`(12) Patent Application Publication (10) Pub. No.: US 2007/0079307 A1
`Dhawan et al.
`(43) Pub. Date:
`Apr. 5, 2007
`
`US 200700793.07A1
`
`(54) VIRTUAL MACHINE BASED NETWORK
`CARRIERS
`
`(76) Inventors: Puneet Dhawan, Austin, TX (US);
`Timothy Abels, Pflugerville, TX (US)
`
`Correspondence Address:
`HAMILTON & TERRILE, LLP
`P.O. BOX 203518
`AUSTIN, TX 78720 (US)
`(21) Appl. No.:
`11/239,750
`(22) Filed:
`Sep. 30, 2005
`
`Publication Classification
`
`(51) Int. Cl.
`(2006.01)
`G06F 9/455
`(52) U.S. Cl. .................................................................. 718/1
`
`ABSTRACT
`(57)
`A system and method is disclosed for the secure transfer of
`data by carrier virtual machines between participating physi
`cal hosts through a virtual network (VNET) implemented on
`one or more internal and/or external networks. The method
`of the invention can provide additional security controls,
`comprising parameters that may include, but are not limited
`to, time-to-live (TTL), access control lists (ACLS), usage
`policies, directory roles, etc. Additionally, access to one or
`more of a plurality of carrier virtual machine payloads by
`security groups, individual access, Subdivided individual
`access, and MIME-like subdivision of a VM-encapsulated
`payload may be controlled, thereby providing the carrier
`VM the ability to carry many secured payloads. In addition,
`VM packets, a group of packets, a single VM, or Subpackets
`within a VM between network endpoints, or at a predeter
`mined intermediary network point, may be quarantined to
`realize further security. Individual or combinations of these
`functionalities on carrier virtual machines, and by extension,
`application and/or one or more sets of secure data may be
`implemented.
`
`Carrier
`Virtual Machine
`500
`
`
`
`124 Secure Data
`
`524 Secure Datan
`
`122 Application
`
`522 Application n
`
`120 Carrier Virtual Autorun
`-a, Machine 1
`Scripts 428
`
`520 Carrier Virtual Autorun
`A. Machine in
`Scripts 428
`
`504 VM Packet Management
`
`506 Predetermined Routing Table
`
`508 Routing and Policy Wrapper
`
`116 Virtual Machine Monitor
`
`Microsoft Ex. 1005, p. 1
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`Patent Application Publication
`
`Apr. 5, 2007 Sheet 1 of 12
`
`US 2007/0079307 A1
`
`+ – – – – – – – – – – – – – – – – – –|
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Microsoft Ex. 1005, p. 2
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`Patent Application Publication Apr. 5, 2007 Sheet 2 of 12
`
`US 2007/0079307 A1
`
`
`
`Z ERHIQ50||-||
`
`SS3Jppy BI 30 InOS
`
`Microsoft Ex. 1005, p. 3
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`Patent Application Publication
`
`Apr. 5, 2007 Sheet 3 of 12
`
`US 2007/0079307 A1
`
`
`
`
`
`
`
`
`
`Microsoft Ex. 1005, p. 4
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`Patent Application Publication
`
`5r._PA
`
`0m
`
`S
`
`a
`
`f
`
`A703970m7002BI
`
`7n:fl
`
`m3822.”.$33{9562a
`
`
`
`n{262a
`
`
`
`anuba
`
`
`
`
`
`
` Kvwmcozooccoo_mo_m3
`
`«8
`
`Nno:
`
`.1?mom
`
`Emaaa98:3.
`
`
`
`8282_m=t_>g
`
`mitom5:22155fl
`
`co=mo__&<%
`
`
`
`{03529:522oov
`
`
`
`_m:t_>.350F“mo:
`
`Non
`
`
`
`
`
`cozficwEmEE.cozmo=aa<Mwlm.
`
`Q3033
`
`
`
`9:285.52.5.6250a
`
`0ll4.8325mg
`8m52mina
`
`
`
`NQ<Z%_.n.<za
`
`
`
`
`
`_.60291mmmuu<{0362%
`
`550m
`
`
`
`{0sz{0232
`
`amlma
`
`v2:9".
