[go: up one dir, main page]

WO2018020446A1 - Provisioning private network connections - Google Patents

Provisioning private network connections Download PDF

Info

Publication number
WO2018020446A1
WO2018020446A1 PCT/IB2017/054551 IB2017054551W WO2018020446A1 WO 2018020446 A1 WO2018020446 A1 WO 2018020446A1 IB 2017054551 W IB2017054551 W IB 2017054551W WO 2018020446 A1 WO2018020446 A1 WO 2018020446A1
Authority
WO
WIPO (PCT)
Prior art keywords
link
network connection
network
period
time
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/IB2017/054551
Other languages
French (fr)
Inventor
Cameron DANIEL
Mitchell WARDEN
Adam Wells
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Megaport (services) Pty Ltd
Original Assignee
Megaport (services) Pty Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Megaport (services) Pty Ltd filed Critical Megaport (services) Pty Ltd
Priority to SG11201807512RA priority Critical patent/SG11201807512RA/en
Priority to AU2017304280A priority patent/AU2017304280A1/en
Priority to HK19101902.4A priority patent/HK1259488A1/en
Priority to EP17833679.8A priority patent/EP3424185A4/en
Publication of WO2018020446A1 publication Critical patent/WO2018020446A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4604LAN interconnection over a backbone network, e.g. Internet, Frame Relay
    • H04L12/462LAN interconnection over a bridge based backbone
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/20Arrangements for monitoring or testing data switching networks the monitoring system or the monitored elements being virtualised, abstracted or software-defined entities, e.g. SDN or NFV
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/16Threshold monitoring

