DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

EXAMINER'S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Authorization for this examiner’s amendment was given in an interview with Abu “Sayeem” Reaz on July 15, 2022.

Please see the examiner’s amendment on the following pages.


PROPOSED EXAMINER’S AMENDMENT


This listing of claims will replace all prior versions, and listings, of claims in the application:

Listing of Claims:


1.	(Previously presented) A method for tracing a traffic flow in a network,
comprising:
receiving, by a network orchestrator, credentials associated with
the traffic flow based on a user input;
determining, by the network orchestrator, whether the traffic flow
is received at an ingress overlay network node based on the
credentials;
extracting, by the network orchestrator, route information and
encapsulation information of the traffic flow from the ingress overlay
network node based on the credentials;
identifying, by the network orchestrator, a first set of underlay
network nodes based on the route information, wherein a respective
node of the first set of underlay network nodes is a potential next hop
from the ingress overlay network node for the traffic flow;
determining, by the network orchestrator, whether the traffic flow
is received by one of the first set of underlay network nodes based on
the encapsulation information;
determining, by the network orchestrator, whether the traffic flow
is received at an egress overlay network node from one of the first set
of underlay network nodes based on the credentials;
determining a network trace of the traffic flow based on the
determinations of whether the traffic flow is received at the ingress

overlay network node, one of the first set of underlay network nodes,
and the egress overlay network node; and
detecting, by the network orchestrator, a failure in the network
based on the network trace, wherein the failure includes one of a fault
in a link between network nodes, a fault in the ingress overlay network
node, a fault in the egress overlay network node, and a fault in one of
the first set of underlay network.


2.	(Previously presented) The method of claim 1, wherein
determining whether the traffic flow is received by one of the first set of
underlay network nodes comprises:
comparing encapsulation information of data packets received at
each of the first set of underlay network nodes with the encapsulation
information of the traffic flow; and
in response to determining a match for the encapsulation
information of the traffic flow at one of the set of underlay network
nodes, identifying that the traffic flow is received at the one of the set of
underlay network nodes.


3.	(Previously presented) The method of claim 1, further comprising:
in response to determining that the traffic flow is received at one
of the first set of underlay network nodes, identifying a second set of
underlay network nodes based on a combination of the route
information and data paths originating from the one of the first set of
underlay network nodes; and
determining, by the network orchestrator, whether the traffic flow
is received by one of the second set of underlay network nodes based
on the encapsulation information of the traffic flow.


4.	(Previously presented) The method of claim 1, wherein the
credentials associated with the traffic flow includes one or more of: an
Internet Protocol (IP) address and a Transmission Control Protocol

(TCP)/User Datagram Protocol (UDP) port address of a source server
and an IP address and TCP/UDP port address of a destination server,
and wherein the traffic flow is directed from the source server to the
destination server.


5.	(Previously presented) The method of claim 1, wherein the
ingress overlay network node and the egress overlay network node are
tunnel endpoints of a tunnel carrying the traffic flow.


6.	(Previously presented) The method of claim 1, wherein each of
the first set of underlay network nodes is identified as the potential next
hop based on Equal Cost Multi-Path (ECMP) routing.


7.	(Original) The method of claim 1, wherein the encapsulation
information is generated based on a tunneling protocol.


8.	(Currently amended) The method of claim 1, wherein the
[AltContent: rect]encapsulation information includes one or more of: an Internet Protocol
(IP) address of the ingress overlay network node, an IP address of the
egress overlay network node, User Datagram Protocol (UDP)
encapsulation source port address, and UDP encapsulation destination
port address.
1
9.	(Currently amended) The method of claim 1, wherein the route
[AltContent: rect]information one or more of: includes an Internet Protocol (IP) address
of the egress overlay network node, a virtual network identifier (VNI),
and an IP address and Media Access Control (MAC) address of each of
the first set of underlay network nodes.


10.	(Original) The method of claim 1, wherein the network is one of:
a datacenter network and a campus network.

11.	(Currently amended) A network orchestrator, comprising: a
processing circuitry; and
a non-transitory, computer-readable medium including instructions that,
[AltContent: rect]when executed by the processing circuitry, cause the network 
orchestrator to:
receive credentials associated with a traffic flow based on a user
input;
determine whether the traffic flow is received at an ingress
overlay network node based on the credentials;
extract route information and encapsulation information of the
traffic flow from the ingress overlay network node based on the
credentials;
identify a first set of underlay network nodes based on the route
information, wherein a respective node of the first set of underlay
network nodes is a potential next hop from the ingress overlay network
node for the traffic flow;
determine whether the traffic flow is received by one of the first
set of underlay network nodes based on the encapsulation information;
determine whether the traffic flow is received at an egress
overlay network node from one of the first set of underlay network
nodes based on the credentials;
determine a network trace of the traffic flow based on the
determinations of whether the traffic flow is received at the ingress
overlay network node, one of the first set of underlay network nodes,
and the egress overlay network node; and
detect a failure in the network based on the network trace,
wherein the failure includes one of a fault in a link between network
nodes, a fault in the ingress overlay network node, a fault in the egress
overlay network node, and a fault in one of the first set of underlay
network nodes.

