US 12,074,791 B2
Packet flow control in a header of a packet
Shane Baker, Bellevue, WA (US); Santosh Narayan Shilimkar, San Jose, CA (US); and Jagwinder Singh Brar, Bellevue, WA (US)
Assigned to Oracle International Corporation, Redwood Shores, CA (US)
Filed by Oracle International Corporation, Redwood Shores, CA (US)
Filed on Apr. 21, 2023, as Appl. No. 18/304,635.
Application 18/304,635 is a continuation of application No. 17/168,888, filed on Feb. 5, 2021, granted, now 11,671,355.
Prior Publication US 2023/0269178 A1, Aug. 24, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 45/00 (2022.01); H04L 45/302 (2022.01); H04L 45/586 (2022.01); H04L 45/74 (2022.01)
CPC H04L 45/38 (2013.01) [H04L 45/302 (2013.01); H04L 45/566 (2013.01); H04L 45/586 (2013.01); H04L 45/74 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A computer system comprising:
a substrate network hosting a virtual network of a customer, the virtual network comprising a first compute instance;
a first network virtualization device (NVD) of the substrate network, wherein the first network virtualization device comprises one or more processors and one or more memories storing computer-readable instructions that, upon execution by the one or more processors, configure the first NVD to:
receive network data of the customer;
determine a set of networks of the virtual network based on the network data;
receive flow data of the customer, the flow data including packet flow authorization information;
generate a packet flow rule based on the flow data and the set of networks, the packet flow rule defining a network boundary of one or more networks of the set of networks such that a first packet received by the first NVD having a destination within the network boundary can flow and such that a second packet received by the first NVD having a destination outside of the network boundary is to be dropped; and
store the packet flow rule in association with the compute instance.