Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Detailed Action
In the correspondence filed on 09/19/2022, claims 1, 7 and 17 have been amended. Claims 1-20 are currently pending for examination.

Response to Arguments
Regarding 35 U.S.C. 103(a) applicant’s arguments, see page 8 - page 14 (all), filed
09/19/2022, with respect to claims 1-20 have been fully considered.
Regarding 35 U.S.C. 103 rejection of claims 1 - 20 the applicant argued that the references fail to disclose the amended subject matter.
In response to applicant's argument, a new round of rejection is presented in view of Ma et al. (US20160164699A1).

Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
Determining the scope and contents of the prior art.

Ascertaining the differences between the prior art and the claims at issue.

Resolving the level of ordinary skill in the pertinent art.

Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-2, 4, 7-8, 10-11, 13-14 and 17-18 are rejected under 35 U.S.C. 103 as being unpatentable over Jiang (US20110222543A1) hereinafter Jiang in view of Raza et al. (US20190036876A1) hereinafter Raza, and further in view of Ma et al. (US20160164699A1) hereinafter Ma. 
As per claim 1. An apparatus comprising: (Jiang, par0095 teaches according to a communication system [apparatus] in an embodiment of the present invention, for a data packet carrying a first private IPv4 address, an access gateway directly forwards the data packet to a CGN device).
a first network interface to connect to a provider router in a communication network; (Jiang, par0099, teaches the access gateway [provider router] applies multiple private IPv4 addresses (such as, first private addresses according to the embodiments of the present invention) from the CGN device. 10.1.0.1 is allocated to the IPv4 client and 10.1.0.2 is allocated to an IPv4 port of the dual stack client. A local area network (LAN) interface address of the access gateway is 10.0.0.2, and a wide area network (WAN) interface [a first network interface] address of the access gateway is 10.0.0.1. A private IPv4 address of the CGN device is 10.0.0.0, and a public IPv4 address of the CGN device is 193.0.0.2).
a second network interface to connect to an input/output router in a local access network that includes a plurality of different endpoint devices; (Jiang, Fig13[plurality of endpoints], par0099, 0105 teaches the access gateway applies multiple private IPv4 addresses (such as, first private addresses according to the embodiments of the present invention) from the CGN device. 10.1.0.1 is allocated to the IPv4 client and 10.1.0.2 is allocated to an IPv4 port of the dual stack client. A local area network (LAN) interface [second network interface] address of the access gateway is 10.0.0.2… As shown in FIG. 13, an internal interface (LAN interface) of the access gateway uses 192.168.0.0, an IPv4 client uses 192.168.0.1, and an IPv4 port of a dual stack client uses 192.168.0.2).
a routing block to determine a first set of data that is to be passed-through without receiving network address translation and (Jiang, par0067, teaches for an IPv6 packet, the access gateway encapsulates the IPv6 packet into an IPv6-over-IPv4 tunnel packet, and sends the IPv6-over-IPv4 tunnel packet to the CGN device through an IPv6-over-IPv4 tunnel; the CGN device decapsulates the IPv6-over-IPv4 tunnel packet to the IPv6 packet, and then sends [passed-through without receiving network address translation] the IPv6 packet to an IPv6 network).
a second set of data that requires network address translation; and (Jiang, par0095, teaches for a data packet carrying a first private IPv4 address, an access gateway directly forwards the data packet to a CGN device. For a data packet carrying a second private IPv4 address, the access gateway translates the second private IPv4 address into the first private IPv4 address, sends the data packet to the CGN device; the CGN device translates [a second set of data that requires network address translation] the first private IPv4 address into a public IPv4 address, and then forwards the data packet to an IPv4 network).
least one second terminal).
          Jiang does not explicitly discloses a processor, wherein the processor is to generate a plurality of virtual carrier grade network address translation instances, wherein the plurality of virtual carrier grade network address translation instances is to route the second set of data between the provider router and the input/output router, wherein the routing block is to route the second set of data to a corresponding virtual carrier grade network address translation instance of the plurality of virtual carrier grade network address translation instances the corresponding virtual carrier grade instance performing the network address translation for the second set of data, wherein the second set of data is routed based on routing information in the routing block.
          Raza however discloses a processor, wherein the processor is to generate a plurality of virtual carrier grade network address translation instances, (Raza, par0004, 0023, teaches according to some examples, methods to provide a virtualized Carrier-grade Network Address Translation (CGN) at a customer edge router of multiple customer edge routers are described. An example method to provide a virtualized CGN at a first customer edge router of multiple customer edge routers may include establishing, by the first customer edge router, a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers, and performing, by the first customer edge router, a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, the NAT being a translation of a private IP address to a public IP address…. The function endpoint layer may include the devices that perform the Network Address Translation (NAT) to collectively form a virtualized CGN carrier network [plurality of virtual carrier grade network address translation instances] (e.g., virtualized CGN domain). The virtualized CGN carrier network may be accessible through the aggregation platform layer. The function endpoint layer may include one or more customer edge routers).
wherein the plurality of virtual carrier grade network address translation instances is to route the second set of data between the provider router and the input/output router, (Raza, par0023-0030, teaches  the devices that perform the Network Address Translation (NAT) to collectively form a virtualized CGN carrier network (e.g., virtualized CGN domain). The virtualized CGN carrier network may be accessible through the aggregation platform layer. The function endpoint layer may include one or more customer edge routers. Each customer edge router may establish a tunnel to each aggregation router in the aggregation platform layer to establish an overlay network…..the architecture provides for construction of a virtual CGN function by allowing each customer edge router to perform the NAT of the network traffic, using the aggregation routers as entry and exit points to the NAT function, and routing the network traffic in an overlay network using tunnels between each customer edge router and the aggregation routers).
wherein the routing block is to route the second set of data to a corresponding virtual carrier grade network address translation instance of the plurality of virtual carrier grade network address translation instances the corresponding virtual carrier grade instance performing the network address translation for the second set of data, wherein the second set of data is routed based on routing information in the routing block. (Raza, par0079, teaches to provide a virtualized Carrier-grade Network Address Translation (CGN) at a customer edge router of multiple customer edge routers are described. An example method to provide a virtualized CGN at a first customer edge router of multiple customer edge routers may include establishing, by the first customer edge router, a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers; performing, by the first customer edge router, a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, the NAT being a translation of a private IP address to a public IP address; selecting, by the first customer edge router, a first aggregation router from amongst the one or more aggregation routers to send the NAT'ed first data packet to; encapsulating, by the first customer edge router, the NAT'ed first data packet with overlay information corresponding to a tunnel established between the first customer edge router and the first aggregation router; and sending, by the first customer edge router, the encapsulated NAT'ed first data packet through the tunnel to the first aggregation router).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of a processor, wherein the processor is to generate a plurality of virtual carrier grade network address translation instances, wherein the plurality of virtual carrier grade network address translation instances is to route the second set of data between the provider router and the input/output router, wherein the routing block is to route the second set of data to a corresponding virtual carrier grade network address translation instance of the plurality of virtual carrier grade network address translation instances the corresponding virtual carrier grade instance performing the network address translation for the second set of data, wherein the second set of data is routed based on routing information in the routing block, as taught by Raza in the system of Jiang, so there is a growing movement among enterprises and other entities towards cloud architectures, enterprise customers are demanding more managed services, such as connectivity and security services, that are provided by their network service providers, see Raza par0002.
          Jiang and Raza do not explicitly disclose prior to performing the network address translation.
          Ma however disclose prior to performing the network address translation. (Ma par0150 teaches after receiving the data packet, generally, the server only forwards the data packet …. after receiving an uplink data packet sent by the RGW, generally, the existing server only forwards [prior to performing the network address translation] the uplink data packet to a network element on the network side, for example, the server forwards the uplink data packet to carrier-grade network address translation (CGN, Carrier-Grade Network Address Translation).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of prior to performing the network address translation, as taught by Jiang and Raza in the apparatus of Ma, to increase the quality of the gateway see Ma par0003.

