公开(公告)号：US11611529B1

公开(公告)日：2023-03-21

申请号：US17491418

申请日：2021-09-30

Applicant: Amazon Technologies, Inc.

Inventor： Eric Andrew Rubin-Smith ,  Anderson Osagie ,  Neha Mohan Tilak ,  Masood Karimi ,  Jonathan Paul Kramer

IPC: H04W8/26 ,  H04L69/40 ,  H04L29/12 ,  G06F11/00 ,  H04L29/08 ,  H04L61/5007 ,  H04L101/659

Abstract: Disclosed are various embodiments for managing network address allocations using prefix allocation trees. In one embodiment, a request is received to allocate a particular network address block. The request specifies one or more attributes and at least one of a prefix or a size for the particular network address block. A prefix allocation tree is updated to indicate that the particular network address block corresponding to the prefix is allocated instead of free and to associate the attribute(s) with the particular network address block. An identification of an allocation of the network address block is returned in response to the request to allocate the particular network address block. An attribute index of the prefix allocation tree is updated asynchronously to index the attribute(s) in association with the particular network address block.

公开(公告)号：US11799826B1

公开(公告)日：2023-10-24

申请号：US17535489

申请日：2021-11-24

Applicant: Amazon Technologies, Inc.

Inventor： Samuel Lough ,  John Jeffrey Schlachtenhaufen ,  Masood Karimi ,  Eric Andrew Rubin-Smith ,  Shovan Kumar Das ,  Joshua D Leaverton ,  Jonathan Paul Kramer

IPC: G06F15/16 ,  H04L61/5069 ,  H04L41/0686 ,  H04L61/5007

CPC classification number: H04L61/5069 ,  H04L41/0686 ,  H04L61/5007

Abstract: Techniques and technologies for an IP address management (IPAM) system to monitor the usage of IP addresses across regions in one or more networks of resources. The IPAM system may be used to allocate IP addresses to resources in networks and track what IP addresses are being used by resources or available for allocation. The IPAM system may periodically obtain usage information that indicates actual, current IP address usage by the resources in the networks, identify differences between the current IP address usage and an inventory maintained by the IPAM service, and reconcile the differences. Additionally, the IPAM system may further respond to network administrator queries about their resource and IP address usage. Further, the IPAM system may emit various utilization metrics to the network administrators which may be tied to alarms or alerts around non-compliant resources or IP addresses.

公开(公告)号：US11356409B1

公开(公告)日：2022-06-07

申请号：US17215994

申请日：2021-03-29

Applicant: Amazon Technologies, Inc.

Inventor： Benjamin Kaiwen Ng ,  Jason Goelitz ,  Eric Andrew Rubin-Smith ,  Lee Alan Wildes ,  Adam Gregory Cogen ,  Nam Quy Nguyen

IPC: H04L61/5061 ,  G06F9/54 ,  H04L101/35 ,  G06F16/901 ,  G06F9/30 ,  G06F9/50

Abstract: Disclosed are various embodiments for managing network address allocations using prefix allocation trees. In one embodiment, a request is received to allocate a network address block. The request specifying a prefix size for the network address block. A particular network address block having the prefix size that is allocatable is determined based at least in part on a prefix allocation tree representing the available and allocated network address space. The prefix allocation tree is updated to indicate that the particular network address block is allocated. An identification of the particular network address block is returned in response to the request to allocate the network address block.

公开(公告)号：US11892975B1

公开(公告)日：2024-02-06

申请号：US17491429

申请日：2021-09-30

Applicant: Amazon Technologies, Inc.

Inventor： Eric Andrew Rubin-Smith

IPC: G06F16/11

CPC classification number: G06F16/128

Abstract: Disclosed are various embodiments for asynchronously generating consistent snapshots in a distributed system. In one embodiment, a snapshotting agent receives a respective local snapshot for individual processes in a distributed system. The respective local snapshot for a corresponding process includes a corresponding vector clock that comprises respective values indicating respective state changes in the corresponding process and other processes. The snapshotting agent determines whether a collection of the respective local snapshots for the individual processes represents a global consistent snapshot for the distributed system based at least in part on a comparison of the respective values of the corresponding vector clocks.

公开(公告)号：US11784967B1

公开(公告)日：2023-10-10

申请号：US17953980

申请日：2022-09-27

Applicant: Amazon Technologies, Inc.