`
`{oémza
`
`Microsoft Ex. 1005, p. 5
`Microsoft v. Daedalus Blue
`
`IPR2021-00832
`
`Microsoft Ex. 1005, p. 5
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`
`
`
`Patent Application Publication Apr. 5, 2007 Sheet 5 of 12
`
`US 2007/0079307 A1
`
`
`
`009
`
`Microsoft Ex. 1005, p. 6
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`Patent Application Publication Apr. 5, 2007 Sheet 6 of 12
`
`US 2007/0079307 A1
`
`
`
`009
`
`Microsoft Ex. 1005, p. 7
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`Patent Application Publication Apr. 5, 2007 Sheet 7 of 12
`
`US 2007/0079307 A1
`
`
`
`009
`
`Microsoft Ex. 1005, p. 8
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`Patent Application Publication
`
`Apr. 5, 2007 Sheet 8 of 12
`
`US 2007/00793.07 A1
`
`
`
`009
`
`Microsoft Ex. 1005, p. 9
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`Patent Application Publication
`
`Apr. 5, 2007 Sheet 9 of 12
`
`US 2007/0079307 A1
`
`009
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Microsoft Ex. 1005, p. 10
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`Patent Application Publication
`
`Apr. 5, 2007 Sheet 10 of 12
`
`US 2007/0079307 A1
`
`| — — —
`
`FÆg
`
`009
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Microsoft Ex. 1005, p. 11
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`Patent Application Publication
`
`Apr. 5, 2007 Sheet 11 of 12
`
`US 2007/0079307 A1
`
`9
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`009
`
`Microsoft Ex. 1005, p. 12
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`Patent Application Publication
`
`Apr. 5, 2007 Sheet 12 of 12
`
`US 2007/0079307 A1
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`009
`
`Microsoft Ex. 1005, p. 13
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`US 2007/00793.07 A1
`
`Apr. 5, 2007
`
`VIRTUAL MACHINE BASED NETWORK
`CARRIERS
`
`BACKGROUND OF THE INVENTION
`0001) 1. Field of the Invention
`0002 The present invention relates in general to the field
`of information handling systems and, more specifically, to
`the flexible and secure transfer of packets by carrier virtual
`machines.
`0003 2. Description of the Related Art
`0004 As the value and use of information continues to
`increase, individuals and businesses seek additional ways to
`process and store information. One option available to users
`is information handling systems. An information handling
`system generally processes, compiles, stores, and/or com
`municates information or data for business, personal, or
`other purposes, thereby allowing users to take advantage of
`the value of the information. Because technology and infor
`mation handling needs and requirements vary between dif
`ferent users or applications, information handling systems
`may also vary regarding what information is processed,
`stored or communicated, an how quickly and efficiently the
`information may be processed, stored, or communicated.
`The variations in information handling systems allow for
`information handling systems to be general or configured for
`a specific user or specific use Such as financial transaction
`processing, airline reservation, enterprise data storage, or
`global communications. In addition, information handling
`systems may include a variety of hardware and Software
`components that may be configured to process, store, and
`communicate information, and may include one or more
`computer systems, data storage systems, and networking
`systems.
`0005 Information handling systems continue to improve
`in their ability to generate and manage information. Con
`currently, networks are growing in size, access to them is
`becoming ubiquitous, and their cost is declining. However,
`as networks become a commodity resource, the security and
`manageability of the data they transport can become an
`issue. Accordingly, different approaches have been
`employed to securely manage highly sensitive data from
`malicious attack/unauthorized access or usage once it leaves
`a sender's machine.
`0006. One of the challenges in secure computing and
`network environments is hiding the identities of the origi
`nator and intended recipient of highly sensitive data. Hack
`ers continue to use creative approaches to monitor network
`activity, especially in identifying high profile candidate
`IP/MAC addresses, and high value data conduits or paths
`within a network. Various techniques can be used against
`these malicious monitors to protect against exposure of
`sensitive data and the identity of systems involved, includ
`ing firewalls, data encryption, traffic camouflaging, etc.
`However, these methods are not fool proof and they each
`have characteristics that can result in attendant issues.