As per claim 2.  Jiang, Raza and Ma disclose the apparatus of claim 1.
          Jiang further discloses wherein the routing block comprises a pass-through block where the first set of data is routed without receiving network address translation. (Jiang, par0067, teaches for an IPv6 packet, the access gateway encapsulates the IPv6 packet into an IPv6-over-IPv4 tunnel packet, and sends the IPv6-over-IPv4 tunnel packet to the CGN device through an IPv6-over-IPv4 tunnel; the CGN device decapsulates the IPv6-over-IPv4 tunnel packet to the IPv6 packet, and then sends [passed-through without receiving network address translation] the IPv6 packet to an IPv6 network).

As per claim 4.  Jiang, Raza and Ma disclose the apparatus of claim 1.
          Jiang does not explicitly discloses wherein the routing information comprises a virtual routing and forwarding table to route data from the input/output router to one of the plurality of virtual carrier grade network address translation instances based on a public internet protocol address.
          Raza however discloses wherein the routing information comprises a virtual routing and forwarding table to route data from the input/output router to one of the plurality of virtual carrier grade network address translation instances based on a public internet protocol address. (Raza, par0045, teaches the the customer edge router 104 a may maintain a virtual routing and forwarding (VRF) table. For example, the enterprise associated with customer edge router 104 a may operate multiple VPNs, each with their own VRF. Based on which VPN the data packet is received from, the customer edge router 104 a may create an entry in the NAT table identifying to which VPN the data packet belongs. As illustrated in FIG. 4, the data packet 406 may come from VPN_1. The customer edge router 104 a may additionally create an entry in the VRF table for VPN_1 that identifies that data packets directed to the address 10.1.1.1 are to be out of Interface_1 of the customer edge router 104 a).
one of the plurality of virtual carrier grade network address translation instances based on a public internet protocol address. (Raza, par0079, teaches to provide a virtualized Carrier-grade Network Address Translation (CGN) at a customer edge router of multiple customer edge routers are described. An example method to provide a virtualized CGN at a first customer edge router of multiple customer edge routers may include establishing, by the first customer edge router, a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers; performing, by the first customer edge router, a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, the NAT being a translation of a private IP address to a public IP address; selecting, by the first customer edge router, a first aggregation router from amongst the one or more aggregation routers to send the NAT'ed first data packet to).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of wherein the routing information comprises a virtual routing and forwarding table to route data from the input/output router to one of the plurality of virtual carrier grade network address translation instances based on a public internet protocol address, as taught by Raza in the system of Jiang, so there is a growing movement among enterprises and other entities towards cloud architectures, enterprise customers are demanding more managed services, such as connectivity and security services, that are provided by their network service providers, see Raza par0002.

As per claim 7. A method comprising: (Jiang, par0004 teaches the present invention are directed to a method for forwarding data packet, a communication system, a Carrier Grade Network Address Translation (CGN) device, and an access gateway, so as to solve technical problems of fully utilizing the IPv4 network, gradually increasing deployment of the IPv6 network, and realize communication).
receiving, by a processing system comprising at least one processor, a data packet from a provider router in a communication network; (Jiang, par0098-0099, teaches as shown in FIG. 12, an IPv4 client and a dual stack client communicate with an access gateway respectively, the access gateway communicates with a CGN device through the IPv4 Protocol, and the CGN device is connected to an IPv6 network and an IPv4 network…..the access gateway [provider router] applies multiple private IPv4 addresses (such as, first private addresses according to the embodiments of the present invention) from the CGN device. 10.1.0.1 is allocated to the IPv4 client and 10.1.0.2 is allocated to an IPv4 port of the dual stack client. A local area network (LAN) interface address of the access gateway is 10.0.0.2, and a wide area network (WAN) interface address of the access gateway is 10.0.0.1. A private IPv4 address of the CGN device is 10.0.0.0, and a public IPv4 address of the CGN device is 193.0.0.2).
determining, by the processing system, that the data packet requires network address translation; (Jiang, par0095, teaches for a data packet carrying a first private IPv4 address, an access gateway directly forwards the data packet to a CGN device. For a data packet carrying a second private IPv4 address, the access gateway translates the second private IPv4 address into the first private IPv4 address, sends the data packet to the CGN device; the CGN device translates  the first private IPv4 address into a public IPv4 address, and then forwards the data packet to an IPv4 network).
          Jiang does not explicitly discloses determining, by the processing system, a first virtual carrier grade network address translation instance associated with the data packet from a plurality of virtual carrier grade network address translation instances; performing, by the processing system, network address translation on the data packet via the first virtual carrier grade network address translation instance; and transmitting, by the processing system, the data packet that has received network address translation to an input/output router in a local access network to forward the data packet to an endpoint device.
          Raza however discloses determining, by the processing system, a first virtual carrier grade network address translation instance associated with the data packet from a plurality of virtual carrier grade network address translation instances (Raza, par0004, 0023, teaches according to some examples, methods to provide a virtualized Carrier-grade Network Address Translation (CGN) at a customer edge router of multiple customer edge routers are described. An example method to provide a virtualized CGN at a first customer edge router of multiple customer edge routers may include establishing, by the first customer edge router, a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers, and performing, by the first customer edge router, a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, the NAT being a translation of a private IP address to a public IP address…. The function endpoint layer may include the devices that perform the Network Address Translation (NAT) to collectively form a virtualized CGN carrier network [plurality of virtual carrier grade network address translation instances] (e.g., virtualized CGN domain). The virtualized CGN carrier network may be accessible through the aggregation platform layer. The function endpoint layer may include one or more customer edge routers).
performing, by the processing system, network address translation on the data packet via the first virtual carrier grade network address translation instance (Raza, par0023-0030, teaches  the devices that perform the Network Address Translation (NAT) to collectively form a virtualized CGN carrier network (e.g., virtualized CGN domain). The virtualized CGN carrier network may be accessible through the aggregation platform layer. The function endpoint layer may include one or more customer edge routers. Each customer edge router may establish a tunnel to each aggregation router in the aggregation platform layer to establish an overlay network…..the architecture provides for construction of a virtual CGN function by allowing each customer edge router to perform the NAT of the network traffic, using the aggregation routers as entry and exit points to the NAT function, and routing the network traffic in an overlay network using tunnels between each customer edge router and the aggregation routers).
transmitting, by the processing system, the data packet that has received network address translation to an input/output router in a local access network to forward the data packet to an endpoint device (Raza, par0079, teaches to provide a virtualized Carrier-grade Network Address Translation (CGN) at a customer edge router of multiple customer edge routers are described. An example method to provide a virtualized CGN at a first customer edge router of multiple customer edge routers may include establishing, by the first customer edge router, a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers; performing, by the first customer edge router, a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, the NAT being a translation of a private IP address to a public IP address; selecting, by the first customer edge router, a first aggregation router from amongst the one or more aggregation routers to send the NAT'ed first data packet to; encapsulating, by the first customer edge router, the NAT'ed first data packet with overlay information corresponding to a tunnel established between the first customer edge router and the first aggregation router; and sending, by the first customer edge router, the encapsulated NAT'ed first data packet through the tunnel to the first aggregation router).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of determining, by the processing system, a first virtual carrier grade network address translation instance associated with the data packet from a plurality of virtual carrier grade network address translation instances; performing, by the processing system, network address translation on the data packet via the first virtual carrier grade network address translation instance; and transmitting, by the processing system, the data packet that has received network address translation to an input/output router in a local access network to forward the data packet to an endpoint device, as taught by Raza in the method of Jiang, so there is a growing movement among enterprises and other entities towards cloud architectures, enterprise customers are demanding more managed services, such as connectivity and security services, that are provided by their network service providers, see Raza par0002.
          Jiang and Raza do not explicitly disclose prior to performing the network address translation.
          Ma however disclose prior to performing the network address translation. (Ma par0150 teaches after receiving the data packet, generally, the server only forwards the data packet …. after receiving an uplink data packet sent by the RGW, generally, the existing server only forwards the uplink data packet to a network element on the network side, for example, the server forwards the uplink data packet to carrier-grade network address translation (CGN, Carrier-Grade Network Address Translation).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of prior to performing the network address translation, as taught by Jiang and Raza in the method of Ma, to increase the quality of the gateway see Ma par0003.

