DETAILED ACTION
1	The present application is being examined under the pre-AIA  first to invent provisions. 
 This office action is in reply to applicant communication filed on August 05, 2021. Claims 1-20 are currently pending. Claims 1, 6, 11 and 16 are independent form is presented for examination.

Response to Argument
2	Applicant’s arguments filed on August 05, 2021 have been fully considered but they are not persuasive for the following reasons:
 	Applicant’s Argument:
Applicant argued that: 
I.	Since Nakil’s virtual network controller 22 does not manage or control Nakil’s Subnet 1 and Subnet 2, Nakil’s Subnet 1 and Subnet 2 do not map to the first service zone and the second service zone of claims 1 and 11.
II.	Since Nakil’s virtual machines belong to different virtual subnets (VN0 and VN1), Nakil’s virtual subnets VN0 and VNI1 also do not map to the first service zone and the second service zone of claims 1 and 11.
III.	While Kanter has a zone management means 17 (e.g., a service zone manager), the zone management means 17 only receives a destination alias address of a receiving end user 11’; the zone management means 17 does not receive a routing table of a tenant.
IV.	While Flammer has a routing table update (e.g., a routing table), the routing table update is sent from a gateway to nodes in a network; the routing table update is not sent from a service zone manager to a server.

Examiner’s Response:
In response to applicant’s arguments:
I.	Nakil discloses a virtual network controller 22(“VNC”) provides a logical and in some cases physical controlling for facilitating operation of one or more virtual networks within data center 10 in accordance with one or more embodiments of this disclosure. Nakil’s subnets which contains their own ([0091]-[0094], [0081] and Fig. 1, & 2A-2B).
II.	Nakil’s subnets (e.g. SUBNET 1-3, Fig. 2A-2B) which contains their own servers and virtual machines are mapped to the claimed service zones. As in the claimed service zone, for example, in fig. 2A a virtualized platform subnet 1 contains a server 12 and VMs 36-0-VM 36-2 ([0091]-[0094], [0081] and Fig. 1, & 2A-2B).
III. 	Kanter discloses that zone management means 17 receives a routing information (routing table) from gatekeeper (of the tenant) of the first zone (Page 3, lines 6-12 & Page 4, lines 1-20).
IV.	First, the claimed invention requires a gateway transversal only when a packet is transmitted/transferred between virtual machine in different zones. Further, Flamer discloses the usage of multiple routing other than gateway. The gateway routinely sends the routing table updates to each registered node in the network in a unicast message… ([0112]-[0114] & [0069], Fig. 1). Therefore, applicant’s argument cannot overcome the prior arts on the record.

Claim Rejections - 35 USC § 103
3	The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained through the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains.  Patentability shall not be negatived by the manner in which the invention was made.

