DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1, 2, 3, 7, 8, 12, 18, and 19  are  rejected under 35 U.S.C. 102(a)(1) as being anticipated by Gawade (US 11316822 B1).

Regarding Claim 1

Gawade teaches:

A method of deploying network elements for a set of machines in a set of one or more datacenters (col 15 lines 1-20 one or more of servers 12 (set of machine) may each include a virtual router 21 (deployed network elements)  that executes one or more routing instances for corresponding virtual networks within data center 10 (data center) to provide virtual network interfaces and route packets among the virtual network endpoints. Each of the routing instances (deployed network elements) may be associated with a network forwarding table. Each of the routing instances may represent a virtual routing and forwarding instance (VRF) for an Internet Protocol-Virtual Private Network (IP-VPN), col 2 lines 35-45 data center that provides computing infrastructure to multiple tenants or customers), 

the method comprising defining a virtual interface (VIF) for each of a plurality of virtual machines (col 1 lines 25-35 Virtualized data centers, such virtual machines or containers, are deployed and executed on an underlying compute platform of physical computing devices, col 11 lines 40-50 Each virtual machine may be configured with one or more virtual network interfaces for communicating on corresponding virtual networks) and

Pods executing on a plurality of host computers along with a plurality of physical forwarding elements (PFEs) (col 20 lines 35-55 Computing device 200 may be coupled to a physical network switch fabric (PFE) that includes an overlay network that extends switch fabric from physical switches (multiple PFEs) to software or “virtual” routers (LFE) of physical servers coupled to the switch fabric col 15 lines 1-20 one or more of servers 12 (set of machine) may each include a virtual router 21 (LFE) col 23 lines 5-20 fig. 2 col 20 lines 20-40 one or more virtual execution elements, such as containers 229A through containers 229D or one or more virtual machines, with Pods 202A-D col 13 lines 30-50 server 12A hosts one virtual network endpoint in the form of pod 22A (Pods executing on a plurality of host computers as in fig. 2) having one or more containers, Each of the Pods in fig. 2 connected to VRFs 222A-D, col 17 lines 20-40 the network module 17A creates virtual network interfaces to connect pods to virtual router 21A and enable containers of such pods to communicate, via the virtual network interfaces, col 22 line 1-20 Virtual router 220); 

allocating a network address for each VIF (col 3 lines 1-15 creating, by the controller, a plurality of pools of external IP addresses (allocating a network address), each of the plurality of pools of external IP addresses being associated with a different object of the objects (VIFs), wherein each pool of external IP addresses includes a range of addresses that are exclusive to the associated object; 

assigning each network address to the VIF for which the network address was allocated (col 24 lines 25-55 configuring, by the controller, a specific object of the objects with an external IP address drawn from a pool of external IP addresses associated with the specific object, wherein the external IP address is associated with a service external IP address); and 


associating each VIF with one PFE executing on a host computer that executes the VIF's associated virtual machine or Pod (col 20 lines 35-55 Computing device 200 may be coupled to a physical network switch fabric (PFE) that includes an overlay network that extends switch fabric from physical switches (multiple PFEs) to software or “virtual” routers (LFE) of physical servers coupled to the switch fabric col 15 lines 1-20 one or more of servers 12 (set of machine) may each include a virtual router 21 (deployed network elements)  col 24 lines 25-55 external IP addresses allocated specifically for the service implemented by the service and pod networks, For the service network, virtual router 220 associates an external IP address with the service network and virtual network interface 212A as in fig. 2 212A virtual interface associated with VRF 222A  executing on a server that executes the 212A (virtual interface) associated with POD 202A).