As per claim 8.  Jiang, Raza and Ma disclose the method of claim 7.
          Jiang discloses further comprising: receiving, by the processing system, a second data packet from the input/output router (Jiang, par0098-0099, teaches as shown in FIG. 12, an IPv4 client and a dual stack client communicate with an access gateway respectively, the access gateway communicates with a CGN device through the IPv4 Protocol, and the CGN device is connected to an IPv6 network and an IPv4 network…..the access gateway [provider router] applies multiple private IPv4 addresses (such as, first private addresses according to the embodiments of the present invention) from the CGN device. 10.1.0.1 is allocated to the IPv4 client and 10.1.0.2 is allocated to an IPv4 port of the dual stack client. A local area network (LAN) interface address of the access gateway is 10.0.0.2, and a wide area network (WAN) interface address of the access gateway is 10.0.0.1. A private IPv4 address of the CGN device is 10.0.0.0, and a public IPv4 address of the CGN device is 193.0.0.2).
determining, by the processing system, that the second data packet requires network address translation; (Jiang, par0095, teaches for a data packet carrying a first private IPv4 address, an access gateway directly forwards the data packet to a CGN device. For a data packet carrying a second private IPv4 address, the access gateway translates the second private IPv4 address into the first private IPv4 address, sends the data packet to the CGN device; the CGN device translates  the first private IPv4 address into a public IPv4 address, and then forwards the data packet to an IPv4 network).
least one second terminal).
          Jiang does not explicitly discloses determining, by the processing system, a second virtual carrier grade network address translation instance associated with the second data packet from the plurality of virtual carrier grade network address translation instances; performing, by the processing system, network address translation on the second data packet via the second virtual carrier grade network address translation instance; and transmitting, by the processing system, the second data packet that has received network address translation to the provider router in the communication network.
          Raza however discloses determining, by the processing system, a second virtual carrier grade network address translation instance associated with the second data packet from the plurality of virtual carrier grade network address translation instances (Raza, par0004, 0023, teaches according to some examples, methods to provide a virtualized Carrier-grade Network Address Translation (CGN) at a customer edge router of multiple customer edge routers are described. An example method to provide a virtualized CGN at a first customer edge router of multiple customer edge routers may include establishing, by the first customer edge router, a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers, and performing, by the first customer edge router, a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, the NAT being a translation of a private IP address to a public IP address…. The function endpoint layer may include the devices that perform the Network Address Translation (NAT) to collectively form a virtualized CGN carrier network [plurality of virtual carrier grade network address translation instances] (e.g., virtualized CGN domain). The virtualized CGN carrier network may be accessible through the aggregation platform layer. The function endpoint layer may include one or more customer edge routers).
performing, by the processing system, network address translation on the second data packet via the second virtual carrier grade network address translation instance (Raza, par0023-0030, 0038 teaches  the devices that perform the Network Address Translation (NAT) to collectively form a virtualized CGN carrier network (e.g., virtualized CGN domain). The virtualized CGN carrier network may be accessible through the aggregation platform layer. The function endpoint layer may include one or more customer edge routers. Each customer edge router may establish a tunnel to each aggregation router in the aggregation platform layer to establish an overlay network…..the architecture provides for construction of a virtual CGN function by allowing each customer edge router to perform the NAT of the network traffic, using the aggregation routers as entry and exit points to the NAT function, and routing the network traffic in an overlay network using tunnels between each customer edge router and the aggregation routers…. As a result, function provider domain 102 and network provider domain 104 may be a Verizon network to service the first customer location, and network provider domain 106 may be a Comcast network to service the second enterprise customer location. Verizon is only leasing the Comcast network circuits to support the second enterprise customer location. Verizon is managing the enterprise customer networks at both the first enterprise customer location and the second enterprise customer location. Accordingly, Verizon may place customer edge routers 104 a and 104 b at the first enterprise customer location, and customer edge routers 106 a and 106 b at the second enterprise customer location. Although customer edge routers 106 a and 106 b are Verizon routers managed by Verizon, customer edge routers 106 a and 106 b are connected to Comcast network circuits. Verizon may manage each customer edge routers 104 a, 104 b, 106 a, and 106 b to perform the NAT functionality to provide the virtual CGN).
transmitting, by the processing system, the second data packet that has received network address translation to the provider router in the communication network (Raza, par0079, teaches to provide a virtualized Carrier-grade Network Address Translation (CGN) at a customer edge router of multiple customer edge routers are described. An example method to provide a virtualized CGN at a first customer edge router of multiple customer edge routers may include establishing, by the first customer edge router, a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers; performing, by the first customer edge router, a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, the NAT being a translation of a private IP address to a public IP address; selecting, by the first customer edge router, a first aggregation router from amongst the one or more aggregation routers to send the NAT'ed first data packet to; encapsulating, by the first customer edge router, the NAT'ed first data packet with overlay information corresponding to a tunnel established between the first customer edge router and the first aggregation router; and sending, by the first customer edge router, the encapsulated NAT'ed first data packet through the tunnel to the first aggregation router).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of determining, by the processing system, a second virtual carrier grade network address translation instance associated with the second data packet from the plurality of virtual carrier grade network address translation instances; performing, by the processing system, network address translation on the second data packet via the second virtual carrier grade network address translation instance; and transmitting, by the processing system, the second data packet that has received network address translation to the provider router in the communication network, as taught by Raza in the method of Jiang, so there is a growing movement among enterprises and other entities towards cloud architectures, enterprise customers are demanding more managed services, such as connectivity and security services, that are provided by their network service providers, see Raza par0002.
[Examiner note -  the first, second or third set of data will passed-through without receiving network address translation or will require network address translation and routed accordingly]

As per claim 10.  Jiang, Raza and Ma disclose the method of claim 8.
          Jiang further discloses wherein the performing the network address translation comprises converting a private internet protocol address into a public internet protocol address associated with a destination. (Jiang, par0095, teaches for a data packet carrying a first private IPv4 address, an access gateway directly forwards the data packet to a CGN device. For a data packet carrying a second private IPv4 address, the access gateway translates the second private IPv4 address into the first private IPv4 address, sends the data packet to the CGN device; the CGN device translates the first private IPv4 address into a public IPv4 address, and then forwards the data packet to an IPv4 network).

As per claim 11.  Jiang, Raza and Ma disclose the method of claim 7.
          Jiang further discloses wherein a third data packet is passed-through if the third data packet is determined to not need network address translation. (Jiang, par0067, teaches for an IPv6 packet, the access gateway encapsulates the IPv6 packet into an IPv6-over-IPv4 tunnel packet, and sends the IPv6-over-IPv4 tunnel packet to the CGN device through an IPv6-over-IPv4 tunnel; the CGN device decapsulates the IPv6-over-IPv4 tunnel packet to the IPv6 packet, and then sends [passed-through without receiving network address translation] the IPv6 packet to an IPv6 network).