Definitions

  • the present technology pertains to provisioning private network connections, and more specifically pertains to establishing private, dedicated, network connections according to various specified conditions.
  • An Internet exchange is a location where different private networks can interconnect.
  • a regional network can connect to a tier 1 network (i.e., an international network) at an internet exchange.
  • the Internet is characterized by these Internet exchanges and the associated private networks.
  • Many web services and cloud platforms can be accessed primarily through these Internet exchanges. Because most private networks are not able to directly co- locate in every Internet exchange, even the most expansive private networks fail to directly connect to every other network or location.
  • a private network can send their data through an intermediate transit network.
  • Many private network connection providers lease connections across their network (e.g., provide transit) to customers.
  • a private network connection provider might provide a connection between two geographic regions and a customer may wish to connect their datacenters in the two regions.
  • Another example includes a private network connection provider having a network with a connection at a major Internet exchange and another connection at a remote location (e.g., an Internet exchange or other connection point); a customer at the remote location that wants to connect to networks available at the major Internet exchange can send their data through the private network connection provider.
  • a computer-implemented method comprising: monitoring a private network to determine respective characteristics for each link of the private network;
  • the respective characteristics include a price of an individual link, latency corresponding to the individual link, available bandwidth corresponding to the individual link, and availability of an external resource corresponding to the individual link.
  • a first service requirement of the one or more service requirements corresponds to a first weight and a second service requirement of the one or more service requirements corresponds to a second weight, and the method further comprises: applying the first weight to a first calculation for selecting the first link; and applying the second weight to the second calculation for selecting the first link.
  • the computer- implemented method further comprises the step of: determining, at a third period of time, availability of a third link corresponding to the specified type of network connection and satisfying the one or more service requirements based at least in part on respective updated characteristics for each link; and providing, at the third period of time, at least a portion of the network connection via the third link.
  • the computer-implemented further comprises the step of: determining, at the first period of time, that none of the plurality of links correspond to the specified type of network connection and satisfy the one or more specified service requirements based at least in part on the respective characteristics for each link of the private network.
  • the computer-implemented further comprises the steps of: determining, at the first period of time, that a second plurality of links correspond to the specified type of network connection and satisfy the one or service requirements based at least in part on the respective characteristics for each link; determining, at the second period of time, that the second plurality of links no longer correspond to the specified type of network connection or satisfy the one or service requirements based at least in part on the respective characteristics for each link; and cease providing the network connection.
  • the computer-implemented method further comprises the step of: determining a first monetary cost of the first link and a second monetary cost of the second link.
  • a non-transitory computer-readable medium having computer readable instructions stored thereon that, when executed by a processor of a computer, cause the computer to: monitor a private network to determine respective characteristics for each link of the private network;
  • the respective characteristics include a price of an individual link, latency corresponding to the individual link, available bandwidth corresponding to the individual link, and availability of an external resource corresponding to the individual link.
  • a first service requirement of the one or more service requirements corresponds to a first weight and a second service requirement of the one or more service requirements corresponds to a second weight, and the instructions further cause the computer to: apply the first weight to a first calculation for selecting the first link; and apply the second weight to the second calculation for selecting the first link.
  • the computer readable instructions further cause the computer to: determine, at a third period of time, availability of a third link corresponding to the specified type of network connection and satisfying the one or more service requirements based at least in part on respective updated characteristics for each link; and provide, at the third period of time, at least a portion of the network connection via the third link.
  • the computer readable instructions further cause the computer to: determine, at the first period of time, that none of the plurality of links correspond to the specified type of network connection and satisfy the one or more service requirements based at least in part on the respective characteristics for each link of the private network.
  • the computer readable instructions further cause the computer to: determine, at the first period of time, that a second plurality of links correspond to the specified type of network connection and satisfy the one or more service requirements based at least in part on the respective characteristics for each link; determining, at the second period of time, that the second plurality of links no longer correspond to the specified type of network connection or satisfy the one or service requirements based at least in part on the respective characteristics for each link; and cease providing the network connection.
  • the computer readable instructions further cause the computer to: determine a first monetary cost of the first link and a second monetary cost of the second link.
  • a system comprising: a processor; a computer-readable medium; and non-transitory computer-readable instructions stored thereon that, when executed by a processor, cause the system to: monitor a private network to determine respective characteristics for each link of the private network;
  • the computer readable medium is a non transitory computer readable medium.
  • the respective characteristics include a price of an individual link, latency corresponding to the individual link, available bandwidth corresponding to the individual link, and availability of an external resource corresponding to the individual link.
  • a first service requirement of the one or more service requirements corresponds to a first weight and a second service requirement of the one or more service requirements corresponds to a second weight, wherein the non-transitory computer-readable instructions, when executed by the processor, further cause the system to: apply the first weight to a first calculation for selecting the first link; and apply the second weight to the second calculation for selecting the first link.
  • the non-transitory computer-readable instructions when executed by the processor, further cause the system to: determine, at a third period of time, availability of a third link corresponding to the specified type of network connection and satisfying the one or more service requirements based at least in part on respective updated characteristics for each link; and provide, at the third period of time, at least a portion of the network connection via the third link.
  • the non-transitory computer-readable instructions when executed by the processor, further cause the system to: determine, at the first period of time, that none of the plurality of links correspond to the specified type of network connection and satisfy the one or more service requirements based at least in part on the respective characteristics for each link of the private network.
  • the non-transitory computer-readable instructions when executed by the processor, further cause the system to: determine, at the first period of time, that the second plurality of links correspond to the specified type of network connection and satisfy the one or service requirements based at least in part on the respective characteristics for each link; and determine, at a second period of time, that the second plurality of links no longer correspond to the specified type of network connection or satisfy the one or more service requirements based at least in part on the respective characteristics for each link.
  • the system is configured for provisioning private network connections.
  • '(s)' following a noun means the plural and/or singular forms of the noun.
  • 'and/or' means 'and' or 'or' or both.
  • FIGS. 1A, IB, and 1C illustrate examples of network architectures in accordance with some embodiments
  • FIGS. 2A, 2B, and 2C illustrate examples of systems for interconnecting networks in accordance with some embodiments
  • FIG. 3A and FIG. 3B illustrate examples of networks in accordance with some embodiments
  • FIG. 4 illustrates an example method for provisioning a private network connection in accordance with some embodiments
  • FIG. 5 A, 5B, and 5C illustrate examples of graphical user interfaces relating to a network path in accordance with some embodiments.
  • FIGS. 6A and 6B illustrate example systems in accordance with some embodiments.
  • a private network connection provider can monitor its private network to determine characteristics for links of the private network.
  • a private network connection can refer to a link, between the private network connection provider's customers, that does not traverse the public Internet.
  • the private network connection provider's customers can include Internet Service Providers (ISPs) (e.g., AT&T U-verse®, CenturyLink®, Comcast Xfinity®), digital content providers (e.g., ESPN®, YouTube®, Wikipedia®), content delivery networks (CDNs) (e.g., Amazon CloudFront®, Akamai®, CloudFlare CDN®), web hosting providers (e.g., GoDaddy®, BlueHost®, HostGator®), infrastructure providers (e.g., Amazon Web Services®, Microsoft Azure®, Google Cloud Platform®), systems integrators (e.g., Accenture®, Computer Sciences Corporation®, IBM®), and enterprise networks, among others.
  • ISPs Internet Service Providers
  • CADNs content delivery networks
  • web hosting providers e.g
  • the network characteristics monitored by the private network connection provider can include total bandwidth, available bandwidth, latency, etc.
  • the private network connection provider can receive a request for a private network connection between a first physical server (e.g., a first customer's machine) and a second physical server (e.g., a second customer's machine or a second of the first customer) over the private network.
  • This request can specify a type of network connection and one or more conditions corresponding to one or more service requirements.
  • a type of network connection can include the physical medium of the connection (e.g., coaxial, twisted pair, fiber-optic, wireless, etc.), the bandwidth of the connection (e.g., lOgb/s, lgb/s), the service level availability of the connection (e.g., 99%, 99.9%, 99.99% uptime), the symbol type of the connection (e.g., 256 QAM, 64 QAM, BPSK), the connection standard (e.g., IEEE 602.x), etc.
  • Conditions can include price, cose, uptime (e.g., reliability), utilization, available bandwidth, latency, jitter, distance, etc.
  • the private network connection provider may be unable to satisfy the request.
  • the private network connection provider can then wait until a later time when the private network connection provider is able to accommodate the request.
  • the private network connection provider can then select links and associated nodes that are sufficient to satisfy the request and establish a private network connection across those links and nodes.
  • FIG. 1A illustrates an example cloud architecture 100 that can be utilized in accordance with some embodiments.
  • Cloud 150 can be a public, private, and/or hybrid cloud system which may include one or more public and private cloud networks in communication with each other.
  • Cloud 150 can include resources, such as one or more Firewalls 162; Load Balancers 170; WAN optimization platforms 160; devices 164, such as switches, routers, intrusion detection systems, etc.; servers 168, such as a primary use network server, a data backup server, dynamic host configuration protocol (DHCP) server, a domain naming system (DNS) server, a storage server, an authentication server, etc.; virtual machines (VMs) 166; controllers 155, such as a communications controller or management device.
  • resources such as one or more Firewalls 162; Load Balancers 170; WAN optimization platforms 160; devices 164, such as switches, routers, intrusion detection systems, etc.; servers 168, such as a primary use network server, a data backup server, dynamic host configuration protocol (DHCP) server, a domain naming system (DNS) server, a storage server, an authentication server, etc.; virtual machines (VMs) 166; controllers 155, such as a communications controller or management device.
  • Cloud resources can be physical, software, virtual, or any combination thereof.
  • a cloud resource can include a server running one or more virtual partitions (e.g., VMs or containers) or hosting one or more databases.
  • cloud resources can be provisioned based on requests (e.g., client or tenant requests), schedules, triggers, events, signals, messages, alerts, agreements, necessity, subscriptions, purchases, or any other factor.
  • Cloud 150 can provision various types of resources or services, such as network recovery services, application services, software development services, database services, storage services, management services, monitoring services, configuration services, administration services, backup services, disaster recovery services, bandwidth or performance services, intrusion detection services, VPN services, or any type of services to any device, server, network, client, or tenant.
  • Other example service models include software as a service, infrastructure as a service, platform as a service, backend as a service, desktop as a service, or information technology management as a service, among other services provided over a network.
  • cloud 150 can handle traffic and manage resources and configurations.
  • cloud 150 can provide network routing/re -routing services, network data backup services, configuration services, such as automated deployments, automated wireless configurations, automated policy implementations, and the like.
  • cloud 150 can collect data about a client or network and generate configuration settings for specific service, device, or networking deployments.
  • cloud 150 can generate security policies, subnetting and routing schemes, forwarding schemes, NAT settings, VPN settings, and/or any other type of configurations. Cloud 150 can then push or transmit the necessary data and settings to specific devices or components to manage a specific implementation or deployment.
  • cloud 150 can generate VPN settings, such as IP mappings, port number, and security information, and send the VPN settings to specific, relevant device(s) or component(s) identified by cloud 150 or otherwise designated. The relevant device(s) or component(s) can then use the VPN settings to establish a VPN tunnel according to the settings.
  • cloud 150 can generate and manage network diagnostic tools or graphical user interfaces, or automate the interconnection between multiple networks and resources.
  • cloud 150 can provide specific services for clients - namely, client A 110A, client B HOB, and client C HOC.
  • cloud 150 can deploy a network or specific network component, configure links or devices, automate services or functions, or provide any other services for the clients.
  • Other non-limiting example services performable by cloud 150 can include network administration services, network monitoring services, content filtering services, application control, WAN optimization, firewall services, gateway services, storage services, protocol configuration services, wireless deployment services, interconnection services, network services, and so forth.
  • the clients can connect with cloud 150 through networks 135, 140, and 145, respectively. More specifically, client A 110A, client B HOB, and client C HOC can each connect with cloud 150 through networks 135, 140, and 145, respectively, in order to access resources from cloud 150, communicate with cloud 150, or receive any services from cloud 150.
  • Networks 135, 140, and 145 can each refer to a public network, such as the Internet; a private network, such as a LAN; a combination of networks; or any other network, such as a VPN.
  • the clients can each include one or more networks.
  • client A 110A, client B HOB, and client C 1 IOC can each include one or more LANs and VLANs.
  • a client can represent a branch network, such as a LAN, or multiple branch networks, such as multiple remote networks.
  • client A 110A can represent a single LAN network or branch, or multiple branches or networks, such as a branch building, office, or campus network in Los Angeles and another branch building, office, or campus network in New York.
  • Client A 110A, client B HOB, and client C HOC can thus include campus networks, enterprise networks, provider networks, datacenters, etc. If a client includes multiple branches or networks, the multiple branches or networks can each have a designated connection to cloud 150.
  • each branch or network can maintain a tunnel to cloud 150.
  • all branches or networks for a specific client can connect to cloud 150 via one or more specific branches or networks.
  • traffic for the different branches or networks of a client can be routed through one or more specific branches or networks.
  • client A 110A, client B HOB, and client C HOC can each include one or more routers, switches, appliances, client devices, VMs, or any other devices.
  • Each client can also maintain links between branches.
  • client A can have two branches, and the branches can maintain a link between each other.
  • branches can maintain a tunnel between each other, such as a VPN tunnel.
  • the link or tunnel between branches can be generated and/or maintained by cloud 150.
  • cloud 150 can collect network and address settings for each branch and use those settings to establish a tunnel between branches.
  • Cloud 150 can maintain information about each client network, in order to provide or support specific services for each client, such as network traffic monitoring, network traffic routing/re -routing, security, or network services. Cloud 150 can also maintain one or more links or tunnels to the clients. For example, cloud 150 can maintain a virtual circuit to one or more devices in client A's network.
  • Cloud 150 can also monitor device and network health and status information for client A 11 OA, client B HOB, and client C HOC. To this end, client A 11 OA, client B HOB, and client C HOC can synchronize information with cloud 150. Cloud 150 can also manage and deploy services for the clients. For example, cloud 150 can collect network information about client A 110A and generate network and device settings to automatically deploy a service for client A 11 OA. In addition, cloud 150 can update device, network, and service settings for the clients. Cloud 150 can also interconnect a client with another network or cloud either directly or indirectly through cloud 150, for example.
  • cloud architecture 150 can include any number of nodes, devices, links, networks, or components. In fact, embodiments with different numbers and/or types of clients, networks, nodes, cloud components, servers, software components, devices, virtual or physical resources, configurations, topologies, services, appliances, deployments, or network devices are also contemplated herein. Further, cloud 150 can include any number or types of resources, which can be accessed and utilized by clients or tenants. The illustration and examples provided herein are intended for clarification of some embodiments of the present technology.
  • packets e.g., traffic and/or messages
  • packets can be exchanged among the various nodes and networks in the cloud architecture 100 using specific network protocols.
  • packets can be exchanged using wired protocols, wireless protocols, security protocols, OSI-Layer specific protocols, labels, or any other protocols.
  • protocols can include Session Initiation Protocol (SIP), protocols from the Internet Protocol Suite, such as TCP/IP; OSI (Open Systems Interconnection) protocols, such as L1-L7 protocols; routing protocols, such as RIP, IGP, BGP, STP, ARP, OSPF, EIGRP, NAT; or any other protocols or standards, such as HTTP, SSH, SSL, RTP, FTP, SMTP, POP, PPP, NNTP, IMAP, Telnet, SSL, SFTP, WIFI, Bluetooth, VTP, ISL, IEEE 602 standards, L2TP, IPSec, etc.
  • various hardware and software components or devices can be implemented to facilitate communications both within a network and between networks.
  • the various hardware and software components or devices can also be referred to as nodes and some examples are switches, hubs, routers, access points (APs), antennas, network interface cards (NICs), modules, cables, firewalls, servers, repeaters, sensors, and the like.
  • FIG. IB illustrates a schematic block diagram of an example controller 155.
  • Controller 155 can serve as a cloud service management system for cloud 150.
  • controller 155 can manage cloud operations, client communications, service provisioning, network configuration and monitoring, and the like.
  • controller 155 can manage cloud service provisioning or deployment, such as cloud storage, media, streaming, security, or administration services.
  • Controller 155 can also manage VMs; networks, such as client networks; service provisioning; virtual circuits between networks or clouds; interfaces; network ports; and so forth.
  • Controller 155 can include several subcomponents, including hardware and software components such as scheduling function 127, processor 121, dashboard process 119, data storage 123, networking function 125, management layer 117, and communication interface 115.
  • the various subcomponents can be implemented as hardware and/or software components (e.g., processor, memory, modules, logic, virtual workload, data structures, etc.).
  • FIG. IB illustrates one example configuration of the various components of controller 155, those of skill in the art will understand that the components can be configured in a number of different ways and can include any other type and number of components.
  • networking function 125 and management layer 117 can belong to one software module or multiple separate modules. Other modules can be combined or further divided up into more subcomponents.
  • Scheduling function 127 can manage scheduling of procedures, events, services, or communications. For example, scheduling function 127 can schedule when resources should be allocated from cloud 150. As another example, scheduling function 127 can schedule when specific instructions or commands should be transmitted to a network (e.g., one or more client devices). Scheduling function 127 can provide scheduling for operations performed or executed by the various subcomponents of controller 155. Scheduling function 127 can also schedule resource slots, virtual machines, bandwidth, device activity, status changes, nodes, updates, policies, circuits, services, and the like. [0056] Dashboard process 119 can provide an interface or front end where clients can access, consume, purchase, configure, remove, manage, and generally monitor cloud and network services.
  • dashboard process 119 can provide a web-based frontend where clients can configure client devices or networks that are cloud-managed, provide client preferences, configure policies, enter data, upload statistics, configure interactions or operations, etc.
  • dashboard process 119 can provide an interactive display where users can interconnect their network or device with one or more networks or clouds, such as cloud 150 and a separate cloud or datacenter, for example.