`0007 Typical IT environments can consist of numerous
`independent and distributed servers, networks, and storage
`devices that can be virtualized into a single, centrally
`managed pool of resources by virtualizing server, network,
`and storage resources. These virtual environments also
`
`enable sensitive data/applications to be securely shared
`between both physical and virtual machines.
`0008 Virtual machines are generally implemented
`through the use of a virtual machine monitor (VMM), which
`can run on each physical server, which in turn can run
`multiple virtual machines and abstract each virtual
`machine’s view of its associated storage and networks.
`Accordingly, each physical server can Support a predeter
`mined number of virtual machines and runs a management
`OS in a separate virtual machine that participates in the
`management and operation of the server, network, and
`storage infrastructure. These VMM-managed resources can
`include processors, memory, network bandwidth, and I/O
`bandwidth, all aggregated into a single, unified resource
`pool.
`0009. By managing resources available within the unified
`pool, a VMM can combine and/or allocate virtual machines,
`thereby reducing processing and resource demands on indi
`vidual physical servers. In addition to managing resource
`allocation, virtual machine monitors typically provide the
`services to create, quiesce, and destroy virtual machines.
`These services, combined with the encapsulation of a virtual
`machine’s software state, can enable a VMM to map and
`remap virtual machines to available physical resources,
`thereby enabling migration of virtual machines from one
`physical server to another.
`0010 Server-based storage virtualization generally
`aggregates Storage resources that are attached to a server.
`Typically, a virtual volume manager (VVM) will create
`Virtual Storage Devices (VSDs) from these resources, which
`may be located in directly attached storage, or network
`attached storage (NAS) Such as a storage area network
`(SAN). A virtual machine manager, through VSDs, can
`access these storage devices, including storage directly
`attached to other servers.
`0011 Currently, virtual machine migration is generally
`implemented on physical servers that share a common pool
`of data storage resources, with the location of data in the
`storage pool invisible to virtual machines and applications.
`When a virtual machine migrates to other nodes a virtual
`Volume manager, working in concert with a virtual machine
`manager, can provide the necessary routing and redirection
`functionality to transport data stored in VSDs across SAN
`and LAN fabrics.
`0012. When a virtual machine is live migrated (migrated
`to another physical host while it is running), its associated
`VSDs are migrated along with it, but only the VSD's access
`points migrate and no physical data is moved. This is needed
`as VSDS can be of big size and pose a challenge for a quick
`migration process of the virtual machine across physical
`hosts. Furthermore, data can be moved transparently
`between physical devices while allowing a virtual machine
`to continue accessing VSD data while it is in transit.
`Migrating VSDs across physical hosts can be performed by
`using different techniques like pre-mirroring, Copy on Write
`(COW) etc. With decreasing bandwidth costs and increasing
`interconnect speed; penalty due to this process will not be
`huge. Virtual machines can be cold migrated across a LAN
`or a WAN by shutting them down and migrating the VSDs
`and configuration files to the target physical system. Having
`a light weight OS and keeping the VSD size to minimum
`required, the time taken for cold migration can be reduced.
`
`Microsoft Ex. 1005, p. 14
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`US 2007/00793.07 A1
`
`Apr. 5, 2007
`
`0013 Network virtualization can give users the impres
`sion of having their own virtual private local area network
`(LAN). Commonly known as a VNET, these virtualized
`networks can typically use any media access control (MAC)
`or IP address available within a physical network. Generally,
`a VNET is a virtual private network (VPN) that implements
`a virtual local area network (VLAN) that in turn is imple
`mented on a physical network Such as a Local Area Network
`(LAN), a Wide Area Network (WAN) such as the Internet or
`a corporate intranet, or a combination of public and/or
`private network technologies and protocols that may be
`required to transport data packets between one or more
`information handling systems.
`0014 AVNET is typically established at layer 2 of the
`OSI network model. Through the use of layer 2 tunneling
`and by translating between physical and virtual network
`addresses, a VNET can create the illusion of a local area
`network, even when physical network resources are spread
`over a wide area. Since a VNET is established at layer 2, a
`virtual machine can be migrated from site to site without
`changing its presence, as it keeps the same media access
`control (MAC) and IP addresses, network routes, etc. Fur
`thermore, since VNETs are decoupled from the underlying
`network topology, they are able to maintain network con
`nectivity during virtual machine migration.
