DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The office action is non-final due to a new ground of rejection in response to Applicant’s arguments filed on 5/16/2022.

Response to Amendment
The Amendment filed on 5/16/2022 has been entered. Claims 1-20 remain pending in the application. Applicant’s amendments to Claims have overcome the objection previously set forth in the Non-Final Office Action mailed on 2/14/2022.

Response to Arguments
Applicant’s arguments on pages 9-10 with respect to claims 1 and 20 have been considered but are moot upon a further consideration and a new ground of rejection made under 35 U.S.C. 102(a)(2) as being anticipated by Chang (US PGPub 2018/0109471).

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Chang (US PGPub 2018/0109471).

Regarding claim 1, Chang teaches a method for configuring a physical network interface controller (pNIC) connected to a host computer to perform flow processing offload (FPO) for a set of machines executing on the host computer (Chang, see abstract, The present disclosure generally discloses packet processing offload support capabilities for supporting packet processing offload.), the method comprising:
providing the pNIC with a set of mappings between virtual port identifiers (VPIDs) of interfaces of the set of machines executing on the host computer and physical port identifiers (PPIDs) of interfaces of the pNIC (Chang, see paragraph 0091, The traffic flows in the virtual data plane are indicated with F1-F5. Given incoming traffic (“F1”), the DPI NF extracts HTTP cookies and sends them (along with traffic) to the L7LB function (“F2”) as NF-specific metadata.);  and
providing the pNIC with a set of flow entries for a set of data message flows, each flow entry in the set of flow entries specifying a destination using a VPID (Chang, see paragraphs 0091 and 0093, The L7LB translates customer-facing virtual IP addresses in the traffic to the physical IP addresses of e-commerce applications, based on user cookies. some of the tables can be offloaded to the sNIC switch, as long as the flow rules in the tables are offloadable, and the inter-switch PCI communication can carry any metadata exchanged between split flow tables. As depicted in FIG. 7C, for example, packet filtering and modification rules in ACL/NAT tables can be safely migrated to the sNIC switch, thereby shortening the main processing pipeline in the hypervisor switch),
wherein the set of flow entries is stored by the pNIC for performing flow processing for data messages associated with machines executing on the host computer (Chang, see paragraphs 0091-0093, While OVS addresses the issue with intelligent flow caching, a long pipeline cannot be avoided with caching if a bulk of network flows are short-lived. In this environment, some of the tables can be offloaded to the sNIC switch, as long as the flow rules in the tables are offloadable, and the inter-switch PCI communication can carry any metadata exchanged between split flow tables. As depicted in FIG. 7C, for example, packet filtering and modification rules in ACL/NAT tables can be safely migrated to the sNIC switch, thereby shortening the main processing pipeline in the hypervisor switch), and
wherein the set of mappings is stored by the pNIC for translating VPIDs specified in the set of flow entries to PPIDs to identify an egress interface of the pNIC to which to forward a data message destined to a particular VPID (Chang, see paragraph 0091, traffic is forwarded to e-commerce applications based on physical IP addresses (“F4” and “F5” for local instances, and “F3” for any remote instances). The virtual data plane can be mapped to two physical data planes).

Regarding claim 2, Chang teaches wherein
the set of mappings between VPIDs and PPIDs is generated by a flow processing and action generator that generates the set of mappings based on configuration data regarding VPIDs and PPIDs received by the flow processing and action generator (Chang, see paragraph 0067-0070, The RTE 432 is configured to support rule translation functions for translating flow rules associated with EH 400. In general, a flow rule includes a set of one or more match conditions and a set of one or more associated actions to be performed when the set of one or more match conditions is detected), and
the set of flow entries is generated by the flow processing and action generator by processing a first data message in each data message flow in the set of data message flows to determine a result of processing the first data message, wherein the flow entry for the data message flow in the set of data message flows is generated based on the determined result (Chang, see paragraph 0069, assume a virtual flow rule of if dest-IP=X, send traffic to port Y (where port Y is a virtual port). This virtual flow rule is first translated into a union of port-based virtual flow rules: (1) dest-IP=X & inPort=1, send traffic to port Y, (2) dest-IP=X & inPort=2, send traffic to port Y, and so forth until (N) dest-IP=X & inPort=N, send traffic to port Y. Here, in the port-based virtual flow rules Ports 1-N are the list of existing virtual ports. The port-based virtual flow rules are then translated, based on port mapping information, into a corresponding set of actual flow rules such as: (1) dest-IP=X & inPort=P1, send traffic to port Y, (2) dest-IP=X & inPort=P2, send traffic to port Y, and so forth until (N) dest-IP=X & inPort=PN, send traffic to port Y (where P1-PN are the physical ports mapped to virtual ports 1-N, respectively).).