  • Dashboard process 119 can provide visibility information, such as views of client networks or devices, and even provide diagnostic information, e.g., dashboard process 119 can provide a view of the status or conditions of the client's network, the operations taking place, services, performance, a topology or layout, specific network devices, protocols implemented, running processes, errors, notifications, alerts, network structure, ongoing communications, data analysis, etc.
  • Dashboard process 206 can provide a graphical user interface (GUI) for the client to monitor the client's network(s), devices, statistics, services, connections, account(s), configurations, errors, notifications, etc., and even make modifications or setting changes through the GUI.
  • GUI graphical user interface
  • the GUI can depict charts, lists, tables, tiles, network trees, maps, topologies, symbols, structures, or any graphical object or element.
  • the GUI can use color, font, shapes, or any other characteristics to depict scores, alerts, or conditions.
  • Dashboard process 206 can also handle user or client requests. For example, the client can enter a request through a corresponding GUI to establish or configure a virtual circuit or service, modify configurations, add resources to a current service, purchase or cancel a service, etc.
  • Data storage 123 can include any data or information, such as management data, statistics, settings, preferences, profile data, account data, transactions, logs, notifications, attributes, configuration parameters, client information, network information, and the like.
  • controller 155 can collect network statistics from a client (e.g., client A 110A) and store the statistics in data storage 123.
  • Data storage 123 can also include performance and/or configuration information. This way, controller 155 can use such data to perform management or service operations for the client.
  • Data storage 123 can be a physical storage or memory device, a database, a folder, a disk, or any storage medium on controller 155 or accessible to controller 155 (e.g., directly or indirectly).
  • Networking function 125 can be a module, application, appliance, logic, processor, or function capable of performing network operations. Networking function 125 can thus perform networking calculations, such as network addressing, or networking service or operations, such as auto virtual circuit configuration or traffic routing/re -routing. For example, networking function 125 can perform filtering functions, switching functions, failover functions, high availability functions, network or device deployment functions, resource allocation functions, messaging functions, traffic analysis functions, port configuration functions, mapping functions, packet manipulation functions, path calculation functions, loop detection, cost calculation, error detection, or otherwise manipulate data or networking devices. Networking function 125 can handle networking requests from other networks or devices and establish links between devices. Networking function 125 can also perform queueing, messaging, or protocol operations.
  • Management layer 117 can include logic to perform management operations.
  • management layer 117 can include the logic to allow the various components of controller 155 to interface and work together.
  • Management layer 117 can also include the logic, functions, software, and procedure to allow controller 155 to perform monitoring, management, control, deployment, configuration, and administration operations of other devices, networks, clouds, providers, clients (e.g., clients 110A-C); or cloud 150 operations and/or applications, services provided to clients, or any other component or procedure.
  • Management layer 117 can include the logic to operate controller 155 and perform particular services configured on controller 155.
  • management layer 117 can initiate, enable, or launch other instances in controller 155 and/or cloud 150.
  • management layer 117 can also provide authentication and security services for cloud 150, clients (e.g., 110A-C), controller 155, and/or any other device or component.
  • management layer 117 can manage nodes, resources, VMs, settings, policies, protocols, communications, services, clouds, datacenters, networks, and the like.
  • management layer 117 and networking function 125 can be part of the same module. However, in some embodiments, management layer 117 and networking function 125 can be separate layers and/or modules.
  • Communications interface 115 allows controller 155 to communicate with other devices or networks, such as clients 110A-C or other clouds or providers.
  • Communications interface 115 can be a network interface card (NIC), and can include wired and/or wireless capabilities.
  • NIC network interface card
  • Communications interface 115 allows controller 155 to send and receive data from other devices and networks.
  • controller 155 can include multiple communications interfaces for redundancy or failover.
  • controller 155 can include dual NICs for connection redundancy or for multiple lines or channels.
  • FIG. 1C illustrates a diagram of an example interconnection model 172 between clouds or networks, in accordance with some embodiments.
  • Interconnection model 172 can include first cloud 174 (e.g., private and/or public cloud, enterprise datacenter, network, endpoint, campus, etc.) and second cloud 176, which can be directly connected or separated by one or more networks, such as the Internet.
  • first cloud 174 can be connected to second cloud 176 via portions of the Internet and dedicated paths associated with the first cloud and/or the second cloud.
  • First cloud 174 and second cloud 176 can be connected via a communication link 178 between cloud gateway 188 and cloud gateway 192. Data packets and traffic can be exchanged among the devices of the clouds 174, 176 using predefined network communication protocols.
  • Communication link 178 can be a dedicated virtual or physical line, such as a virtual circuit, a pseudowire, a virtual private network, a point-to-point network, and so forth.
  • communication link 178 can be established using remote network 198.
  • Remote network 198 can be a datacenter, a private network, a distributed network, a cloud (e.g., cloud 150), etc.
  • Communication link 178 can also be established using other, intermediary networks, such as a public network (i.e., the Internet), which can interconnect clouds 174, 176 with or without remote network 198.
  • First cloud 174 and second cloud 176 can include cloud gateway 225 and cloud gateway 235, respectively, and at least one virtual partition (e.g., VM or container).
  • first cloud 174 can include VM1 250 and VM2 252
  • second cloud 176 can include VM3 254.
  • Cloud gateway 225 can be configured as a VM running in first cloud 174 that is responsible to establish communication link 270 for interconnecting the components in second cloud 176 with first cloud 174.
  • Cloud gateway 235 may be configured as a VM running in second cloud 176 that is responsible to establish communication link 270 for connecting cloud gateway 235 with cloud resources.
  • First cloud 174 can include a virtual supervisor module 190, a hypervisor 180 (also called a virtual machine manager or monitor), and one or more VMs 182.
  • Virtual supervisor module 190 can be used to create VMs in the cloud.
  • Each of the VMs can host an application or service, and can operate as if each resides in the cloud.
  • Hypervisor 180 can be configured by virtual supervisor module 190, and can provide an operating system for one or more VMs.
  • Hypervisor 180 can include computer software, firmware, and/or hardware to create and/or run one or more VMs.
  • hypervisor 180 can run one or more VMs on one or more computers called host machines. Each of the VMs can be referred to as a guest machine, and can run a guest operating system.
  • First cloud 174 can also include a hybrid cloud manager 184, which can be a management plane VM for auto-provisioning resources in a hybrid cloud solution.
  • Hybrid cloud manager 184 can be a management platform (which can include physical or virtual components, such as a VM) running in first cloud 174, and can be generally responsible for providing hybrid cloud operations, translating between cloud interfaces, management of cloud resources, dynamic instantiating of cloud gateways and cloud VM components (e.g., VMs 182, 196) through virtualization platform and cloud provider APIs, for example.
  • Hybrid cloud manager 184 may also monitor components (e.g., cloud gateways 188, 192, one or more private application VMs, communication link 178, etc.) and/or manage those components.
  • Each cloud or network can include switch and/or network infrastructure for providing features and network services such as switching network traffic locally at the cloud, providing consistent enterprise network polices, allowing insertion or provisioning of various network services (e.g., load balancers, firewalls, content servers, web services, voice and data services, etc.).
  • first cloud 174 can include router 186 and second cloud 176 can include router 194 for routing traffic between cloud components or devices and/or within the network fabric.
  • the switch and/or network infrastructure can form a network topology, such as a spine-leaf or folded CLOS topology, which can include one or more switches, routers, segments, servers, domains, tenants, etc.
  • Communication link 178 can take several forms.
  • communication link 178 can include, or can be established via, remote network 198 and/or any other network, such as a public network (e.g., the Internet), a private network (e.g., a LAN), or a combination thereof.
  • Communication link 178 can also include a virtual private network (VPN) or tunnel, a point- to-point link, a pseudowire, a virtual circuit, etc., as previously noted.
  • VPN virtual private network
  • Communication link 178 can offer secure transport connections between the clouds. Moreover, communication link 178 can be based on tunneling or point-to-point technologies which can provide customers inter or intra-datacenter network connectivity and various network topologies. Such technologies can also extend the network (e.g., cloud or enterprise datacenter) at the network layer (Layer 3 or "L3" of the OSI model). Networks created at a cloud or datacenter (e.g., second cloud 176) can include new subnets, segments, overlays, and VMs to extend a different cloud or datacenter. Specific services or applications (e.g., access control lists, firewall policies, domain name services, etc.) can be accordingly configured or modified in order for attached VM systems to communicate through the underlay and/or between clouds.
  • Specific services or applications e.g., access control lists, firewall policies, domain name services, etc.
  • Some cloud embodiments can utilize a secure transport layer (e.g., Layer 4 or "L4") tunnel as communication link 178 between first cloud gateway 188 in the first cloud 174 and second cloud gateway 192 in second cloud 176.
  • the secure transport layer tunnel can be configured to provide a link layer (e.g., Layer 2 or "L2") network extension between first cloud 174 and second cloud 176.
  • the secure transport layer (L4) tunnel e.g., transport layer security (TLS), datagram TLS (DTLS), secure socket layer (SSL), etc.
  • TLS transport layer security
  • DTLS datagram TLS
  • SSL secure socket layer
  • the secure transport layer tunnel can provide a link layer network extension between first cloud 174 and second cloud 176.
  • Cloud gateway 188 at the first cloud 174 can use communication link 178 to connect to cloud resources allocated at second cloud 176, and vice versa.
  • Link 178 can be used with corporate or private firewalls and NAT devices due to the nature of the transport level protocols (e.g., UDP/TCP) and the transport layer ports opened for HTTP/HTTPS in the firewall, for example.
  • Underlying L2 networks can be further extended and connected to each of the cloud VMs through cloud gateways 188, 192.
  • Cloud service providers can offer a number of network attachments for each of the cloud VMs and resources, such as networking or data processing capabilities.
  • Cloud service provides can provide one or more types of services, such as software as a service, infrastructure as a service, platform as a service, backend as a service, desktop as a service, or information technology management as a service.
  • FIG. 2A illustrates a schematic diagram of an example system 200 for interconnecting networks.
  • Client 110A e.g., endpoint, enterprise, network, campus, datacenter, etc.
  • fabric 198 can connect to fabric 198 to establish links 216, 218, 210, 222, and 224 to endpoints 206, 208, 210, and212.
  • Fabric 198 can include one or more private and/or public networks.
  • fabric 198 can include a datacenter, a cloud, or a cluster of private networks.
  • fabric 198 can include physical resources for establishing, monitoring, configuring, managing, and/or troubleshooting links 216, 218, 220, 222, and 224.
  • Links 216, 218, 220, 222, and 224 can be virtual links or circuits to endpoints 206, 208, 210, and 212.
  • links 216, 218, 220, and 220 can be dedicated or point-to-point links or tunnels to the endpoints 206, 208, 210, and 212.
  • link 216 can be an MPLS pseudowire connecting client 110A with endpoint 206.
  • Links may also be implemented as point-to-multipoint links or tunnels to endpoints 206, 208, 210, and 21.
  • link 224 can be an MPLS pseudowire connecting client 110A to endpoints 206, 208, 210, and 212.
  • Endpoints 206, 208, 210, and 212 can correspond to clouds (e.g., public clouds, private clouds, hybrid clouds), carriers, service providers, networks, datacenters, etc.
  • endpoint 206 can be a network provider
  • endpoint 208 can be a storage provider
  • endpoint 210 can be a cloud services provider
  • endpoint 212 can be a voice and data services provider.
  • endpoints 206, 208, 210, and 212 can provide services to, or extend current services from, client 110A.
  • endpoints 206, 208, 210, and 212 can provide additional bandwidth services, cloud bursting services, or media services to client 110A and/or consumers of services of client 110A.
  • FIG. 2B illustrates an example configuration of fabric 198 for provisioning services and interconnecting networks.
  • Fabric 198 can include switches 230 and 232 configured according to a specific topology, such as spine-leaf or folded CLOS, for communicating within fabric 198.
  • Switches 230 and 232 can serve as the underlay of the network.
  • switches 232 can interface with one or more devices 236, such as servers, VMs or containers, controllers, and so forth.
  • Fabric 198 can also include gateway 234, which can serve as an ingress/egress router for connecting fabric 198 with other networks, devices, or clouds.
  • Fabric 198 can also include capabilities for establishing virtual circuits, links, or tunnels to other networks, and managing or routing traffic to and from other networks.
  • FIG. 2C illustrates a second example configuration of fabric 198 for provisioning services and interconnecting networks.
  • Fabric 198 can include multiple networks or datacenters 238, 242, 248.
  • Networks or datacenters 238, 242, 248 can be interconnected within fabric 198 via respective routers 240, 244, 246.
  • Routers 240, 244, 246 can also connect networks or datacenters 238, 242, 248 to other networks or devices outside of fabric 198. This way, networks or datacenters 238, 242, 248 can communicate with other networks and devices outside of fabric 198.
  • FIG. 3A and FIG. 3B illustrate example representations of network 300 according to various embodiments.
  • FIG. 3A illustrates nodes 302 a -302 g (collectively, "node 302") within regions 304 a -304d (collectively, "region 304") connected via links 306 a -306i (collectively, "link 306").
  • Network 300 can connect first customer endpoint 301 with second customer endpoint 303.
  • Network 300 can be a private network.
  • a private network can be a network that is isolated from outside connections (e.g., physically isolated or logically isolated), a network that is owned by a single entity, a network that can provide dedicated or guaranteed connections to a customer (e.g., if a customer orders a lGbit/s connection, lGbit/s will be available, regardless of other traffic in the network), etc.
  • certain nodes 302 and links 306 of network 300 are owned or managed by a private network connection provider.
  • the private network connection provider can lease links 306 or nodes 302 from a third party.
  • the private network connection provider can use agreements (e.g., peering agreements) with other private network connection providers in order to create network 300.
  • certain nodes 302 e.g., nodes 302 a and 302 g
  • Customer endpoints 301 and 303 can be operated by a single customer or by separate customers. A customer can pay the private network connection provider for transit across network 300 between customer endpoints 301 and 303. Network 300 can have peering agreements with customer endpoints 301 and/or 303 to facilitate free intercommunication.
  • customer endpoints 301 and 303 can be datacenters for a customer. The customer can send data between customer endpoints 301 and 303 (e.g., for backup, synchronization, or processing).
  • customer endpoint 301 can be associated with the customer while customer endpoint 303 can be associated with a client of the customer.
  • customer endpoint 301 can be an update server for updating an application running on customer endpoint 303.
  • Node 302 can correspond to a colocation, building, datacenter, switch, router, server, etc.
  • Link 306 can be a direct connection (e.g., a fiber cable, a copper wire, a wireless signal, etc.) between nodes 302 or a network (e.g., a transit network).
  • Link 306 can have various characteristics that may change over time, such as latency, available bandwidth, total bandwidth, price (e.g., monetary cost to a provider and/or customer for a port, bandwidth price, or data transfer price), reliability (e.g., up-time), connected links 306, connected nodes 302, or available services, etc., or may not change over time, such as region 304, connection type (e.g., fiber, copper, wireless, etc.), distance (i.e., the physical length of the link), etc.
  • connection type e.g., fiber, copper, wireless, etc.
  • distance i.e., the physical length of the link
  • Network manager 308 can determine various conditions of each link 306, such as price, quality of service parameters, redundancy and uptime parameters, etc.
  • the price of link 306 can be static (e.g., established by administrators) or dynamic (algorithmically variable).
  • the price of link 306 can be set based on other link characteristics (e.g., latency, available bandwidth, total bandwidth, etc.) as well as maintenance costs, leasing costs, connection costs, available alternatives, reliability, customer demand, etc.
  • the price of link 306 can be determined based on an auction; for example, multiple customers can bid for link 306 and the highest bidder can receive link 306.
  • Network manager 308 can automatically run such an auction, using customer requests (which can include a maximum price) to determine the price of link 306.
  • nodes 302 and links 306 can be virtual.
  • node 302 can be a virtual switch or router in one embodiment.
  • node 302 can be a combination of virtual and physical components.
  • FIG. 3B provides another representation of network 300, showing paths 310 a -310d (collectively, "path 310").
  • Path 310 e.g., a plurality of links
  • path 310 can be the route that data takes as it traverses the network.
  • Components of path 310 include nodes 302 and links 306.
  • Path 310 can mean a connection for the purposes of this disclosure.
  • network manager 308 can monitor nodes 302 and links 306 and determine their respective characteristics. For example, network manager 308 can send an Internet Control Message Protocol (ICMP) echo request (a "ping") across node 302, link 306 and/or path 310 to determine latency for the respective components or paths 310. In some embodiments, components can report their characteristics to network manager 308. Network manager 308 can keep a log, table, database, or similar data structure of characteristics over time. Such data can inform network manager 308 of historical trends; network manager 308 can make predictions of current and future characteristics using the log, table, database, or similar data structure. In some embodiments, network manager 308 can be distributed across network 300.
  • ICMP Internet Control Message Protocol
  • ping Internet Control Message Protocol
  • components can report their characteristics to network manager 308.
  • Network manager 308 can keep a log, table, database, or similar data structure of characteristics over time. Such data can inform network manager 308 of historical trends; network manager 308 can make predictions of current and future characteristics using the log, table, database, or similar
  • each node 302 can have network manager functionality (e.g., if node 302 is a router, network manager functionality can inform the routing process as an extension of routing protocols).
  • Network manager 308 can be used to negotiate transfer agreements, fee structures, routing priorities, link maintenance, etc. for a private network connection provider.
  • Network manager 308 can be a system owned and operated by the private network connection provider.
  • the price of link 306 can be determined based on various factors. For example, portions of link 306 can be externally set (e.g., if the network manager must lease portions of link 306 from an external party), the price can then be some percentage of the externally set price. In some such embodiments, the percentage can be commensurate with the usage of link 306. For example, if the network manager must pay $100 to lease link 306 and a customer reserves 10% of the link, the network manager can charge at least $10 to the customer. This can be considered a supply-driven pricing program, where prices are determined based on the cost of links 306.
  • the price of link 306 can also be determined based on the willingness of a customer to pay for link 306. For example, link usage rights can be auctioned off to the highest bidder. The price can be periodically reevaluated based on market conditions. For example, the price of link 306 can be determined every hour, day, month, etc. A potential customer can pay to reserve a price to hedge against price volatility. Price increases can be limited to a certain percentage so as to avoid drastic fluctuations in price. This can be considered a demand-driven pricing program, where prices are determined based on the willingness of customers to pay for links 306.
  • the price of link 306 can also be determined by a combination of pricing programs (e.g., supply-driven and demand-driven) to optimize various criteria.
  • a customer is also a provider of links 306.
  • the customer may own various links 306 that a network manager wishes to lease and the network manager may own various links 306 that the customer wishes to lease; in such situations, peering agreements can allow the customer and network manager to cross-lease their respective links 306 for free (or a discount).
  • a customer can be billed for link 306 in various ways. For example, a customer can be billed based on total amount of data transferred across link 306 or the customer can be billed a fixed amount based on the amount of bandwidth reserved for the customer regardless of actual usage.
  • the network manager merely facilitates a transaction whereby a customer can lease link 306 directly from a third party private network connection provider. The customer or third party private network connection provider can then pay a small transaction fee to the network manager.
  • node 302 can advertise characteristics regarding associated paths without detailing the specifics of the path. For example, network manager 308 can determine that node 302 c services a path to node 302 g from node 302 a at a certain price, but network manager 308 is not concerned with the actual path 310 taken (e.g., node 302 c can use link 302c or link 302 g corresponding to paths 310b or 310 a ). This can be accomplished by having one node (e.g., node 302f) begin by determining characteristics of one link (e.g., link 306i). Continuing with the example, node 302f can advertise that it can connect to node 302 g with associated characteristics. Node 302d can then detect characteristics of link 306f and combine those characteristics with those received from node 302f and advertise a connection to node 302 g with the combined characteristics.