As per claim 13.  Jiang, Raza and Ma disclose the method of claim 7.
          Jiang further discloses a private internet protocol address and a port number associated with the data packet (Jiang, par0049 teaches S12, the CGN device replaces the first private IPv4 address with a public IPv4 address, records a first mapping relationship between the public IPv4 address and the first private IPv4 address, and forwards the first data packet carrying the public IPv4 address to an IPv4 network. The first mapping relationship includes: a corresponding relationship between the public IPv4 address and the first private IPv4 address, and/or a corresponding relationship among the public IPv4 address, the first private IPv4 address and a first private port number).
          Jiang does not explicitly discloses wherein the determining the first virtual carrier grade network address translation instance associated with the data packet, comprises: looking up a private internet protocol address and a port number associated with the data packet in a virtual routing and forwarding table in a memory of the processing system.
          Raza however discloses wherein the determining the first virtual carrier grade network address translation instance associated with the data packet, comprises: looking up a private internet protocol address and a port number associated with the data packet in a virtual routing and forwarding table in a memory of the processing system. (Raza, par0045, par0079 teaches the the customer edge router 104 a may maintain a virtual routing and forwarding (VRF) table. For example, the enterprise associated with customer edge router 104 a may operate multiple VPNs, each with their own VRF. Based on which VPN the data packet is received from, the customer edge router 104 a may create an entry in the NAT table identifying to which VPN the data packet belongs. As illustrated in FIG. 4, the data packet 406 may come from VPN_1. The customer edge router 104 a may additionally create an entry in the VRF table for VPN_1 that identifies that data packets directed to the address 10.1.1.1 are to be out of Interface_1 of the customer edge router 104 a. Par0079, teaches to provide a virtualized Carrier-grade Network Address Translation (CGN) at a customer edge router of multiple customer edge routers are described. An example method to provide a virtualized CGN at a first customer edge router of multiple customer edge routers may include establishing, by the first customer edge router, a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers; performing, by the first customer edge router, a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, the NAT being a translation of a private IP address to a public IP address; selecting, by the first customer edge router, a first aggregation router from amongst the one or more aggregation routers to send the NAT'ed first data packet to).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of wherein the determining the first virtual carrier grade network address translation instance associated with the data packet, comprises: looking up a private internet protocol address and a port number associated with the data packet in a virtual routing and forwarding table in a memory of the processing system, as taught by Raza in the method of Jiang, so there is a growing movement among enterprises and other entities towards cloud architectures, enterprise customers are demanding more managed services, such as connectivity and security services, that are provided by their network service providers, see Raza par0002.

As per claim 14.  Jiang, Raza and Ma disclose the method of claim 7.
          Jiang further discloses wherein the performing the network address translation comprises converting a public internet protocol address associated with the input/output router and a port number associated with the data packet into a private internet protocol address and a port number associated with an endpoint device communicatively coupled to the input/output router (Jiang, par0049-0050teaches S12, the CGN device replaces the first private IPv4 address with a public IPv4 address, records a first mapping relationship between the public IPv4 address and the first private IPv4 address, and forwards the first data packet carrying the public IPv4 address to an IPv4 network. The first mapping relationship includes: a corresponding relationship between the public IPv4 address and the first private IPv4 address, and/or a corresponding relationship among the public IPv4 address, the first private IPv4 address and a first private port number…Before S11, if the IPv4 client has no public IPv4 address, the method may further include: the access gateway replaces a second private IPv4 address of the first data packet from the IPv4 client or the dual stack client with the first private IPv4 address, records a second mapping relationship between the second private IPv4 address and the first private IPv4 address, and forwards the first data packet carrying the first private IPv4 address to the CGN device. The second mapping relationship includes: a corresponding relationship between the second private IPv4 address and the first private IPv4 address, and/or a corresponding relationship among the first private IPv4 address, the second private IPv4 address and a second private port number).

As per claim 17.  A non-transitory computer-readable medium storing instructions which, (Jiang, par0107 teaches the software product may be stored in a storage medium [non-transitory], which can be a Read-Only Memory (ROM)/Random Access Memory (RAM), a magnetic disk, and an optical disk. The software product includes a number of instructions that enable a computer device (a personal computer, a server, or a network device) to execute the methods provided in the embodiments of the present invention).
when executed by a processing system including at least one processor, cause the processing system to perform operations, the operations comprising: (Jiang, par0004 teaches the present invention are directed to a method for forwarding data packet, a communication system, a Carrier Grade Network Address Translation (CGN) device, and an access gateway [processor], so as to solve technical problems of fully utilizing the IPv4 network, gradually increasing deployment of the IPv6 network, and realize communication).
receiving a data packet from a provider router in a communication network; (Jiang, par0098-0099, teaches as shown in FIG. 12, an IPv4 client and a dual stack client communicate with an access gateway respectively, the access gateway communicates with a CGN device through the IPv4 Protocol, and the CGN device is connected to an IPv6 network and an IPv4 network…..the access gateway [provider router] applies multiple private IPv4 addresses (such as, first private addresses according to the embodiments of the present invention) from the CGN device. 10.1.0.1 is allocated to the IPv4 client and 10.1.0.2 is allocated to an IPv4 port of the dual stack client. A local area network (LAN) interface address of the access gateway is 10.0.0.2, and a wide area network (WAN) interface address of the access gateway is 10.0.0.1. A private IPv4 address of the CGN device is 10.0.0.0, and a public IPv4 address of the CGN device is 193.0.0.2).
determining that the data packet requires network address translation; (Jiang, par0095, teaches for a data packet carrying a first private IPv4 address, an access gateway directly forwards the data packet to a CGN device. For a data packet carrying a second private IPv4 address, the access gateway translates the second private IPv4 address into the first private IPv4 address, sends the data packet to the CGN device; the CGN device translates  the first private IPv4 address into a public IPv4 address, and then forwards the data packet to an IPv4 network).
least one second terminal).
          Jiang does not explicitly discloses determining a first virtual carrier grade network address translation instance associated with the data packet from a plurality of virtual carrier grade network address translation instances; performing network address translation on the data packet via the first virtual carrier grade network address translation instance; and transmitting the data packet that has received network address translation to an input/output router in a local access network to forward the data packet to an endpoint device.
          Raza however discloses determining a first virtual carrier grade network address translation instance associated with the data packet from a plurality of virtual carrier grade network address translation instances (Raza, par0004, 0023, teaches according to some examples, methods to provide a virtualized Carrier-grade Network Address Translation (CGN) at a customer edge router of multiple customer edge routers are described. An example method to provide a virtualized CGN at a first customer edge router of multiple customer edge routers may include establishing, by the first customer edge router, a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers, and performing, by the first customer edge router, a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, the NAT being a translation of a private IP address to a public IP address…. The function endpoint layer may include the devices that perform the Network Address Translation (NAT) to collectively form a virtualized CGN carrier network [plurality of virtual carrier grade network address translation instances] (e.g., virtualized CGN domain). The virtualized CGN carrier network may be accessible through the aggregation platform layer. The function endpoint layer may include one or more customer edge routers).
performing network address translation on the data packet via the first virtual carrier grade network address translation instance (Raza, par0023-0030, teaches  the devices that perform the Network Address Translation (NAT) to collectively form a virtualized CGN carrier network (e.g., virtualized CGN domain). The virtualized CGN carrier network may be accessible through the aggregation platform layer. The function endpoint layer may include one or more customer edge routers. Each customer edge router may establish a tunnel to each aggregation router in the aggregation platform layer to establish an overlay network…..the architecture provides for construction of a virtual CGN function by allowing each customer edge router to perform the NAT of the network traffic, using the aggregation routers as entry and exit points to the NAT function, and routing the network traffic in an overlay network using tunnels between each customer edge router and the aggregation routers).
transmitting the data packet that has received network address translation to an input/output router in a local access network to forward the data packet to an endpoint device (Raza, par0079, teaches to provide a virtualized Carrier-grade Network Address Translation (CGN) at a customer edge router of multiple customer edge routers are described. An example method to provide a virtualized CGN at a first customer edge router of multiple customer edge routers may include establishing, by the first customer edge router, a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers; performing, by the first customer edge router, a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, the NAT being a translation of a private IP address to a public IP address; selecting, by the first customer edge router, a first aggregation router from amongst the one or more aggregation routers to send the NAT'ed first data packet to; encapsulating, by the first customer edge router, the NAT'ed first data packet with overlay information corresponding to a tunnel established between the first customer edge router and the first aggregation router; and sending, by the first customer edge router, the encapsulated NAT'ed first data packet through the tunnel to the first aggregation router).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of determining a first virtual carrier grade network address translation instance associated with the data packet from a plurality of virtual carrier grade network address translation instances; performing network address translation on the data packet via the first virtual carrier grade network address translation instance; and transmitting the data packet that has received network address translation to an input/output router in a local access network to forward the data packet to an endpoint device, as taught by Raza in the non-transitory computer-readable medium of Jiang, so there is a growing movement among enterprises and other entities towards cloud architectures, enterprise customers are demanding more managed services, such as connectivity and security services, that are provided by their network service providers, see Raza par0002.
          Jiang and Raza do not explicitly disclose prior to performing the network address translation.
          Ma however disclose prior to performing the network address translation. (Ma par0150 teaches after receiving the data packet, generally, the server only forwards the data packet …. after receiving an uplink data packet sent by the RGW, generally, the existing server only forwards the uplink data packet to a network element on the network side, for example, the server forwards the uplink data packet to carrier-grade network address translation (CGN, Carrier-Grade Network Address Translation).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of prior to performing the network address translation, as taught by Jiang and Raza in the non-transitory computer-readable medium of Ma, to increase the quality of the gateway see Ma par0003.