Regarding claim 3, Chang teaches further comprising providing, after a change affecting data message processing for a set of data message flows, at least one update to the mapping table based on the change, wherein the change affecting data message processing comprises a change related to at least one of (i) the interfaces of the pNIC and (ii) the interfaces of the machines executing on the host computer (Chang, see paragraph 0035, The NFA 125, after completing the migration of the NF instance within EH 110 (such that it is instantiated at the desired migration location and connected to the underlying switch of EH 110 that is associated with the migration location), may update the port mapping that was previously created for the NF instance by changing the physical port of the port mapping while keeping the virtual port of the port mapping unchanged).

Regarding claim 4, Chang teaches wherein providing the at least one update comprises:
providing an instruction to remove a particular mapping between a first VPID and a first PPID (Chang, see paragraph 0067-0070, The RTE 432 is configured to support rule translation functions for translating flow rules associated with EH 400. In general, a flow rule includes a set of one or more match conditions and a set of one or more associated actions to be performed when the set of one or more match conditions is detected); and
providing an instruction to add a new entry based on the change affecting data message processing (Chang, see paragraph 0069, assume a virtual flow rule of if dest-IP=X, send traffic to port Y (where port Y is a virtual port). This virtual flow rule is first translated into a union of port-based virtual flow rules: (1) dest-IP=X & inPort=1, send traffic to port Y, (2) dest-IP=X & inPort=2, send traffic to port Y, and so forth until (N) dest-IP=X & inPort=N, send traffic to port Y. Here, in the port-based virtual flow rules Ports 1-N are the list of existing virtual ports. The port-based virtual flow rules are then translated, based on port mapping information, into a corresponding set of actual flow rules such as: (1) dest-IP=X & inPort=P1, send traffic to port Y, (2) dest-IP=X & inPort=P2, send traffic to port Y, and so forth until (N) dest-IP=X & inPort=PN, send traffic to port Y (where P1-PN are the physical ports mapped to virtual ports 1-N, respectively).).

Regarding claim 5, Chang teaches wherein
the configuration of a vNIC of a machine executing on the host computer changes and a new, second VPID is assigned to the vNIC (Chang, see paragraph 0093, While OVS addresses the issue with intelligent flow caching, a long pipeline cannot be avoided with caching if a bulk of network flows are short-lived. In this environment, some of the tables can be offloaded to the sNIC switch, as long as the flow rules in the tables are offloadable, and the inter-switch PCI communication can carry any metadata exchanged between split flow tables.),
the first VPID is the VPID associated with the vNIC before the configuration change (Chang, see paragraph 0033, The port mapping that is created is a mapping between (1) the physical port for the NF instance (namely, the physical port of the end host switch to which the NF instance is connected when instantiated, which will be the HS 121 when the NF instance is instantiated on the hypervisor 120 and the SS 131 when the NF instance is instantiated on the sNIC 130) and (2) the virtual port of the virtual data plane with which the NF instance is associated.), and
the new entry maps the second VPID associated with the vNIC after the configuration change to the first PPID (Chang, see paragraph 0033, The NFA 125, after instantiating the NF instance on the EH 110 and connecting the NF instance within EH 110 to support communications by the NF instance, may report the instantiation of the NF instance to the NFC 151.).

Regarding claim 6, Chang teaches wherein
the change is a change from an association between a first vNIC of a machine executing on the host computer and a first interface of the pNIC to an association between the first vNIC and a second interface of the pNIC (Chang, see paragraph 0093, While OVS addresses the issue with intelligent flow caching, a long pipeline cannot be avoided with caching if a bulk of network flows are short-lived. In this environment, some of the tables can be offloaded to the sNIC switch, as long as the flow rules in the tables are offloadable, and the inter-switch PCI communication can carry any metadata exchanged between split flow tables.),
the first vNIC is associated with a first VPID, the first interface of the pNIC is associated with a first PPID, and the second interface of the pNIC is associated with a second PPID (Chang, see paragraph 0033, The port mapping that is created is a mapping between (1) the physical port for the NF instance (namely, the physical port of the end host switch to which the NF instance is connected when instantiated, which will be the HS 121 when the NF instance is instantiated on the hypervisor 120 and the SS 131 when the NF instance is instantiated on the sNIC 130) and (2) the virtual port of the virtual data plane with which the NF instance is associated.),
the at least one update to the mapping table updates the mapping of the first VPID to the first PPID into a mapping of the first VPID to the second PPID (Chang, see paragraph 0033, The NFA 125, after instantiating the NF instance on the EH 110 and connecting the NF instance within EH 110 to support communications by the NF instance, may report the instantiation of the NF instance to the NFC 151.), and
the pNIC, based on the provided update, identifies the second interface of the pNIC associated with the second PPID as an egress interface of the pNIC for a particular data message matching a flow entry specifying the first VPID as a destination (Chang, see paragraph 0033, The NFA 125, after instantiating the NF instance on the EH 110 and connecting the NF instance within EH 110 to support communications by the NF instance, may report the instantiation of the NF instance to the NFC 151.).