  • network manager 308 can determine that node 302 c services a path to node 302 g from node 30
  • FIG. 4 illustrates example method 400 for provisioning a connection through network 300 (e.g., from customer endpoint 301 to customer endpoint 303) according to some embodiments.
  • Network manager 308 can perform example method 400.
  • a system performing example method 400 can begin by receiving a request for a connection through a network (step 402).
  • the request needs to be serviced immediately; alternatively, the request can be executed when certain conditions are met.
  • the request might specify a maximum cost (e.g., path price, total cost of the request), execution time, or other conditions.
  • Execution time can include a delay, a specified start time, a specified completion time, etc.
  • the request might be dependent on an external resource (e.g., virtual machine, service, etc.) and the request may be serviced when that resource is available.
  • customer endpoint 301 can have data that needs to be processed by customer endpoint 303 (e.g., customer endpoint 303 can represent a processing datacenter). In certain situations, customer endpoint 303 may be overwhelmed with other processes and cannot immediately process the data from customer endpoint 301.
  • Network manager 308 can wait to service the request to transfer data from customer endpoint 301 to customer endpoint 303 for a period of time until customer endpoint 303 is ready to receive the data.
  • Other external resources are contemplated.
  • the external resource is not a computing resource; for example the external resource can be human.
  • Examples of a human external resource can include translators, editors, reviewers, consumers (e.g., a viewer of a movie), etc.
  • Examples of computing external resources can include render farms, digital currency miners (e.g., Bitcoin), email servers, web servers, data recovery resources, data storage resources, data backup resources, localized content distribution nodes (e.g., for a content delivery network), analytics engines (e.g., for academic and scientific research), etc.
  • a customer (or potential customer) can submit the request to network manager 308.
  • the customer has access to the current status (e.g., characteristics) of network 300.
  • the customer can access this information through an application running on a client device, a web -based interface, an API, etc.
  • An example API can be RESTful, meaning that server interactions can be achieved programmatically or manually via, for example, a graphical user interface.
  • a customer can test and verify their API calls with a staging server before deployment.
  • a customer can submit a username/password combination and receive a session token. The session token can be used for any later requests for authorization.
  • a program can utilize the API to request path 310 or to find out information regarding path 310.
  • the API can provide available locations (e.g., the location of nodes 302 a -302 g ), path 310 pricing, etc.
  • An example API path order can include a company identifier, a request data, a location identifier, a service type, an optical interface, a port identifier, a rack identifier, a speed amount, a service name, and a session token.
  • API interactions can be in JSON, XML, or other data formats.
  • the system can continue by monitoring link characteristics for links on the network (step 404).
  • the network in step 404 can be network 300.
  • Step 404 can include monitoring node characteristics for nodes 302.
  • Network manager 308 can do the monitoring, as discussed above.
  • network manager 108 can monitor nodes 102 and links 106 and determine their respective characteristics.
  • network manager 108 can send an Internet Control Message Protocol (ICMP) echo request (a "ping") across node 102, link 106 and/or path 110 to determine latency for the respective components or paths 110.
  • ICMP Internet Control Message Protocol
  • components can report their characteristics to network manager 108.
  • Network manager 108 can keep a log of characteristics over time.
  • Such a log can inform network manager 108 of historical trends; network manager 108 can make predictions of current and future characteristics using the log.
  • network manager 108 can be distributed across network 100.
  • each node 102 can have network manager functionality (e.g., if node 102 is a router, network manager functionality can inform the routing process as an extension of routing protocols).
  • Network manager 108 can negotiate transfer agreements, fee structures, routing priorities, link maintenance, etc. for a network provider.
  • Network manager 108 can be a system owned and operated by the network provider.
  • node 102 can advertise characteristics regarding associated paths without detailing the specifics of the path.
  • network manager 108 can determine that node 102 c services a path to node 102 g from node 102 a at a certain price, but network manager 108 is not concerned with the actual path 110 taken (e.g., node 102 c can use link 102 c or link 102 g corresponding to paths 110b or 110 a ). This can be accomplished by having one node (e.g., node 102f) begin by determining characteristics of one link (e.g., link 106i). Continuing with the example, node 102f can advertise that it can connect to node 102 g with associated characteristics. Node 102d can then detect characteristics of link 106f and combine those characteristics with those received from node 102f and advertise a connection to node 102 g with the combined characteristics.
  • node 102f can advertise that it can connect to node 102 g with associated characteristics.
  • a path can represent a possible connection between customer endpoints 301 and 303.
  • requests can have multiple characteristics (e.g., a request may specify a maximum price and a minimum latency) and step 406 can include checking each characteristic of the request with the characteristics of the paths 310.
  • multiple paths 310 can satisfy the request (e.g., path 310 c and path 310d might both satisfy the request) and step 406 can include selecting the optimal path 310.
  • the optimal path 310 can be determined based on Dijkstra's algorithm, the travelling salesman algorithm (e.g., for multicast transmissions), or other path optimization algorithms.
  • step 406 includes selecting the first path 310 that satisfies the request.
  • example method 400 can return to step 404.
  • example method 400 includes continuously monitoring the link characteristics (step 404) until path 310 matches the request.
  • example method 400 can continue by selecting a first link and first nodes (step 408).
  • the first link and first nodes can be components of the path that satisfies the request in step 406. For example, if path 310b satisfied the request, then the first link can be link 306b and first nodes can include node 302 a and 302 c .
  • the system can continue by selecting a second link and second nodes (step 410).
  • the second link and second nodes can be components of the path that satisfies the request in step 406. For example, if path 310b satisfied the request, then the second link can be link 306i and the second nodes can include nodes 302f and 302 g .
  • the system can continue by provisioning a connection via the first link and the second link (step 412).
  • the connection can be the path that satisfies the request in step 406.
  • network manager 308 can direct the first and second nodes to facilitate the connection. For example, network manager 308 can instruct first nodes (e.g., nodes 302 a and 302c) to establish link 306b and second nodes (e.g., nodes 302f and 302 g ) to establish link 306i. Additionally, network manager 308 can instruct first nodes, second nodes, and other nodes to establish other requisite links (e.g., links 306 c and 306f) to complete the connection.
  • first nodes e.g., nodes 302 a and 302c
  • second nodes e.g., nodes 302f and 302 g
  • Provisioning the connection can include instructing nodes about requirements for the links 306.
  • network manager 308 can instruct the nodes to establish link 306 with a requirement of a certain amount of bandwidth to be available. The nodes 302 can then reserve this bandwidth for the request.
  • provisioning a connection includes making payments for leasing nodes 302 and links 306 when required.
  • the system can continue by monitoring link characteristics for links on the private network (step 414).
  • the monitoring of link characteristics in step 411 can be the same as the monitoring in step 404.
  • a request can have requirements (e.g., thresholds or conditions) that can be satisfied by multiple paths 310 but with one path 310 being optimal. For example, if the requirement is a maximum cost, there can be multiple paths 310 that are below the maximum cost but one path 310 that has the lowest cost. As the network state can fluctuate, it can be advantageous to periodically determine the network status in case path 310 can better satisfy the request.
  • requirements of the request can be optimized (e.g., price and reliability) and weights can be assigned to each requirement to determine the optimal path.
  • example method 400 can return to step 408 and select a new first link and new first nodes.
  • the new first link and new first nodes can be called a third link and third nodes.
  • new second link and new second nodes can be called fourth link and fourth nodes.
  • example method 400 can continue and determine if the request is still active (step 418).
  • the request being active can mean that the request has not completed. For example, if the request is for transferring a certain amount of data, once the data is transferred the request is no longer active. As another example, if the request is for a connection to be active during a certain time, after the time has elapsed the request is no longer active.
  • example method 400 can end; otherwise, example method can return to step 414 to monitor the network 300.
  • FIG. 5A illustrates an example graph 500 of the price 502 of path 310 over time.
  • graph 500 can be an element of a GUI accessible to a provider user for monitoring, auditing, or similar tasks.
  • graph 500 can be an element of a GUI accessible to a customer user to facilitate pricing for network services.
  • the x-axis shows the time of day while the y-axis shows the price 502 of path 310.
  • Request price 504 can represent the price requested by the customer for path 310 at time 501 a .
  • Times 501b and 501d can represent the time that the price of the path matches request price 504, while the period between times 501b and 501d (including, e.g., time 501 c ) can represent the time that the price of the path is below price 504.
  • Network status 300 can change over time.
  • links 306, nodes 302, paths 310, etc. can go down, have more or less traffic, gain capacity, have increased demand, etc. over time.
  • link 306 and path 310 can have daily demand that follows a curve similar to price 502 in FIG. 3. For example, during business hours (e.g., 12:00-5:00 on the left side of the graph) and evening hours demand might be highest, but between the night hours (e.g., between 9:00 and 5:00) there might be less demand and price 502 can be lowest.
  • Providing a connection for a customer that is around all day can cost a customer the maximum price (e.g., around $48 in FIG. 3) or an average price (e.g., around $25).
  • the customer is not concerned with the time that a request is serviced, but is mainly concerned with the price.
  • a customer can request path 310 at time 501 a that is below requested price 504. Because the price is higher than requested price 504 at time 501 a , network manager 308 can wait until time 501b when it can service the request at the requested price 504. Alternatively, network manager 308 can predict, based on past network characteristics, that price 502 will go lower than the price at time 501b and wait to service the request until
  • one link 306 (e.g., link 306d) has a low price at one period while another link 306 (e.g., link 306h) has a low price at a different period.
  • a request can be for sending data from customer endpoint 301 to customer endpoint 303 at any time.
  • Network manager 308 could service such a request by first sending the data over link 306d while its price is at a low point and then having the data held at the receiving node 302 e until link 306h has a low price. This can be useful when path 310 spans multiple time zones and regions.
  • link 306d can be from Europe to the Americas and have high traffic at one time while link 306h can be from the Americas to Asia that can have high traffic at a different time; thus, data can be sent over link 306d during its lower traffic time and held in the Americas until link 306h is at a lower traffic time.
  • FIG. 5B illustrates an example link characteristic table 520 according to various embodiments.
  • Link characteristic table 520 can represent the various characteristics associated with links 306 that are described above.
  • link characteristic table 520 can include component nodes (e.g., the two or more nodes 302 that comprise link 306), total bandwidth, available bandwidth, latency, current price, etc.
  • Link characteristic table can be stored in network manager 308 as a database, table, etc.
  • a user can be presented with a representation of the information from link characteristic table. Such a user can filter and search elements of link characteristic table, compare links of link characteristic table, create paths from links in link characteristic table, etc.
  • Such a user can reference link characteristic table to determine whether a link includes a node of interest (e.g., a node at a certain location).
  • FIG. 5C illustrates an example path summary table 540 according to various embodiments.
  • Path summary table 540 can represent characteristics of paths 310 in network 300.
  • path summary table 540 can include component links and nodes that comprise paths 310, total bandwidth, latency, and current price of the paths 310.
  • Path 310 can have characteristics determined by its components.
  • a user can be presented with a representation of the information from path summary table 540. Such a user can filter and search elements of path summary table 540, compare paths of path summary table 540, choose a desirable path, etc.
  • Such a user can reference path summary table 540 to determine whether a path includes a link or node of interest (e.g., a node at a certain location).
  • the available bandwidth of path 310 can be determined by the component link 306 with the least available bandwidth. For example, despite link 306b having available bandwidth of lGbit/s, link 306 g only has lOMbit/s of available bandwidth - thus limiting the available bandwidth of path 310 a to lOMbit/s.
  • the latency of path 310 can be determined by the summation of the latency of component links 306 and nodes 302.
  • the latency of path 310b (65ms) can be the summation of the latencies of component links 306b (30ms), 306 c (8ms), 306f (20ms), and 306i (7ms).
  • the current price of path 310 can be determined by the summation of current price of component links 306.
  • the current price of path 310 c ($300) can be the summation of component links 306 a ($20), 306 e ($70), and 306i ($10).
  • the price can be that of connection price for a port, bandwidth price, data transfer price, node rental price, etc.
  • network manager 308 can set prices based on cost of individual components (i.e., what the private network connection provider pays for the nodes 302 and links 306), market demand (i.e., what customers are willing to pay for path 310, etc.
  • network manager 308 detects prices and reports prices to customers.
  • FIG. 6A and FIG. 6B illustrate example system embodiments. The more appropriate embodiment will be apparent to those of ordinary skill in the art when practicing the present technology. Persons of ordinary skill in the art will also readily appreciate that other system embodiments are possible.
  • FIG. 6A illustrates a conventional system bus computing system architecture 600 wherein the components of the system are in electrical communication with each other using a bus 605.
  • Example system 600 includes a processing unit (CPU or processor) 610 and a system bus 605 that couples various system components including the system memory 615, such as read only memory (ROM) 670 and random access memory (RAM) 675, to the processor 610.
  • the system 600 can include a cache of high-speed memory connected directly with, in close proximity to, or integrated as part of the processor 610.
  • the system 600 can copy data from the memory 615 and/or the storage device 630 to the cache 612 for quick access by the processor 610. In this way, the cache can provide a performance boost that avoids processor 610 delays while waiting for data.
  • the processor 610 can include any general purpose processor and a hardware module or software module, such as module 1 637, module 8 634, and module 3 636 stored in storage device 630, configured to control the processor 910 as well as a special- purpose processor where software instructions are incorporated into the actual processor design.
  • the processor 610 may essentially be a completely self-contained computing system, containing multiple cores or processors, a bus, memory controller, cache, etc.
  • a multi-core processor may be symmetric or asymmetric.
  • an input device 645 can represent any number of input mechanisms, such as a microphone for speech, a touch-sensitive screen for gesture or graphical input, keyboard, mouse, motion input, speech and so forth.
  • An output device 635 can also be one or more of a number of output mechanisms known to those of skill in the art.
  • multimodal systems can enable a user to provide multiple types of input to communicate with the computing device 600.
  • the communications interface 640 can generally govern and manage the user input and system output. There is no restriction on operating on any particular hardware arrangement and therefore the basic features here may easily be substituted for improved hardware or firmware arrangements as they are developed.
  • Storage device 630 is a non-volatile memory and can be a hard disk or other types of computer readable media which can store data that are accessible by a computer, such as magnetic cassettes, flash memory cards, solid state memory devices, digital versatile disks, cartridges, random access memories (RAMs) 675, read only memory (ROM) 670, and hybrids thereof.
  • RAMs random access memories
  • ROM read only memory
  • the storage device 630 can include software modules 637, 634, 636 for controlling the processor 610. Other hardware or software modules are contemplated.
  • the storage device 630 can be connected to the system bus 605.
  • a hardware module that performs a particular function can include the software component stored in a computer-readable medium in connection with the necessary hardware components, such as the processor 610, bus 605, display 635, and so forth, to carry out the function.
  • FIG. 6B illustrates an example computer system 650 having a chipset architecture that can be used in executing the described method and generating and displaying a graphical user interface (GUI).
  • Computer system 650 is an example of computer hardware, software, and firmware that can be used to implement the disclosed technology.
  • System 650 can include a processor 655, representative of any number of physically and/or logically distinct resources capable of executing software, firmware, and hardware configured to perform identified computations.
  • Processor 655 can communicate with a chipset 660 that can control input to and output from processor 655.
  • chipset 660 outputs information to output 665, such as a display, and can read and write information to storage device 670, which can include magnetic media, and solid state media, for example.
  • Chipset 660 can also read data from and write data to RAM 675.
  • a bridge 680 for interfacing with a variety of user interface components 685 can be provided for interfacing with chipset 660.
  • Such user interface components 685 can include a keyboard, a microphone, touch detection and processing circuitry, a pointing device, such as a mouse, and so on.
  • inputs to system 650 can come from any of a variety of sources, machine generated and/or human generated.
  • Chipset 660 can also interface with one or more communication interfaces 690 that can have different physical interfaces.
  • Such communication interfaces can include interfaces for wired and wireless local area networks, for broadband wireless networks, as well as personal area networks.
  • Some applications of the methods for generating, displaying, and using the GUI disclosed herein can include receiving ordered datasets over the physical interface or be generated by the machine itself by processor 655 analyzing data stored in storage 670 or 675. Further, the machine can receive inputs from a user via user interface components 685 and execute appropriate functions, such as browsing functions by interpreting these inputs using processor 655.
  • example systems 600 and 650 can have more than one processor 610 or be part of a group or cluster of computing devices networked together to provide greater processing capability.
  • the computer-readable storage devices, mediums, and memories can include a cable or wireless signal containing a bit stream and the like.
  • non-transitory computer-readable storage media expressly exclude media such as energy, carrier signals, electromagnetic waves, and signals per se.
  • Methods according to the above-described examples can be implemented using computer-executable instructions that are stored or otherwise available from computer readable media.
  • Such instructions can comprise, for example, instructions and data which cause or otherwise configure a general purpose computer, special purpose computer, or special purpose processing device to perform a certain function or group of functions. Portions of computer resources used can be accessible over a network.
  • the computer executable instructions may be, for example, binaries, intermediate format instructions such as assembly language, firmware, or source code. Examples of computer-readable media that may be used to store instructions, information used, and/or information created during methods according to described examples include magnetic or optical disks, flash memory, USB devices provided with non-volatile memory, networked storage devices, and so on.
  • Devices implementing methods according to these disclosures can comprise hardware, firmware and/or software, and can take any of a variety of form factors. Typical examples of such form factors include laptops, smart phones, small form factor personal computers, personal digital assistants, rackmount devices, standalone devices, and so on. Functionality described herein also can be embodied in peripherals or add-in cards. Such functionality can also be implemented on a circuit board among different chips or different processes executing in a single device, by way of further example.
  • the instructions, media for conveying such instructions, computing resources for executing them, and other structures for supporting such computing resources are means for providing the functions described in these disclosures.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Environmental & Geological Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A private network connection provider can monitor its private network to determine characteristics for links of the private network. These characteristics can include total bandwidth, available bandwidth, latency, etc. The private network connection provider can then receive a request for a network connection between a first computing device and a second computing device over the private network. This request can specify a type of network connection and one or more thresholds (e.g., characteristics) corresponding to one or more service requirements. At the time of receiving the request, the network may be unable to satisfy the request. The private network connection provider can then wait until a later time when the network conditions are able to accommodate the request. The private network connection provider can then select links and associated nodes that are sufficient to satisfy the request and establish a connection across those links and nodes.