`0.015
`Additionally, VNETs can provide security compa
`rable to a hardware-based VLAN through the use or the
`IPsec Encapsulated Security Payload protocol. IPsec can be
`used to encapsulate VNET Ether|P packets to provide mes
`sage authentication, thereby ensuring that only authorized
`entities within the virtual network can send data. In addition,
`IPsec can employ encryption to ensure that only the intended
`recipient can read data conveyed by IPsec packets.
`0016 While each of the approaches described herein
`above provides some level of flexibility and security, there
`is a need for an improved way of securely managing data
`and processes across physical hosts.
`
`SUMMARY OF THE INVENTION
`0017. In accordance with the present invention, a system
`and method is disclosed for virtual machines implemented
`as carriers of a payload that may include applications, data,
`another virtual machine etc. In various embodiments of the
`invention, virtual machines carrying the payload can be
`routed between physical hosts, based on set policies provid
`ing a secure, manageable and highly flexible environment
`for data and process management. Those of skill in the art
`will realize that many variations and implementations of
`Such embodiments are possible.
`0018 When coupled with encryption, the system and
`method of the invention described in more detail hereinbe
`low can provide a secure environment for data/application
`management among multiple physical hosts. Data to be
`transported is first encrypted and then encapsulated by a
`carrier virtual machine at each stage of the migration process
`among the physical hosts involved. To implement various
`embodiments of the invention requires an infrastructure,
`such as that provided by VMware or the Xen open source
`environment, to create and manage virtual machines.
`0019. In an embodiment of the invention, a user specifies
`which payload should be secured and needs to be sent to
`
`particular hosts. A special carrier virtual machine (VM) is
`created that can transfer the payload to its predetermined
`destination host(s). VM migration and/or routing tables are
`built in the carrier VM, which determine which hosts will be
`participating. A connection is made to the target host(s) to
`accept the request for transferring the virtual machine. The
`specified payload is (or can be encrypted and then) encap
`sulated in a carrier VM. Typically, a “time-to-live' attribute
`is also set for VM. If the VM fails to migrate to its next
`hop/does not completed intended task at the host in the
`specified time, it can notify the sender then destroy itself and
`hence the payload it contains, send a request to the origi
`nating host for a time-to-live extension if network is con
`gested, request a reroute due to high traffic on a predeter
`mined route or access policies etc, or other predetermined
`actions.
`0020. The carrier virtual machine is then migrated to the
`next participating physical host. Using the policy based
`Autorun Engine; necessary actions can be taken at each host.
`Examples may include transferring of data to the physical
`host or to a virtual machine in the physical host through a
`virtual network, to any other physical or virtual machine, a
`payload application gathering data or performing some
`maintenance on the physical or virtual machine, destroy
`itself if VM is on an unidentifiable host, change network
`interface properties like set new MAC address etc. In an
`embodiment of the invention, payload is transferred to a next
`carrier virtual machine through a virtual network imple
`mented between the originating carrier VM and a carrier VM
`established on the participating physical host next to initiator
`in the migration path. Once the secure payload has been
`transferred to the next carrier VM, the virtual network, can
`be destroyed to provide an additional level of security. In an
`embodiment of the invention, the payload is transferred to
`the next carrier virtual machine through “hot cloning.” In
`this embodiment, as the carrier VM migrates from one
`physical host to another, a clone of the VM is created in the
`next participating physical host in the migration path. This
`hot cloning process may use copy on write (COW), which
`can be implemented as completion of the cloning operation
`before the next carrier virtual machine transfer is initiated,
`or beginning the next virtual machine carrier transfer before
`the cloning operation is complete. Once the secure data has
`been transferred to the next carrier VM, the virtual network
`can be destroyed to provide an additional level of security.