Inventor： Eric Andrew Rubin-Smith ,  Leonid Nikolayev ,  Shovan Kumar Das

IPC: H04L29/12 ,  H04L29/06 ,  H04L29/08 ,  H04L61/5007

CPC classification number: H04L61/5007

Abstract: Techniques implemented by an IP address management (IPAM) system for monitoring the usage of IP addresses in networks of computing resources and automatically notifying networking devices when IP address usage has changed. The IPAM system may create pools of IP addresses (e.g., address groups), and map those pools to prefix lists that are distributed to the networking devices. The IPAM system may monitor changes in IP address usage by resources in the networks (e.g., allocations and releases of IP addresses), update the pools that are affected by the changes, carry those changes through to the appropriate prefix lists, and propagate updated prefix lists to the networking devices (e.g., firewall devices, routing devices, etc.). In this way, the IPAM system may automatically identify and apply IP address changes to prefix lists that are used for networking operations in the networks.

公开(公告)号：US11909719B1

公开(公告)日：2024-02-20

申请号：US17535498

申请日：2021-11-24

Applicant: Amazon Technologies, Inc.

Inventor： Jonathan Paul Kramer ,  Michael Erik Untereiner ,  Samuel Lough ,  John Jeffrey Schlachtenhaufen ,  Masood Karimi ,  Eric Andrew Rubin-Smith ,  Joshua D Leaverton ,  Shovan Kumar Das

IPC: H04L61/5053 ,  H04L61/5007 ,  H04L61/5061 ,  H04L41/0686

CPC classification number: H04L61/5053 ,  H04L41/0686 ,  H04L61/5007 ,  H04L61/5061

Abstract: Techniques and technologies for an Internet Protocol (IP) address management (IPAM) system to track and manage IP address workflows in a network. The IPAM system can be used to define and enforce management policies or rules regarding IP address management, such as allocation policies, refill policies, and so forth. For instance, the IPAM system can enforce allocation policies that define rules to allow or deny allocation of IP addresses based on types of resources for which the IP addresses are requested, registered user accounts that are requesting the IP addresses, the purpose of the resources receiving the IP addresses, and so forth. Additionally, the IPAM system can enforce refill policies that define rules for replenishing inventories of IP addresses that have been allocated for different domains in the network. The IPAM system can improve the management of IP address workflows by enforcing policy and tracking IP address workflows in networks.

公开(公告)号：US11575647B1

公开(公告)日：2023-02-07

申请号：US17535023

申请日：2021-11-24

Applicant: Amazon Technologies, Inc.

Inventor： Eric Andrew Rubin-Smith ,  Shovan Kumar Das ,  Jonathan Paul Kramer ,  Michael Erik Untereiner ,  Masood Karimi ,  John Jeffrey Schlachtenhaufen ,  Arushi Gupta ,  Samuel Lough

IPC: G06F15/177 ,  H04L12/24 ,  H04L29/12 ,  H04L12/911 ,  H04L61/5007 ,  H04L61/2514 ,  H04L61/5046 ,  H04L61/5061

Abstract: Disclosed are various embodiments for distributed network address allocation management. In one embodiment, a first instance of a plurality of instances of an allocation management service assigns a first portion of a network address space to the first instance and a second portion of the network address space to a second instance of the plurality of instances. The second instance receives a request to allocate a particular network address block. The second instance allocates the particular network address block from the second portion of the network address space by updating an allocation data structure. An allocation of the particular network address block is returned in response to the request. A copy of the allocation data structure maintained by the first instance is updated asynchronously based at least in part on the allocation of the particular network address block.

公开(公告)号：US11483282B1

公开(公告)日：2022-10-25

申请号：US17547652

申请日：2021-12-10

Applicant: Amazon Technologies, Inc.

Inventor： Eric Andrew Rubin-Smith ,  Leonid Nikolayev ,  Shovan Kumar Das

IPC: H04L29/12 ,  H04L29/06 ,  H04L29/08 ,  H04L61/5007

Abstract: Techniques implemented by an IP address management (IPAM) system for monitoring the usage of IP addresses in networks of computing resources and automatically notifying networking devices when IP address usage has changed. The IPAM system may create pools of IP addresses (e.g., address groups), and map those pools to prefix lists that are distributed to the networking devices. The IPAM system may monitor changes in IP address usage by resources in the networks (e.g., allocations and releases of IP addresses), update the pools that are affected by the changes, carry those changes through to the appropriate prefix lists, and propagate updated prefix lists to the networking devices (e.g., firewall devices, routing devices, etc.). In this way, the IPAM system may automatically identify and apply IP address changes to prefix lists that are used for networking operations in the networks.