As per claim 18.  Jiang, Raza and Ma disclose the non-transitory computer-readable medium of claim 17.
          Jiang further discloses the operations further comprising: receiving a second data packet from the input/output router (Jiang, par0098-0099, teaches as shown in FIG. 12, an IPv4 client and a dual stack client communicate with an access gateway respectively, the access gateway communicates with a CGN device through the IPv4 Protocol, and the CGN device is connected to an IPv6 network and an IPv4 network…..the access gateway [provider router] applies multiple private IPv4 addresses (such as, first private addresses according to the embodiments of the present invention) from the CGN device. 10.1.0.1 is allocated to the IPv4 client and 10.1.0.2 is allocated to an IPv4 port of the dual stack client. A local area network (LAN) interface address of the access gateway is 10.0.0.2, and a wide area network (WAN) interface address of the access gateway is 10.0.0.1. A private IPv4 address of the CGN device is 10.0.0.0, and a public IPv4 address of the CGN device is 193.0.0.2).
determining that the second data packet requires network address translation; (Jiang, par0095, teaches for a data packet carrying a first private IPv4 address, an access gateway directly forwards the data packet to a CGN device. For a data packet carrying a second private IPv4 address, the access gateway translates the second private IPv4 address into the first private IPv4 address, sends the data packet to the CGN device; the CGN device translates  the first private IPv4 address into a public IPv4 address, and then forwards the data packet to an IPv4 network).
least one second terminal).
          Jiang does not explicitly discloses determining a second virtual carrier grade network address translation instance associated with the second data packet from the plurality of virtual carrier grade network address translation instances; performing network address translation on the second data packet via the second virtual carrier grade network address translation instance; and transmitting the second data packet that has received network address translation to the provider router in the communication network.
          Raza however discloses determining a second virtual carrier grade network address translation instance associated with the second data packet from the plurality of virtual carrier grade network address translation instances (Raza, par0004, 0023, teaches according to some examples, methods to provide a virtualized Carrier-grade Network Address Translation (CGN) at a customer edge router of multiple customer edge routers are described. An example method to provide a virtualized CGN at a first customer edge router of multiple customer edge routers may include establishing, by the first customer edge router, a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers, and performing, by the first customer edge router, a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, the NAT being a translation of a private IP address to a public IP address…. The function endpoint layer may include the devices that perform the Network Address Translation (NAT) to collectively form a virtualized CGN carrier network [plurality of virtual carrier grade network address translation instances] (e.g., virtualized CGN domain). The virtualized CGN carrier network may be accessible through the aggregation platform layer. The function endpoint layer may include one or more customer edge routers).
performing network address translation on the second data packet via the second virtual carrier grade network address translation instance (Raza, par0023-0030, 0038 teaches  the devices that perform the Network Address Translation (NAT) to collectively form a virtualized CGN carrier network (e.g., virtualized CGN domain). The virtualized CGN carrier network may be accessible through the aggregation platform layer. The function endpoint layer may include one or more customer edge routers. Each customer edge router may establish a tunnel to each aggregation router in the aggregation platform layer to establish an overlay network…..the architecture provides for construction of a virtual CGN function by allowing each customer edge router to perform the NAT of the network traffic, using the aggregation routers as entry and exit points to the NAT function, and routing the network traffic in an overlay network using tunnels between each customer edge router and the aggregation routers…. As a result, function provider domain 102 and network provider domain 104 may be a Verizon network to service the first customer location, and network provider domain 106 may be a Comcast network to service the second enterprise customer location. Verizon is only leasing the Comcast network circuits to support the second enterprise customer location. Verizon is managing the enterprise customer networks at both the first enterprise customer location and the second enterprise customer location. Accordingly, Verizon may place customer edge routers 104 a and 104 b at the first enterprise customer location, and customer edge routers 106 a and 106 b at the second enterprise customer location. Although customer edge routers 106 a and 106 b are Verizon routers managed by Verizon, customer edge routers 106 a and 106 b are connected to Comcast network circuits. Verizon may manage each customer edge routers 104 a, 104 b, 106 a, and 106 b to perform the NAT functionality to provide the virtual CGN).
transmitting the second data packet that has received network address translation to the provider router in the communication network (Raza, par0079, teaches to provide a virtualized Carrier-grade Network Address Translation (CGN) at a customer edge router of multiple customer edge routers are described. An example method to provide a virtualized CGN at a first customer edge router of multiple customer edge routers may include establishing, by the first customer edge router, a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers; performing, by the first customer edge router, a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, the NAT being a translation of a private IP address to a public IP address; selecting, by the first customer edge router, a first aggregation router from amongst the one or more aggregation routers to send the NAT'ed first data packet to; encapsulating, by the first customer edge router, the NAT'ed first data packet with overlay information corresponding to a tunnel established between the first customer edge router and the first aggregation router; and sending, by the first customer edge router, the encapsulated NAT'ed first data packet through the tunnel to the first aggregation router).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of determining, by the processing system, a second virtual carrier grade network address translation instance associated with the second data packet from the plurality of virtual carrier grade network address translation instances; performing, by the processing system, network address translation on the second data packet via the second virtual carrier grade network address translation instance; and transmitting, by the processing system, the second data packet that has received network address translation to the provider router in the communication network, as taught by Raza in the non-transitory computer-readable medium of Jiang, so there is a growing movement among enterprises and other entities towards cloud architectures, enterprise customers are demanding more managed services, such as connectivity and security services, that are provided by their network service providers, see Raza par0002.
[Examiner note -  the first, second or third set of data will passed-through without receiving network address translation or will require network address translation and routed accordingly]

