Ted 12/DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments

Applicant’s arguments with respect to claim(s) 1-21 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claim(s) 1, 4, 6, 7, 9, 11, 14, 16 and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee, et al. (C. Lee, S. Kim, H. Ruy, FDVRRP: Router implementation for fast detection and high availability in network failure cases, pages 473-482, 15 May 2019) in view of High Availability (Author Unknown, High Availability Configuration Guide, 17.2.0, pages 1-85, November 2017)

	Regarding claims 1, 11 and 16, Chandramohan discloses a computer-implemented method comprising a system comprising at least one processor and a memory storing instructions that, when executed by the at least one processor, cause the system to perform (page 475, figs. 2 processor and memory in processor SDK on silicon “Network Silicon HAL”)  a method comprising, a non-transitory computer-readable storage medium including instructions that, when executed by at least one processor of a computing system (page 475, figs. 2 processor and memory in processor SDK on silicon “Network Silicon HAL”), cause the computing system to perform a method comprising:

a. providing, in conjunction with a first gateway of a cluster, a Virtual Router Redundancy Protocol (VRRP) platform at a second gateway of the cluster  (page 476, fig. 4, virtual IP (“VIP”) binding Router-1 [i.e. first gateway] and Router 2 [i.e. second gateway] in a cluster), wherein the VRRP platform is associated with a VRRP IP address, and wherein the first and second gateways are configured as VRRS primary and secondary, respectively; (Lee discloses a VRRP system in which a first gateway [page 476, fig. 4, “Router – 1”] is connected with a second gateway [page 476, fig. 4, “Router-2’] to form a cluster that represents both gateways to external devices using a single VRRP IP address/virtual IP [“VIP”] [fig. 4, “VIP”][see also page 476, section 4.1]. The first gateway/Router-1 is set as the primary gateway and the second gateway/Router-2 is set as the secondary in accordance with the priorities of 200 and 100, respectively [page 476, section 4.1, last paragraph].)
	
b. determining, by the second gateway, a change in an operational status of the first gateway based on a set of heartbeat messages between the first and second gateways, wherein a respective heartbeat message is distinct form a keep-alive message of the VRRP protocol; (The system of Lee further discloses that the secondary gateway/Router-2 performs fault detection using the BFD protocol, which is a distinct protocol from the VRRP protocol and when a fault is detected the second gateway/Router-2 will take over as the VRRP primary gateway [page 475, section 3, second paragraph; see also section 2.3].)

c. configuring the second gateway to operate as a new VRRP primary (page 475, section 3, second paragraph – see (b), supra).

d. receiving by the second gateway, network traffic associated with the VRRP IP address and forwarding, by the second gateway the network traffic (page 477, section 5.2 – after failure the second gateway/Router-2 forwards traffic for the VRRP address; see page 476, fig. 4 and section 4.1- VIP/VRRP IP address is used for forwarding by both the first and second gateway when they are the primary VRRP gateway; see also page 475, section 3, second paragraph – describing failover detection and switching of the second gateway/Router-2 to primary VRRP gateway].)

Lee fails to disclose receiving, by the second gateway from the first gateway, state information associated with data sessions that use the VRRP IP address, thereby synchronizing the data sessions between the first and second gateways and forwarding based on the received state information associated with the synchronized data sessions. In the same field of endeavor, High Availability discloses receiving, by the second gateway from the first gateway, state information associated with data sessions that use the VRRP IP address, thereby synchronizing the data sessions between the first and second gateways and forwarding based on the received state information associated with the synchronized data sessions. (The system of High Availability discloses synchronizing session state between a first and a second gateway  that also implement firewalls to allow for seamless and identical routing after a failover [pages 60-63 and 72-74 – discussing session state synchronization between VRRP devices running firewalls].) 
Therefore, since the system of High Availability discloses connection synchronization, it would have been obvious to a person of ordinary skill in the art at the time of the invention to combine the synchronization of High Availability with the system of Lee by implementing a firewall at the gateway in addition to routing functions and synchronizing session state between the first and second gateway and using the synchronized state at the second gateway after a failover. The motive to combine is to allow seamless failover with identical operation on a per session basis by keeping synchronized session state between the gateways. 
Regarding claims 4, 14 and 19, Lee discloses determining the VRRP primary is inactive based on a failure to receive the set of heartbeat messages from the first gateway, wherein an interval between heartbeat messages is less than an interval between keep-alive messages of the VRRP protocol. (Lee notes that the standard advertisement/heartbeat interval in VRRP is 1 second [page 474, section 2.2] and further discloses that the BFD packet transmission interval is 300 ms [page 476, section 4.2 – “bfd interval 300 min‐rx 150 multiplier 3” – the 300 is an indicator of 300 ms transmit interval per the discussion in the second paragarph].)
Regarding claim 6, Lee discloses determining by the second gateway that the first gateway is active again based on a successful receipt of a heartbeat message from the first gateway and in response to determining that the first gateway is active, configuring the second gateway as a VRRP secondary thereby causing network switchover from the second gateway back to the first gateway. (page 478, section 5.3 – the system restores the connection to the first gateway/Router-1 as the primary/master VRRP when the router is again available for use after the output port is restored; section 4.2 detection of Router-1 availability is via BFD heartbeat). 
Regarding claim 7, Lee discloses causing the network traffic switchover from the second gateway back to the first gateway further comprises electing the first gateway as the A-UAG with a cluster leader election algorithm associated with the cluster. (Note the term “user anchored gateway” is not a known term of art and it is being interpreted as a gateway that is associated with/anchored to the attached users/hosts page [476 fig. 4, “Host-1” and “Host-2”] as the active gateway. As Lee discloses that in a restoration, the first gateway/Router-1 is elected as the primary/master per the algorithm, which assigns the highest priority available router which routes for/is anchored to the hosts which it routes for, Lee is deemed to teach this element [see page 474, section 2.2 and page 478, section 5.3].)