`0021. Once the originating carrier virtual machine has
`completed its migration to the next participating physical
`host it can be destroyed on the originating participating
`physical host. The migrated virtual machine now becomes a
`carrier virtual machine if migration to additional participat
`ing physical hosts is required. At each physical host the
`carrier virtual machine completes its assigned task and can
`notify the management application about the status of its
`task. In case of failure, necessary steps can be taken based
`on set policies and events (e.g. type of failure). Those of skill
`in the art will understand that many such embodiments and
`variations of the invention are possible, including but not
`limited to those described hereinabove, which are by no
`means all inclusive.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`0022. The present invention may be better understood,
`and its numerous objects, features and advantages made
`
`Microsoft Ex. 1005, p. 15
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`US 2007/00793.07 A1
`
`Apr. 5, 2007
`
`apparent to those skilled in the art by referencing the
`accompanying drawings. The use of the same reference
`number throughout the several figures designates a like or
`similar element.
`0023 FIG. 1 is a generalized illustration of an informa
`tion handling system that can be used to implement the
`method and apparatus of the present invention.
`0024 FIG. 2 is a generalized illustration of an IP data
`gram that can be used to implement the system and method
`of the present invention.
`0025 FIG. 3 is a generalized illustration of a TCP/IP
`network that can be used to implement the system and
`method of the present invention.
`0026 FIG. 4 is a generalized illustration of a TCP/IP
`network that can be used to implement the system and
`method of the present invention with carrier virtual
`machines.
`0027 FIG. 5a illustrates one embodiment of a carrier
`virtual machine to implement the system and method of the
`present invention.
`0028 FIG.5b illustrates one embodiment of a plurality of
`carrier virtual machines to implement the system and
`method of the present invention.
`0029 FIG. 5c illustrates one embodiment of a carrier
`virtual machine encapsulating a plurality of applications
`and/or secure sets of data to implement the system and
`method of the present invention.
`0030 FIG. 5d illustrates one embodiment of a carrier
`virtual machine encapsulating a single carrier virtual
`machine and/or a plurality of secure sets of data to imple
`ment the system and method of the present invention.
`0031
`FIG. 6a illustrates one embodiment of a carrier
`virtual machine using shared resources comprising storage
`area network to implement the system and method of the
`present invention.
`0032 FIG. 6b illustrates one embodiment of a carrier
`virtual machine using a virtual network (VNET) to imple
`ment the system and method of the present invention.
`0033 FIG. 6c illustrates one embodiment of a carrier
`virtual machine using multiple network hops across a virtual
`network (VNET) to implement the system and method of the
`present invention.
`0034 FIG. 6d illustrates one embodiment of a carrier
`virtual machine using "hot cloning at multiple network
`hops across a virtual network (VNET) to implement the
`system and method of the present invention.
`
`DETAILED DESCRIPTION
`0035 FIG. 1 is a generalized illustration of an informa
`tion handling system 100 that can be used to implement the
`system and method of the present invention. The informa
`tion handling system includes a processor (e.g., central
`processor unit or “CPU”) 102, input/output (I/O) devices
`104. Such as a display, a keyboard, a mouse, and associated
`controllers, a hard disk drive 106, network storage interface
`108 to access network attached disk drives and other
`memory devices, and various other Subsystems (e.g., a
`network port) 110, and system memory 112, all intercon
`
`nected via one or more buses 114. Virtual machine monitor
`116 resides in system memory 112 and in one embodiment
`of the invention Supports an implementation of a guest
`operating system 118 which is utilized by the present
`invention for implementation of a carrier virtual machine
`120, which in turn can interact with application 122 and/or
`secure data 124.
`0036). In an embodiment of the present invention, infor
`mation handling system 100 communicates through network
`port 110, network connection 126, and a private (e.g.,
`secured corporate network), public (e.g., the Internet), or
`hybrid (e.g., a private Intranet implemented on the public
`Internet) network 128 which can be but is not limited to, a
`local area network (LAN), a wide area network (WAN), a
`virtual network (VNET), or any combination of communi
`cation technologies and/or protocols that may be required to
`interact with one or more information handling systems 140.
`A virtual machine carrier manager 142 is operable to man
`age virtual machine packets and to implement routing and
`policy management for the virtual machines. In an imple
`mentation of an embodiment of the invention, information
`handling system 100 accesses common data through net
`work storage interface 108, which couples to storage area
`network 132 through a suitable storage peripheral connec
`tion 130, such as but not limited to fiber channel, High
`Performance Peripheral Interface (HIPPI), etc. to Storage
`area network 132, which may include any instrumentality or
`aggregate of instrumentalities capable of storing data, Such
`as but not limited to hard disks, RAID arrays, optical disk
`drives, tape drives, etc.