Claims 3, 9, 16 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Jiang in view of Raza further in view of Ma, and further in view of Dumitriu (US20140195666A1) hereinafter Dumitriu. 
As per claim 3.  Jiang, Raza and Ma disclose the apparatus of claim 1.
          Jiang does not explicitly discloses from the provider router to one of the plurality of virtual carrier grade network address translation instances.
          Raza however discloses from the provider router to one of the plurality of virtual carrier grade network address translation instances. (Raza, par0079, teaches to provide a virtualized Carrier-grade Network Address Translation (CGN) at a customer edge router of multiple customer edge routers are described. An example method to provide a virtualized CGN at a first customer edge router of multiple customer edge routers may include establishing, by the first customer edge router, a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers; performing, by the first customer edge router, a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, the NAT being a translation of a private IP address to a public IP address; selecting, by the first customer edge router, a first aggregation router from amongst the one or more aggregation routers to send the NAT'ed first data packet to; encapsulating, by the first customer edge router, the NAT'ed first data packet with overlay information corresponding to a tunnel established between the first customer edge router and the first aggregation router; and sending, by the first customer edge router, the encapsulated NAT'ed first data packet through the tunnel to the first aggregation router).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of from the provider router to one of the plurality of virtual carrier grade network address translation instances, as taught by Raza in the system of Jiang, so there is a growing movement among enterprises and other entities towards cloud architectures, enterprise customers are demanding more managed services, such as connectivity and security services, that are provided by their network service providers, see Raza par0002.
          Jiang, Raza and Ma do not explicitly disclose wherein the routing information comprises a global routing table to route data, based on a destination internet protocol address and a port number.
          Dumitriu however discloses wherein the routing information comprises a global routing table to route data, based on a destination internet protocol address and a port number. (Dumitriu, par0098, teaches the pre-routing process may alter the packet, including the source and destination IP addresses and source and destination ports, to perform network address translation (“NAT”). The routing method may comprise extracting the source and destination IP addresses, looking up the IP addresses in a virtual routing table corresponding to a virtual router, selecting a destination (if more than one route is found), and forwarding the packet to the port corresponding to the route entry. The forwarding of the packet depends on whether the next hop of the matching route is an interior facing (logical) port or an exterior facing (materialized) port. Since virtual routers may be implemented as tables, routing between two virtual routers comprises a lookup in successive virtual router tables. In one embodiment, a global routing table is maintained for each virtual L3 router. The global routing table may be stored on in a distributed state in the shared database. Alternatively, the global routing table may be stored on a selected edge connector. In another embodiment, the global routing table is maintained on each edge connector and the edge connectors cooperate to maintain and update the global routing table on each other edge connector in the network).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of wherein the routing information comprises a global routing table to route data, based on a destination internet protocol address and a port number, as taught by Dumitriu in the system of Jiang, Raza and Ma, so virtualization of network allows service providers to create customer-configurable network topologies which can be changed by altering virtual routers and virtual switches without any change in hardware, this allow for segregation of customers' data for security and use-based pricing, see Dumitriu par0002.

As per claim 9.  Jiang, Raza and Ma disclose the method of claim 8.
          Jiang does not explicitly discloses wherein the determining the second virtual carrier grade network address translation instance associated with the second data packet comprises.
          Raza however discloses wherein the determining the second virtual carrier grade network address translation instance associated with the second data packet comprises: (Raza, par0079, teaches to provide a virtualized Carrier-grade Network Address Translation (CGN) at a customer edge router of multiple customer edge routers are described. An example method to provide a virtualized CGN at a first customer edge router of multiple customer edge routers may include establishing, by the first customer edge router, a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers; performing, by the first customer edge router, a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, the NAT being a translation of a private IP address to a public IP address; selecting, by the first customer edge router, a first aggregation router from amongst the one or more aggregation routers to send the NAT'ed first data packet to; encapsulating, by the first customer edge router, the NAT'ed first data packet with overlay information corresponding to a tunnel established between the first customer edge router and the first aggregation router; and sending, by the first customer edge router, the encapsulated NAT'ed first data packet through the tunnel to the first aggregation router).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of wherein the determining the second virtual carrier grade network address translation instance associated with the second data packet comprises, as taught by Raza in the method of Jiang, so there is a growing movement among enterprises and other entities towards cloud architectures, enterprise customers are demanding more managed services, such as connectivity and security services, that are provided by their network service providers, see Raza par0002.
          Jiang, Raza and Ma do not explicitly disclose looking up a public internet protocol address associated with the second data packet in a global routing table stored in a memory of the processing system.
          Dumitriu however discloses looking up a public internet protocol address associated with the second data packet in a global routing table stored in a memory of the processing system. (Dumitriu, par0098, teaches the pre-routing process may alter the packet, including the source and destination IP addresses and source and destination ports, to perform network address translation (“NAT”). The routing method may comprise extracting the source and destination IP addresses, looking up the IP addresses in a virtual routing table corresponding to a virtual router, selecting a destination (if more than one route is found), and forwarding the packet to the port corresponding to the route entry. The forwarding of the packet depends on whether the next hop of the matching route is an interior facing (logical) port or an exterior facing (materialized) port. Since virtual routers may be implemented as tables, routing between two virtual routers comprises a lookup in successive virtual router tables. In one embodiment, a global routing table is maintained for each virtual L3 router. The global routing table may be stored on in a distributed state in the shared database. Alternatively, the global routing table may be stored on a selected edge connector. In another embodiment, the global routing table is maintained on each edge connector and the edge connectors cooperate to maintain and update the global routing table on each other edge connector in the network).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of looking up a public internet protocol address associated with the second data packet in a global routing table stored in a memory of the processing system, as taught by Dumitriu in the method of Jiang, Raza and Ma, so virtualization of network allows service providers to create customer-configurable network topologies which can be changed by altering virtual routers and virtual switches without any change in hardware, this allow for segregation of customers' data for security and use-based pricing, see Dumitriu par0002.

As per claim 16.  Jiang, Raza and Ma disclose the method of claim 15.
          Jiang does not explicitly discloses the new virtual carrier grade network address translation instance.
          Raza however discloses the new virtual carrier grade network address translation instance. (Raza, par0079, teaches to provide a virtualized Carrier-grade Network Address Translation (CGN) at a customer edge router of multiple customer edge routers are described. An example method to provide a virtualized CGN at a first customer edge router of multiple customer edge routers may include establishing, by the first customer edge router, a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers; performing, by the first customer edge router, a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, the NAT being a translation of a private IP address to a public IP address; selecting, by the first customer edge router, a first aggregation router from amongst the one or more aggregation routers to send the NAT'ed first data packet to; encapsulating, by the first customer edge router, the NAT'ed first data packet with overlay information corresponding to a tunnel established between the first customer edge router and the first aggregation router; and sending, by the first customer edge router, the encapsulated NAT'ed first data packet through the tunnel to the first aggregation router).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of from the provider router to one of the plurality of virtual carrier grade network address translation instances, as taught by Raza in the method of Jiang, so there is a growing movement among enterprises and other entities towards cloud architectures, enterprise customers are demanding more managed services, such as connectivity and security services, that are provided by their network service providers, see Raza par0002.
          Jiang, Raza and Ma do not explicitly disclose further comprising: updating, by the processing system, a global routing table to associate, with a public internet protocol address associated with the second data packet.
          Dumitriu however discloses further comprising: updating, by the processing system, a global routing table to associate, with a public internet protocol address associated with the second data packet. (Dumitriu, par0098, teaches the pre-routing process may alter the packet, including the source and destination IP addresses and source and destination ports, to perform network address translation (“NAT”). The routing method may comprise extracting the source and destination IP addresses, looking up the IP addresses in a virtual routing table corresponding to a virtual router, selecting a destination (if more than one route is found), and forwarding the packet to the port corresponding to the route entry. The forwarding of the packet depends on whether the next hop of the matching route is an interior facing (logical) port or an exterior facing (materialized) port. Since virtual routers may be implemented as tables, routing between two virtual routers comprises a lookup in successive virtual router tables. In one embodiment, a global routing table is maintained for each virtual L3 router. The global routing table may be stored on in a distributed state in the shared database. Alternatively, the global routing table may be stored on a selected edge connector. In another embodiment, the global routing table is maintained on each edge connector and the edge connectors cooperate to maintain and update the global routing table on each other edge connector in the network).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of further comprising: updating, by the processing system, a global routing table to associate, with a public internet protocol address associated with the second data packet, as taught by Dumitriu in the method of Jiang, Raza and Ma, so virtualization of network allows service providers to create customer-configurable network topologies which can be changed by altering virtual routers and virtual switches without any change in hardware, this allow for segregation of customers' data for security and use-based pricing, see Dumitriu par0002.

