DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
The amendments filed on July 5, 2022 have been entered. Applicant amended claims 1, 2, 7, 10, 11, 14, 17, 18, and 20. Claims 1-20 remain pending in the application.

Response to Arguments
Applicant’s arguments filed on July 5, 2022 with respect to the Non-Final Office Action dated June 7, 2022 have been fully considered but they are not persuasive.  
Regarding 35 U.S.C. 112(b) rejection:
Applicant argued, in page 8 of applicant’s remarks, “Claim 1 recites "providing details in the response to a service". Examiner states since the client receives the response, it is not clear how the client can provide details in the response. The client provides details in the response (i.e., details which are included in the response that the client receives) to a service. The client receives a response which includes details, and the client then provides these details to a service. Thus, the response to the trace packet includes details which are provided to a service by the client”.
In response, applicant argument is not evident from the claim. The claim does not recite the client receives a response that includes details. Therefore, the limitation “when the response does not include tunnel info, providing details in the response to a service” is unclear. Claim need to be amended to clearly indicate when the response does not include tunnel info, the response includes details whereas details comprise parameters associated with a service path between the client and the destination. And then providing the details to a service would make sense.
Regarding 35 U.S.C. 103 rejection:
Applicant argued, in page 10, “Newell teaches utilizing certificate signatures to determine the compliance of a device. Newell does not teach providing a second signature in a second trace packet to an egress router, and further comprising receiving a response from the second trace packet; when the response does not include a flag, utilizing details from the response for a leg between the client and the egress router; and when the response includes the flag, determining a misconfiguration where the second trace packet was sent over a tunnel”.
In response, paragraph 0024, lines 1-2, of Newell discloses an authentication request (second trace packet) to a proxy (egress router) as stated “When the authentication proxy 122 receives an authentication request from a client device 106”. Paragraph 0024, line s10-16, also discloses the authentication request includes various parameters for example geolocation information (second signature) as stated “Device identification parameters can include a network address, a device identifier, an application identifier of an application 147 from which an authentication request is received, geolocation parameters embedded within the security layer, or other parameters by which the client device 106 can be identified. Fig. 4, step 421, shows identifying tunnel client if the parameters are valid. Fig. 4, step 419, shows returning an error (flag) that signifies wrong tunnel.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites the limitation “when the response does not include tunnel info, providing details in the response to a service where the details include parameters associated with a service path between the client and the destination” in lines 4-6. This limitation is unclear and incoherent. The preamble of claim 1 indicates the method is implemented by a client. The client receives the response after sending a trace packet. Hence “providing details in the response to a service” suggests the client is providing details in the response. Since the client receives the response, it is not clear how the client can provide details in the response. 
Independent claims 10 and 17 recite similar limitations.
Dependent claim 2-9, 11-16, and 18-20 inherit same deficiency.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Nedeltchev et al. (US PGPUB No. 20130322258), hereinafter, Nedeltchev, in view of Swallow et al. (US PGPUB No. 20080080507), Swallow, and further in view of Newell et al. (US PGPUB No. 20170346856), hereinafter, Newell.
Regarding claim 1:
	Nedeltchev teaches:
	A method implemented by a client comprising (Fig. 1 shows ES-A (client). Paragraph 0013, lines 18-20, states “two devices (e.g. end station A (ES-A), and end station B (ES-B)), also communicate with devices within network 100”): 
requesting a trace to a destination with [[a signature inserted]] into a trace packet (paragraph 0031, lines 1-3, teaches a trace request (trace) destined for ES-B (destination) as stated “assume that ES-A (trace initiator) has generated a trace request 410 to ES-B,”. see Fig. 5 as well); 
receiving a response to the trace packet (Fig. 5 shows receiving trace response 415 (response).  Paragraph 0031, lines 7-8, states “R1 may send a trace response 415 to ES-A”); 
when the response does not include tunnel info, providing details in the response to a service where the details include parameters associated with a service path between the client and the destination (Fig. 5 shows two type of responses 415a and 415b. Responses 415b is in response to the out-of-the tunnel trace request 410b as if no tunnel exist between R1-R4. Paragraph 0033 discusses responses 415b   provides detail of the service path between ES-A and ES-B as stated); and 
when the response includes tunnel info, segmenting the service path into a plurality of legs, causing a trace for each of the plurality of legs, and aggregating details for each of the plurality of legs based on the causing (Fig. 5 shows response 415a in response to the in-tunnel trace request 410a as if a tunnel exits between R1-R4. Trace response 415 received at ES-A includes tunnel endpoints (tunnel information) as stated in paragraph 0033, lines 1-3, “R1 may forward any trace responses 415a (from the in-tunnel trace request 410a) to ES-A, and may add identifiers for the tunnel head-end node (R1) and tail-end node (R4), accordingly”. Fig. 5 also shows existence of tunnel 305 between R1-R4 causes further generation of out-of-tunnel trace request 410b as stated in paragraph 0031, lines 7-11, “In particular, R1 may send a trace response 415 to ES-A, forwards the original trace request 410a over the tunnel, and also generates the out-of-tunnel trace request 410b for the tunnel tail-end node (R4) without using the tunnel (e.g., IP routed toward R4)”. Paragraph 0033, lines 11 and onward, discusses tracing all the segments and aggregation of responses). 
