T 1812/20 (Virtual machine migration/HUAWEI) 22-09-2023
Download and more information:
METHOD FOR GENERATING CONFIGURATION INFORMATION AND NETWORK CONTROL UNIT
I. The appeal is against the decision of the Examining Division to refuse the application for lack of clarity and for lack of inventive step in view of
D4: WO 2012/126254 A1 (HUAWEI TECH CO LTD [CN] 27 September 2012.
The Examining Division relied on the corresponding European patent family member as translation of D4 (numbering by the Board):
D4tr: EP 2 690 552 A1, 29 January 2014.
II. With the statement of grounds of appeal the Appellant requested that the decision of the Examining Division be set aside and that a patent be granted on the basis of the main request or of one of two auxiliary requests, all filed with the grounds of appeal. The main request corresponds to the one refused by the Examining Division.
III. In a preliminary opinion accompanying a summons to oral proceedings, the Board informed the Appellant, inter alia, that it considered all requests to lack inventive step.
IV. The Appellant did not respond in substance to the Board's preliminary opinion, but indicated on 19 June 2023 that it would not attend the oral proceedings, which were subsequently cancelled.
V. Claim 1 of the main request defines:
A method for generating configuration information, comprising:
receiving (110, 210, 310), by a network control unit, a virtual machine association message, wherein the virtual machine association message comprises an identifier of a first virtual machine in a server and an identifier of a first virtual built-in network element in the server, where the first virtual built-in network element corresponds to the first virtual machine and the first virtual machine directly or indirectly connects with the first virtual built-in network element;
determining (120, 211, 311), by the network control unit, first information according to the identifier of the first virtual machine,
sending (212, 312), by the network control unit, the first information to a first network element and a network virtualization edge node in a virtual network to which the first virtual machine belongs, so that the first network element and the network virtualization edge node obtains an updated virtual machine location information mapping table according to the first information;
wherein the first information comprises at least one of the following information:
a first forwarding entry,
a location information mapping entry of the first virtual machine, wherein the location information mapping entry of the first virtual machine comprises the identifier of the first virtual machine, an identifier of the first network element and an identifier of a first virtual network, wherein the first virtual network comprises the first virtual machine and the first virtual built-in network element;
and
a first network policy comprising at least one of the following: a virtual local area network configuration, a bandwidth limitation configuration, a quality of service configuration, a firewall configuration, a port isolation configuration, Dynamic Host Configuration Protocol snooping, load balancing, a virtual network identifier configuration;
wherein when the first information comprises the first forwarding entry, the determining, by the network control unit, first information according to the identifier of the first virtual machine comprises:determining an address of the first virtual machine according to the identifier of the first virtual machine;determining, according to the identifier of the first virtual built-in network element, the identifier of the first network element, and a network topology of the virtual network comprising the first virtual built-in network element, the first network element and the network virtualization edge node, a first outbound port that is on the first network element and leads to the first virtual built-in network element; andgenerating the first forwarding entry for the first network element according to the address of the first virtual machine and the first outbound port, wherein the address of the first virtual machine is an Internet Protocol address and/or a Media Access Control address;
wherein when the first information comprises the location information mapping entry of the first virtual machine, the determining, by the network control unit, first information according to the identifier of the first virtual machine comprises:determining, according to a network topology of the virtual network comprising the first virtual built-in network element and the network virtualization edge node, and the identifier of the first virtual built-in network element, the network virtualization edge node, the number of hops from which to the first virtual built-in network element is the smallest;determining the identifier of the first virtual network; andgenerating the location information mapping entry of the first virtual machine;
wherein when the first information comprises the first network policy, the determining, by the network control unit, first information according to the identifier of the first virtual machine comprises:searching a correspondence table and a network policy table according to the identifier of the first virtual machine, and determining a network policy corresponding to the first virtual machine, wherein the correspondence table is used to indicate a correspondence between an identifier of a virtual machine and an identifier of a network policy, and the network policy table comprises at least one group of network policies and an identifier of each group of network policies; anddetermining the first network policy, wherein the first network policy comprises the network policy corresponding to the first virtual machine.