Regarding claim 7, Chang teaches wherein
the second PPID is associated with multiple VPIDs (Chang, see paragraph 0093, While OVS addresses the issue with intelligent flow caching, a long pipeline cannot be avoided with caching if a bulk of network flows are short-lived. In this environment, some of the tables can be offloaded to the sNIC switch, as long as the flow rules in the tables are offloadable, and the inter-switch PCI communication can carry any metadata exchanged between split flow tables.),
the provided update mapping the first VPID to the second PPID includes an indication that data messages destined to the first VPID should be forwarded along with the first VPID to the second interface of the pNIC associated with the second PPID (Chang, see paragraph 0033, The port mapping that is created is a mapping between (1) the physical port for the NF instance (namely, the physical port of the end host switch to which the NF instance is connected when instantiated, which will be the HS 121 when the NF instance is instantiated on the hypervisor 120 and the SS 131 when the NF instance is instantiated on the sNIC 130) and (2) the virtual port of the virtual data plane with which the NF instance is associated.),
identifying the second interface of the pNIC as an egress interface of the pNIC further comprises identifying that the data message should be forwarded along with the first VPID (Chang, see paragraph 0033, The NFA 125, after instantiating the NF instance on the EH 110 and connecting the NF instance within EH 110 to support communications by the NF instance, may report the instantiation of the NF instance to the NFC 151.), and
the first VPID is used by a software switch executing on the host computer to direct the particular data message to the first vNIC (Chang, see paragraph 0033, The NFA 125, after instantiating the NF instance on the EH 110 and connecting the NF instance within EH 110 to support communications by the NF instance, may report the instantiation of the NF instance to the NFC 151.).

Regarding claim 8, Chang teaches wherein, before updating the mapping table,
the first PPID was associated only with the first VPID (Chang, see paragraph 0093, While OVS addresses the issue with intelligent flow caching, a long pipeline cannot be avoided with caching if a bulk of network flows are short-lived. In this environment, some of the tables can be offloaded to the sNIC switch, as long as the flow rules in the tables are offloadable, and the inter-switch PCI communication can carry any metadata exchanged between split flow tables.), 
data messages destined for the first VPID were delivered to the first vNIC without traversing the software switch (Chang, see paragraph 0033, The port mapping that is created is a mapping between (1) the physical port for the NF instance (namely, the physical port of the end host switch to which the NF instance is connected when instantiated, which will be the HS 121 when the NF instance is instantiated on the hypervisor 120 and the SS 131 when the NF instance is instantiated on the sNIC 130) and (2) the virtual port of the virtual data plane with which the NF instance is associated.), and
the VPID was not forwarded along with data messages to the second interface of the pNIC associated with the first PPID (Chang, see paragraph 0033, The NFA 125, after instantiating the NF instance on the EH 110 and connecting the NF instance within EH 110 to support communications by the NF instance, may report the instantiation of the NF instance to the NFC 151.).

Regarding claim 9, Chang teaches wherein the change is a change to the selection of a physical uplink port used as an egress interface for a particular set of data message flows, and the change is based on at least one of a failure of a first physical uplink port and an updated load balancing operation performed to select a physical uplink port to use for the particular set of data messages (Chang, see paragraph 0033, The NFA 125, after instantiating the NF instance on the EH 110 and connecting the NF instance within EH 110 to support communications by the NF instance, may report the instantiation of the NF instance to the NFC 151.).