Description

PROVISIONING PRIVATE NETWORK CONNECTIONS
TECHNICAL FIELD
[0001] The present technology pertains to provisioning private network connections, and more specifically pertains to establishing private, dedicated, network connections according to various specified conditions.
BACKGROUND
[0002] An Internet exchange is a location where different private networks can interconnect. For example, a regional network can connect to a tier 1 network (i.e., an international network) at an internet exchange. The Internet is characterized by these Internet exchanges and the associated private networks. Many web services and cloud platforms can be accessed primarily through these Internet exchanges. Because most private networks are not able to directly co- locate in every Internet exchange, even the most expansive private networks fail to directly connect to every other network or location. In order to establish connections to remote networks or locations, a private network can send their data through an intermediate transit network.
[0003] Many private network connection providers lease connections across their network (e.g., provide transit) to customers. For example, a private network connection provider might provide a connection between two geographic regions and a customer may wish to connect their datacenters in the two regions. Another example includes a private network connection provider having a network with a connection at a major Internet exchange and another connection at a remote location (e.g., an Internet exchange or other connection point); a customer at the remote location that wants to connect to networks available at the major Internet exchange can send their data through the private network connection provider.
[0004] Traditionally, such connections are provisioned according to their bandwidth. Leasing connections based on bandwidth is relatively straightforward to implement as it has a direct correlation to the limitations of the physical infrastructure. Many customers, however, do not necessarily require a persistent connection of constant bandwidth. Further, bandwidth underutilization can limit the ability to efficiently allocate network resources among customers of varying needs and preferences.
[0005] In this specification where reference has been made to patent specifications, other external documents, or other sources of information, this is generally for the purpose of providing a context for discussing the features of the invention. Unless specifically stated otherwise, reference to such external documents or such sources of information is not to be construed as an admission that such documents or such sources of information, in any jurisdiction, are prior art or form part of the common general knowledge in the art.
BRIEF SUMMARY
[0006] It is an object of at least one or more embodiments of the present invention to overcome one or more draw backs in the prior art, or at least provide the public with a useful alternative.
[0007] In a first aspect there is provided a computer-implemented method comprising: monitoring a private network to determine respective characteristics for each link of the private network;
receiving, at a first period of time, a request for a network connection between a first computing device and a second computing device over the private network, the request including a specified type of network connection and one or more service requirements;
determining, at a second period of time, availability of a plurality of links
corresponding to the specified type of network connection and satisfying the one or more service requirements based at least in part on the respective characteristics for each link of the private network;
selecting, at the second period of time, a first link of the plurality of links for providing at least a first portion of the network connection;
selecting, at the second period of time, a second link of the plurality of links for providing at least a second portion of the network connection; and
providing, at the second period of time, the network connection via the first link and the second link.
[0008] Preferably the respective characteristics include a price of an individual link, latency corresponding to the individual link, available bandwidth corresponding to the individual link, and availability of an external resource corresponding to the individual link.
[0009] A first service requirement of the one or more service requirements corresponds to a first weight and a second service requirement of the one or more service requirements corresponds to a second weight, and the method further comprises: applying the first weight to a first calculation for selecting the first link; and applying the second weight to the second calculation for selecting the first link. [0010] The computer- implemented method further comprises the step of: determining, at a third period of time, availability of a third link corresponding to the specified type of network connection and satisfying the one or more service requirements based at least in part on respective updated characteristics for each link; and providing, at the third period of time, at least a portion of the network connection via the third link.
[0011] The computer-implemented further comprises the step of: determining, at the first period of time, that none of the plurality of links correspond to the specified type of network connection and satisfy the one or more specified service requirements based at least in part on the respective characteristics for each link of the private network.
[0012] The computer-implemented further comprises the steps of: determining, at the first period of time, that a second plurality of links correspond to the specified type of network connection and satisfy the one or service requirements based at least in part on the respective characteristics for each link; determining, at the second period of time, that the second plurality of links no longer correspond to the specified type of network connection or satisfy the one or service requirements based at least in part on the respective characteristics for each link; and cease providing the network connection.
[0013] The computer-implemented method further comprises the step of: determining a first monetary cost of the first link and a second monetary cost of the second link.
[0014] In a second aspect there is provided a non-transitory computer-readable medium having computer readable instructions stored thereon that, when executed by a processor of a computer, cause the computer to: monitor a private network to determine respective characteristics for each link of the private network;
receive, at a first period of time, a request for a network connection between a first computing device and a second computing device over the private network, the request including a specified type of network connection and one or more service requirements;
determine, at a second period of time, availability of a plurality of links corresponding to the specified type of network connection and satisfying the one or more service
requirements based at least in part on the respective characteristics for each link of the private network;
select, at the second period of time, a first link of the plurality of links for providing at least a first portion of the network connection; select, at the second period of time, a second link of the plurality of links for providing at least a second portion of the network connection; and
provide, at the second period of time, the network connection via the first link and the second link.
[0015] The respective characteristics include a price of an individual link, latency corresponding to the individual link, available bandwidth corresponding to the individual link, and availability of an external resource corresponding to the individual link.
[0016] A first service requirement of the one or more service requirements corresponds to a first weight and a second service requirement of the one or more service requirements corresponds to a second weight, and the instructions further cause the computer to: apply the first weight to a first calculation for selecting the first link; and apply the second weight to the second calculation for selecting the first link.
[0017] The computer readable instructions further cause the computer to: determine, at a third period of time, availability of a third link corresponding to the specified type of network connection and satisfying the one or more service requirements based at least in part on respective updated characteristics for each link; and provide, at the third period of time, at least a portion of the network connection via the third link.
[0018] The computer readable instructions further cause the computer to: determine, at the first period of time, that none of the plurality of links correspond to the specified type of network connection and satisfy the one or more service requirements based at least in part on the respective characteristics for each link of the private network.
[0019] The computer readable instructions further cause the computer to: determine, at the first period of time, that a second plurality of links correspond to the specified type of network connection and satisfy the one or more service requirements based at least in part on the respective characteristics for each link; determining, at the second period of time, that the second plurality of links no longer correspond to the specified type of network connection or satisfy the one or service requirements based at least in part on the respective characteristics for each link; and cease providing the network connection.
[0020] The computer readable instructions further cause the computer to: determine a first monetary cost of the first link and a second monetary cost of the second link.
[0021] In a third aspect there is provided a system comprising: a processor; a computer-readable medium; and non-transitory computer-readable instructions stored thereon that, when executed by a processor, cause the system to: monitor a private network to determine respective characteristics for each link of the private network;
receive, at a first period of time, a request for a network connection between a first computing device and a second computing device over the private network, the request including a specified type of network connection and one or more service requirements;
determine, at a second period of time, availability of a plurality of links corresponding to the specified type of network connection and satisfying the one or more service
requirements based at least in part on the respective characteristics for each link of the private network;
select, at the second period of time, a first link of the plurality of links for providing at least a second portion of the network connection;
select, at the second period of time, a second link of the plurality of links for providing at least a second portion of the network connection; and
provide, at the second period of time, the network connection via the first link and the second link.
[0022] Preferably the computer readable medium is a non transitory computer readable medium.
[0023] The respective characteristics include a price of an individual link, latency corresponding to the individual link, available bandwidth corresponding to the individual link, and availability of an external resource corresponding to the individual link.
[0024] A first service requirement of the one or more service requirements corresponds to a first weight and a second service requirement of the one or more service requirements corresponds to a second weight, wherein the non-transitory computer-readable instructions, when executed by the processor, further cause the system to: apply the first weight to a first calculation for selecting the first link; and apply the second weight to the second calculation for selecting the first link. [0025] The non-transitory computer-readable instructions, when executed by the processor, further cause the system to: determine, at a third period of time, availability of a third link corresponding to the specified type of network connection and satisfying the one or more service requirements based at least in part on respective updated characteristics for each link; and provide, at the third period of time, at least a portion of the network connection via the third link.
[0026] The non-transitory computer-readable instructions, when executed by the processor, further cause the system to: determine, at the first period of time, that none of the plurality of links correspond to the specified type of network connection and satisfy the one or more service requirements based at least in part on the respective characteristics for each link of the private network.
[0027] The non-transitory computer-readable instructions, when executed by the processor, further cause the system to: determine, at the first period of time, that the second plurality of links correspond to the specified type of network connection and satisfy the one or service requirements based at least in part on the respective characteristics for each link; and determine, at a second period of time, that the second plurality of links no longer correspond to the specified type of network connection or satisfy the one or more service requirements based at least in part on the respective characteristics for each link.
[0028] Preferably the system is configured for provisioning private network connections.
[0029] The term 'comprising' as used in this specification means 'consisting at least in part of . When interpreting each statement in this specification that includes the term 'comprising', features other than that or those prefaced by the term may also be present. Related terms such as 'comprise' and 'comprises' are to be interpreted in the same manner.
[0030] As used herein, '(s)' following a noun means the plural and/or singular forms of the noun.
[0031] As used herein, the term 'and/or' means 'and' or 'or' or both.
[0032] To those skilled in the art to which the invention relates, many changes in construction and widely differing embodiments and applications of the invention will suggest themselves without departing from the scope of the invention as defined in the appended claims. The disclosures and the descriptions herein are purely illustrative and are not intended to be in any sense limiting. Where specific integers are mentioned herein which have known equivalents in the art to which this invention relates, such known equivalents are deemed to be incorporated herein as if individually set forth.
BRIEF DESCRIPTION OF THE DRAWINGS
[0033] In order to describe the manner in which the above-recited and other advantages and features of the disclosure can be obtained, a more particular description of the principles briefly described above will be rendered by reference to specific embodiments thereof which are illustrated in the appended drawings. Understanding that these drawings depict only exemplary embodiments of the disclosure and are not therefore to be considered to be limiting of its scope, the principles herein are described and explained with additional specificity and detail through the use of the accompanying drawings in which:
[0034] FIGS. 1A, IB, and 1C illustrate examples of network architectures in accordance with some embodiments;
[0035] FIGS. 2A, 2B, and 2C illustrate examples of systems for interconnecting networks in accordance with some embodiments;
[0036] FIG. 3A and FIG. 3B illustrate examples of networks in accordance with some embodiments;
[0037] FIG. 4 illustrates an example method for provisioning a private network connection in accordance with some embodiments;
[0038] FIG. 5 A, 5B, and 5C illustrate examples of graphical user interfaces relating to a network path in accordance with some embodiments; and
[0039] FIGS. 6A and 6B illustrate example systems in accordance with some embodiments.
DETAILED DESCRIPTION
[0040] Various embodiments of the disclosure are discussed in detail below. While specific implementations are discussed, it should be understood that this is done for illustration purposes only. A person skilled in the relevant art will recognize that other components and configurations may be used without parting from the spirit and scope of the disclosure.
[0041] A private network connection provider can monitor its private network to determine characteristics for links of the private network. As used herein, a private network connection can refer to a link, between the private network connection provider's customers, that does not traverse the public Internet. The private network connection provider's customers can include Internet Service Providers (ISPs) (e.g., AT&T U-verse®, CenturyLink®, Comcast Xfinity®), digital content providers (e.g., ESPN®, YouTube®, Wikipedia®), content delivery networks (CDNs) (e.g., Amazon CloudFront®, Akamai®, CloudFlare CDN®), web hosting providers (e.g., GoDaddy®, BlueHost®, HostGator®), infrastructure providers (e.g., Amazon Web Services®, Microsoft Azure®, Google Cloud Platform®), systems integrators (e.g., Accenture®, Computer Sciences Corporation®, IBM®), and enterprise networks, among others. The network characteristics monitored by the private network connection provider can include total bandwidth, available bandwidth, latency, etc. The private network connection provider can receive a request for a private network connection between a first physical server (e.g., a first customer's machine) and a second physical server (e.g., a second customer's machine or a second of the first customer) over the private network. This request can specify a type of network connection and one or more conditions corresponding to one or more service requirements. A type of network connection can include the physical medium of the connection (e.g., coaxial, twisted pair, fiber-optic, wireless, etc.), the bandwidth of the connection (e.g., lOgb/s, lgb/s), the service level availability of the connection (e.g., 99%, 99.9%, 99.99% uptime), the symbol type of the connection (e.g., 256 QAM, 64 QAM, BPSK), the connection standard (e.g., IEEE 602.x), etc. Conditions can include price, cose, uptime (e.g., reliability), utilization, available bandwidth, latency, jitter, distance, etc. At the time of receiving the request, the private network connection provider may be unable to satisfy the request. The private network connection provider can then wait until a later time when the private network connection provider is able to accommodate the request. The private network connection provider can then select links and associated nodes that are sufficient to satisfy the request and establish a private network connection across those links and nodes.
[0042] The present technology can be utilized in one or more cloud computing environments. FIG. 1A illustrates an example cloud architecture 100 that can be utilized in accordance with some embodiments. Cloud 150 can be a public, private, and/or hybrid cloud system which may include one or more public and private cloud networks in communication with each other. Cloud 150 can include resources, such as one or more Firewalls 162; Load Balancers 170; WAN optimization platforms 160; devices 164, such as switches, routers, intrusion detection systems, etc.; servers 168, such as a primary use network server, a data backup server, dynamic host configuration protocol (DHCP) server, a domain naming system (DNS) server, a storage server, an authentication server, etc.; virtual machines (VMs) 166; controllers 155, such as a communications controller or management device.
[0043] Cloud resources can be physical, software, virtual, or any combination thereof. For example, a cloud resource can include a server running one or more virtual partitions (e.g., VMs or containers) or hosting one or more databases. Moreover, cloud resources can be provisioned based on requests (e.g., client or tenant requests), schedules, triggers, events, signals, messages, alerts, agreements, necessity, subscriptions, purchases, or any other factor. Cloud 150 can provision various types of resources or services, such as network recovery services, application services, software development services, database services, storage services, management services, monitoring services, configuration services, administration services, backup services, disaster recovery services, bandwidth or performance services, intrusion detection services, VPN services, or any type of services to any device, server, network, client, or tenant. Other example service models include software as a service, infrastructure as a service, platform as a service, backend as a service, desktop as a service, or information technology management as a service, among other services provided over a network.
[0044] In addition, cloud 150 can handle traffic and manage resources and configurations. For example, cloud 150 can provide network routing/re -routing services, network data backup services, configuration services, such as automated deployments, automated wireless configurations, automated policy implementations, and the like. In some embodiments, cloud 150 can collect data about a client or network and generate configuration settings for specific service, device, or networking deployments. For example, cloud 150 can generate security policies, subnetting and routing schemes, forwarding schemes, NAT settings, VPN settings, and/or any other type of configurations. Cloud 150 can then push or transmit the necessary data and settings to specific devices or components to manage a specific implementation or deployment. For example, cloud 150 can generate VPN settings, such as IP mappings, port number, and security information, and send the VPN settings to specific, relevant device(s) or component(s) identified by cloud 150 or otherwise designated. The relevant device(s) or component(s) can then use the VPN settings to establish a VPN tunnel according to the settings. As another example, cloud 150 can generate and manage network diagnostic tools or graphical user interfaces, or automate the interconnection between multiple networks and resources.
[0045] Furthermore, cloud 150 can provide specific services for clients - namely, client A 110A, client B HOB, and client C HOC. For example, cloud 150 can deploy a network or specific network component, configure links or devices, automate services or functions, or provide any other services for the clients. Other non-limiting example services performable by cloud 150 can include network administration services, network monitoring services, content filtering services, application control, WAN optimization, firewall services, gateway services, storage services, protocol configuration services, wireless deployment services, interconnection services, network services, and so forth.
[0046] To this end, the clients can connect with cloud 150 through networks 135, 140, and 145, respectively. More specifically, client A 110A, client B HOB, and client C HOC can each connect with cloud 150 through networks 135, 140, and 145, respectively, in order to access resources from cloud 150, communicate with cloud 150, or receive any services from cloud 150. Networks 135, 140, and 145 can each refer to a public network, such as the Internet; a private network, such as a LAN; a combination of networks; or any other network, such as a VPN.
[0047] Moreover, the clients can each include one or more networks. For example, client A 110A, client B HOB, and client C 1 IOC can each include one or more LANs and VLANs. A client can represent a branch network, such as a LAN, or multiple branch networks, such as multiple remote networks. For example, client A 110A can represent a single LAN network or branch, or multiple branches or networks, such as a branch building, office, or campus network in Los Angeles and another branch building, office, or campus network in New York. Client A 110A, client B HOB, and client C HOC can thus include campus networks, enterprise networks, provider networks, datacenters, etc. If a client includes multiple branches or networks, the multiple branches or networks can each have a designated connection to cloud 150. For example, each branch or network can maintain a tunnel to cloud 150. Alternatively, all branches or networks for a specific client can connect to cloud 150 via one or more specific branches or networks. For example, traffic for the different branches or networks of a client can be routed through one or more specific branches or networks. Further, client A 110A, client B HOB, and client C HOC can each include one or more routers, switches, appliances, client devices, VMs, or any other devices.
[0048] Each client can also maintain links between branches. For example, client A can have two branches, and the branches can maintain a link between each other. Thus, in some cases, branches can maintain a tunnel between each other, such as a VPN tunnel. Moreover, the link or tunnel between branches can be generated and/or maintained by cloud 150. For example, cloud 150 can collect network and address settings for each branch and use those settings to establish a tunnel between branches.
[0049] Cloud 150 can maintain information about each client network, in order to provide or support specific services for each client, such as network traffic monitoring, network traffic routing/re -routing, security, or network services. Cloud 150 can also maintain one or more links or tunnels to the clients. For example, cloud 150 can maintain a virtual circuit to one or more devices in client A's network.
[0050] Cloud 150 can also monitor device and network health and status information for client A 11 OA, client B HOB, and client C HOC. To this end, client A 11 OA, client B HOB, and client C HOC can synchronize information with cloud 150. Cloud 150 can also manage and deploy services for the clients. For example, cloud 150 can collect network information about client A 110A and generate network and device settings to automatically deploy a service for client A 11 OA. In addition, cloud 150 can update device, network, and service settings for the clients. Cloud 150 can also interconnect a client with another network or cloud either directly or indirectly through cloud 150, for example.
[0051] Those skilled in the art will understand that cloud architecture 150 can include any number of nodes, devices, links, networks, or components. In fact, embodiments with different numbers and/or types of clients, networks, nodes, cloud components, servers, software components, devices, virtual or physical resources, configurations, topologies, services, appliances, deployments, or network devices are also contemplated herein. Further, cloud 150 can include any number or types of resources, which can be accessed and utilized by clients or tenants. The illustration and examples provided herein are intended for clarification of some embodiments of the present technology.