4	Claims 1-20 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Nakil et al. (Nakil, hereinafter) (U.S. Patent Application Publication No. 2018/0173557 A1) in view of Kanter et al. (Kanter, hereinafter) (WO1998059467 A2) further in view of Flammer, III et al. (Flammer, hereinafter) (U.S. Patent Application Publication No. 2009/0034418 A1).
Regarding claim 1, Nakil teaches a method for cross-service-zone communication performed by a service zone manager ([0024]; a cross-subnets communication performed by virtual network controller 22, Fig. 2 & 3) in a system, wherein the system comprises the service zone manager (virtual network controller 22), a gateway ([0053]; gateway), a first service zone (subnet 1, Fig. 2A), and a second service zone (subnet 2, Figs. 2A), wherein the service zone manager manages the first service zone and the second service zone ([0055]; Virtual network controller 22 (“VNC”) provides a logically and in some cases physically centralized controller for facilitating operation of one or more virtual networks within data center 1), wherein each of the first service zone and the second service zone comprises a plurality of servers ([0055]-[0058] & [0092]; subnets 1-3 contains plurality of servers 12A-12x, Fig. 2A), wherein each server comprises at least one virtual machine ([0055]-[0058] & [0092]; each server 12 contains virtual machines 36 in it, Fig. 2A), wherein virtual machines on a same server belong to a same service zone ([0092]-[0093]; vm0-vm2 belong to the same subnet 12, Fig. 2A), and wherein the method comprises:
wherein the first service zone comprises a first server that comprises a first virtual machine ([0055]-[0058] & [0092]-[0093]; a first subnet1 comprises a first server 12A that comprises a first virtual machine such as VM 1, Fig. 2A);
wherein the server to receive the routing information comprises at least one of the first server or a second server ([0100]-[0101] & [0134]-[0136]; virtual network controller 22 may output commands to virtual network agents 35 (of server 1 or server 2) to update one or more NFTs 32 to direct virtual switches 30 to change the tunneling encapsulation so as to re-route communications within the overlay network, for example to avoid a failed link), wherein the second server is in the second service zone ([0025]; second server 12B is in the second subnet2).
Nakil further discloses Virtual network controller 22 may, for example, maintain a routing information base, e.g., one or more routing tables that store routing information for the physical network as well as one or more overlay networks of data center 10. Similarly, switches 16, 18 and virtual switches 30 maintain routing information, such as one or more routing and/or forwarding tables.
But Nakil does not explicitly disclose receiving, by the service zone manager, a routing table of a tenant from the gateway for a first service zone; determining, by the service zone manager, a server to receive the routing table; wherein the first virtual machine and the second virtual machine both belong to the tenant; determining, by the service zone manager, a registration state of the server to receive the routing table; and sending, by the service zone manager, the routing table to the server to receive the routing table when the server to receive the routing table is a registered server such that the server to receive the routing table forwards packets between the first virtual machine and the second virtual machine without traversing the gateway.
Kanter, in analogous distributed network routing system, discloses receiving, by the service zone manager (zone management means 17), a routing table of a tenant (routing information of the tenant endpoint 11, For example) from the gateway (gatekeeper 15) for a first service zone (Page 7, lines 6-12 & Page 4, lines 1-20; zone management means 17 receives a routing information from gatekeeper of the first zone); 
(Page 4, lines 16-24; the zone management means determines the destination server in zone 2 and respond to the requester with that information); 
wherein the first virtual machine and the second virtual machine both belong to the tenant (Page 4, lines 1-20 & Page 7, lines 6-12; end points are users/clients of the service zone); and 
determining, by the service zone manager, a registration state of the servers ([Abstract] & Page 3, last paragraph; the gatekeepers (servers for end users) are registered with zone management means to facilitate the communication between terminals in different zones, Fig. 4).
It would have been obvious to one ordinary skill in the art at the time the invention was made to combine the teaching of Nakil, and Kanter because Kanter’s teaching would allow Nakil’s system to be more secured by using registered servers.
But Nakil in view of Kanter doesn’t explicitly disclose sending, by the service zone manager, the routing table to the server to receive the routing table when the server to receive the routing table is a registered server such that the server to receive the routing table forwards packets between the first virtual machine and the second virtual machine without traversing the gateway.
However, Flammer in analogous art, discloses sending, by the service zone manager, the routing table to the server to receive the routing table when the server to receive the routing table is a registered server such that the server to receive the routing table forwards packets between the first virtual machine and the second virtual machine without traversing the gateway ([0112]-[0114]; The gateway routinely sends the routing table updates to each registered node in the network in a unicast message…multiple routing can be used other than gateway based [0069], Fig. 1).
Flammer further discloses receiving a routing table of a tenant from a gateway for a first service zone ([0113]-[0114]; each nodes (tenants) in the network group receives a routing table from the gateway); and registering nodes to a gateway device with registration state (status) of nodes ([0084]-[0090]). 
It would have been obvious to one ordinary skill in the art at the time the invention was made to combine the teaching of Nakil, and Flammer because Flammer’s teaching would allow Nakil’s system to be perform an optimized route identification to intended destinations.

Regarding claim 2, Nakil further teaches the method of claim 1, wherein before receiving, by the service zone manager, the routing table of the tenant, the method further comprises:
receiving, by the service zone manager, configuration information for the first virtual machine from a cloud management function ([0050] & [0096]-[0097]; Virtual network controller 22 may, for example, maintain a routing information base, e.g., one or more routing tables that store routing information for the physical network as well as one or more overlay networks of data center 10. Similarly, switches 16, 18 and virtual switches 30 maintain routing information, such as one or more routing and/or forwarding tables); and
sending, by the service zone manager, a request message to the gateway according to the configuration information, wherein the request message is used for ([0100]-[0101] & [0134]-[0136]; virtual network controller 22 may output commands to virtual network agents 35 (of server 1 or server 2) to update one or more NFTs 32 to direct virtual switches 30 to change the tunneling encapsulation so as to re-route communications within the overlay network, for example to avoid a failed link).

Regarding claim 3, Nakil and Kanter and Flammer teaches the method according to claim 1, but Nakil does not explicitly disclose a method of claim 1 further comprising: receiving, by the service zone manager, a registration message from the server to receive the routing table; registering, by the service zone manager, the server to receive the routing table according to the registration message; recording, by the service zone manager, registration information of the server to receive the routing table, wherein the registration state of the server to receive the routing table comprises determining the registration state of the server to receive the routing table according to the registration information of the server to receive the routing table.
However, Kanter teaches receiving, by the service zone manager, a registration message sent by the server (Page 3, last paragraph; zone management means receives a registration request from gatekeeper, Fig. 4A); 
registering, by the service zone manager, the server according to the registration message (Page 3, last paragraph; zone management means registers the requested gatekeeper, Fig. 4A); and
recording, by the service zone manager, registration information of the server (Page 3, last paragraph; zone management means registers the requested gatekeeper, Fig. 4A), the registration state of the server to receive the routing table being determined by determining the registration state of the server according to the registration information of the server (Page 3, last paragraph; the registration status of the gatekeeper is confirmed and the zone in which it is registered is identified, Fig. 4A).
It would have been obvious to one ordinary skill in the art at the time the invention was made to combine the teaching of Nakil, and Kanter because Kanter’s teaching would allow Nakil’s system to be more secured by using registered servers.