Regarding claim 9, Lee discloses configuring the second gateway to operate as the new VRRP primary comprises configuring the second gateway to point to the VRRP IP address. (Note that the broadest reasonable interpretation of the term configuring to “point to” the VRRP IP address includes activating routing at the standby device which causes the router to then point to the configured VRRP address by allowing the use of this address as the source address for outgoing transmissions and the destination address for incoming transmissions. The system of Lee discloses that the second router/Router-2 activates routing for the VRRP address when it is elected as a primary/master and it is therefore configured to point to the VRRP address and therefore meets the requirements of the claim [see page 476, section 4.1 and 477, sections 5.1 and 5.2 – also see the discussion in the independent claim, supra].)


Claim(s) 5, 15 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee, et al. (C. Lee, S. Kim, H. Ruy, FDVRRP: Router implementation for fast detection and high availability in network failure cases, pages 473-482, 15 May 2019) as previously modified by High Availability (Author Unknown, High Availability Configuration Guide, 17.2.0, pages 1-85, November 2017) and further in view of Bourne, et al (P. Borne, N. Palmer, J. Skrabala, Developing a Method for Measuring the Failover Times of First Hop Redundancy Within Video Networks, pages 1-15, 2018)

Regarding claims 5, 15 and 20, Lee fails to disclose configuring the second gateway as the new VRRP primary takes less than a second (i.e. lee discloses total switchover time is 2s but does not disclose what portion of that could be attributable to switchover). In the same field of endeavor, Bourne discloses configuring the second gateway as the new VRRP primary takes less than a second. (Bourne discloses that VRRP may be configured with a 1s transition interval, which gives a failover detection time of between 2-3 seconds plus skew depending on when the last heartbeat was sent relative to when the fault occurred [note that the full equation for VRRP fault detection time is in Lee, page 474, section 2.2 and is 3x advertisement rate plus a skew of (256-priority/256) seconds] [see pages 7-10; table 1 on page 8, hello interval is 1s and priority of master is 100; table 2 on page 10 gives the transmission times]. Therefore, the average detection time of Bourne will be 2.5 seconds plus the skew, which in the case of VRPPD is (256-100)/256 = .609 s, giving a total average delay of 3.109ms [see table 1 on page 8, VRRP D, , hello interval is 1s and priority of master is 100]. Comparing this average delay to the average total delay for failover of VRRPD in table 2, it can be seen that, aside from detection time [i.e. average detection delay of 3.109 ms], the total time [which would include the configuration time] is at most 3.461-3.109 = .297ms, which is less than a second [see pages 7-10, particularly table 1 on page 8 and the last paragraph of page 7 and table 2 on page 10].)
Therefore, since the system of Borne discloses a sub second configuration time, it would have been obvious to a person of ordinary skill in the art at the time of the invention to combine the configuration time of Borne with the system of Lee by having the VRRP configure itself to be primary in less than a second. The motive to combine is to allow for rapid switchovers by minimizing the time necessary for configuration. 


Claim(s) 8 and 21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee, et al. (C. Lee, S. Kim, H. Ruy, FDVRRP: Router implementation for fast detection and high availability in network failure cases, pages 473-482, 15 May 2019) as previously modified by High Availability (Author Unknown, High Availability Configuration Guide, 17.2.0, pages 1-85, November 2017) and further in view of Killadi, et al. (US Pre Grant Publication No. 2016/0124819)