While Nedeltchev teaches requesting a trace to a destination (as shown above),
Nedeltchev does not teach a signature inserted into a trace packet.
Swallow teaches a signature inserted into a trace packet (paragraph 0034, lines 1-7, talks about including forwarding equivalent class (signature) in the RTS request as stated “Upon receiving the RTS message 300, the second (receiving) node (e.g., node D) may verify that it has state for the corresponding in-band tunnel/tree. For instance, request field 322 of the RTS message 300 may contain one or more Forwarding Equivalence Classes (FECs) in an FEC stack, where an FEC generally describes (e.g., identifies) a particular tunnel/tree”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Nedeltchev to incorporate the teaching of Swallow about inserting a FEC in the trace request. One would be motivated to insert FEC in the trace packet to indicate the egress node of a tunnel (see at least paragraph 0036 of Swallow).
Nedeltchev does not teach Including a second signature in a second trace packet to an egress route to detect a network path.
Newell teaches Including a second signature in a second trace packet trace to an egress router to detect a network path (paragraph 0024, lines 1-2, discloses an authentication request (second trace packet) to a proxy (egress router) as stated “When the authentication proxy 122 receives an authentication request from a client device 106”. Paragraph 0024, line s10-16, also discloses the authentication request includes various parameters for example geolocation information (second signature) as stated “Device identification parameters can include a network address, a device identifier, an application identifier of an application 147 from which an authentication request is received, geolocation parameters embedded within the security layer, or other parameters by which the client device 106 can be identified. Fig. 4, step 421, shows identifying tunnel client if the parameters are valid” 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Nedeltchev to incorporate the teaching of Newell. One would be motivated to do that to indicate the client about its compliance to the tunnel (see at least paragraph 0025-0026 of Newell).
	As to claim 2, the rejection of claim 1 is incorporate. Nedeltchev in view of Swallow and Newell teach all the limitations of claim 1 as shown above.
	Nedeltchev, in view of Swallow, teaches a tunnel server intercepts the trace packet responsive to detection of the signature (paragraphs 0034 and 0036 of Swallow discuss about node D (tunnel server) received the RTS request and process based on FEC detection as shown above).
	Nedeltchev further teaches wherein, when the response includes tunnel info, and wherein the tunnel server responds to the trace packet with the response with the tunnel info (Trace response 415 received at ES-A includes tunnel endpoints (tunnel information) as stated in paragraph 0033, lines 1-3).
As to claim 3, the rejection of claim 1 is incorporate Nedeltchev in view of Swallow and Newell teach all the limitations of claim 1 as shown above.
	Nedeltchev further teaches wherein the aggregating details includes aggregating network hops, packet drops, and latency for each of the plurality of legs (see at least paragraph 0033, lines 11 and onward, discussing tracing all the segments and aggregation of responses as stated “As such, the trace responders send their responses to the tunnel head-end node R1. R1 may then either relay the responses individually to ES-A (if configured to interpret the additional responses), or illustratively, may merge and forward the responses 415b to the original trace initiator (e.g., ES-A) with additional information regarding the fork, as well as the tunnel head-end and tail-end nodes. This additional context provides a way for a resultant trace report to allow correlation of the in-tunnel and out-of-tunnel paths. In other words, the head-end node can aggregate each of the trace responses (e.g., aggregate the in-tunnel trace response and the out-of-tunnel trace response(s)) into a single response, or aggregate only the out-of-tunnel trace response(s) into a single response), and transmit the aggregated response to a trace request originator”. paragraph 0034 talk about performance data including packet loss. See paragraph 0025 talks about latency measurement).
As to claim 4, the rejection of claim 1 is incorporate. Nedeltchev in view of Swallow and Newell teach all the limitations of claim 1 as shown above.
	Nedeltchev further teaches wherein the plurality of legs include three legs (Fig. 3 shows three legs i.e. ES-A to R1, R1 to R4, and R4 to ES-B).
As to claim 5, the rejections of claims 1 and 4 are incorporate. Nedeltchev in view of Swallow and Newell teach all the limitations of claims 1 and 4 as shown above.
	Nedeltchev further teaches wherein a first leg is between the client and a tunnel client, a second leg is between the tunnel client and a tunnel server, and a third leg is between the tunnel server and the destination (see at least Fig. 3 showing ES-A (client), R1 (tunnel client), R4 (tunnel server), ES-B (destination)).
