DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the America Invents Act (AIA ).

General Information Matter
Please note, the instant Non-Provisional application (17/347,061) under prosecution at the United States Patent and Trademark Office (USPTO) has been assigned to David Zarka (Examiner) in Art Unit 2449.  To aid in correlating any papers for 17/347,061, all further correspondence regarding the instant application should be directed to the Examiner.

Joint Inventors
This application currently names joint inventors.  In considering patentability of the claims the Examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicants are advised of the obligation under 37 C.F.R. § 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the Examiner to consider the applicability of 35 U.S.C. § 102(b)(2)(C) for any potential § 102(a)(2) prior art against the later invention.

Provisional Application
The instant application claims benefit to provisional application No. 63/149,273 filed on February 13, 2021 under 35 U.S.C. § 119(e).

Information Disclosure Statement (IDS)
The IDS filed April 15, 2022 complies with the provisions of 37 C.F.R. §§ 1.97, 1.98 and Manual of Patent Examining Procedure (MPEP) § 609 (9th ed. Rev. 08.2017, Jan. 2018).  The IDS has been placed in the application file, and the information referred to therein has been considered.

Specification
The lengthy Specification has not been checked to the extent necessary to determine the presence of all possible minor errors.  Applicants’ cooperation is requested in correcting any errors of which Applicants may become aware in the Specification.

Claim Rejections – 35 U.S.C. § 103
The following is a quotation of 35 U.S.C. § 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 2, 6, 12, 13, 15, 17, and 18 are rejected under 35 U.S.C. § 103 as being obvious over Mullane et al. (US 2007/0094411 A1; filed Feb. 28, 2006) in view of Cometto et al. (US 2020/0099659 A1; filed Oct. 22, 2018).