As per claim 20.  Jiang, Raza and Ma disclose the non-transitory computer-readable medium of claim 19.
          Jiang does not explicitly discloses the new virtual carrier grade network address translation instance.
          Raza however discloses the new virtual carrier grade network address translation instance. (Raza, par0079, teaches to provide a virtualized Carrier-grade Network Address Translation (CGN) at a customer edge router of multiple customer edge routers are described. An example method to provide a virtualized CGN at a first customer edge router of multiple customer edge routers may include establishing, by the first customer edge router, a tunnel between the first customer edge router and each aggregation router among one or more aggregation routers; performing, by the first customer edge router, a Network Address Translation (NAT) on a first data packet to create a NAT'ed first data packet, the NAT being a translation of a private IP address to a public IP address; selecting, by the first customer edge router, a first aggregation router from amongst the one or more aggregation routers to send the NAT'ed first data packet to; encapsulating, by the first customer edge router, the NAT'ed first data packet with overlay information corresponding to a tunnel established between the first customer edge router and the first aggregation router; and sending, by the first customer edge router, the encapsulated NAT'ed first data packet through the tunnel to the first aggregation router).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of the new virtual carrier grade network address translation instance, as taught by Raza in the non-transitory computer-readable medium of Jiang, so there is a growing movement among enterprises and other entities towards cloud architectures, enterprise customers are demanding more managed services, such as connectivity and security services, that are provided by their network service providers, see Raza par0002.
          Jiang, Raza and Ma do not explicitly disclose the operations further comprising: updating a global routing table to associate, with a public internet protocol address associated with the second data packet.
          Dumitriu however discloses the operations further comprising: updating a global routing table to associate, with a public internet protocol address associated with the second data packet. (Dumitriu, par0098, teaches the pre-routing process may alter the packet, including the source and destination IP addresses and source and destination ports, to perform network address translation (“NAT”). The routing method may comprise extracting the source and destination IP addresses, looking up the IP addresses in a virtual routing table corresponding to a virtual router, selecting a destination (if more than one route is found), and forwarding the packet to the port corresponding to the route entry. The forwarding of the packet depends on whether the next hop of the matching route is an interior facing (logical) port or an exterior facing (materialized) port. Since virtual routers may be implemented as tables, routing between two virtual routers comprises a lookup in successive virtual router tables. In one embodiment, a global routing table is maintained for each virtual L3 router. The global routing table may be stored on in a distributed state in the shared database. Alternatively, the global routing table may be stored on a selected edge connector. In another embodiment, the global routing table is maintained on each edge connector and the edge connectors cooperate to maintain and update the global routing table on each other edge connector in the network).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of the operations further comprising: updating a global routing table to associate, with a public internet protocol address associated with the second data packet, as taught by Dumitriu in the non-transitory computer-readable medium of Jiang, Raza and Ma, so virtualization of network allows service providers to create customer-configurable network topologies which can be changed by altering virtual routers and virtual switches without any change in hardware, this allow for segregation of customers' data for security and use-based pricing, see Dumitriu par0002.

Claims 5-6, 15 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Jiang in view of Raza further in view of Ma, and further in view of Warno (US20130041987A1) hereinafter Warno. 
As per claim 5.  Jiang, Raza and Ma disclose the apparatus of claim 1.
          Jiang does not explicitly discloses when a capacity limit of the plurality of virtual carrier grade network address translation instances is reached.
          Raza however discloses when a capacity limit of the plurality of virtual carrier grade network address translation instances is reached. (Raza, par0030, teaches the architecture provides for construction of a virtual CGN function by allowing each customer edge router to perform the NAT of the network traffic, using the aggregation routers as entry and exit points to the NAT function, and routing the network traffic in an overlay network using tunnels between each customer edge router and the aggregation routers. One benefit provided by the architecture is that any scaling issue is greatly minimized. For example, as the scale of the virtual CGN may be limited [capacity limit] by the amount of network traffic and/or the number of tunnels that may be supported by any one aggregation router, this scale issue may be readily addressed by clustering customer edge routers around additional aggregation routers.).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of when a capacity limit of the plurality of virtual carrier grade network address translation instances is reached, as taught by Raza in the system of Jiang, so there is a growing movement among enterprises and other entities towards cloud architectures, enterprise customers are demanding more managed services, such as connectivity and security services, that are provided by their network service providers, see Raza par0002.
          Jiang, Raza and Ma do not explicitly disclose wherein the processor is to generate a new virtual network address translation instance.
          Warno however discloses wherein the processor is to generate a new virtual network address translation instance. (Warno, par0026, teaches FIG. 2B illustrates multiple instances of virtual machine environments 230 cloned from an environment template 210 and multiple instances of NAT appliances 250 cloned [new] from a NAT appliance template 220 on a network 110. In particular embodiments of the present disclosure, virtual machine environment instances 230 may be cloned, deployed, and generated from an environment template 210 which may comprise one or more virtual machine images).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of wherein the processor is to generate a new virtual network address translation instance, as taught by Warno in the system of Jiang, Raza and Ma, so the ability to clone a virtual machine environment on a network without time consuming customization and configuration of individual virtual machines allow for virtual NAT appliance to be dynamically deployed and configured for any virtual machine environment, see Warno par0005.

As per claim 6.  Jiang, Raza and Warno disclose the apparatus of claim 5.
          Jiang does not explicitly discloses wherein the routing information is updated to add a new Internet protocol address that is assigned, virtual carrier grade network address translation instance.
          Raza however discloses wherein the routing information is updated to add a new Internet protocol address that is assigned, (Raza, par0044-0045, teaches the NAT'ed data packet may specify a new source IP address 11.1.1.1 and the destination IP address 12.1.1.1. Customer edge router may maintain a record of the mapping of private IP address 10.1.1.1:05 to public IP address 11.1.1.1, for example, in a NAT mapping table…. the customer edge router 104 a may maintain a virtual routing and forwarding (VRF) table. For example, the enterprise associated with customer edge router 104 a may operate multiple VPNs, each with their own VRF. Based on which VPN the data packet is received from, the customer edge router 104 a may create an entry in the NAT table identifying to which VPN the data packet belongs).
virtual carrier grade network address translation instance (Raza, par0023 teaches the function endpoint layer may include the devices that perform the Network Address Translation (NAT) to collectively form a virtualized CGN carrier network [plurality of virtual carrier grade network address translation instances] (e.g., virtualized CGN domain). The virtualized CGN carrier network may be accessible through the aggregation platform layer. The function endpoint layer may include one or more customer edge routers).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of virtual carrier grade network address translation instance, as taught by Raza in the system of Jiang, so there is a growing movement among enterprises and other entities towards cloud architectures, enterprise customers are demanding more managed services, such as connectivity and security services, that are provided by their network service providers, see Raza par0002.
           Jiang, Raza and Ma do not explicitly disclose new virtual network address translation instance.
          Warno however discloses new virtual network address translation instance. (Warno, par0026, teaches FIG. 2B illustrates multiple instances of virtual machine environments 230 cloned from an environment template 210 and multiple instances of NAT appliances 250 cloned [new] from a NAT appliance template 220 on a network 110. In particular embodiments of the present disclosure, virtual machine environment instances 230 may be cloned, deployed, and generated from an environment template 210 which may comprise one or more virtual machine images).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of new virtual network address translation instance, as taught by Warno in the system of Jiang, Raza and Ma, so the ability to clone a virtual machine environment on a network without time consuming customization and configuration of individual virtual machines allow for virtual NAT appliance to be dynamically deployed and configured for any virtual machine environment, see Warno par0005.