12.	(Previously presented) The network orchestrator of claim 11,
wherein determining whether the traffic flow is received by one of the
first set of underlay network nodes, comprises:
comparing encapsulation information of data packets received at
each of the first set of underlay network nodes with the encapsulation
information of the traffic flow; and
in response to determining a match for the encapsulation information
of the traffic flow at one of the set of underlay network nodes, identifying that
the traffic flow is received at the one of the set of underlay network nodes.


13.	(Previously presented) The network orchestrator of claim 11, further
comprising instructions to:
in response to determining that the traffic flow is received at one
of the set of underlay network nodes, identify a second set of underlay
network nodes based on a combination of the route information and
data paths originating from the one of the first set of underlay network
nodes; and
determine whether the traffic flow is received by one of the
second set of underlay network nodes based on the encapsulation
information.


14.	(Previously presented) The network orchestrator of claim 11,
wherein the encapsulation information is generated based on a
tunneling protocol.


15.	(Previously presented) The network orchestrator of claim 11,
wherein each of the first set of underlay network nodes is identified as
the potential next hop based on Equal Cost Multi-Path (ECMP) routing.


16.	(Currently amended) A non-transitory, computer readable
medium including instructions that, when executed by processing

circuitry, cause a network device to:
[AltContent: rect]receive credentials associated with a traffic flow based on a user input;
determine whether the traffic flow is received at an ingress
overlay network node based on the credentials;
extract route information and encapsulation information of the
traffic flow from the ingress overlay network node based on the
credentials;
identify a first set of underlay network nodes based on the route
information, wherein a respective node of the first set of underlay
network nodes is a potential next hop from the ingress overlay network
node for the traffic flow;
determine whether the traffic flow is received by one of the first
set of underlay network nodes based on the encapsulation information;
determine whether the traffic flow is received at an egress
overlay network node from one of the first set of underlay network
nodes based on the credentials;
determine a network trace of the traffic flow based on the
determinations of whether the traffic flow is received at the ingress
overlay network node, one of the first set of underlay network nodes,
and the egress overlay network node; and
detect a failure in the network based on the network trace,
wherein the failure includes one of a fault in a link between network
nodes, a fault in the ingress overlay network node, a fault in the egress
overlay network node, and a fault in one of the first set of underlay
network nodes.


17.	(Previously presented) The non-transitory computer-readable
medium of claim 16, wherein determining whether the traffic flow is
received by one of the first set of underlay network nodes, comprises:

comparing encapsulation information of data packets received at
each of the first set of underlay network nodes with the encapsulation
information of the traffic flow; and
in response to determining a match for the encapsulation
information of the traffic flow at one of the first set of underlay network
nodes, identifying that the traffic flow is received at the one of the first
set of underlay network nodes.


18.	(Previously presented) The non-transitory computer-readable medium of
claim 16, further comprising instructions that, when executed by processing
circuitry, cause the network device to:
in response to determining that the traffic flow is received at one of the set
of underlay network nodes, identify a second set of underlay network nodes
based on a combination of the route information and data paths originating from
the one of the first set of underlay network nodes; and
determine whether the traffic flow is received by one of the second set of
underlay network nodes based on the encapsulation information.


19.	(Previously presented) The non-transitory computer-readable medium of
claim 16, wherein credentials associated with the traffic flow includes one or more
of: an Internet Protocol (IP) address and a Transmission Control Protocol
(TCP)/User Datagram Protocol (UDP) port address of a source server and an IP
address and TCP/UDP port address of a destination server, wherein the traffic
flow is directed from the source server to the destination server.


20.	(Previously presented) The non-transitory computer-readable
medium of claim 16, wherein the ingress overlay network node and the
egress overlay network node are tunnel endpoints of a tunnel carrying
the traffic flow.


Reasons for Allowance
The following is an examiner’s statement of reasons for allowance: 
Claims 1-20 are allowed. 

Chitalia et al., US 10924419 B1 is the closest prior art references. Chitalia teaches ingress and egress overlay network nodes and identifying the underlay network nodes corresponding to a traffic flow from the ingress overlay network node and egress overlay network node. Chitalia analyzes traffic flows based on routing information and encapsulation information for previously routed traffic flows. Chitalia does not teach identifying underlay network nodes based on extracted route information for a traffic flow and one of the underlay network nodes is a “potential next hop” based on routing information respective to the ingress overlay network node of the traffic flow. Based on the credentials, determining the traffic flow received at an ingress overlay network node, determining one of the underlay network nodes receiving the traffic flow based on encapsulation information and determining the traffic flow received at an egress overlay network node. Chitalia does not teach determinations based network node of the underlay nodes being a “potential next hop. Lastly, Chitalia does not teach based on each of the other determinations, determining a network trace of the traffic flow as recited in the claims.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”



Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to PATRICE L WINDER whose telephone number is (571)272-3935. The examiner can normally be reached M-F 10am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Thu Nguyen can be reached on 571-272-6967. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Patrice L Winder/Primary Examiner, Art Unit 2452