[0052] Moreover, as far as communications, packets (e.g., traffic and/or messages) can be exchanged among the various nodes and networks in the cloud architecture 100 using specific network protocols. In particular, packets can be exchanged using wired protocols, wireless protocols, security protocols, OSI-Layer specific protocols, labels, or any other protocols. Some non-limiting examples of protocols can include Session Initiation Protocol (SIP), protocols from the Internet Protocol Suite, such as TCP/IP; OSI (Open Systems Interconnection) protocols, such as L1-L7 protocols; routing protocols, such as RIP, IGP, BGP, STP, ARP, OSPF, EIGRP, NAT; or any other protocols or standards, such as HTTP, SSH, SSL, RTP, FTP, SMTP, POP, PPP, NNTP, IMAP, Telnet, SSL, SFTP, WIFI, Bluetooth, VTP, ISL, IEEE 602 standards, L2TP, IPSec, etc. In addition, various hardware and software components or devices can be implemented to facilitate communications both within a network and between networks. The various hardware and software components or devices can also be referred to as nodes and some examples are switches, hubs, routers, access points (APs), antennas, network interface cards (NICs), modules, cables, firewalls, servers, repeaters, sensors, and the like.
[0053] FIG. IB illustrates a schematic block diagram of an example controller 155. Controller 155 can serve as a cloud service management system for cloud 150. In particular, controller 155 can manage cloud operations, client communications, service provisioning, network configuration and monitoring, and the like. For example, controller 155 can manage cloud service provisioning or deployment, such as cloud storage, media, streaming, security, or administration services. Controller 155 can also manage VMs; networks, such as client networks; service provisioning; virtual circuits between networks or clouds; interfaces; network ports; and so forth.
[0054] Controller 155 can include several subcomponents, including hardware and software components such as scheduling function 127, processor 121, dashboard process 119, data storage 123, networking function 125, management layer 117, and communication interface 115. The various subcomponents can be implemented as hardware and/or software components (e.g., processor, memory, modules, logic, virtual workload, data structures, etc.). Moreover, although FIG. IB illustrates one example configuration of the various components of controller 155, those of skill in the art will understand that the components can be configured in a number of different ways and can include any other type and number of components. For example, networking function 125 and management layer 117 can belong to one software module or multiple separate modules. Other modules can be combined or further divided up into more subcomponents.
[0055] Scheduling function 127 can manage scheduling of procedures, events, services, or communications. For example, scheduling function 127 can schedule when resources should be allocated from cloud 150. As another example, scheduling function 127 can schedule when specific instructions or commands should be transmitted to a network (e.g., one or more client devices). Scheduling function 127 can provide scheduling for operations performed or executed by the various subcomponents of controller 155. Scheduling function 127 can also schedule resource slots, virtual machines, bandwidth, device activity, status changes, nodes, updates, policies, circuits, services, and the like. [0056] Dashboard process 119 can provide an interface or front end where clients can access, consume, purchase, configure, remove, manage, and generally monitor cloud and network services. For example, dashboard process 119 can provide a web-based frontend where clients can configure client devices or networks that are cloud-managed, provide client preferences, configure policies, enter data, upload statistics, configure interactions or operations, etc. As another example, dashboard process 119 can provide an interactive display where users can interconnect their network or device with one or more networks or clouds, such as cloud 150 and a separate cloud or datacenter, for example.
[0057] Dashboard process 119 can provide visibility information, such as views of client networks or devices, and even provide diagnostic information, e.g., dashboard process 119 can provide a view of the status or conditions of the client's network, the operations taking place, services, performance, a topology or layout, specific network devices, protocols implemented, running processes, errors, notifications, alerts, network structure, ongoing communications, data analysis, etc.
[0058] Dashboard process 206 can provide a graphical user interface (GUI) for the client to monitor the client's network(s), devices, statistics, services, connections, account(s), configurations, errors, notifications, etc., and even make modifications or setting changes through the GUI. The GUI can depict charts, lists, tables, tiles, network trees, maps, topologies, symbols, structures, or any graphical object or element. In addition, the GUI can use color, font, shapes, or any other characteristics to depict scores, alerts, or conditions. Dashboard process 206 can also handle user or client requests. For example, the client can enter a request through a corresponding GUI to establish or configure a virtual circuit or service, modify configurations, add resources to a current service, purchase or cancel a service, etc.
[0059] Data storage 123 can include any data or information, such as management data, statistics, settings, preferences, profile data, account data, transactions, logs, notifications, attributes, configuration parameters, client information, network information, and the like. For example, controller 155 can collect network statistics from a client (e.g., client A 110A) and store the statistics in data storage 123. Data storage 123 can also include performance and/or configuration information. This way, controller 155 can use such data to perform management or service operations for the client. Data storage 123 can be a physical storage or memory device, a database, a folder, a disk, or any storage medium on controller 155 or accessible to controller 155 (e.g., directly or indirectly). [0060] Networking function 125 can be a module, application, appliance, logic, processor, or function capable of performing network operations. Networking function 125 can thus perform networking calculations, such as network addressing, or networking service or operations, such as auto virtual circuit configuration or traffic routing/re -routing. For example, networking function 125 can perform filtering functions, switching functions, failover functions, high availability functions, network or device deployment functions, resource allocation functions, messaging functions, traffic analysis functions, port configuration functions, mapping functions, packet manipulation functions, path calculation functions, loop detection, cost calculation, error detection, or otherwise manipulate data or networking devices. Networking function 125 can handle networking requests from other networks or devices and establish links between devices. Networking function 125 can also perform queueing, messaging, or protocol operations.
[0061] Management layer 117 can include logic to perform management operations. For example, management layer 117 can include the logic to allow the various components of controller 155 to interface and work together. Management layer 117 can also include the logic, functions, software, and procedure to allow controller 155 to perform monitoring, management, control, deployment, configuration, and administration operations of other devices, networks, clouds, providers, clients (e.g., clients 110A-C); or cloud 150 operations and/or applications, services provided to clients, or any other component or procedure. Management layer 117 can include the logic to operate controller 155 and perform particular services configured on controller 155.
[0062] Moreover, management layer 117 can initiate, enable, or launch other instances in controller 155 and/or cloud 150. In some embodiments, management layer 117 can also provide authentication and security services for cloud 150, clients (e.g., 110A-C), controller 155, and/or any other device or component. Further, management layer 117 can manage nodes, resources, VMs, settings, policies, protocols, communications, services, clouds, datacenters, networks, and the like. In some embodiments, management layer 117 and networking function 125 can be part of the same module. However, in some embodiments, management layer 117 and networking function 125 can be separate layers and/or modules.
[0063] Communications interface 115 allows controller 155 to communicate with other devices or networks, such as clients 110A-C or other clouds or providers. Communications interface 115 can be a network interface card (NIC), and can include wired and/or wireless capabilities. Communications interface 115 allows controller 155 to send and receive data from other devices and networks. In some embodiments, controller 155 can include multiple communications interfaces for redundancy or failover. For example, controller 155 can include dual NICs for connection redundancy or for multiple lines or channels.
[0064] FIG. 1C illustrates a diagram of an example interconnection model 172 between clouds or networks, in accordance with some embodiments. Interconnection model 172 can include first cloud 174 (e.g., private and/or public cloud, enterprise datacenter, network, endpoint, campus, etc.) and second cloud 176, which can be directly connected or separated by one or more networks, such as the Internet. In some embodiments, first cloud 174 can be connected to second cloud 176 via portions of the Internet and dedicated paths associated with the first cloud and/or the second cloud.
[0065] First cloud 174 and second cloud 176 can be connected via a communication link 178 between cloud gateway 188 and cloud gateway 192. Data packets and traffic can be exchanged among the devices of the clouds 174, 176 using predefined network communication protocols. Communication link 178 can be a dedicated virtual or physical line, such as a virtual circuit, a pseudowire, a virtual private network, a point-to-point network, and so forth. Moreover, communication link 178 can be established using remote network 198. Remote network 198 can be a datacenter, a private network, a distributed network, a cloud (e.g., cloud 150), etc. Communication link 178 can also be established using other, intermediary networks, such as a public network (i.e., the Internet), which can interconnect clouds 174, 176 with or without remote network 198.
[0066] First cloud 174 and second cloud 176 can include cloud gateway 225 and cloud gateway 235, respectively, and at least one virtual partition (e.g., VM or container). For example, first cloud 174 can include VM1 250 and VM2 252, and second cloud 176 can include VM3 254. Cloud gateway 225 can be configured as a VM running in first cloud 174 that is responsible to establish communication link 270 for interconnecting the components in second cloud 176 with first cloud 174. Cloud gateway 235 may be configured as a VM running in second cloud 176 that is responsible to establish communication link 270 for connecting cloud gateway 235 with cloud resources.
[0067] First cloud 174 can include a virtual supervisor module 190, a hypervisor 180 (also called a virtual machine manager or monitor), and one or more VMs 182. Virtual supervisor module 190 can be used to create VMs in the cloud. Each of the VMs can host an application or service, and can operate as if each resides in the cloud. [0068] Hypervisor 180 can be configured by virtual supervisor module 190, and can provide an operating system for one or more VMs. Hypervisor 180 can include computer software, firmware, and/or hardware to create and/or run one or more VMs. Moreover, hypervisor 180 can run one or more VMs on one or more computers called host machines. Each of the VMs can be referred to as a guest machine, and can run a guest operating system.
[0069] First cloud 174 can also include a hybrid cloud manager 184, which can be a management plane VM for auto-provisioning resources in a hybrid cloud solution. Hybrid cloud manager 184 can be a management platform (which can include physical or virtual components, such as a VM) running in first cloud 174, and can be generally responsible for providing hybrid cloud operations, translating between cloud interfaces, management of cloud resources, dynamic instantiating of cloud gateways and cloud VM components (e.g., VMs 182, 196) through virtualization platform and cloud provider APIs, for example. Hybrid cloud manager 184 may also monitor components (e.g., cloud gateways 188, 192, one or more private application VMs, communication link 178, etc.) and/or manage those components.
[0070] Each cloud or network can include switch and/or network infrastructure for providing features and network services such as switching network traffic locally at the cloud, providing consistent enterprise network polices, allowing insertion or provisioning of various network services (e.g., load balancers, firewalls, content servers, web services, voice and data services, etc.). For example, first cloud 174 can include router 186 and second cloud 176 can include router 194 for routing traffic between cloud components or devices and/or within the network fabric. Moreover, the switch and/or network infrastructure can form a network topology, such as a spine-leaf or folded CLOS topology, which can include one or more switches, routers, segments, servers, domains, tenants, etc.
[0071] Communication link 178 can take several forms. For example, communication link 178 can include, or can be established via, remote network 198 and/or any other network, such as a public network (e.g., the Internet), a private network (e.g., a LAN), or a combination thereof. Communication link 178 can also include a virtual private network (VPN) or tunnel, a point- to-point link, a pseudowire, a virtual circuit, etc., as previously noted.
[0072] Communication link 178 can offer secure transport connections between the clouds. Moreover, communication link 178 can be based on tunneling or point-to-point technologies which can provide customers inter or intra-datacenter network connectivity and various network topologies. Such technologies can also extend the network (e.g., cloud or enterprise datacenter) at the network layer (Layer 3 or "L3" of the OSI model). Networks created at a cloud or datacenter (e.g., second cloud 176) can include new subnets, segments, overlays, and VMs to extend a different cloud or datacenter. Specific services or applications (e.g., access control lists, firewall policies, domain name services, etc.) can be accordingly configured or modified in order for attached VM systems to communicate through the underlay and/or between clouds.
[0073] Some cloud embodiments can utilize a secure transport layer (e.g., Layer 4 or "L4") tunnel as communication link 178 between first cloud gateway 188 in the first cloud 174 and second cloud gateway 192 in second cloud 176. The secure transport layer tunnel can be configured to provide a link layer (e.g., Layer 2 or "L2") network extension between first cloud 174 and second cloud 176. The secure transport layer (L4) tunnel (e.g., transport layer security (TLS), datagram TLS (DTLS), secure socket layer (SSL), etc.) can provide a secure L2 switch overlay that interconnects cloud resources (e.g., second cloud 176) with other clouds, networks or datacenters (e.g., first cloud 174, enterprise networks or datacenters, etc.). In other words, the secure transport layer tunnel can provide a link layer network extension between first cloud 174 and second cloud 176.
[0074] Cloud gateway 188 at the first cloud 174 can use communication link 178 to connect to cloud resources allocated at second cloud 176, and vice versa. Link 178 can be used with corporate or private firewalls and NAT devices due to the nature of the transport level protocols (e.g., UDP/TCP) and the transport layer ports opened for HTTP/HTTPS in the firewall, for example. Underlying L2 networks can be further extended and connected to each of the cloud VMs through cloud gateways 188, 192.
[0075] Cloud service providers can offer a number of network attachments for each of the cloud VMs and resources, such as networking or data processing capabilities. Cloud service provides can provide one or more types of services, such as software as a service, infrastructure as a service, platform as a service, backend as a service, desktop as a service, or information technology management as a service.
[0076] As described above, the techniques herein can allow customers to deploy network architectures and interconnections between clouds or networks. As one of ordinary skill in the art will readily recognize, interconnection model 172 can include other architectures, networks, carriers, providers, components, resources, links, devices, or clouds. Indeed, interconnection model 172 is provided as a non-limiting example for simplicity and explanation purposes. [0077] FIG. 2A illustrates a schematic diagram of an example system 200 for interconnecting networks. Client 110A (e.g., endpoint, enterprise, network, campus, datacenter, etc.) can connect to fabric 198 to establish links 216, 218, 210, 222, and 224 to endpoints 206, 208, 210, and212. Fabric 198 can include one or more private and/or public networks. For example, fabric 198 can include a datacenter, a cloud, or a cluster of private networks. Moreover, fabric 198 can include physical resources for establishing, monitoring, configuring, managing, and/or troubleshooting links 216, 218, 220, 222, and 224.
[0078] Links 216, 218, 220, 222, and 224 can be virtual links or circuits to endpoints 206, 208, 210, and 212. For example, links 216, 218, 220, and 220 can be dedicated or point-to-point links or tunnels to the endpoints 206, 208, 210, and 212. To illustrate, link 216 can be an MPLS pseudowire connecting client 110A with endpoint 206. Links may also be implemented as point-to-multipoint links or tunnels to endpoints 206, 208, 210, and 21. For instance, link 224 can be an MPLS pseudowire connecting client 110A to endpoints 206, 208, 210, and 212.
[0079] Endpoints 206, 208, 210, and 212 can correspond to clouds (e.g., public clouds, private clouds, hybrid clouds), carriers, service providers, networks, datacenters, etc. For example, endpoint 206 can be a network provider, endpoint 208 can be a storage provider, endpoint 210 can be a cloud services provider, and endpoint 212 can be a voice and data services provider. Moreover, endpoints 206, 208, 210, and 212 can provide services to, or extend current services from, client 110A. For example, endpoints 206, 208, 210, and 212 can provide additional bandwidth services, cloud bursting services, or media services to client 110A and/or consumers of services of client 110A.
[0080] FIG. 2B illustrates an example configuration of fabric 198 for provisioning services and interconnecting networks. Fabric 198 can include switches 230 and 232 configured according to a specific topology, such as spine-leaf or folded CLOS, for communicating within fabric 198. Switches 230 and 232 can serve as the underlay of the network. Moreover, switches 232 can interface with one or more devices 236, such as servers, VMs or containers, controllers, and so forth. Fabric 198 can also include gateway 234, which can serve as an ingress/egress router for connecting fabric 198 with other networks, devices, or clouds. Fabric 198 can also include capabilities for establishing virtual circuits, links, or tunnels to other networks, and managing or routing traffic to and from other networks.
[0081] FIG. 2C illustrates a second example configuration of fabric 198 for provisioning services and interconnecting networks. Fabric 198 can include multiple networks or datacenters 238, 242, 248. Networks or datacenters 238, 242, 248 can be interconnected within fabric 198 via respective routers 240, 244, 246. Routers 240, 244, 246 can also connect networks or datacenters 238, 242, 248 to other networks or devices outside of fabric 198. This way, networks or datacenters 238, 242, 248 can communicate with other networks and devices outside of fabric 198.
[0082] FIG. 3A and FIG. 3B illustrate example representations of network 300 according to various embodiments. FIG. 3A illustrates nodes 302a-302g (collectively, "node 302") within regions 304a-304d (collectively, "region 304") connected via links 306a-306i (collectively, "link 306"). Network 300 can connect first customer endpoint 301 with second customer endpoint 303.
[0083] Network 300 can be a private network. A private network can be a network that is isolated from outside connections (e.g., physically isolated or logically isolated), a network that is owned by a single entity, a network that can provide dedicated or guaranteed connections to a customer (e.g., if a customer orders a lGbit/s connection, lGbit/s will be available, regardless of other traffic in the network), etc.
[0084] In some embodiments, certain nodes 302 and links 306 of network 300 are owned or managed by a private network connection provider. The private network connection provider can lease links 306 or nodes 302 from a third party. The private network connection provider can use agreements (e.g., peering agreements) with other private network connection providers in order to create network 300. In some embodiments, certain nodes 302 (e.g., nodes 302a and 302g) can make up internet exchanges that can allow various private network connection providers and customers to interconnect.
[0085] Customer endpoints 301 and 303 can be operated by a single customer or by separate customers. A customer can pay the private network connection provider for transit across network 300 between customer endpoints 301 and 303. Network 300 can have peering agreements with customer endpoints 301 and/or 303 to facilitate free intercommunication. In some embodiments, customer endpoints 301 and 303 can be datacenters for a customer. The customer can send data between customer endpoints 301 and 303 (e.g., for backup, synchronization, or processing). In some embodiments, customer endpoint 301 can be associated with the customer while customer endpoint 303 can be associated with a client of the customer. For example, customer endpoint 301 can be an update server for updating an application running on customer endpoint 303. [0086] Node 302 can correspond to a colocation, building, datacenter, switch, router, server, etc.
[0087] Link 306 can be a direct connection (e.g., a fiber cable, a copper wire, a wireless signal, etc.) between nodes 302 or a network (e.g., a transit network). Link 306 can have various characteristics that may change over time, such as latency, available bandwidth, total bandwidth, price (e.g., monetary cost to a provider and/or customer for a port, bandwidth price, or data transfer price), reliability (e.g., up-time), connected links 306, connected nodes 302, or available services, etc., or may not change over time, such as region 304, connection type (e.g., fiber, copper, wireless, etc.), distance (i.e., the physical length of the link), etc.
[0088] Network manager 308 can determine various conditions of each link 306, such as price, quality of service parameters, redundancy and uptime parameters, etc. The price of link 306 can be static (e.g., established by administrators) or dynamic (algorithmically variable). The price of link 306 can be set based on other link characteristics (e.g., latency, available bandwidth, total bandwidth, etc.) as well as maintenance costs, leasing costs, connection costs, available alternatives, reliability, customer demand, etc. In some embodiments, the price of link 306 can be determined based on an auction; for example, multiple customers can bid for link 306 and the highest bidder can receive link 306. Network manager 308 can automatically run such an auction, using customer requests (which can include a maximum price) to determine the price of link 306.
[0089] In some embodiments, nodes 302 and links 306 can be virtual. For example, node 302 can be a virtual switch or router in one embodiment. In another embodiment, node 302 can be a combination of virtual and physical components.
[0090] FIG. 3B provides another representation of network 300, showing paths 310a-310d (collectively, "path 310"). Path 310 (e.g., a plurality of links) can be the route that data takes as it traverses the network. Components of path 310 include nodes 302 and links 306. Path 310 can mean a connection for the purposes of this disclosure.
[0091] In some embodiments, network manager 308 can monitor nodes 302 and links 306 and determine their respective characteristics. For example, network manager 308 can send an Internet Control Message Protocol (ICMP) echo request (a "ping") across node 302, link 306 and/or path 310 to determine latency for the respective components or paths 310. In some embodiments, components can report their characteristics to network manager 308. Network manager 308 can keep a log, table, database, or similar data structure of characteristics over time. Such data can inform network manager 308 of historical trends; network manager 308 can make predictions of current and future characteristics using the log, table, database, or similar data structure. In some embodiments, network manager 308 can be distributed across network 300. For example, each node 302 can have network manager functionality (e.g., if node 302 is a router, network manager functionality can inform the routing process as an extension of routing protocols). Network manager 308 can be used to negotiate transfer agreements, fee structures, routing priorities, link maintenance, etc. for a private network connection provider. Network manager 308 can be a system owned and operated by the private network connection provider.
[0092] The price of link 306 can be determined based on various factors. For example, portions of link 306 can be externally set (e.g., if the network manager must lease portions of link 306 from an external party), the price can then be some percentage of the externally set price. In some such embodiments, the percentage can be commensurate with the usage of link 306. For example, if the network manager must pay $100 to lease link 306 and a customer reserves 10% of the link, the network manager can charge at least $10 to the customer. This can be considered a supply-driven pricing program, where prices are determined based on the cost of links 306.
[0093] The price of link 306 can also be determined based on the willingness of a customer to pay for link 306. For example, link usage rights can be auctioned off to the highest bidder. The price can be periodically reevaluated based on market conditions. For example, the price of link 306 can be determined every hour, day, month, etc. A potential customer can pay to reserve a price to hedge against price volatility. Price increases can be limited to a certain percentage so as to avoid drastic fluctuations in price. This can be considered a demand-driven pricing program, where prices are determined based on the willingness of customers to pay for links 306.
[0094] The price of link 306 can also be determined by a combination of pricing programs (e.g., supply-driven and demand-driven) to optimize various criteria. Sometimes a customer is also a provider of links 306. For example, the customer may own various links 306 that a network manager wishes to lease and the network manager may own various links 306 that the customer wishes to lease; in such situations, peering agreements can allow the customer and network manager to cross-lease their respective links 306 for free (or a discount).