Regarding claims 8 and 21, Lee as modified by High Availability fails to disclose the second gateway is connected to an Access Point. In the same field of endeavor, Killadi discloses the second gateway is connected to an Access Point. (The system of Killadi discloses that redundant VRRP gateways may be connected to an access point [paragraph 0017 – the network controllers are gateways for tunneling data to the access points; fig. 3 paragarphs 0034-0040-  the network controllers may run VRRP].)
Therefore, since Killadi discloses the gateways are linked to an access point via a switch, it would have been obvious to a person of ordinary skill in the art at the time of the invention to combine the access points of Killadi with the sytem of Lee as modified by High Availability by having the gateways perform gateway functions for an attached access point. The motive to combine is to allow VRRP redundancy for gateways for access points to allow improved realizability. 
Lee as previously modified by High Availability and Killadi fails to disclose wherein configuring the second gateway to operate as the new VRRP primary further comprises sending, by the second gateway, a message comprising a list of active nodes to an Access Point to configure the second gateway as the VRRP primary for the AP, wherein the list of active nodes excludes the first gateway. In the same field of endeavor, another portion of High Avilaibity discloses wherein configuring the second gateway to operate as the new VRRP primary further comprises sending, by the second gateway, a message comprising a list of active nodes to an Access Point to configure the second gateway as the VRRP primary for the AP, wherein the list of active nodes excludes the first gateway. (The system of High Availabity discloses that the winner of an election [in this case the second gateway, which is the only available gateway in the system when the first gateway is unavailable] sends an gratuitous ARP broadcast to all device in the local subnet [page 11, “Election of master router”]. In the system of Lee as previously modified by High Availability and Killadi this gratuitous ARP would be received by the access point, which is connected to the gateway by a switch and is therefore in the same local broadcast zone and indicate that the second gateway/Router-2 that it is the current active node [as it is the only active node] by indicating it is elected as master as the only remaining active/non-failed node listed in the gratuitous ARP.)
Therefore, since another portion of High Availability discloses gratuitous ARPs, it would have been obvious to a person of ordinary skill in the art at the time of the invention to combine the gratuitous ARPs the second portion of High Availability with the system of Lee as previously modified by High Availability and Killadi by having the second gateway send, via a Gratuitous ARP, an list of containing only itself to the Access Point indicating that it is elected as VRRP master and is the only VRRP device currently operating. The motive to combine is to allow forwarding via the proper new route using a gratuitous ARP.

Claim(s) 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee, et al. (C. Lee, S. Kim, H. Ruy, FDVRRP: Router implementation for fast detection and high availability in network failure cases, pages 473-482, 15 May 2019) as previously modified by High Availability (Author Unknown, High Availability Configuration Guide, 17.2.0, pages 1-85, November 2017) and further in view of Janardhanan, et al. (US Pre Grant Publication No. 2014/0029618 A1)

Regarding claim 18, Lee discloses determining the first gateway as VRRP primary and the second gateway as VRRP secondary for the instance of the VRRP platform. (Lee discloses a VRRP system in which a first gateway [page 476, fig. 4, “Router – 1”] is connected with a second gateway [page 476, fig. 4, “Router-2’] to form a cluster that represents both gateways to external devices using a single VRRP IP address/virtual IP [“VIP”] [fig. 4, “VIP”][see also page 476, section 4.1]. The first gateway/Router-1 is set as the primary gateway and the second gateway/Router-2 is set as the secondary in accordance with the priorities of 200 and 100, respectively [page 476, section 4.1, last paragraph]. Not multiple instances of VRRP in pages 480-481, section 5.7.)
Lee as modified by High Availability fails to disclose determining at least one instance of the VRRP platform is created for a VLAN. In the same field of endeavor, Janardhanan discloses determining at least one instance of the VRRP platform is created for a VLAN. (Janardhanan discloses determining association of a VRRP instance and a VLAN [i.e. that the VLAN has a created VRRP instance][paragraph 0026].)
Therefore, since Janardhanan discloses determining association of a created VRRP instance with a VLAN, it would have been obvious to combine the determination of Janardhanan with the system of Lee as modified by High Availability by determining if a VLAN has an associated VRRP instance that must be instantiated. The movie to combine is to allow the system to create VRRP instances associated with particular VLANs to allow for VRRP to be used on a per VLAN basis for security.

Allowable Subject Matter

Claims 2, 3, 12, 13 and 17 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

The following is a statement of reasons for the indication of allowable subject matter:  

Regarding claims 2, 12 and 17, the prior art fails to teach, suggest or disclose publishing, by the second gateway, a bucket map with the first gateway configured as an active user-anchored gateway (A-UAG) and the second gateway configured as a standby user-anchored gateway (S-UAG). That is, no art teaching the publication of a bucket map could be located. Looking to the closest prior art on bucket maps, the system of User Roles and User-Based Tunneling (“Aruba”) (Author Unknown, User Roles and User-Based Tunneling, pages 1-106, February 2019) discloses the general concept of a bucket map as a mapping of user MAC addresses to specific cluster controllers to be used (page 7-8, “How It Works”) but does not disclose publication or distribution of a bucket map indicating the first gateway configured as an active user-anchored gateway (A-UAG) and the second gateway configured as a standby user-anchored gateway (S-UAG). A similar definition is used for bucket map in the application (see, for example, original dependent claim 10). Therefore, the prior art fails to teach, suggest or disclose all elements of the claimed invention.
	Regarding claims 3 and 13, the claims depend from claims 2 and 12 and are allowable for the same reasons stated with respect to claims 2 and 12.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER M CRUTCHFIELD whose telephone number is (571)270-3989. The examiner can normally be reached 9am-5pm M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Faruk Hamza can be reached on (571) 272-7969. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHRISTOPHER M CRUTCHFIELD/Primary Examiner, Art Unit 2466