Regarding Claim 2

Gawade teaches:

The method of claim 1, wherein the plurality of PFEs implements a logical network and the allocated network addresses belong to a subnet of the logical network, the logical network segregating the plurality of VMs from other machines in the datacenter set that are not part of the logical network (col 20 lines 35-55 Computing device 200 may be coupled to a physical network switch fabric (PFE) that includes an overlay network that extends switch fabric from physical switches (multiple PFEs) to software or “virtual” routers (LFE) of physical servers coupled to the switch fabric col 15 lines 5-25 Each of the routing instances may represent a virtual routing and forwarding instance (LFE) for an Internet Protocol-Virtual Private Network (IP-VPN) (logical network), col 11 lines 40-55 Virtual networks are logical constructs implemented on top of the physical networks. Virtual networks may be used to replace VLAN-based isolation and provide multi-tenancy in a virtualized data center, e.g., data center 10. Each tenant or an application can have one or more virtual networks. Each virtual network may be isolated from all the other virtual networks unless explicitly allowed by security policy, col 24 lines 25-55 external IP addresses allocated specifically for the service implemented by the service and pod networks, For the service network, virtual router 220 associates an external IP address with the service network)

Regarding Claim 3

Gawade teaches:

The method of claim 2, wherein the PFEs implement the logical network by implementing at least one logical forwarding element (LFE) of the logical network, the LFE spanning two or more host computers (col 20-55 Computing device 200 may be coupled to a physical network switch fabric that includes an overlay network that extends switch fabric from physical switches (PFEs) to software or “virtual” routers (LFEs) of physical servers coupled to the switch fabric, including virtual router 220 (LFE), col 21 lines 1-15 Virtual router 220 (LFE), POD 202A-D (spanning two or more host computers), col 22 lines 1-20 Virtual router 220 (LFE) implements one or more virtual routing and forwarding instances for respective virtual networks for which virtual router 220 (LFE) operates as respective tunnel endpoints.)

Regarding Claim 7

Gawade teaches:

The method of claim 1, wherein each Pod comprises one or more containers (col 20 lines 20-35 fig. 2 Pod 202A-D each with plurality of containers).

Regarding Claim 8

Gawade teaches:

The method of claim 1, wherein the set of machines comprises Kubernetes Pods and non-Kubernetes Pods, the VIFs are defined for non-Kubernetes Pods but are not defined for Kubernetes Pods, the VIFs of non-Kubernetes Pods associated with a first set of PFEs while associating predefined interfaces of the Kubernetes Pods with a second set of PFEs (col 11 lines 40-50 Each virtual machine may be configured with one or more virtual network interfaces for communicating on corresponding virtual networks (non-Kubernetes) col 17 lines 15-45 In Kubernetes, by default all pods can communicate with all other pods without using network address translation (NAT), all pods in all namespaces that are spawned in the Kubernetes cluster may be able to communicate with one another, and the network addresses for all of the pods may be allocated from a pod subnet that is specified by the orchestrator 23)

Regarding Claim 12

Gawade teaches:

The method of claim 1, wherein the logical network is a network defined for a virtual private cloud (VPC), and the network addresses allocated to the logical network are addresses allocated to the VPC (col 28 lines 15-30 Network controller 324 may provide cloud networking for a computing architecture operating over a network infrastructure. Cloud networking may include private clouds for enterprise or service providers, infrastructure as a service (IaaS), and virtual private clouds (VPCs) for cloud service providers (CSPs)..




Regarding Claim 18

Gawade teaches:

The method of claim 17 further comprising configuring the plurality of forwarding elements to connect the first and second LFEs to a gateway router that is deployed for the logical network (col 20 lines 40-55, col 21 lines 1-15 Virtual router 220 may replace and subsume the virtual routing/bridging functionality of the Linux bridge/OVS module that is commonly used for Kubernetes deployments of pods 202. Virtual router 220 may perform bridging (e.g., E-VPN) and routing (e.g., L3VPN, IP-VPNs) for virtual networks(spanning two or more host computers), col 22 lines 1-20 Virtual router 220 (LFE) implements one or more virtual routing and forwarding instances (VRFs) 222A-222D (LFEs) for respective virtual networks for which virtual router 220 operates as respective tunnel endpoints(gateway router))


Regarding Claim 19

Gawade teaches:

The method of claim 17, wherein the gateway router is a logical router comprising a plurality of distributed routing forwarding elements and a centralized routing forwarding element (col 20 40-55 col 21 lines 1-15 Virtual router 220 col 22 lines 1-20 Virtual router 220 (logical router, LFE) implements one or more virtual routing and forwarding instances (VRFs) 222A-222D (LFE) for respective virtual networks for which virtual router 220 operates as respective tunnel endpoints, fig. 2 virtual router agent 216 centralized routing forwarding element).