Regarding claim 1, while Mullane teaches a system (fig. 1) comprising:
a first virtual network (fig. 1, client access network item 24) configured for a remote client (user of fig. 1, item 26), the first virtual network comprising a first resource (fig. 1, item 26) that has a first Internet Protocol (IP) address (“10.128.1.21” at fig. 1);
a second virtual network (fig. 1, private network item 14) configured for a local client (user of fig. 1, item 16), the second virtual network comprising a second resource (fig. 1, item 10) that has a second IP address (“10.128.1.21” at fig. 1) and that is configured to provide a  communication (“The local client 16 can communicate directly with the DNS name server 12 and the server 10.” at ¶ 29) to the remote client based on an access by the second resource (fig. 1, item 10) to the first resource (fig. 1, item 26); and
one or more network resources (fig. 1, items 10, 12, 18; “DNS filter” at ¶ 42) configured to:
determine, based on network address translation (NAT) mappings (fig. 2, destination address translation table item 100), a NAT mapping (fig. 2, destination address translation table item 100 illustrates row 119) between the first IP address and a reserved IP address (“10.127.1.1” at fig. 2), the reserved IP address being outside a first IP address range (“10.128.1.21” is within range “10.128.1.0” to “10.128.1.255”) of the first virtual network and a second IP address range (“10.128.1.21” is within range “10.128.1.0” to “10.128.1.255”) the second virtual network; and 
at least one of: 
send a first packet to the second virtual network, the first packet comprising the reserved IP address (“The remote client 26 can therefore communicate with the server 10 using the translation address 10.127.1.1 (120)” at ¶ 36; “The DNS filter, having found a match, modifies the DNS message by changing IP address 10.128.1.21 in the resource record to IP address 10.127.1.1 (121) corresponding to the translation (nat:111) in the row 19. The DNS filter returns the modified DNS message.” at ¶ 42); or 
receive a second packet from the second virtual network, a header of the second packet comprising the reserved IP address as a destination address, 
wherein the access of the second resource (fig. 1, item 10) to the first resource (fig. 1, item 26) is based on the NAT mapping (fig. 2, destination address translation table item 100 illustrates row 119; ¶¶ 36, 42) between the first IP address (“10.128.1.21” at fig. 2) and the reserved IP address (“10.127.1.1” at fig. 2),
Mullane does not teach (A) the remote client being a customer; (B) the local client being a service provider; (C) the communication being a service; and (D) the reserved IP address in the first packet being in a payload of the first packet.
(A)–(D)
Cometto teaches a customer (¶¶ 54, 64);
a service provider providing a service to the customer (¶¶ 54, 64); and
a payload of a packet including information (¶¶ 78, 79, 81).
It would have been obvious to one of ordinary skill in the art before the filing date of the invention for Mullane’s remote client to be a customer; for Mullane’s local client to be a service provider; for Mullane’s communication to be a service; and for Mullane’s reserved IP address in the first packet to be in a payload of the first packet as taught by Cometto to “provide security and privacy to prevent unauthorized access to information.”  Cometto ¶ 3.
Regarding claim 2, Mullane teaches wherein the one or more network resources (fig. 1, items 10, 12, 18; “DNS filter” at ¶ 42) comprise a gateway (“a network communication device comprising a DNS filter” at ¶ 22; “Such a network communication device may be further operable as a network router or a network proxy. In addition, it may be further operable as a network address translation gateway.” at ¶ 23), 
wherein the second packet is received by the agent, and wherein the gateway is configured to: determine the first IP address based on the NAT mapping between the first IP address and the reserved IP address; update the second packet by at least replacing the reserved “IP address with the first IP address; and send the updated second packet to the first virtual network.1
Regarding claim 6, Mullane teaches wherein the first IP address range (“10.128.1.21” is within range “10.128.1.0” to “10.128.1.255”) overlaps with the second IP address range (“10.128.1.21” is within range “10.128.1.0” to “10.128.1.255”).
Regarding claim 12, while Mullane teaches a method implemented by a system (fig. 1), the method comprising: 
determining, based on network address translation (NAT) mappings (fig. 2, destination address translation table item 100), a NAT mapping (fig. 2, destination address translation table item 100 illustrates row 119) between a first IP address (“10.128.1.21” at fig. 2) and a reserved IP address (“10.127.1.1” at fig. 2), the first IP address being within a first address range (“10.128.1.21” is within range “10.128.1.0” to “10.128.1.255”) of a first virtual network (fig. 1, client access network item 24) configured for a remote client (user of fig. 1, item 26), the reserved IP address being outside the first IP address range and a second IP address range (“10.128.1.21” is within range “10.128.1.0” to “10.128.1.255”) of a second virtual network (fig. 1, private network item 14) configured for a local client (user of fig. 1, item 16); and
at least one of:
sending a first packet to the second virtual network, the first packet comprising the reserved IP address; or 
receiving a second packet from the second virtual network, a header of the second packet comprising the reserved IP address as a destination address (“The remote client 26 can therefore communicate with the server 10 using the translation address 10.127.1.1 (120)” at ¶ 36; “The DNS filter, having found a match, modifies the DNS message by changing IP address 10.128.1.21 in the resource record to IP address 10.127.1.1 (121) corresponding to the translation (nat:111) in the row 19. The DNS filter returns the modified DNS message.” at ¶ 42), 
wherein access of a second resource (fig. 1, item 10) of the second virtual network to a first resource (fig. 1, item 26) of the first virtual network is based on the NAT mapping (fig. 2, destination address translation table item 100 illustrates row 119; ¶¶ 36, 42) between the first IP address  (“10.128.1.21” at fig. 2) and the reserved IP address (“10.127.1.1” at fig. 2),
Mullane does not teach (A) the remote client being a customer; (B) the local client being a service provider; and (C) the reserved IP address in the first packet being in a payload of the first packet.
(A)–(C)
Cometto teaches a customer (¶¶ 54, 64);
a service provider (¶¶ 54, 64); and
a payload of a packet including information (¶¶ 78, 79, 81).
It would have been obvious to one of ordinary skill in the art before the filing date of the invention for Mullane’s remote client to be a customer; for Mullane’s local client to be a service provider; and for Mullane’s reserved IP address in the first packet to be in a payload of the first packet as taught by Cometto to “provide security and privacy to prevent unauthorized access to information.”  Cometto ¶ 3.
Regarding claim 13, while Mullane teaches further comprising:
receiving a request (“Service-based routing therefore enables remote clients, exemplified by the remote client 26, to transparently communicate with DNS Name Servers” at ¶ 33) of the customer (user of fig. 1, item 26) for a communication (“The local client 16 can communicate directly with the DNS name server 12 and the server 10.” at ¶ 29) of the service provider (user of fig. 1, item 16); and
launching, for a pair of a customer identifier (“10.128.1.100” at fig. 1) and service provider identifier (“10.128.1.21” at fig. 1), at least one of a set of DNS services (¶ 42),
Mullane does not teach the communication being a service.
Cometto teaches a service provider providing a service to the customer (¶¶ 54, 64).
It would have been obvious to one of ordinary skill in the art before the filing date of the invention for Mullane’s communication to be a service as taught by Cometto to “provide security and privacy to prevent unauthorized access to information.”  Cometto ¶ 3.
Regarding claim 15, claim 6 recites substantially similar features.  Thus, references/arguments equivalent to those present for claim 6 are equally applicable to claim 15.