As to claim 6, the rejections of claims 1 and 4 are incorporate. Nedeltchev in view of Swallow and Newell teach all the limitations of claims 1 and 4 as shown above.
	Nedeltchev further teaches wherein a first leg is between the client and an egress router, a second leg is between the egress router and a tunnel server, and a third leg is between the tunnel server and the destination (see at least Fig. 3).
As to claim 7, the rejection of claim 1 is incorporate. Nedeltchev in view of Swallow and Newell teach all the limitations of claim 1 as shown above.
Nedeltchev does not teach further comprising receiving a response from the second trace packet; when the response does not include a flag, utilizing details from the response for a leg between the client and the egress router; and when the response includes the flag, determining the second trace packet went on the wrong network path where the second trace packet was sent over a tunnel to a tunnel server.
Newell teaches further comprising receiving a response from the second trace packet; when the response does not include a flag, utilizing details from the response for a leg between the client and the egress router; and when the response includes the flag, determining the second trace packet went on the wrong network path where the second trace packet was sent over a tunnel to a tunnel server (see paragraphs 0024 talking of signature of a certificate. Paragraph 0025-0026 talk about determining compliance of the client based on the signature. Fig. 4, step 419, shows returning an error (flag) that signifies wrong tunnel).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Nedeltchev to incorporate the teaching of Newell. One would be motivated to do that to indicate the client about its compliance to the tunnel (see at least paragraph 0025-0026 of Newell).
As to claim 8, the rejection of claim 1 is incorporate. Nedeltchev in view of Swallow and Newell teach all the limitations of claim 1 as shown above.
	Nedeltchev does not teach wherein at least one of the plurality of legs includes a reverse trace from a tunnel server.
	Swallow teaches wherein at least one of the plurality of legs includes a reverse trace from a tunnel server (see at least paragraph 0047 discussing reverse traceroute at node D).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Nedeltchev to incorporate the teaching of Swallow about reverse traceroute. One would be motivated to use reverse traceroute to identify nodes within the tunnel from the egress node (see at least paragraph 0047 of Swallow).
As to claim 9, the rejection of claim 1 is incorporate. Nedeltchev in view of Swallow and Newell teach all the limitations of claim 1 as shown above.
	Nedeltchev further teaches wherein the tunnel info includes a type of tunnel including any of Generic Routing Encapsulation (GRE) and Internet Protocol (IP) Security (IPsec) (paragraph 0018 states “Tunnels can be established through various known protocols such as VPN protocols, point-to-point tunneling protocol (PPTP), multiprotocol label switching label switched path (MPLS LSP), generic route encapsulation (GRE), Internet Protocol Security (IPSec), Layer-2 Tunnel Protocol (L2TP), Internet Protocol tunnels and other known tunneling methods.”).
	Regarding claim 10:
	Claim 10 is directed towards a non-transitory computer-readable medium comprising instructions that, when executed, cause one or more processors (see at least Fig. 2 and paragraph 0040 of Nedeltchev) performing the method of claim 1. Accordingly, it is rejected under similar rationale.
Claim 11 is directed towards a non-transitory computer-readable medium performing the method of claim 2. Accordingly, it is rejected under similar rationale.
Claim 12 is directed towards a non-transitory computer-readable medium performing the method of claim 3. Accordingly, it is rejected under similar rationale.
Claim 13 is directed towards a non-transitory computer-readable medium performing the method of claim 4. Accordingly, it is rejected under similar rationale.
Claim 14 is directed towards a non-transitory computer-readable medium performing the method of claim 7. Accordingly, it is rejected under similar rationale.
Claim 15 is directed towards a non-transitory computer-readable medium performing the method of claim 8. Accordingly, it is rejected under similar rationale.
Claim 16 is directed towards a non-transitory computer-readable medium performing the method of claim 9. Accordingly, it is rejected under similar rationale.
Regarding claim 17:
	Claim 17 is directed to a client comprising: one or more processors and memory comprising instructions that, when executed, cause the one or more processors (see at least Fig. 2 and paragraph 0040 of Nedeltchev) performing the method of claim 1. Accordingly, it is rejected under similar rationale.
Claim 18 is directed a client performing the method of claim 2. Accordingly, it is rejected under similar rationale.
Claim 19 is directed a client performing the method of claim 2. Accordingly, it is rejected under similar rationale.
Claim 20 is directed a client performing the method of claim 7. Accordingly, it is rejected under similar rationale.
Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KAMAL M HOSSAIN whose telephone number is (571)270-3070. The examiner can normally be reached 9:30-5:30 M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John Follansbee can be reached on (571)272-3964. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



	September 1, 2022

/KAMAL M HOSSAIN/               Examiner, Art Unit 2444                                                                                                                                                                                         
/JOHN A FOLLANSBEE/               Supervisory Patent Examiner, Art Unit 2444