Regarding claim 10, Chang teaches wherein the flow processing and action generator:
receives a particular data message that matched a particular flow entry in the set of flow entries, but did not resolve into a PPID (Chang, see paragraph 0093, While OVS addresses the issue with intelligent flow caching, a long pipeline cannot be avoided with caching if a bulk of network flows are short-lived. In this environment, some of the tables can be offloaded to the sNIC switch, as long as the flow rules in the tables are offloadable, and the inter-switch PCI communication can carry any metadata exchanged between split flow tables.);
receives a notification from the pNIC with an identifier of at least one of the particular flow entry in the set of flow entries and a particular VPID specified as a destination in the particular flow entry (Chang, see paragraph 0033, The port mapping that is created is a mapping between (1) the physical port for the NF instance (namely, the physical port of the end host switch to which the NF instance is connected when instantiated, which will be the HS 121 when the NF instance is instantiated on the hypervisor 120 and the SS 131 when the NF instance is instantiated on the sNIC 130) and (2) the virtual port of the virtual data plane with which the NF instance is associated.);
generates (1) a set of instructions for removing the particular flow entry and (2) a new flow entry for a data message flow to which the particular data message belongs (Chang, see paragraph 0033, The NFA 125, after instantiating the NF instance on the EH 110 and connecting the NF instance within EH 110 to support communications by the NF instance, may report the instantiation of the NF instance to the NFC 151.); and
provides the generated set of instructions and the new flow entry to the pNIC (Chang, see paragraph 0033, The NFA 125, after instantiating the NF instance on the EH 110 and connecting the NF instance within EH 110 to support communications by the NF instance, may report the instantiation of the NF instance to the NFC 151.).

Regarding claim 11, Chang teaches wherein the set of instructions for removing the particular flow entry is included in a set of instructions for removing all flow entries specifying the particular VPID as a destination, wherein the set of instructions for removing all flow entries specifying the particular VPID as a destination is generated based on information stored by the flow processing and action generator regarding sets of generated flow entries specifying the particular VPID as a destination VPID (Chang, see paragraph 0033, The NFA 125, after instantiating the NF instance on the EH 110 and connecting the NF instance within EH 110 to support communications by the NF instance, may report the instantiation of the NF instance to the NFC 151.).

Regarding claim 12, Chang teaches wherein at least one of generating the set of instructions at the flow processing and action generator and executing the set of instructions for removing all flow entries specifying the particular VPID as a destination by the pNIC is performed as a background operation after a change that caused the particular flow entry to fail to be resolved into a PPID (Chang, see paragraph 0023, The hypervisor 120 and the sNIC 130 may be interconnected via a communication link (e.g., a bus such as a Peripheral Component Interconnect (PCI) bus or other suitable type of bus or link), which also may be referred to herein as an inter-switch communication link as it provides a communication for communications between HS 121 of hypervisor 120 and SS 131 of sNIC 130. The IM 150 includes an NF controller (NFC) 151 and a Software Defined Networking (SDN) controller (SDNC) 155.).

Regarding claim 13, Chang teaches wherein after removing the flow entries, the second VPID is available to be reused to identify an interface of a machine executing on the host computer (Chang, see paragraph 0023, The hypervisor 120 and the sNIC 130 may be interconnected via a communication link (e.g., a bus such as a Peripheral Component Interconnect (PCI) bus or other suitable type of bus or link), which also may be referred to herein as an inter-switch communication link as it provides a communication for communications between HS 121 of hypervisor 120 and SS 131 of sNIC 130. The IM 150 includes an NF controller (NFC) 151 and a Software Defined Networking (SDN) controller (SDNC) 155.).

Regarding claim 14, Chang teaches wherein the flow processing and action generator executes on a set of processing units of the host computer (Chang, see paragraph 0043, If in-switch !=out-switch, then the VS 126 constructs a routing path from in-switch to out-switch (and generates a physical forwarding rule on each intermediate switch along the path from the ingress switch to the egress switch)).
 
Regarding claim 15, Chang teaches wherein the flow processing and action generator communicates with the pNIC using a physical function provided by virtualization software executing on the pNIC (Chang, see paragraph 0023, The hypervisor 120 and the sNIC 130 may be interconnected via a communication link (e.g., a bus such as a Peripheral Component Interconnect (PCI) bus or other suitable type of bus or link), which also may be referred to herein as an inter-switch communication link as it provides a communication for communications between HS 121 of hypervisor 120 and SS 131 of sNIC 130. The IM 150 includes an NF controller (NFC) 151 and a Software Defined Networking (SDN) controller (SDNC) 155.).

Regarding claim 16, Chang teaches wherein the flow processing and action generator executes on a set of processing units of the pNIC (Chang, see paragraph 0043, If in-switch !=out-switch, then the VS 126 constructs a routing path from in-switch to out-switch (and generates a physical forwarding rule on each intermediate switch along the path from the ingress switch to the egress switch)).