`0037 For purposes of this disclosure, an information
`handling system may include any instrumentality or aggre
`gate of instrumentalities operable to compute, classify, pro
`cess, transmit, receive, retrieve, originate, Store, display,
`manifest, detect, record, reproduce, handle, or utilize any
`form of information, intelligence or data for business, sci
`entific, control or other purposes. For example an informa
`tion handling system may be a personal computer, a network
`storage device, or any other Suitable device and may vary in
`size, shape performance, functionality, and price. The infor
`mation handling system may include random access
`memory (RAM), one or more processing resources such as
`a central processing unit (CPU) or hardware or software
`control logic, read only memory (ROM), and/or other types
`of nonvolatile memory. Additional components of the infor
`mation handling system may include one or more disk
`drives, one or more network ports for communicating with
`external devices as well as various input and output (I/O)
`devices, such as a keyboard, a mouse, and a video display.
`The information handling system may also include one or
`more buses operable to transmit communications between
`the various hardware components.
`0038 FIG. 2 is a generalized illustration of an IP data
`gram 200 that can be used to implement the system and
`method of the present invention. Those of skill in the art will
`be familiar with the construction of a typical IP datagram
`200 comprising a connectionless datagram delivery service
`that relies upon upper layer protocols (e.g., TCP, UDP) to
`provide reliable delivery of the datagram. IP datagram 200
`comprises an IP header followed by a variable-length data
`232, which are transmitted in network byte order 202 (i.e.,
`bits 0-7 first, then bits 8-15, 16-23, and 24-31). IP datagram
`header comprises version field 204 set to the current version
`
`Microsoft Ex. 1005, p. 16
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`US 2007/00793.07 A1
`
`Apr. 5, 2007
`
`of the IP protocol implemented, IP header length field 206
`comprising the number of 32 bit words forming the header,
`type of service field 208 set to indicate the IP datagrams
`requested network quality of service, total length field 210
`indicating the IP datagrams combined length of the header,
`identification field 212 which uniquely identifies the IP
`packet, and variable data, and flags field 214 used to control
`whether routers are allowed to fragment the IP packet. IP
`datagram header further comprises fragment offset field 216
`used by routers when fragmenting an IP packet, time to live
`field 218 specifying the maximum number of network hops
`the IP packet may be routed, protocol field 220 indicating the
`type of transport packet being carried (e.g., ICMP, TCP,
`UDP), header checksum field 222 used to detect processing
`errors when the IP packet is being processed by a router,
`source IP address field 224 comprising the originating IP
`address of the datagram, destination IP address field 226
`comprising the destination IP address of the datagram, IP
`options field 228 for optional purposes, and padding field
`230 which may be used in Ethernet implementations to
`make equally sized IP packets.
`0039. In the present invention, a virtual machine monitor
`116 sets the contents of IP datagram header fields, including
`but not limited to, service type 208, time to live 218 and
`destination IP address 226. In an implementation of one
`embodiment of the invention, a participating physical host
`can receive a carrier virtual machine and set the destination
`IP address 226 to forward the carrier virtual machine to the
`destination IP address of the next for the next participating
`physical host. This process can be repeated to implement a
`flexible, yet secure, carrier virtual machine routing path over
`one or more networks.