Regarding claim 4, Nakil and Kanter and Flammer teaches the method of claim 3, but Nakil does not explicitly disclose a method of claim 3 further comprising: receiving, by the service zone manager, a deregistration message from the server to receive the routing table; and deleting the registration information of the server to receive the routing table according to the deregistration message.
However, Kanter teaches receiving, by the service zone manager, a deregistration message sent by the server (page 4, para 1; receiving unregistration request from gatekeeper, Fig. 4B); and
deleting, by the service zone manager, the registration information of the server according to the deregistration message (page 4, para 1; deleting the gatekeeper from the zone management means according to the gatekeeper request, Fig. 4b). 
It would have been obvious to one ordinary skill in the art at the time the invention was made to combine the teaching of Nakil, and Kanter because Kanter’s teaching would allow Nakil’s system to be more secured by using registered servers.


However, Flammer in analogous art, discloses receiving, by the service zone manager, an updated routing table of the tenant from the gateway ([0113]-[0114]; each nodes (tenants) in the network group receives a routing table from the gateway); and 
sending, by the service zone manager, the updated routing table to the server to receive the routing table.  ([0112]-[0114]; The gateway routinely sends the routing table updates to each registered node in the network in a unicast message).
Flammer further discloses registering nodes to a gateway device and also registration state (status) of nodes ([0084]-[0090]). 
It would have been obvious to one ordinary skill in the art at the time the invention was made to combine the teaching of Nakil, and Flammer because Flammer’s teaching would allow Nakil’s system to be perform an optimized route identification to intended destinations.

Regarding claim 6, Nakil further teaches a method for cross-service-zone communication performed by a first server in a first service zone of a system ([0024]; a cross-subnets communication performed by server 12A in subnet1, Fig. 2 & 3), wherein the system comprises the service zone manager (virtual network controller 22), a gateway ([0053]; gateway), a first service zone (subnet 1, Fig. 2A), and a second service zone (subnet 2, Figs. 2A), wherein the service zone manager manages the first ([0055]; Virtual network controller 22 (“VNC”) provides a logically and in some cases physically centralized controller for facilitating operation of one or more virtual networks within data center 1), wherein each of the first service zone and the second service zone comprises a plurality of servers ([0055]-[0058] & [0092]; subnets 1-3 contains plurality of servers 12A-12x, Fig. 2A), wherein each server comprises at least one virtual machine ([0055]-[0058] & [0092]; each server 12 contains virtual machines 36 in it, Fig. 2A), wherein virtual machines on a same server belong to a same service zone ([0092]-[0093]; vm0-vm2 belong to the same subnet 12, Fig. 2A), wherein the first server comprises a first virtual machine ([0055]-[0058] & [0092]-[0093]; a first server 12A comprises a first virtual machine such as VM 1, Fig. 2A); and wherein the method comprises:
determining whether a routing information of a tenant exists on the first server when the first virtual machine needs to send a first packet to a second virtual machine ([0094], [0140]-[0141] & [0076]-[0078]; virtual switches 30 of server 1 maintain routing information of the virtual machines, such as one or more routing and/or forwarding tables);
wherein the second virtual machine is on a second server in the second service zone ([0053] & [0096]-[0097]; VM 36 is in on the second server 12B in the subnet2, Fig. 2A), and wherein the first virtual machine and the second virtual machine both belong to the tenant ([0053]; virtual machines are tenants of the hosting devices, Fig. 2-3);
sending a second packet of the first virtual machine to the second virtual machine according to the routing table ([0140]-[0141] & [0076]-[0078]; virtual switches 30 of server 1 maintain routing information of the virtual machines, such as one or more routing and/or forwarding tables for routing packets among virtual machines in the data center 10, Fig. 2 & 3).
Nakil further discloses tunneling the packets (i.e. tunneling includes routing packets without using gateway) ([0095]-[0096]).
But Nakil doesn’t explicitly disclose sending the first packet to a gateway associated with the first server when the routing table of the tenant does not exist on the first server; receiving the routing table of the tenant from the service zone manager.
However, Flammer further discloses sending the first packet to a gateway associated with the first server when the routing table of the tenant does not exist on the first server ([0113]-[0114]; each nodes (tenants) in the network group receives a routing table from the gateway); and 
receiving the routing table of the tenant from the service zone manager ([0112]-[0114]; the gateway routinely sends the routing table updates to each registered node in the network in a unicast message).
Flammer further discloses sending a second packet of the first virtual machine to the second virtual machine according to the routing table without traversing the gateway ([0112]-[0114]; The gateway routinely sends the routing table updates to each registered node in the network in a unicast message…multiple routing can be used other than gateway based [0069], Fig. 1).
It would have been obvious to one ordinary skill in the art at the time the invention was made to combine the teaching of Nakil, and Flammer because Flammer’s teaching would allow Nakil’s system to be perform an optimized route identification to intended destinations.