Regarding claim 17, Chang teaches wherein the flow processing and action generator communicates with a set of elements of the pNIC that perform flow processing based on the sets of flow entries and mappings using a peripheral component interconnect express (PCIe) bus of the pNIC (Chang, see paragraph 0023, The hypervisor 120 and the sNIC 130 may be interconnected via a communication link (e.g., a bus such as a Peripheral Component Interconnect (PCI) bus or other suitable type of bus or link), which also may be referred to herein as an inter-switch communication link as it provides a communication for communications between HS 121 of hypervisor 120 and SS 131 of sNIC 130. The IM 150 includes an NF controller (NFC) 151 and a Software Defined Networking (SDN) controller (SDNC) 155.).

Regarding claim 18, Chang teaches wherein the VPID comprises a number of bits that is larger than the PPID (Chang, see paragraph 0024, It is noted that such trends are causing increasingly larger fractions of the processing resources of end-host servers to be dedicated to packet processing functions in the NFs and hypervisor switches at the end-host servers, thereby leaving decreasing fractions of the processing resources of the end-host servers available for running tenant applications.).

Regarding claim 19, Chang teaches wherein the set of mappings is stored by the pNIC for translating a set of PPIDs for interfaces of the pNIC at which data messages are received into a set of VPIDs that are used to identify flow entries matching the received data messages (Chang, see paragraph 0023, The hypervisor 120 and the sNIC 130 may be interconnected via a communication link (e.g., a bus such as a Peripheral Component Interconnect (PCI) bus or other suitable type of bus or link), which also may be referred to herein as an inter-switch communication link as it provides a communication for communications between HS 121 of hypervisor 120 and SS 131 of sNIC 130. The IM 150 includes an NF controller (NFC) 151 and a Software Defined Networking (SDN) controller (SDNC) 155.).

Regarding claim 20, Chang teaches a non-transitory machine readable medium storing a program for execution by at least one processing unit, the program for configuring a physical network interface controller (pNIC) connected to a host computer to perform flow processing offload (FPO) for a set of machines executing on the host computer (Chang, see abstract, The present disclosure generally discloses packet processing offload support capabilities for supporting packet processing offload.), the program comprising sets of instructions:
providing the pNIC with a set of mappings between virtual port identifiers (VPIDs) of interfaces of the set of machines executing on the host computer and physical port identifiers (PPIDs) of interfaces of the pNIC, each VPID used by a software switch executing on the host computer to forward data messages to a virtual network interface controller (VNIC) of a machine in the set of machines executing on the host computer (Chang, see paragraph 0091, The traffic flows in the virtual data plane are indicated with F1-F5. Given incoming traffic (“F1”), the DPI NF extracts HTTP cookies and sends them (along with traffic) to the L7LB function (“F2”) as NF-specific metadata.); and
providing the pNIC with a set of flow entries for a set of data message flows, each flow entry in the set of flow entries specifying a destination using a VPID  (Chang, see paragraphs 0091 and 0093, The L7LB translates customer-facing virtual IP addresses in the traffic to the physical IP addresses of e-commerce applications, based on user cookies. some of the tables can be offloaded to the sNIC switch, as long as the flow rules in the tables are offloadable, and the inter-switch PCI communication can carry any metadata exchanged between split flow tables. As depicted in FIG. 7C, for example, packet filtering and modification rules in ACL/NAT tables can be safely migrated to the sNIC switch, thereby shortening the main processing pipeline in the hypervisor switch),
wherein the PNIC stores the set of flow entries and uses the set of flow entries to perform flow processing for data messages associated with machines executing on the host computer (Chang, see paragraphs 0091-0093, While OVS addresses the issue with intelligent flow caching, a long pipeline cannot be avoided with caching if a bulk of network flows are short-lived. In this environment, some of the tables can be offloaded to the sNIC switch, as long as the flow rules in the tables are offloadable, and the inter-switch PCI communication can carry any metadata exchanged between split flow tables. As depicted in FIG. 7C, for example, packet filtering and modification rules in ACL/NAT tables can be safely migrated to the sNIC switch, thereby shortening the main processing pipeline in the hypervisor switch), and
wherein the PNIC stores the set of mappings and uses the set of mappings to translate VPIDs, which are obtained through the performed flow processing of the data messages, to PPIDs in order to identify an egress interface of the pNIC to which to forward a data message destined to a particular VPID (Chang, see paragraph 0091, traffic is forwarded to e-commerce applications based on physical IP addresses (“F4” and “F5” for local instances, and “F3” for any remote instances). The virtual data plane can be mapped to two physical data planes).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHONG G KIM whose telephone number is (571)270-0619. The examiner can normally be reached Mon-Fri @ 9am - 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Nicholas R. Taylor can be reached on 571-272-3889. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHONG G KIM/Examiner, Art Unit 2443                                                                                                                                                                                                        

/NICHOLAS R TAYLOR/Supervisory Patent Examiner, Art Unit 2443