As per claim 15.  Jiang, Raza and Ma disclose the method of claim 7.
          Jiang does not explicitly discloses further comprising: receiving, by the processing system, a second data packet from the provider router; determining, by the processing system, that the second data packet is not associated with any one of the plurality of virtual carrier grade network address translation instances and that the plurality of virtual carrier grade network address translation instances do not have available capacity to perform network address translation.
          Raza however discloses further comprising: receiving, by the processing system, a second data packet from the provider router; determining, by the processing system, that the second data packet is not associated with any one of the plurality of virtual carrier grade network address translation instances and that the plurality of virtual carrier grade network address translation instances do not have available capacity to perform network address translation. (Raza, par0030, teaches the architecture provides for construction of a virtual CGN function by allowing each customer edge router to perform the NAT of the network traffic, using the aggregation routers as entry and exit points to the NAT function, and routing the network traffic in an overlay network using tunnels between each customer edge router and the aggregation routers. One benefit provided by the architecture is that any scaling issue is greatly minimized. For example, as the scale of the virtual CGN may be limited [capacity limit] by the amount of network traffic and/or the number of tunnels that may be supported by any one aggregation router, this scale issue may be readily addressed by clustering customer edge routers around additional aggregation routers.).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of further comprising: receiving, by the processing system, a second data packet from the provider router; determining, by the processing system, that the second data packet is not associated with any one of the plurality of virtual carrier grade network address translation instances and that the plurality of virtual carrier grade network address translation instances do not have available capacity to perform network address translation, as taught by Raza in the method of Jiang, so there is a growing movement among enterprises and other entities towards cloud architectures, enterprise customers are demanding more managed services, such as connectivity and security services, that are provided by their network service providers, see Raza par0002.
          Jiang, Raza and Ma do not explicitly disclose generating, by the processing system, a new virtual network address translation instance for the second data packet.
          Warno however discloses generating, by the processing system, a new virtual network address translation instance for the second data packet. (Warno, par0026, teaches FIG. 2B illustrates multiple instances of virtual machine environments 230 cloned from an environment template 210 and multiple instances of NAT appliances 250 cloned [new] from a NAT appliance template 220 on a network 110. In particular embodiments of the present disclosure, virtual machine environment instances 230 may be cloned, deployed, and generated from an environment template 210 which may comprise one or more virtual machine images).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of generating, by the processing system, a new virtual network address translation instance for the second data packet, as taught by Warno in the method of Jiang, Raza and Ma, so the ability to clone a virtual machine environment on a network without time consuming customization and configuration of individual virtual machines allow for virtual NAT appliance to be dynamically deployed and configured for any virtual machine environment, see Warno par0005.

As per claim 19.  Jiang, Raza and Ma disclose the non-transitory computer-readable medium of claim 17.
          Jiang does not explicitly discloses the operations further comprising: receiving a second data packet from the provider router; determining that second data packet is not associated with any one of the plurality of virtual carrier grade network address translation instances and that the plurality of virtual carrier grade network address translation instances do not have available capacity to perform network address translation.
          Raza however discloses further the operations further comprising: receiving a second data packet from the provider router; determining that second data packet is not associated with any one of the plurality of virtual carrier grade network address translation instances and that the plurality of virtual carrier grade network address translation instances do not have available capacity to perform network address translation. (Raza, par0030, teaches the architecture provides for construction of a virtual CGN function by allowing each customer edge router to perform the NAT of the network traffic, using the aggregation routers as entry and exit points to the NAT function, and routing the network traffic in an overlay network using tunnels between each customer edge router and the aggregation routers. One benefit provided by the architecture is that any scaling issue is greatly minimized. For example, as the scale of the virtual CGN may be limited [capacity limit] by the amount of network traffic and/or the number of tunnels that may be supported by any one aggregation router, this scale issue may be readily addressed by clustering customer edge routers around additional aggregation routers.).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of the operations further comprising: receiving a second data packet from the provider router; determining that second data packet is not associated with any one of the plurality of virtual carrier grade network address translation instances and that the plurality of virtual carrier grade network address translation instances do not have available capacity to perform network address translation, as taught by Raza in the non-transitory computer-readable medium of Jiang, so there is a growing movement among enterprises and other entities towards cloud architectures, enterprise customers are demanding more managed services, such as connectivity and security services, that are provided by their network service providers, see Raza par0002.
          Jiang, Raza and Ma do not explicitly disclose generating, a new virtual network address translation instance for the second data packet.
          Warno however discloses generating, a new virtual network address translation instance for the second data packet. (Warno, par0026, teaches FIG. 2B illustrates multiple instances of virtual machine environments 230 cloned from an environment template 210 and multiple instances of NAT appliances 250 cloned [new] from a NAT appliance template 220 on a network 110. In particular embodiments of the present disclosure, virtual machine environment instances 230 may be cloned, deployed, and generated from an environment template 210 which may comprise one or more virtual machine images).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of generating, a new virtual network address translation instance for the second data packet, as taught by Warno in the non-transitory computer-readable medium of Jiang, Raza and Ma, so the ability to clone a virtual machine environment on a network without time consuming customization and configuration of individual virtual machines allow for virtual NAT appliance to be dynamically deployed and configured for any virtual machine environment, see Warno par0005.

Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Jiang in view of Raza further in view of Ma, and further in view of Bittles (US20170208002A1) hereinafter Bittles. 
As per claim 12.  Jiang, Raza and Ma disclose the method of claim 11.
          Jiang further discloses internet protocol version 4 address. (Jiang, par0099, teaches The access gateway applies multiple private IPv4 addresses (such as, first private addresses according to the embodiments of the present invention) from the CGN device. 10.1.0.1 is allocated to the IPv4 client and 10.1.0.2 is allocated to an IPv4 port of the dual stack client. A local area network (LAN) interface address of the access gateway is 10.0.0.2, and a wide area network (WAN) interface address of the access gateway is 10.0.0.1. A private IPv4 address of the CGN device is 10.0.0.0, and a public IPv4 address of the CGN device is 193.0.0.2).
          Jiang, Raza and Ma do not explicitly disclose wherein the third data packet is determined to not need network address translation when the third data packet includes a static internet protocol version 4 address.
          Bittles however discloses wherein the third data packet is determined to not need network address translation when the third data packet includes a static internet protocol version 4 address. (Bittles, par0021, teaches At a step A2, the NAT tables are consulted to determine whether the extracted network address is a dynamic NAT address (second network address) or a static NAT address (third network address)….. at a step A3 the NAT tables are updated to switch from the use of a dynamic NAT address to either a static NAT address or a pass-through mode in which the original source (outside) address (first network address) of the client device 1 is used directly as a source address when communicating further request messages to the server.).
          Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to provide the functionality of wherein the third data packet is determined to not need network address translation when the third data packet includes a static internet protocol version 4 address, as taught by Bittles in the method of Jiang, Raza and Ma, so virtualization of network allows service providers to create customer-configurable network topologies which can be changed by altering virtual routers and virtual switches without any change in hardware, this allow for segregation of customers' data for security and use-based pricing, see Bittles par0002.

Conclusion
The prior art made of record and not relied upon is considered pertinent are -
• Javali et al. (US20170195256A1) – Related art in the area of a method and system are disclosed for providing a service to bypass carrier grade NAT (CGN).
• Sarawat et al. (US20130208597A1) – Related art in the area of facilitating operation of a network address translator (NAT), carrier grade network address translator (CGN), or other device similarly configured to facilitate translating inside addresses used to address messages carried over the inside network relative to outside addresses used to facilitate carrying messages over the outside network.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MONISHWAR MOHAN whose telephone number is (571)272-2907. The examiner can normally be reached Monday - Thursday 7:00 am - 5:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, William Trost can be reached on (571) 272-7872. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/M.M./Examiner, Art Unit 2442                                                                                                                                                                                                        
/WILLIAM G TROST IV/Supervisory Patent Examiner, Art Unit 2442