Regarding claim 7, Nakil further teaches the method of claim 6, further comprising:
receiving configuration information for the first virtual machine from a cloud management function ([0471]; configuration information received from a network controller); and
generating the first virtual machine according to the configuration information ([0471]; the virtual machine configured according to the configuration information).

Regarding claim 8, Nakil and Kanter and Flammer teaches the method of claim 6, but Nakil does not explicitly disclose a method of claim 6 further comprising: receiving information of the service zone manager from a cloud management function; and sending a registration message to the service zone manager.
However, Kanter teaches receiving information of the service zone manager from a cloud management function (Page 3, last paragraph; zone management means receives a registration request from gatekeeper, Fig. 4A); and
sending a registration message to the service zone manager (Page 3, last paragraph; zone management means receives a registration request from gatekeeper, Fig. 4A). 
It would have been obvious to one ordinary skill in the art at the time the invention was made to combine the teaching of Nakil, and Kanter because Kanter’s teaching would allow Nakil’s system to be more secured by using registered servers.


However, Kanter teaches receiving a notification message from the cloud management function (page 4, para 1; receiving unregistration request from gatekeeper, Fig. 4B); and
sending a deregistration message to the service zone manager according to the notification message (page 4, para 1; deleting the gatekeeper from the zone management means according to the gatekeeper request, Fig. 4b). Therefore, the limitations of claim 9 are rejected in the analysis of claim 6 above, and the claim is rejected on that basis.
It would have been obvious to one ordinary skill in the art at the time the invention was made to combine the teaching of Nakil, and Kanter because Kanter’s teaching would allow Nakil’s system to be more secured by using registered servers.

Regarding claim 10, Nakil further teaches the method of claim 6, further comprising:
receiving an updated routing information of the tenant from the service zone manager when the routing table of the tenant is updated in the gateway ([0100]-[0101] & [0146]; Once connectivity with the virtual network controller 22 is established, the virtual network controller 22 updates its local routing table to take into account new information about any failed links and directs virtual switches 30 to update their local network forwarding tables 32. For example, virtual network controller 22 may output commands to virtual network agents 35 to update one or more NFTs 32 to direct virtual switches 30 to change the tunneling encapsulation so as to re-route communications within the overlay network, Fig. 4-6); and
sending a third packet of the first virtual machine to the second virtual machine according to the updated routing table ([0100]-[0101] & [0146]; virtual network controller 22 may output commands to virtual network agents 35 to update one or more NFTs 32 to direct virtual switches 30 to change the tunneling encapsulation so as to re-route communications within the overlay network).
Flammer further discloses receiving an updated routing table of the tenants ([0112]-[0114]; the gateway routinely sends the routing table updates to each registered node in the network in a unicast message).
Flammer further discloses registering nodes to a gateway device and also registration state (status) of nodes ([0084]-[0090]). 
It would have been obvious to one ordinary skill in the art at the time the invention was made to combine the teaching of Nakil, and Flammer because Flammer’s teaching would allow Nakil’s system to be perform an optimized route identification to intended destinations.

As for independent claim 11, the limitations of claim 11 are similar to the limitations of claim 1 above. Therefore, the limitations of claim 11 are rejected in the analysis of claim 1 above, and the claim is rejected on that basis.

As for independent claim 16, the limitations of claim 16 are similar to the limitations of claim 6 above. Therefore, the limitations of claim 16 are rejected in the analysis of claim 6 above, and the claim is rejected on that basis.

As for dependent claims 12-15, the limitations of claims 12-15 are similar to the limitations of claims 2-5 above. Therefore, the limitations of claims 12-15 are rejected in the analysis of claims 2-5 respectively, and the claims are rejected on that basis.

As for dependent claims 17-20, the limitations of claims 17-20 are similar to the limitations of claims 7-10 above. Therefore, the limitations of claims 17-20 are rejected in the analysis of claims 7-10 above respectively, and the claims are rejected on that basis.










Conclusion

5	THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joon Hwang can be reached on 5712724036.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).



/M. H. /
Melaku Habtemariam
Examiner, Art Unit 2447
11/2/21

/SURAJ M JOSHI/Primary Examiner, Art Unit 2447