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 4, 5, 6, 10 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Gawade (US 11316822 B1) in view of Visser (US 9813509 B1).
Regarding Claim 4

Gawade does not teach:

The method of claim 1 further comprising associating each of a set of two or more VIFs with a distributed middlebox service operation that is to be performed by a middlebox service engine on the host computer that executes the associated VM of the VIF.

Visser teaches:

The method of claim 1 further comprising associating each of a set of two or more VIFs with a distributed middlebox service operation that is to be performed by a middlebox service engine on the host computer that executes the associated VM of the VIF (col 2 lines 10-30 API calls are initiated by the customers to an API server to perform any of a variety of operations. Examples of such operations include launching virtual machines, attaching and detaching network interfaces, creating virtual firewalls, etc, col 4 lines 2-25 Each management service 140 (middlebox service operation) interacts with an API server 142 and includes a data store 144, an event queue 146, and a workflow server 148. The API server 142 receives requests (API calls) from the API requester 116 to configure an instance (virtual machine instance 122, load balancer instance, firewall instance storage instance, etc.) 
Therefore, it would have been obvious to the one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Gawade in light of Visser in order to provide a web service platform that includes management services for the various services offered by the service provider that operated the web service platform (Visser col 4 lines 2-25).

Regarding Claim 5

Gawade-Visser teaches:

The method of claim 4.

Visser teaches:

The method of claim 4, wherein the distributed middlebox service operation is a distributed firewall operation, and the service engines on two or more host computers of the set of two or more VIFs implements a distributed firewall (col 2 lines 10-30 API calls are initiated by the customers to perform any of a variety of operations. Examples of such operations include launching virtual machines, attaching and detaching network interfaces, creating virtual firewalls).
Therefore, it would have been obvious to the one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Gawade in light of Visser in order to provide a web service platform that includes management services for the various services offered by the service provider that operated the web service platform (Visser col 4 lines 2-25).

Regarding Claim 6

Gawade-Visser teaches:

The method of claim 4.

Visser teaches:

The method of claim 4, wherein the distributed middlebox service operation is a distributed load balancing operation, and the service engines on two or more host computers of the set of two or more VIFs implements a distributed load balancer (col 2 lines 10-30 API calls are initiated by the customers to perform any of a variety of operations. Examples of such operations include launching virtual machines, attaching and detaching network interfaces, creating virtual firewalls, creating load balancers) etc.,
Therefore, it would have been obvious to the one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Gawade in light of Visser in order to provide a web service platform that includes management services for the various services offered by the service provider that operated the web service platform (Visser col 4 lines 2-25).


Regarding Claim 10

Gawade-Visser teaches:

The method of claim 9.

Visser teaches:

The method of claim 9, wherein defining the VIFs further comprises: receiving intent-based API (Application Programming Interface) requests to define a plurality of VIFs (col 2 lines 10-30 API calls are initiated by the customers to perform any of a variety of operations. Examples of such operations include launching virtual machines, attaching and detaching network interfaces,; 
parsing and processing the API requests to define the VIFs (col 2 lines 10-30 API calls are initiated by the customers to perform any of a variety of operations. Examples of such operations include launching virtual machines, attaching and detaching network interfaces,; 
Therefore, it would have been obvious to the one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Gawade in light of Visser in order to provide a web service platform that includes management services for the various services offered by the service provider that operated the web service platform (Visser col 4 lines 2-25).



Regarding Claim 11

Gawade-Visser teaches:

The method of claim 1.

Visser teaches:

The method of claim 1 further comprising: receiving an intent-based API (Application Programming Interface) request that specifies service operation provided by a plurality of service machines (col 2 lines 10-30 API calls are initiated by the customers to perform any of a variety of operations. Examples of such operations include launching virtual machines, injecting scripts into virtual machines,; 

performing an automated process that associates each of a set of two or more VIFs with a distributed load balancing operation that is to be performed by a load balancing engine on the host computer that executes the associated VM or Pod of the VIF (col 2 lines 10-30 attaching and detaching network interfaces, creating load balancers,  API server 142 receives requests (API calls) from the API requester 116 to configure an instance (virtual machine instance 122, load balancer instance,    Each API call may invoke a function of a web service such as a function to instantiate load balancer instances,; 

the load balancing engines perform the distributed load balancing operation to implement the service for the plurality of service machines, in order to distribute the load from the VMs and Pods of the set of VIFs across the plurality of service machines (col 2 lines 10-30 attaching and detaching network interfaces, creating load balancers, API server 142 receives requests (API calls) from the API requester 116 to configure an instance (virtual machine instance 122, load balancer instance, Each API call may invoke a function of a web service such as a function to instantiate load balancer instances)
Therefore, it would have been obvious to the one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Gawade in light of Visser in order to provide a web service platform that includes management services for the various services offered by the service provider that operated the web service platform (Visser col 4 lines 2-25).


Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Gawade (US 11316822 B1) in view of Vaidya (US 20200076685 A1).

Regarding Claim 9

Gawade does not teach:

The method of claim 1, wherein defining the VIFs comprises processing a Custom Resource Definition (CRD) that specifies a VIF as a resource in the datacenter

Vaidya teaches:

The method of claim 1, wherein defining the VIFs comprises processing a Custom Resource Definition (CRD) that specifies a VIF as a resource in the datacenter (¶69 Objects to conform the virtual network specifications to the Kubernetes Custom Resource Definition, which specifies requirements and procedures for attaching Kubernetes pods to one or more virtual or physical networks, including requirements for plugins using the Container Network Interface (CNI) to attach pod networks)
Therefore, it would have been obvious to the one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Gawade in light of Vaidya in order to provide a virtualized computing infrastructure and, more specifically, to configuring network connectivity for virtual execution elements deployed to the virtualized computing infrastructure within a network (Vaidya ¶2).

Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Gawade in view of Siddaappa (US 20190034237 A1 )	
Regarding Claim 13

Gawade does not teach:

The method of claim 1, wherein the datacenter set comprises one or more datacenters that are associated with an availability zone identified by a software defined datacenter (SDDC) interface.

Siddaappa teaches:

The method of claim 1, wherein the datacenter set comprises one or more datacenters that are associated with an availability zone identified by a software defined datacenter (SDDC) interface (¶14 the resource manager is implemented using a Software Defined Data Center (SDDC) manager and the SDDC manager uses a resource management table to track resources that are currently assigned to a workload domain, SDDC manager uses considers compute resource availability)
Therefore, it would have been obvious to the one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Gawade in light of Siddaappa in order to provide the ability to execute multiple computer systems on a single hardware computer, replicating computer systems, moving computer systems among multiple hardware computers, and so forth (Siddaappa ¶3).

Claims 14 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Gawade in view of Banerjee (US 20170093790 A1)
Regarding Claim 14
Gawade teaches:

The method of claim 1, wherein allocated plurality of network addresses are from a first subnet, the method further comprising: associating the new VIF with a PFE executing on a host computer along with the VIF's associated machine (col 20 lines 35-55 Computing device 200 may be coupled to a physical network switch fabric (PFE) that includes an overlay network that extends switch fabric from physical switches (multiple PFEs) to software or “virtual” routers (LFE) of physical servers coupled to the switch fabric col 24 lines 25-55 external IP addresses allocated specifically for the service implemented by the service and pod networks, For the service network, virtual router 220 (LFE) associates an external IP address with the service network and virtual network interface 212A as in fig. 2 212A virtual interface associated with VRF 222A (LFE) executing on a server that executes the 212A (virtual interface) associated with POD 202A).

Gawade does not teach:

while defining a new VIF, determining that there are no remaining network addresses to allocate from the first subnet; 

allocating a second of subnet of network addresses; 

assigning a network address from the newly allocated second subnet to the new VIF; 

associating the new VIF with a machine; 

Banerjee teaches:

while defining a new VIF, determining that there are no remaining network addresses to allocate from the first subnet (¶4 a method for allocating IP addresses ¶18 Gateway 124 may manage external public IP addresses for VMs 120 and route traffic incoming to and outgoing from virtualized computing system 102 ¶44 where gateway 184 identifies a current subnet for new IP address allocation. This subnet is a subnet that includes one or more available IP addresses. Gateway 184 may identify the current subnet based on an internal list of available IPs 302, ¶47 Once the current subnet has no more available IP addresses, gateways 184 switch to a new subnet with available IP addresses.); 

allocating a second of subnet of network addresses (¶47 gateways 184 switch to a new subnet with available IP addresses); 

assigning a network address from the newly allocated second subnet to the new VIF (¶47 gateways 184 may select such a next subnet as the numerically subsequent subnet, meaning that a subnet is chosen having the next-highest prefix number as compared with the subnet from which all IP addresses were just allocated); 

associating the new VIF with a machine (¶18 Gateway 124 may manage external public IP addresses for VMs 120 and route traffic incoming to and outgoing from virtualized computing system 102); 
Therefore, it would have been obvious to the one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Gawade in light of Banerjee in order to provide a method for allocating IP addresses (Banerjee ¶4).


Regarding Claim 16
Gawade-Banerjee teaches:

The method of claim 14.

Banerjee teaches:

The method of claim 14, wherein the plurality of PFEs implements a logical network and the first and second subnets are first and second sub-networks of the logical network (¶23 A virtual data center 180 is a logical construct instantiated and managed by a tenant that provides compute, network, and storage resources to that tenant, ¶36 subnet is a logical division of an IP network, fig. 2 multiple gateway 184 (PFE) for a first and second subnet) .
outgoing from virtualized computing system 102); 
Therefore, it would have been obvious to the one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Gawade in light of Banerjee in order to provide a logical division of an IP network, represented as a set of IP addresses that have the same prefix (Banerjee ¶36).

Claim 15 are rejected under 35 U.S.C. 103 as being unpatentable over Gawade in view of Hirasawa (US 20210306285 A1)
Regarding Claim 15
Gawade does not teach:

The method of claim 14, wherein the PFEs comprise ports, and the VIFs are associated with the forwarding elements by creating associations between the VIFs and the ports of the forwarding elements.

Hirasawa teaches:

The method of claim 14, wherein the PFEs comprise ports, and the VIFs are associated with the forwarding elements by creating associations between the VIFs and the ports of the forwarding elements (¶81 transfer function unit 83  (PFE), the internal route engine 85 prepares a virtual Interface (IF) simulating each port of the transfer function unit 83, in the packet control agent 86.  .
Therefore, it would have been obvious to the one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Gawade in light of Hirasawa in order to provide a transfer apparatus, a transfer system, a transfer method and a program that perform enhanced control for communication paths for a group of transfer apparatuses (switch cluster) forming a communication network as well as automatic path switching control in response to an occurrence of failure on the communication path (Hirasawa ¶1).


Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over Gawade in view of Tubaltsev (US 9590901 B2)


Regarding Claim 17
Gawade does not teach:

The method of claim 14 further comprising configures the plurality of PFEs to implement first and second logical forwarding elements (LFEs) that establish the first and second logical sub- networks.

Tubaltsev teaches:

The method of claim 14 further comprising configures the plurality of PFEs to implement first and second logical forwarding elements (LFEs) that establish the first and second logical sub- networks (col 2 lines 30-65, a logical network that comprises a logical forwarding element with at least two logical ports that each connect the logical network to an external network and that each peer with a physical router (PFE) of the external network in order to advertise network address reachability information for at least two subnets (first and second logical sub- networks) of the logical network to the external network, first physical router (PFE) on a first subnet of the external network and a second logical port (LFE) peers with a second physical router on a second subnet of the external network, claim 1)
Therefore, it would have been obvious to the one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Gawade in light of Tubaltsev in order to provide a network control system that enables logical networks operating in a network managed by the network control system to peer with and advertise routing information to physical routers outside of the managed network. (Tubaltsev col 2 lines 30-65).


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to OLUWATOSIN M GIDADO whose telephone number is (571)272-4227. The examiner can normally be reached Monday -Friday 8:00 - 4:30 EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Oscar Louie can be reached on (571) 270-1684. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/OLUWATOSIN M GIDADO/Examiner, Art Unit 2445                                                                                                                                                                                                        
/OSCAR A LOUIE/Supervisory Patent Examiner, Art Unit 2445