Regarding claim 17, while Mullane teaches performing operations comprising:
determining, based on network address translation (NAT) mappings (fig. 2, destination address translation table item 100), a NAT mapping (fig. 2, destination address translation table item 100 illustrates row 119) between a first IP address (“10.128.1.21” at fig. 2) and a reserved IP address (“10.127.1.1” at fig. 2), the first IP address being within a first IP address range (“10.128.1.21” is within range “10.128.1.0” to “10.128.1.255”) of a first virtual network (fig. 1, client access network item 24) configured for a remote client (fig. 1, item 26), the reserved IP address being outside the first IP address range and a second IP address range (“10.128.1.21” is within range “10.128.1.0” to “10.128.1.255”) of a second virtual network (fig. 1, private network item 14) configured for local client (fig. 1, item 16); and
at least one of: 
sending a first packet to the second virtual network, 
receiving a second packet from the second virtual network, a header of the second packet comprising the reserved IP address as a destination address, 
wherein access of a second resource (fig. 1, items 10, 12, 18; “DNS filter” at ¶ 42) of the second virtual network to a first resource (fig. 1, items 22, 24, 26) of the first virtual network is based on the NAT mapping (fig. 2, destination address translation table item 100 illustrates row 119; ¶¶ 36, 42) between the first IP address and the reserved IP address,
Mullane does not teach (A) one or more non-transitory computer-readable storage media storing instructions that, upon execution on a system, cause the system to perform the operations of claim 17; (B) the remote client being a customer; (C) the local client being a service provider; and (D) the reserved IP address in the first packet being in a payload of the first packet.
(A)–(D)
Cometto teaches one or more non-transitory computer-readable storage media (fig. 11, item 1104) storing instructions that, upon execution on a system, cause a system (fig. 11, item 1100) to perform operations (¶ 140);
a customer (¶¶ 54, 64);
a service provider (¶¶ 54, 64); and
a payload of a packet including information (¶¶ 78, 79, 81).
It would have been obvious to one of ordinary skill in the art before the filing date of the invention for the operations of Mullane to be executed by a system comprising one or more non-transitory computer-readable storage media storing instructions; for Mullane’s remote client to be a customer; for Mullane’s local client to be a service provider; and for Mullane’s reserved IP address in the first packet to be in a payload of the first packet as taught by Cometto to “provide security and privacy to prevent unauthorized access to information.”  Cometto ¶ 3.
Regarding claim 18, claim 2 recites substantially similar features.  Thus, references/arguments equivalent to those present for claim 2 are equally applicable to claim 18.


Claims 8 and 10 are rejected under 35 U.S.C. § 103 as being obvious over Mullane in view of Cometto, in further view of Padala et al. (US 2022/0094646 A1; PCT filed Jan. 17, 2019), and in further view of Thakkar et al. (US 2016/0105393 A1; filed Mar. 23, 2015).
Regarding claim 8, while Mullane teaches the first virtual network (fig. 1, client access network item 24) and the first IP address range (“10.128.1.21” is within range “10.128.1.0” to “10.128.1.255”),
Mullane does not teach further comprising a virtual network interface card that is associated with the first virtual network, wherein the virtual network interface card is addressable using multiple IP addresses that are within the first IP address range.
Padala teaches a network interface card (fig. 1, item 114) that is associated with a first network (fig. 1, item 104), wherein the network interface card is addressable using multiple IP addresses that are within a first IP address range (“registering a memory address range in the NIC” at ¶ 42; “memory address range that is to be kept in the NIC” at ¶ 45).
It would have been obvious to one of ordinary skill in the art before the filing date of the invention for Mullane’s first virtual network to be associated with a network interface card that is addressable using multiple IP addresses that are within the first IP address range as taught by Padala for “providing central processing unit efficient storing of data in a memory.”  Padala ¶ 18.
Thakkar teaches a virtual network interface card (¶ 8).
It would have been obvious to one of ordinary skill in the art before the filing date of the invention for the Mullane/Cometto/Padala combination’s network interface card to be a virtual network interface card as taught by Thakkar “for flexibly managing addresses across hybrid clouds.”  Thakkar ¶ 6.
Regarding claim 10, while Mullane teaches the first virtual network (fig. 1, client access network item 24) and the second IP address range (“10.128.1.21” is within range “10.128.1.0” to “10.128.1.255”),
Mullane does not teach further comprising a virtual network interface card that is associated with the second virtual network, wherein the virtual network interface card is addressable using multiple IP addresses that are within the second IP address range.
Padala teaches a network interface card (fig. 1, item 114) that is associated with a first network (fig. 1, item 104), wherein the network interface card is addressable using multiple IP addresses that are within a first IP address range (“registering a memory address range in the NIC” at ¶ 42; “memory address range that is to be kept in the NIC” at ¶ 45).
It would have been obvious to one of ordinary skill in the art before the filing date of the invention for Mullane’s second virtual network to be associated with a network interface card that is addressable using multiple IP addresses that are within the second IP address range as taught by Padala for “providing central processing unit efficient storing of data in a memory.”  Padala ¶ 18.
Thakkar teaches a virtual network interface card (¶ 8).
It would have been obvious to one of ordinary skill in the art before the filing date of the invention for the Mullane/Cometto/Padala combination’s network interface card to be a virtual network interface card as taught by Thakkar “for flexibly managing addresses across hybrid clouds.”  Thakkar ¶ 6.

