Regarding claim 6, Ram taught the host machine of claim 1 as described hereinabove. Ram further teaches wherein the virtual switch is associated with two transport zones, including an overlay transport zone configured for overlay traffic associated with the logical overlay network as well as a virtual local area network (VLAN) transport zone configured for traffic associated with the network manager (MFE kernel driver 395 associated with two zones (first zone: Overlay network via port 330 to tenant application and second zone: underlay network to network manager application via port 335 see Ram: ¶[0039]; Fig.3).

Claims 3-4 are rejected under 35 U.S.C. 103 as being unpatentable over Ram et al. (US 2019/0068689 A1) in view of Wang et al. (US 2019/0036894 A1).
Regarding claim 3, Ram taught the host machine of claim 1 as described hereinabove. Ram does not explicitly teaches wherein the virtual switch is configured to forward a second plurality of packets received from a gateway device, and wherein the gateway device comprises a second tunneling endpoint.  
0025]) in order for processing encapsulated encrypted data packets at a VNIC on a host machine (see Wang: ¶[0012]).
	It would have been obvious to one of ordinary skill in the art at the time of invention to create the invention of Ram to include (or to use, etc.) the wherein the virtual switch is configured to forward a second plurality of packets received from a gateway device, and wherein the gateway device comprises a second tunneling endpoint as taught by Wang in order for processing encapsulated encrypted data packets at a VNIC on a host machine (see Wang: ¶[0012]).
Regarding claim 4, the modified Ram taught the host machine of claim 3 as described hereinabove. Wang further teaches wherein the second tunneling endpoint and the first tunneling endpoint are configured to verify network connectivity among the first tunneling endpoint and the second tunneling endpoint (tunnel end points 115 and 125 to secure communication between one another “TEPs 115 and 125 may implement IPsec protocols, including ESP tunnel mode, to secure communication between one another” see Wang: ¶0019-0020]) in order for processing encapsulated encrypted data packets at a VNIC on a host machine (see Wang: ¶[0012]).

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Ram et al. (US 2019/0068689 A1) in view of Chandrashekhar et al. (US 2019/0036868 A1).
Regarding claim 7, Ram taught the host machine of claim 1 as described hereinabove. Ram does not explicitly teaches wherein the uplink port of the virtual switch is connected to a second PNIC for redundancy.
However, Chandrashekhar teaches the uplink port of the virtual switch is connected to a second PNIC for redundancy (multiple Network interfaces 118,119 and 160 see Chandrashekhar: Fig.1) in order to route traffic for virtual machines and other virtual network entities use L3 routing without relay on the VTEP endpoint (see Chandrashekhar: ¶0006]).
	It would have been obvious to one of ordinary skill in the art at the time of invention to create the invention of Ram to include (or to use, etc.) the uplink port of the virtual switch is connected to a second PNIC for redundancy as taught by Chandrashekhar in order to route traffic for virtual machines and other virtual network entities use L3 routing without relay on the VTEP endpoint (see Chandrashekhar: ¶0006]).
Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GUANG W LI whose telephone number is (571)270-1897.  The examiner can normally be reached on Monday - Thursday 7AM-5PMET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Edan Orgad can be reached on (571) 272-7884.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


GUANG W. LI

Art Unit 2478


June 2, 2021
/GUANG W LI/Primary Examiner, Art Unit 2478