[0095] A customer can be billed for link 306 in various ways. For example, a customer can be billed based on total amount of data transferred across link 306 or the customer can be billed a fixed amount based on the amount of bandwidth reserved for the customer regardless of actual usage. In some embodiments, the network manager merely facilitates a transaction whereby a customer can lease link 306 directly from a third party private network connection provider. The customer or third party private network connection provider can then pay a small transaction fee to the network manager.
[0096] In some embodiments, node 302 can advertise characteristics regarding associated paths without detailing the specifics of the path. For example, network manager 308 can determine that node 302c services a path to node 302g from node 302a at a certain price, but network manager 308 is not concerned with the actual path 310 taken (e.g., node 302c can use link 302c or link 302g corresponding to paths 310b or 310a). This can be accomplished by having one node (e.g., node 302f) begin by determining characteristics of one link (e.g., link 306i). Continuing with the example, node 302f can advertise that it can connect to node 302g with associated characteristics. Node 302d can then detect characteristics of link 306f and combine those characteristics with those received from node 302f and advertise a connection to node 302g with the combined characteristics.
[0097] FIG. 4 illustrates example method 400 for provisioning a connection through network 300 (e.g., from customer endpoint 301 to customer endpoint 303) according to some embodiments. Network manager 308 can perform example method 400.
[0098] A system performing example method 400 can begin by receiving a request for a connection through a network (step 402). In some embodiments, the request needs to be serviced immediately; alternatively, the request can be executed when certain conditions are met. For example, the request might specify a maximum cost (e.g., path price, total cost of the request), execution time, or other conditions. Execution time can include a delay, a specified start time, a specified completion time, etc.
[0099] In some embodiments, the request might be dependent on an external resource (e.g., virtual machine, service, etc.) and the request may be serviced when that resource is available. For example, customer endpoint 301 can have data that needs to be processed by customer endpoint 303 (e.g., customer endpoint 303 can represent a processing datacenter). In certain situations, customer endpoint 303 may be overwhelmed with other processes and cannot immediately process the data from customer endpoint 301. Network manager 308 can wait to service the request to transfer data from customer endpoint 301 to customer endpoint 303 for a period of time until customer endpoint 303 is ready to receive the data. Other external resources are contemplated. In some embodiments, the external resource is not a computing resource; for example the external resource can be human. Examples of a human external resource can include translators, editors, reviewers, consumers (e.g., a viewer of a movie), etc. Examples of computing external resources can include render farms, digital currency miners (e.g., Bitcoin), email servers, web servers, data recovery resources, data storage resources, data backup resources, localized content distribution nodes (e.g., for a content delivery network), analytics engines (e.g., for academic and scientific research), etc.
[0100] In some embodiments, a customer (or potential customer) can submit the request to network manager 308. In some embodiments, the customer has access to the current status (e.g., characteristics) of network 300. In some embodiments, the customer can access this information through an application running on a client device, a web -based interface, an API, etc. An example API can be RESTful, meaning that server interactions can be achieved programmatically or manually via, for example, a graphical user interface. A customer can test and verify their API calls with a staging server before deployment. A customer can submit a username/password combination and receive a session token. The session token can be used for any later requests for authorization. A program can utilize the API to request path 310 or to find out information regarding path 310. For example, the API can provide available locations (e.g., the location of nodes 302a-302g), path 310 pricing, etc. An example API path order can include a company identifier, a request data, a location identifier, a service type, an optical interface, a port identifier, a rack identifier, a speed amount, a service name, and a session token. API interactions can be in JSON, XML, or other data formats.
[0101] The system can continue by monitoring link characteristics for links on the network (step 404). The network in step 404 can be network 300. Step 404 can include monitoring node characteristics for nodes 302. Network manager 308 can do the monitoring, as discussed above. For example, in some embodiments, network manager 108 can monitor nodes 102 and links 106 and determine their respective characteristics. For example, network manager 108 can send an Internet Control Message Protocol (ICMP) echo request (a "ping") across node 102, link 106 and/or path 110 to determine latency for the respective components or paths 110. In some embodiments, components can report their characteristics to network manager 108. Network manager 108 can keep a log of characteristics over time. Such a log can inform network manager 108 of historical trends; network manager 108 can make predictions of current and future characteristics using the log. In some embodiments, network manager 108 can be distributed across network 100. For example, each node 102 can have network manager functionality (e.g., if node 102 is a router, network manager functionality can inform the routing process as an extension of routing protocols). Network manager 108 can negotiate transfer agreements, fee structures, routing priorities, link maintenance, etc. for a network provider. Network manager 108 can be a system owned and operated by the network provider. In some embodiments, node 102 can advertise characteristics regarding associated paths without detailing the specifics of the path. For example, network manager 108 can determine that node 102c services a path to node 102g from node 102a at a certain price, but network manager 108 is not concerned with the actual path 110 taken (e.g., node 102c can use link 102c or link 102g corresponding to paths 110b or 110a). This can be accomplished by having one node (e.g., node 102f) begin by determining characteristics of one link (e.g., link 106i). Continuing with the example, node 102f can advertise that it can connect to node 102g with associated characteristics. Node 102d can then detect characteristics of link 106f and combine those characteristics with those received from node 102f and advertise a connection to node 102g with the combined characteristics.
[0102] The system can continue by determining whether any paths satisfy the request (step 406). A path can represent a possible connection between customer endpoints 301 and 303. In some embodiments, requests can have multiple characteristics (e.g., a request may specify a maximum price and a minimum latency) and step 406 can include checking each characteristic of the request with the characteristics of the paths 310. In some embodiments, multiple paths 310 can satisfy the request (e.g., path 310c and path 310d might both satisfy the request) and step 406 can include selecting the optimal path 310. The optimal path 310 can be determined based on Dijkstra's algorithm, the travelling salesman algorithm (e.g., for multicast transmissions), or other path optimization algorithms. The optimal path can be determined based on various parameters and conditions, for example the weights in Dijkstra's algorithm can include latency, cost, reliability, etc. and the optimization can based on minimizing the price where latency and reliability are within a desirable range. In some embodiments, step 406 includes selecting the first path 310 that satisfies the request.
[0103] If no path 310 can satisfy the request, example method 400 can return to step 404. In some embodiments, example method 400 includes continuously monitoring the link characteristics (step 404) until path 310 matches the request.
[0104] If there is a path that can satisfy the request, example method 400 can continue by selecting a first link and first nodes (step 408). The first link and first nodes can be components of the path that satisfies the request in step 406. For example, if path 310b satisfied the request, then the first link can be link 306b and first nodes can include node 302a and 302c.
[0105] The system can continue by selecting a second link and second nodes (step 410). The second link and second nodes can be components of the path that satisfies the request in step 406. For example, if path 310b satisfied the request, then the second link can be link 306i and the second nodes can include nodes 302f and 302g.
[0106] The system can continue by provisioning a connection via the first link and the second link (step 412). The connection can be the path that satisfies the request in step 406. In some embodiments, network manager 308 can direct the first and second nodes to facilitate the connection. For example, network manager 308 can instruct first nodes (e.g., nodes 302a and 302c) to establish link 306b and second nodes (e.g., nodes 302f and 302g) to establish link 306i. Additionally, network manager 308 can instruct first nodes, second nodes, and other nodes to establish other requisite links (e.g., links 306c and 306f) to complete the connection. Provisioning the connection can include instructing nodes about requirements for the links 306. For example, network manager 308 can instruct the nodes to establish link 306 with a requirement of a certain amount of bandwidth to be available. The nodes 302 can then reserve this bandwidth for the request. In some embodiments, provisioning a connection includes making payments for leasing nodes 302 and links 306 when required.
[0107] The system can continue by monitoring link characteristics for links on the private network (step 414). The monitoring of link characteristics in step 411 can be the same as the monitoring in step 404.
[0108] The system can continue by determining whether any path can better satisfy the request (step 416). In some embodiments, a request can have requirements (e.g., thresholds or conditions) that can be satisfied by multiple paths 310 but with one path 310 being optimal. For example, if the requirement is a maximum cost, there can be multiple paths 310 that are below the maximum cost but one path 310 that has the lowest cost. As the network state can fluctuate, it can be advantageous to periodically determine the network status in case path 310 can better satisfy the request. In some embodiments, multiple requirements of the request can be optimized (e.g., price and reliability) and weights can be assigned to each requirement to determine the optimal path.
[0109] If another path can better satisfy the request, example method 400 can return to step 408 and select a new first link and new first nodes. The new first link and new first nodes can be called a third link and third nodes. Similarly, when example method 400 returns at step 410, new second link and new second nodes can be called fourth link and fourth nodes.
[0110] If no other path can better satisfy the request (at step 412), example method 400 can continue and determine if the request is still active (step 418). The request being active can mean that the request has not completed. For example, if the request is for transferring a certain amount of data, once the data is transferred the request is no longer active. As another example, if the request is for a connection to be active during a certain time, after the time has elapsed the request is no longer active.
[0111] If the request is complete, example method 400 can end; otherwise, example method can return to step 414 to monitor the network 300.
[0112] FIG. 5A illustrates an example graph 500 of the price 502 of path 310 over time. In some embodiments, graph 500 can be an element of a GUI accessible to a provider user for monitoring, auditing, or similar tasks. In some embodiments, graph 500 can be an element of a GUI accessible to a customer user to facilitate pricing for network services. The x-axis shows the time of day while the y-axis shows the price 502 of path 310. Request price 504 can represent the price requested by the customer for path 310 at time 501a. Times 501b and 501d can represent the time that the price of the path matches request price 504, while the period between times 501b and 501d (including, e.g., time 501c) can represent the time that the price of the path is below price 504.
[0113] Network status 300 can change over time. For example, links 306, nodes 302, paths 310, etc. can go down, have more or less traffic, gain capacity, have increased demand, etc. over time. In some embodiments, link 306 and path 310, can have daily demand that follows a curve similar to price 502 in FIG. 3. For example, during business hours (e.g., 12:00-5:00 on the left side of the graph) and evening hours demand might be highest, but between the night hours (e.g., between 9:00 and 5:00) there might be less demand and price 502 can be lowest. Providing a connection for a customer that is around all day can cost a customer the maximum price (e.g., around $48 in FIG. 3) or an average price (e.g., around $25). In some embodiments, the customer is not concerned with the time that a request is serviced, but is mainly concerned with the price. For example, a customer can request path 310 at time 501a that is below requested price 504. Because the price is higher than requested price 504 at time 501a, network manager 308 can wait until time 501b when it can service the request at the requested price 504. Alternatively, network manager 308 can predict, based on past network characteristics, that price 502 will go lower than the price at time 501b and wait to service the request until
[0114] In some embodiments, one link 306 (e.g., link 306d) has a low price at one period while another link 306 (e.g., link 306h) has a low price at a different period. A request can be for sending data from customer endpoint 301 to customer endpoint 303 at any time. Network manager 308 could service such a request by first sending the data over link 306d while its price is at a low point and then having the data held at the receiving node 302e until link 306h has a low price. This can be useful when path 310 spans multiple time zones and regions. For example, link 306d can be from Europe to the Americas and have high traffic at one time while link 306h can be from the Americas to Asia that can have high traffic at a different time; thus, data can be sent over link 306d during its lower traffic time and held in the Americas until link 306h is at a lower traffic time.
[0115] FIG. 5B illustrates an example link characteristic table 520 according to various embodiments. Link characteristic table 520 can represent the various characteristics associated with links 306 that are described above. For example, link characteristic table 520 can include component nodes (e.g., the two or more nodes 302 that comprise link 306), total bandwidth, available bandwidth, latency, current price, etc. Link characteristic table can be stored in network manager 308 as a database, table, etc. A user can be presented with a representation of the information from link characteristic table. Such a user can filter and search elements of link characteristic table, compare links of link characteristic table, create paths from links in link characteristic table, etc. Such a user can reference link characteristic table to determine whether a link includes a node of interest (e.g., a node at a certain location).
[0116] FIG. 5C illustrates an example path summary table 540 according to various embodiments. Path summary table 540 can represent characteristics of paths 310 in network 300. For example, path summary table 540 can include component links and nodes that comprise paths 310, total bandwidth, latency, and current price of the paths 310. Path 310 can have characteristics determined by its components. A user can be presented with a representation of the information from path summary table 540. Such a user can filter and search elements of path summary table 540, compare paths of path summary table 540, choose a desirable path, etc. Such a user can reference path summary table 540 to determine whether a path includes a link or node of interest (e.g., a node at a certain location). [0117] The available bandwidth of path 310 can be determined by the component link 306 with the least available bandwidth. For example, despite link 306b having available bandwidth of lGbit/s, link 306g only has lOMbit/s of available bandwidth - thus limiting the available bandwidth of path 310a to lOMbit/s.
[0118] The latency of path 310 can be determined by the summation of the latency of component links 306 and nodes 302. For example, the latency of path 310b (65ms) can be the summation of the latencies of component links 306b (30ms), 306c (8ms), 306f (20ms), and 306i (7ms).
[0119] The current price of path 310 can be determined by the summation of current price of component links 306. For example, the current price of path 310c ($300) can be the summation of component links 306a ($20), 306e ($70), and 306i ($10). The price can be that of connection price for a port, bandwidth price, data transfer price, node rental price, etc. In some embodiments, network manager 308 can set prices based on cost of individual components (i.e., what the private network connection provider pays for the nodes 302 and links 306), market demand (i.e., what customers are willing to pay for path 310, etc. In some embodiments, network manager 308 detects prices and reports prices to customers.
[0120] FIG. 6A and FIG. 6B illustrate example system embodiments. The more appropriate embodiment will be apparent to those of ordinary skill in the art when practicing the present technology. Persons of ordinary skill in the art will also readily appreciate that other system embodiments are possible.
[0121] FIG. 6A illustrates a conventional system bus computing system architecture 600 wherein the components of the system are in electrical communication with each other using a bus 605. Example system 600 includes a processing unit (CPU or processor) 610 and a system bus 605 that couples various system components including the system memory 615, such as read only memory (ROM) 670 and random access memory (RAM) 675, to the processor 610. The system 600 can include a cache of high-speed memory connected directly with, in close proximity to, or integrated as part of the processor 610. The system 600 can copy data from the memory 615 and/or the storage device 630 to the cache 612 for quick access by the processor 610. In this way, the cache can provide a performance boost that avoids processor 610 delays while waiting for data. These and other modules can control or be configured to control the processor 610 to perform various actions. Other system memory 615 may be available for use as well. The memory 615 can include multiple different types of memory with different performance characteristics. The processor 610 can include any general purpose processor and a hardware module or software module, such as module 1 637, module 8 634, and module 3 636 stored in storage device 630, configured to control the processor 910 as well as a special- purpose processor where software instructions are incorporated into the actual processor design. The processor 610 may essentially be a completely self-contained computing system, containing multiple cores or processors, a bus, memory controller, cache, etc. A multi-core processor may be symmetric or asymmetric.
[0122] To enable user interaction with the computing device 600, an input device 645 can represent any number of input mechanisms, such as a microphone for speech, a touch-sensitive screen for gesture or graphical input, keyboard, mouse, motion input, speech and so forth. An output device 635 can also be one or more of a number of output mechanisms known to those of skill in the art. In some instances, multimodal systems can enable a user to provide multiple types of input to communicate with the computing device 600. The communications interface 640 can generally govern and manage the user input and system output. There is no restriction on operating on any particular hardware arrangement and therefore the basic features here may easily be substituted for improved hardware or firmware arrangements as they are developed.
[0123] Storage device 630 is a non-volatile memory and can be a hard disk or other types of computer readable media which can store data that are accessible by a computer, such as magnetic cassettes, flash memory cards, solid state memory devices, digital versatile disks, cartridges, random access memories (RAMs) 675, read only memory (ROM) 670, and hybrids thereof.
[0124] The storage device 630 can include software modules 637, 634, 636 for controlling the processor 610. Other hardware or software modules are contemplated. The storage device 630 can be connected to the system bus 605. In one aspect, a hardware module that performs a particular function can include the software component stored in a computer-readable medium in connection with the necessary hardware components, such as the processor 610, bus 605, display 635, and so forth, to carry out the function.
[0125] FIG. 6B illustrates an example computer system 650 having a chipset architecture that can be used in executing the described method and generating and displaying a graphical user interface (GUI). Computer system 650 is an example of computer hardware, software, and firmware that can be used to implement the disclosed technology. System 650 can include a processor 655, representative of any number of physically and/or logically distinct resources capable of executing software, firmware, and hardware configured to perform identified computations. Processor 655 can communicate with a chipset 660 that can control input to and output from processor 655. In this example, chipset 660 outputs information to output 665, such as a display, and can read and write information to storage device 670, which can include magnetic media, and solid state media, for example. Chipset 660 can also read data from and write data to RAM 675. A bridge 680 for interfacing with a variety of user interface components 685 can be provided for interfacing with chipset 660. Such user interface components 685 can include a keyboard, a microphone, touch detection and processing circuitry, a pointing device, such as a mouse, and so on. In general, inputs to system 650 can come from any of a variety of sources, machine generated and/or human generated.
[0126] Chipset 660 can also interface with one or more communication interfaces 690 that can have different physical interfaces. Such communication interfaces can include interfaces for wired and wireless local area networks, for broadband wireless networks, as well as personal area networks. Some applications of the methods for generating, displaying, and using the GUI disclosed herein can include receiving ordered datasets over the physical interface or be generated by the machine itself by processor 655 analyzing data stored in storage 670 or 675. Further, the machine can receive inputs from a user via user interface components 685 and execute appropriate functions, such as browsing functions by interpreting these inputs using processor 655.
[0127] It can be appreciated that example systems 600 and 650 can have more than one processor 610 or be part of a group or cluster of computing devices networked together to provide greater processing capability.
[0128] For clarity of explanation, in some instances the present technology may be presented as including individual functional blocks including functional blocks comprising devices, device components, steps or routines in a method embodied in software, or combinations of hardware and software.
[0129] In some example embodiments the computer-readable storage devices, mediums, and memories can include a cable or wireless signal containing a bit stream and the like. However, when mentioned, non-transitory computer-readable storage media expressly exclude media such as energy, carrier signals, electromagnetic waves, and signals per se.
[0130] Methods according to the above-described examples can be implemented using computer-executable instructions that are stored or otherwise available from computer readable media. Such instructions can comprise, for example, instructions and data which cause or otherwise configure a general purpose computer, special purpose computer, or special purpose processing device to perform a certain function or group of functions. Portions of computer resources used can be accessible over a network. The computer executable instructions may be, for example, binaries, intermediate format instructions such as assembly language, firmware, or source code. Examples of computer-readable media that may be used to store instructions, information used, and/or information created during methods according to described examples include magnetic or optical disks, flash memory, USB devices provided with non-volatile memory, networked storage devices, and so on.
[0131] Devices implementing methods according to these disclosures can comprise hardware, firmware and/or software, and can take any of a variety of form factors. Typical examples of such form factors include laptops, smart phones, small form factor personal computers, personal digital assistants, rackmount devices, standalone devices, and so on. Functionality described herein also can be embodied in peripherals or add-in cards. Such functionality can also be implemented on a circuit board among different chips or different processes executing in a single device, by way of further example.
[0132] The instructions, media for conveying such instructions, computing resources for executing them, and other structures for supporting such computing resources are means for providing the functions described in these disclosures.
[0133] Although a variety of examples and other information was used to explain aspects within the scope of the appended claims, no limitation of the claims should be implied based on particular features or arrangements in such examples, as one of ordinary skill would be able to use these examples to derive a wide variety of implementations. Further and although some subject matter may have been described in language specific to examples of structural features and/or method steps, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to these described features or acts. For example, such functionality can be distributed differently or performed in components other than those identified herein. Rather, the described features and steps are disclosed as examples of components of systems and methods within the scope of the appended claims. Moreover, claim language reciting "at least one of" a set indicates that one member of the set or multiple members of the set satisfy the claim.