VI. Claim 1 of the first auxiliary request differs from that of the main request by deleting the third alternative for the "first information", namely "a first network policy" and the corresponding determining step and sub-steps "wherein when the first information comprises the first network policy, the determining...".
VII. Claim 1 of the second auxiliary request differs from that of the first auxiliary request by replacing, in the first method step, the definition: "where the first virtual built-in network element corresponds to the first virtual machine and the first virtual machine directly or indirectly connects with the first virtual built-in network element" with "where the first virtual built-in network element is a network access device of the first virtual machine."
The application
1. The application relates to virtual machines and in particular to a method of generating configuration information upon a change of state of the virtual machine, in order to avoid manual configuration (page 1, Background). The change of state may be e.g. the creation of a virtual machine, or a migration of the virtual machine from a cluster to another (see figures 5 and 6). The configuration information may comprise forwarding entry information for a network element (e.g. outbound port connected to the virtual machine), location information mapping for the virtual machine (assignment to an Network Virtualization Edge - NVE - node and to a virtual network), or network policy for the virtual machine (see current claim 1).
Inventive step
Main request
2. D4 teaches a method for migrating virtual machines using a virtual machine parameter migration message sent to a migration management apparatus. The migration management apparatus determines, according to the network topology (D4tr, paragraph 21), the network devices which need to be configured at the in-migration location. In particular, all network devices (switches, routers firewall, load balancer etc.) upstream of the virtual machine need to be configured (D4tr, paragraph 15). The parameters of the virtual machine to be configured may include "one or more of a TCP connection table, a DHCP snooping table, accumulative data, and so on" (D4tr, paragraph 29).
3. The Examining Division considered in point 23.2 of its decision that D4 disclosed, together with all the features claimed in non-alternative form, one of the three alternatives for generating configuration information in claim 1 ("comprises at least one of the following"), namely the first one, based on the "first forwarding entry information" (citing D4 at paragraphs 21 and 29), and concluded that the claim lacked inventive step in view of D4.
3.1 The Board notes that if one alternative is disclosed, the claim lacks novelty, irrespective of the others.
4. The Appellant disagreed (section IV.2 of the statement of grounds of appeal) essentially because D1 made no reference to a virtual built-in network element, and thus it could not disclose generating configuration information using an identifier of such an element (pages 17 and 18). Furthermore, the virtual machine parameters mentioned were not the same as those claimed according to any of the three alternatives (pages 18 and 19).
5. The Board agrees with the Appellant that D4 does not reference virtual network elements.
5.1 However, it does specify that all upstream network elements are to be reconfigured, according to the topology in place. So, in a case where the network topology includes virtual network devices, e.g. virtual switches, which is otherwise usual in the art, D4 requires that this device be identified and configured. Thus this aspect is obvious from D4.
6. The configuration of any upstream network devices also implies the configuration of forwarding entries (first alternative) thereon, otherwise the migrated virtual machine could not communicate with the outside. Hence the first alternative is obvious in view of D4, when applied in a context where the virtual machine is migrated downstream of a virtual network element.
6.1 The new network topology must also be recorded upon migration. So the mapping information table must be updated with the corresponding information. This renders the second alternative claimed obvious as well.
6.2 Furthermore, D4 discloses explicitly a DHCP snooping table as part of the virtual machine parameters to be configured, which is stated in claim 1 as being one network policy component, so it discloses the third alternative claimed.
7. In conclusion, the Board finds the subject matter of claim 1 to be obvious in view of D4, regardless of the considered alternative (Article 56 EPC).
Auxiliary requests
8. The conclusion above holds for the auxiliary requests as well, which differ in substance only by the deletion of the third alternative. The amendment carried out in the second auxiliary request, for reasons related to clarity objections of the Examining Division (statement of grounds of appeal III.3), provides a definition of the first virtual built-in network element as already considered in 5.1 above.
For these reasons it is decided that:
The appeal is dismissed.