Claims 9 and 11 are rejected under 35 U.S.C. § 103 as being obvious over Mullane in view of Cometto, in further view of Padala, in further view of Thakkar, and in further view of Sesham et al. (US 2019/0238642 A1; filed Jan. 30, 2018).

Regarding claim 9, the Mullane/Cometto/Padala/Thakkar combination does not teach wherein at least one of the multiple IP addresses are associated with different services of the service provider.
Sesham teaches wherein at least one of multiple IP addresses are associated with different services of a service provider (¶ 19).
It would have been obvious to one of ordinary skill in the art before the filing date of the invention for the Mullane/Cometto/Padala/Thakkar combination to include wherein at least one of the multiple IP addresses are associated with different services of the service provider as taught by Sesham to “enable users to access services from a service provider.”  Sesham ¶ 12
Regarding claim 11, the Mullane/Cometto/Padala/Thakkar combination does not teach wherein at least two of the multiple IP addresses are associated with different services of the service provider.
Sesham teaches wherein at least two of multiple IP addresses are associated with different services of a service provider (¶ 19).
It would have been obvious to one of ordinary skill in the art before the filing date of the invention for the Mullane/Cometto/Padala/Thakkar combination to include wherein at least two of the multiple IP addresses are associated with different services of the service provider as taught by Sesham to “enable users to access services from a service provider.”  Sesham ¶ 12

Allowable Subject Matter
Claim 3 is objected to as being dependent upon rejected base claim 1, but would be allowable if rewritten to include all of the limitations of base claim 1.
Claim 4 is objected to as being dependent upon rejected base claim 1, but would be allowable if rewritten to include all of the limitations of base claim 1.
Claim 5 is objected to as being dependent upon rejected base claim 1, but would be allowable if rewritten to include all of the limitations of base claim 1.
Claim 7 is objected to as being dependent upon rejected base claim 1, but would be allowable if rewritten to include all of the limitations of base claim 1.
Claim 14 is objected to as being dependent upon rejected base claim 12, but would be allowable if rewritten to include all of the limitations of base claim 12.
Claim 16 is objected to as being dependent upon rejected base claim 12, but would be allowable if rewritten to include all of the limitations of base claim 12.
Claim 19 is objected to as being dependent upon rejected base claim 17, but would be allowable if rewritten to include all of the limitations of base claim 17.
Claim 20 is objected to as being dependent upon rejected base claim 17, but would be allowable if rewritten to include all of the limitations of base claim 17.

Conclusion
The prior art made of record and not relied upon is considered pertinent to Applicants’ disclosure: US-8892724-B1 and US-9419937-B2.
Any inquiry concerning this communication or earlier communications from the Examiner should be directed to DAVID P. ZARKA whose telephone number is (703) 756-5746.  The Examiner can normally be reached Monday–Friday from 9:30AM–6PM ET.
If attempts to reach the Examiner by telephone are unsuccessful, the Examiner’s supervisor, Vivek Srivastava, can be reached at (571) 272-7304.  The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://portal.uspto.gov/external/portal.  Should you have questions about access to the Private PAIR system, contact the Electronic Business Center (EBC) at (866) 217-9197 (toll-free).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool.  To schedule an interview, Applicants are encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
/DAVID P ZARKA/PATENT EXAMINER, Art Unit 2449


    
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
    

    
        1 The Examiner notes the limitations of claim 2 directed to the second packet are non-limiting because antecedent basis for the second packet is an optional method-step of claim 1, lines 12–16.  The rejection of claim 1 does not rely on the optional method-step of claim 1 directed to the second packet.