	US 12,294,521 B1
	Low-latency paths for data transfers between endpoints which utilize intermediaries for connectivity establishment
Ethan Joseph Torretta, Edmonds, WA (US); Schuyler David Thompson, Seattle, WA (US); Jose De Jesus Camacho Ruiz, Woodinville, WA (US); Aaron Graydon Bannert, Seattle, WA (US); and Gowtham Kumar Puligundla, Bothell, WA (US)
Assigned to Amazon Technologies, Inc., Seattle, WA (US)
Filed by Amazon Technologies, Inc., Seattle, WA (US)
Filed on Sep. 30, 2022, as Appl. No. 17/937,399.
Int. Cl. H04L 47/125 (2022.01); H04L 67/1004 (2022.01)

CPC H04L 47/125 (2013.01) [H04L 67/1004 (2013.01)]

20 Claims

1. A system, comprising:

a first host, wherein the first host includes a first networking manager and a client program of a network-accessible service implemented at a cloud provider network;

a second host, wherein the second host includes a second networking manager and a request handler of the network-accessible service, wherein the request handler is configured within a first isolated virtual network of the cloud provider network, and wherein the client program is not configured within the first isolated virtual network; and

a plurality of network function execution intermediaries, including a first network function execution intermediary and a second network function execution intermediary;

wherein the second network function execution intermediary is configured to:

obtain a result of execution of a sequence of network functions on a particular packet directed to the network-accessible service from the client program, wherein the sequence of network functions comprises (a) a first network function executed at the first network function execution intermediary and (b) a second network function executed at the second network function execution intermediary, and wherein execution of at least one network function of the sequence comprises using information, pertaining to the first isolated virtual network, that is not available at the first host; and

cause, based at least in part on the result of the execution of the sequence of network functions, the particular packet to be delivered to the request handler at the second host via the second networking manager, wherein a first path by which the particular packet is delivered to the request handler comprises the first networking manager, the first network function execution intermediary, the second network function execution intermediary and the second networking manager;

wherein the first networking manager is configured to:

obtain an algorithm for determining, at the first host, a result of executing the sequence of network functions on additional packets that originate at the client program and are directed to the network-accessible service;

cause, using the algorithm, another packet originating at the client program to be delivered to the request handler via a second path, wherein the second path does not include the first network function execution intermediary, and wherein the second path does not include the second network function execution intermediary; and

verify, after one or more packets including the other packet have been transmitted using the algorithm, that the algorithm remains valid for determining the result of executing the sequence of network functions.