`0040 FIG. 3 is a generalized illustration of a TCP/IP
`network 300 that can be used to implement the system and
`method of the present invention. In FIG. 3, participating
`physical host 302 is coupled to participating physical host
`304 through network 128, generally comprised of routers
`306 comprising network access port 1308, network access
`port 2306, and IP protocol 318. Participating physical host
`1302 comprises communication functionality, Such as a
`multi-layer communications protocol stack, which may be
`comprised of a network layer 312, physical layer 314,
`network access protocol 1316, IPlayer 318, TCP layer 320
`and application layer 322. Participating physical host 2304
`similarly comprises communication functionality, Such as a
`multi-layer communications protocol stack, which may be
`comprised of a network layer 326, physical layer 328,
`network access protocol 2330, IPlayer 332, TCP layer 320
`and application layer 322. Note that network access protocol
`1316 on participating physical host 1302 may be differ
`ent than network access protocol 2330 on participating
`physical host 2304. Those of skill in the art will understand
`since a virtual machine monitor 116 can abstract the under
`lying hardware layer (e.g., CPU, memory, I/O, etc.) as well
`as encapsulating the operating state of the machine as
`described in more detail herein, thereby allowing differing
`network access protocols 316, 330 to be implemented on
`participating physical hosts 302,304. Those of skill in the art
`will likewise be aware that a logical connection 324 can be
`established between the respective multi-layer communica
`tion protocol stacks of participating physical host 302 and
`participating physical host 304 through a TCP 320, 334
`protocol session.
`
`0041 FIG. 4 is a generalized illustration of a TCP/IP
`network 300 that can be used to implement the system and
`method of the present invention with carrier virtual
`machines 426, 438. In FIG. 4, participating physical host
`302 is coupled to participating physical host 304 through
`network 128, as described in more detail hereinabove.
`0042. In an embodiment of the invention, application 322
`of participating physical host 1310 comprises carrier vir
`tual machine 426 comprising, but not limited to, Virtual
`machine autorun scripts 428, and a payload 429 that includes
`operating systems 430, other virtual machines 432, applica
`tions 434, and data 436.
`0043. In this embodiment of the invention, carrier virtual
`machine 426 is migrated from participating physical host
`302 using a multi-layer communications protocol stack as
`described in more detail herein, through network 128 to
`router 306. Router 306 receives IP packets through network
`access port 1308, examines the destination IP address
`contained in IP datagrams generated by IP layer 318, and
`routes IP packets through network access port 2310 to the
`designated destination IP address. In this same embodiment,
`participating physical host 2304 receives incoming IP
`packets through its associated multi-layer communications
`protocol stack to implement virtual machine 438, compris
`ing, but not limited to virtual machine autorun scripts 428,
`and payload 429 that includes operating systems 430, other
`virtual machines 432, applications 434, and data 436. Once
`carrier virtual machine 426 has completed migration to
`participating physical host 2304 as virtual machine 438,
`carrier virtual machine 426 on participating physical host
`1302 can be destroyed (if required by security policies).
`0044) In an embodiment of the invention, virtual machine
`Autorun scripts 428 can be initiated per virtual machine
`initiation and may comprise, but is not limited to, central
`policy updates, heartbeat and timeout monitors, and security
`checks including but not limited to VM group, individual
`VM, VM packet, etc. as described in more detail hereinbe
`low.
`0045. In an embodiment of the invention, carrier virtual
`machine 426 can set datagram header fields for different
`router implementations, including but not limited to, IP, fibre
`channel, Infiniband, thereby allowing carrier virtual
`machine 426 to traverse heterogeneous network environ
`mentS.
`0046 FIG. 5a is a generalized illustration of a carrier
`virtual machine 200 that can be used to implement the
`system and method of the present invention. In FIG. 2a,
`application 122 and/or secure data 124 are encapsulated by
`carrier virtual machine 120. Carrier virtual machine 120 is
`associated with VM packet management 504 and predeter
`mined routing table 506. In an embodiment of the invention,
`application 122 may comprise one or more Software pro
`grams that can execute within carrier virtual machine 120.
`Secure data 124 may be associated with application 122 or
`may be independently encapsulated by carrier virtual
`machine 120, and may employ encryption or cryptographic
`means to provide additional security and protection against
`malicious attack.
`0047. In an embodiment of the invention, virtual machine
`(VM) packet management 504 comprises parameters that
`may include, but are not limited to, time-to-live (TTL),
`
`Microsoft Ex. 1005, p. 17
`Microsoft v. Daedalus Blue
`IPR2021-00832
`
`
`
`US 2007/00793.07 A1
`
`Apr. 5, 2007
`
`security mechanisms such as access control lists (ACLs),
`usage policies, directory roles, etc. for carrier virtual
`machine 120, and by extension, application 122 and/or
`secure data 124, individually or