Claims

1. A computer-implemented method comprising:
monitoring a private network to determine respective characteristics for each link of the private network;
receiving, at a first period of time, a request for a network connection between a first computing device and a second computing device over the private network, the request including a specified type of network connection and one or more service requirements; determining, at a second period of time, availability of a plurality of links
corresponding to the specified type of network connection and satisfying the one or more service requirements based at least in part on the respective characteristics for each link of the private network;
selecting, at the second period of time, a first link of the plurality of links for providing at least a first portion of the network connection;
selecting, at the second period of time, a second link of the plurality of links for providing at least a second portion of the network connection; and
providing, at the second period of time, the network connection via the first link and the second link.
2. The computer- implemented method of claim 1, wherein the respective characteristics include a price of an individual link, latency corresponding to the individual link, available bandwidth corresponding to the individual link, and availability of an external resource corresponding to the individual link.
3. The computer- implemented method of claim 1 or claim 2, wherein a first service requirement of the one or more service requirements corresponds to a first weight and a second service requirement of the one or more service requirements corresponds to a second weight, and the method further comprises:
applying the first weight to a first calculation for selecting the first link; and applying the second weight to the second calculation for selecting the first link.
4. The computer- implemented method of any of the preceding claims, further comprising: determining, at a third period of time, availability of a third link corresponding to the specified type of network connection and satisfying the one or more service requirements based at least in part on respective updated characteristics for each link; and
providing, at the third period of time, at least a portion of the network connection via the third link.
5. The computer- implemented method any of the preceding claims, further comprising: determining, at the first period of time, that none of the plurality of links correspond to the specified type of network connection and satisfy the one or more specified service requirements based at least in part on the respective characteristics for each link of the private network.
6. The computer- implemented method of any of the preceding claims, further comprising:
determining, at the first period of time, that a second plurality of links correspond to the specified type of network connection and satisfy the one or service requirements based at least in part on the respective characteristics for each link;
determining, at the second period of time, that the second plurality of links no longer correspond to the specified type of network connection or satisfy the one or service requirements based at least in part on the respective characteristics for each link; and
cease providing the network connection.
7. The computer- implemented method any of the preceding claims, further comprising: determining a first monetary cost of the first link and a second monetary cost of the second link.
8. A non-transitory computer-readable medium having computer readable instructions stored thereon that, when executed by a processor of a computer, cause the computer to: monitor a private network to determine respective characteristics for each link of the private network;
receive, at a first period of time, a request for a network connection between a first computing device and a second computing device over the private network, the request including a specified type of network connection and one or more service requirements; determine, at a second period of time, availability of a plurality of links corresponding to the specified type of network connection and satisfying the one or more service
requirements based at least in part on the respective characteristics for each link of the private network;
select, at the second period of time, a first link of the plurality of links for providing at least a first portion of the network connection;
select, at the second period of time, a second link of the plurality of links for providing at least a second portion of the network connection; and
provide, at the second period of time, the network connection via the first link and the second link.
9. The non-transitory computer-readable medium of claim 8, wherein the respective characteristics include a price of an individual link, latency corresponding to the individual link, available bandwidth corresponding to the individual link, and availability of an external resource corresponding to the individual link.
10. The non-transitory computer-readable medium of claim 8 or claim 9, wherein a first service requirement of the one or more service requirements corresponds to a first weight and a second service requirement of the one or more service requirements corresponds to a second weight, and the instructions further cause the computer to:
apply the first weight to a first calculation for selecting the first link; and
apply the second weight to the second calculation for selecting the first link.
11. The non-transitory computer-readable medium of any one of claims 8 to 10, wherein the instructions further cause the computer to:
determine, at a third period of time, availability of a third link corresponding to the specified type of network connection and satisfying the one or more service requirements based at least in part on respective updated characteristics for each link; and
provide, at the third period of time, at least a portion of the network connection via the third link.
12. The non-transitory computer-readable medium of any one of claims 8 to 11, wherein the instructions further cause the computer to:
determine, at the first period of time, that none of the plurality of links correspond to the specified type of network connection and satisfy the one or more service requirements based at least in part on the respective characteristics for each link of the private network.
13. The non-transitory computer-readable medium of any one of claims 8 to 12, wherein the instructions further cause the computer to:
determine, at the first period of time, that a second plurality of links correspond to the specified type of network connection and satisfy the one or more service requirements based at least in part on the respective characteristics for each link;
determining, at the second period of time, that the second plurality of links no longer correspond to the specified type of network connection or satisfy the one or service requirements based at least in part on the respective characteristics for each link; and
cease providing the network connection.
14. The non-transitory computer-readable medium of any one of claims 8 to 13, wherein the instructions further cause the computer to:
determine a first monetary cost of the first link and a second monetary cost of the second link.
15. A system comprising:
a processor; a computer-readable medium; and non-transitory computer-readable instructions stored thereon that, when executed by a processor, cause the system to: monitor a private network to determine respective characteristics for each link of the private network;
receive, at a first period of time, a request for a network connection between a first computing device and a second computing device over the private network, the request including a specified type of network connection and one or more service requirements; determine, at a second period of time, availability of a plurality of links corresponding to the specified type of network connection and satisfying the one or more service
requirements based at least in part on the respective characteristics for each link of the private network;
select, at the second period of time, a first link of the plurality of links for providing at least a second portion of the network connection;
select, at the second period of time, a second link of the plurality of links for providing at least a second portion of the network connection; and
provide, at the second period of time, the network connection via the first link and the second link.
16. The system of claim 15, wherein the respective characteristics include a price of an individual link, latency corresponding to the individual link, available bandwidth
corresponding to the individual link, and availability of an external resource corresponding to the individual link.
17. The system of claim 15 or claim 16, wherein a first service requirement of the one or more service requirements corresponds to a first weight and a second service requirement of the one or more service requirements corresponds to a second weight, wherein the non- transitory computer-readable instructions, when executed by the processor, further cause the system to:
apply the first weight to a first calculation for selecting the first link; and
apply the second weight to the second calculation for selecting the first link.
18. The system of any one of claims 15 to 17, wherein the non-transitory computer- readable instructions, when executed by the processor, further cause the system to:
determine, at a third period of time, availability of a third link corresponding to the specified type of network connection and satisfying the one or more service requirements based at least in part on respective updated characteristics for each link; and
provide, at the third period of time, at least a portion of the network connection via the third link.
19. The system of any one of claims 15 to 18, wherein the non-transitory computer- readable instructions, when executed by the processor, further cause the system to:
determine, at the first period of time, that none of the plurality of links correspond to the specified type of network connection and satisfy the one or more service requirements based at least in part on the respective characteristics for each link of the private network.
20. The system of any one of claims 15 to 19, wherein the non-transitory computer- readable instructions, when executed by the processor, further cause the system to:
determine, at the first period of time, that the second plurality of links correspond to the specified type of network connection and satisfy the one or service requirements based at least in part on the respective characteristics for each link; and
determine, at a second period of time, that the second plurality of links no longer correspond to the specified type of network connection or satisfy the one or more service requirements based at least in part on the respective characteristics for each link.
PCT/IB2017/054551 2016-07-27 2017-07-27 Provisioning private network connections Ceased WO2018020446A1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
SG11201807512RA SG11201807512RA (en) 2016-07-27 2017-07-27 Provisioning private network connections
AU2017304280A AU2017304280A1 (en) 2016-07-27 2017-07-27 Provisioning private network connections
HK19101902.4A HK1259488A1 (en) 2016-07-27 2017-07-27 Provisioning private network connections
EP17833679.8A EP3424185A4 (en) 2016-07-27 2017-07-27 SUPPLYING PRIVATE NETWORK CONNECTIONS

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201615221422A 2016-07-27 2016-07-27
US15/221,422 2016-07-27

Publications (1)

Publication Number Publication Date
WO2018020446A1 true WO2018020446A1 (en) 2018-02-01

Family

ID=61015750

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2017/054551 Ceased WO2018020446A1 (en) 2016-07-27 2017-07-27 Provisioning private network connections

Country Status (5)

Country Link
EP (1) EP3424185A4 (en)
AU (1) AU2017304280A1 (en)
HK (1) HK1259488A1 (en)
SG (1) SG11201807512RA (en)
WO (1) WO2018020446A1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10158727B1 (en) 2016-03-16 2018-12-18 Equinix, Inc. Service overlay model for a co-location facility
US10530632B1 (en) 2017-09-29 2020-01-07 Equinix, Inc. Inter-metro service chaining
WO2020072341A1 (en) 2018-10-01 2020-04-09 Inflect, Inc. Methods and systems for route finding in networks and a network of networks
CN115004661A (en) * 2019-11-29 2022-09-02 亚马逊技术股份有限公司 Mobility of cloud computing instances hosted within a CSP network
CN115242678A (en) * 2022-06-23 2022-10-25 海南乾唐视联信息技术有限公司 Data acquisition method and device, electronic equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140047082A1 (en) * 2008-12-10 2014-02-13 Amazon Technologies, Inc. Providing access to configurable private computer networks
US20140244851A1 (en) * 2013-02-26 2014-08-28 Zentera Systems, Inc. Secure virtual network platform for enterprise hybrid cloud computing environments
US20160156556A1 (en) * 2014-04-10 2016-06-02 Level 3 Communications, Llc Network Path Selection Using Bandwidth Prediction

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6775267B1 (en) * 1999-12-30 2004-08-10 At&T Corp Method for billing IP broadband subscribers
US20030005130A1 (en) * 2001-06-29 2003-01-02 Cheng Doreen Yining Audio-video management in UPnP
US20040008688A1 (en) * 2002-07-11 2004-01-15 Hitachi, Ltd. Business method and apparatus for path configuration in networks

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140047082A1 (en) * 2008-12-10 2014-02-13 Amazon Technologies, Inc. Providing access to configurable private computer networks
US20140244851A1 (en) * 2013-02-26 2014-08-28 Zentera Systems, Inc. Secure virtual network platform for enterprise hybrid cloud computing environments
US20160156556A1 (en) * 2014-04-10 2016-06-02 Level 3 Communications, Llc Network Path Selection Using Bandwidth Prediction

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP3424185A4 *

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10158727B1 (en) 2016-03-16 2018-12-18 Equinix, Inc. Service overlay model for a co-location facility
US10567519B1 (en) 2016-03-16 2020-02-18 Equinix, Inc. Service overlay model for a co-location facility
US10530632B1 (en) 2017-09-29 2020-01-07 Equinix, Inc. Inter-metro service chaining
US10892937B1 (en) 2017-09-29 2021-01-12 Equinix, Inc. Inter-metro service chaining
WO2020072341A1 (en) 2018-10-01 2020-04-09 Inflect, Inc. Methods and systems for route finding in networks and a network of networks
EP3861360A4 (en) * 2018-10-01 2022-06-22 Inflect, Inc. METHODS AND SYSTEMS FOR ROUTE SEARCHING IN NETWORKS AND NETWORK OF NETWORKS
AU2019351722B2 (en) * 2018-10-01 2025-01-09 Inflect, Inc. Methods and systems for route finding in networks and a network of networks
CN115004661A (en) * 2019-11-29 2022-09-02 亚马逊技术股份有限公司 Mobility of cloud computing instances hosted within a CSP network
CN115004661B (en) * 2019-11-29 2024-02-02 亚马逊技术股份有限公司 Mobility for cloud computing instances hosted within communications service provider networks
US11917446B1 (en) 2019-11-29 2024-02-27 Amazon Technologies, Inc. Mobility of cloud compute instances hosted within communications service provider networks
CN115242678A (en) * 2022-06-23 2022-10-25 海南乾唐视联信息技术有限公司 Data acquisition method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
EP3424185A1 (en) 2019-01-09
AU2017304280A1 (en) 2018-09-20
EP3424185A4 (en) 2019-02-27
SG11201807512RA (en) 2018-09-27
HK1259488A1 (en) 2019-11-29

Similar Documents

Publication Publication Date Title
US11625154B2 (en) Stage upgrade of image versions on devices in a cluster
US20190253274A1 (en) Network interconnection service
US10749780B2 (en) Systems and methods for management of cloud exchanges
US10708342B2 (en) Dynamic troubleshooting workspaces for cloud and network management systems
US20170063614A1 (en) Provisioning network ports and virtual links
US9450810B2 (en) Policy-driven automatic redundant fabric placement mechanism for virtual data centers
US12003424B2 (en) Load balancing communication sessions in a networked computing environment
JP2022546563A (en) Consolidating Policy Planes Across Multiple Domains
US10230628B2 (en) Contract-defined execution of copy service
US20180027009A1 (en) Automated container security
US20160210209A1 (en) High availability and failover
JP2015530818A (en) System and method for providing distributed virtual routing and switching (DVRS)
US10523568B2 (en) Adaptive load balancing for application chains
EP3424185A1 (en) Provisioning private network connections
WO2021173319A1 (en) Service chaining in multi-fabric cloud networks
WO2019140486A1 (en) Provisioning network ports and virtual links
US20240243971A1 (en) Orchestrated reconnect for client-unaware rolling of network nodes
US20250071021A1 (en) Configuring components of a software-defined network to automatically deploy and monitor logical edge routers for users
AU2017304281A1 (en) Extending an MPLS network using commodity network devices

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 11201807512R

Country of ref document: SG

ENP Entry into the national phase

Ref document number: 2017304280

Country of ref document: AU

Date of ref document: 20170727

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 2017833679

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2017833679

Country of ref document: EP

Effective date: 20181001

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17833679

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE