US Pat. No. 9,584,331

METHODS AND SYSTEMS FOR TRANSMITTING BROADCAST DATA

PISMO LABS TECHNOLOGY LIM...

1. A method of transmitting broadcast data at a first communication gateway, comprising:
(a) establishing a plurality of tunnels with a second communication gateway; receiving broadcast data through a first network
interface from a host or a server; wherein when the broadcast data is received from a host, the broadcast data is a service
request, a response to a service advertisement, or a message; wherein the service request is displayed at a first display;
wherein when the broadcast data is received from a server, the broadcast data is a service advertisement, a response to a
service request, a presence indicator, or a message;

(b) determining whether the broadcast data satisfies at least one condition; wherein the at least one condition is based on
source address of the broadcast data, and/or port number of the broadcast data of the broadcast data;

(c) encapsulating the broadcast data in at least one encapsulating packet;
(d) forwarding the broadcast data through at least one tunnel of the plurality of tunnels and through a second network interface
to the second communication gateway if the broadcast data satisfies the at least one condition; wherein the at least one tunnel
is selected according to at least one policy; wherein the at least one policy is based on capacity of the at least one tunnel,
time, and/or identity of the host; wherein when the policy is based on time; the broadcast data is transmitted through the
at least one tunnel only during a certain period of time; wherein a priority is assigned to each of the at least one policy;

wherein the at least one encapsulating packet is encapsulated by the second communication gateway to retrieve the broadcast
data; and

wherein the broadcast data is distributed by the second communication gateway to a second network.

US Pat. No. 9,584,414

THROUGHPUT OPTIMIZATION FOR BONDED VARIABLE BANDWIDTH CONNECTIONS

PISMO LABS TECHNOLOGY LIM...

1. A method for improving network performance for a bonded VPN tunnel, wherein the bonded VPN tunnels comprise a plurality
of virtual tunnels; the method comprising the steps of:
(a) retrieving a first global sequence number (GSN) and a first per-tunnel sequence number (PTSN) from a first received encapsulating
packet, wherein the first received encapsulating packet encapsulates a first encapsulated packet;

(b) forwarding the first encapsulated packet to the corresponding destination device immediately when the first GSN equals
to zero;

(c) determining a next expected global sequence number (NE-GSN);
(d) determining a next expected per tunnel sequence number (NE-PTSN);
(e) dequeuing first queued encapsulating packets from a queue in sequence when the first PSTN is not equal to NE-PTSN, wherein,
the first queued encapsulating packets have GSNs smaller than the first GSN;

(f) updating the NE-PTSN;
(g) forwarding the first encapsulated packet to a corresponding destination device when the first GSN is less than the NE-GSN;
(h) forwarding the first encapsulated packet to the corresponding destination device when the first GSN equals to the NE-GSN
and updating the NE-GSN;

(i) dequeuing a head packet from the queue if the GSN of the head packet is equal to the updated NE-GSN, wherein the head
packet is stored at the head of the queue;

(j) repeating step (i) when the GSN of head packet equals to the updated NE-GSN; and
(k) queuing the first received encapsulating packet in the queue when the first GSN is larger than the NE-GSN, wherein the
position of first received encapsulating packet in the queue is according to the first GSN;

wherein the first received encapsulating packet is received through a first virtual tunnel, wherein the first virtual tunnel
is comprised in the plurality of virtual tunnels;

wherein each of the virtual tunnels are assigned with a respective weight value based on bandwidth properties of the tunnels;
wherein packet traffic is distributed among the plurality of virtual tunnels based, at least in part on a distribution weight
value for the first virtual tunnel; and

wherein the distribution weight value is based, at least in part, on a modified respective weight value for the first virtual
tunnel.

US Pat. No. 9,585,001

METHODS AND SYSTEMS FOR CONFIGURING RADIO FREQUENCY MODULE

PISMO LABS TECHNOLOGY LIM...

1. A method of configuring at least one radio frequency (RF) module by a wireless communication apparatus, comprising:
(a) retrieving international mobile subscriber identity (IMSI) from at least one subscriber identity module (SIM) card;
(b) selecting a first SIM card from the at least one SIM card; wherein the selecting is performed at a SIM card interface
selector based on event triggers; wherein the event triggers are selected from a group consisting of a geographic location
trigger, a data usage trigger, a received signal quality trigger, a time trigger, a duration of usage trigger, a billing cycle
trigger;

(c) identifying a configuration information according to the IMSI of the first SIM card;
(d) sending the configuration information to the at least one RF module;
if the at least one RF module does not have information for being configured according to the configuration information;
(f) receiving a message from the at least one RF module, wherein the message comprises a request for sending information;
(g) retrieving information from a storage medium;
(h) sending the information to the at least one RF module;
wherein the at least one RF module can be housed in the wireless communication apparatus or in an external device;
wherein the wireless communication apparatus is capable of connecting to the external device; and
wherein the at least one SIM card can be placed in the wireless communication apparatus or in the external device.

US Pat. No. 9,585,175

METHODS AND SYSTEMS FOR TRANSMITTING PACKETS THROUGH AGGREGATED END-TO-END CONNECTION

PISMO LABS TECHNOLOGY LIM...

1. A method for transmitting data packets by a first communications router to a second communications router, wherein the
first communications router and second communication router are multi wide area network (WAN) routers and support aggregating
the bandwidth of multiple Internet connections, comprising:
establishing an aggregated end-to-end connection with the second communications router through Internet, wherein the aggregated
end-to-end connection is a virtual private network (VPN) tunnel; wherein the aggregated end-to-end connection comprising a
plurality of established end-to-end connections;

classifying, the plurality of established end-to-end connections into a first group and at least one non-first group of established
end-to-end connection(s), wherein the first group of established end-to-end connection(s) satisfy all of one or more conditions
and wherein the at least one non-first group of established end-to-end connection(s) do not satisfy all of the one or more
conditions; wherein when there is more than one condition, weights are assigned to the more than one condition, wherein conditions
with higher weights have higher priority than conditions with lower weights when classifying the plurality of established
end-to-end connections; wherein the first group of established end-to-end connection(s) comprises a first established end-to-end
connection and the at least one non-first group of established end-to-end connection(s) comprises a second established end-to-end
connection; wherein the one or more conditions are selected from a group consisting of service provider, geographical location,
time, usage price, security, user identity, Internet protocol address range, communication technology, and device;

transmitting data packets through the aggregated end-to-end connection by transmitting the data packets through the first
group of established end-to-end connection(s) and the at least one non-first group of established end-to-end connection(s),
wherein the first group of established end-to-end connection(s) are preferred for transmitting the data packets;

determining a probability of the first established end-to-end connection not being able to remain in the first group of established
end-to-end connections;

transmitting warm-up packets through the second established end-to-end connection when the probability reaches a predefined
probability threshold;

removing the first established end-to-end connection from the first group of established end-to-end connections when the first
established end-to-end connection stops satisfying the one or more conditions;

stopping to transmit data packets through the first established end-to-end connection;
transmitting maintenance packets, health check packets or management packets through the first established end-to-end connection
when the first established end-to-end connection is not being used for transmitting data packets;

reclassifying the plurality of end-to-end connections periodically by determining periodically whether the plurality of network
interfaces satisfy conditions of the first group of conditions.

US Pat. No. 9,473,964

METHODS AND SYSTEMS FOR ESTIMATING NETWORK PERFORMANCE

PISMO LABS TECHNOLOGY LIM...

1. A method of estimating network performance, comprising the following steps:
(a) selecting at least one first network interface of a first node;
(b) selecting at least one second network interface of a second node;
(c) exchanging test parameters with the second node through control messages;
(d) establishing at least one end-to-end connection between the at least one first network interface and the at least one
second network interface, according to at least one end-to-end connection profile; wherein the at least one end-to-end connection
profile comprises WAN interface identities of the at least one first network interface and the at least one second network
interface, source address of the at least one first network interface, destination address of the at least one second network
interface, encryption standard for packets transmitted and received through the at least one end-to-end connections authentication
parameters, and details of digital certificates used for authentication;

(e) transmitting reference packets from the first node to the second node through the at least one first network interface
to the at least one second network interface over a first time period;

(f) recording transmittal information; wherein the transmittal information comprises CPU usage of the first node while transmitting
the reference packets. number of bytes transmitted over the first time period, and duration over which the reference packets
are transmitted;

(g) receiving arrival information corresponding to the reference packets from the second node; wherein the arrival information
comprises CPU usage of the second node while receiving the reference packets, number of bytes received over the first time
period, duration over which the reference packets are received, number of reference packets that were retransmitted and round
trip time (RTT);

(h) estimating network performance by utilizing the transmittal information and arrival information;
(i) retrieving a selection criteria; wherein the selection criteria is stored in a storage medium or a remote server;
(j) when estimating network performance is complete, comparing the network performances and selecting at least one end-to-end
connection established using the at least one first network interface and the at least one second network interface, wherein
the selecting is based on the selection criteria; and

(k) displaying information on a display; wherein the information comprises end-to-end connection profiles, network performance
information of end-to-end connections, and network performance information of aggregated end-to-end connection: wherein the
display is integrated in the first node, or is a laptop, a handheld computer device, a desktop, or a mobile phone that receives
the network performance information from the first node or second node;

wherein reference packets are not transmitted through more than one end-to-end connection established through a single first
network interface at substantially the same time.

US Pat. No. 9,369,550

PROTOCOL FOR LAYER TWO MULTIPLE NETWORK LINKS TUNNELLING

PISMO LABS TECHNOLOGY LIM...

1. A method for computer networking, the method comprising:
performing by one or more processors, one or more network interfaces, or a combination of one or more processors and one or
more network interfaces in a first network device:

establishing a plurality of network links between the first network device and a second network device;
establishing a plurality of virtual private network (VPN) tunnels between the first network device and a second network device,
wherein the plurality of VPN tunnels are implemented using one or more of the plurality of network links;

receiving a layer two packet through a local area network (LAN) interface;
creating a protocol header, wherein tunnel association information is stored in said protocol header, wherein said tunnel
association information includes a network link identification, a tunnel sequence number, and a global sequence number;

encapsulating said layer two packet into one or more layer three packets with said protocol header, wherein said layer three
packets have the same or different source addresses, wherein said layer three packets have the same or different destination
addresses;

determining whether said one or more layer three packets are large enough to encapsulate the protocol header and said layer
two packet; wherein when a layer three packet is not large enough to encapsulate the protocol header and said layer two packet,
more than one layer three packet is used to encapsulate the protocol header and said layer two packet;

wherein when the protocol header and said layer two packet is considered as one payload, a first one of the more than one
layer three packet contains the protocol header and a part of said layer two packet, and subsequent packets of the more than
one layer three packet does not contain the protocol header and contains remaining parts of said layer two packet;

encrypting payload of said one or more layer three packets according to pre-defined rules;
delivering said one or more layer three packets through one or more said network interfaces, wherein the one or more said
network interfaces are wide area network (WAN) interfaces;

wherein said network link identification, is used to identify the network link and virtual private tunnel said layer two packet
belonging to;

wherein said tunnel sequence number is used to identify the sequence of said one or more layer three packets in a network
link.

US Pat. No. 9,369,398

METHOD, DEVICE, AND SYSTEM TO PRIORITIZE ENCAPSULATING PACKETS IN A PLURALITY OF LOGICAL NETWORK CONNECTIONS

PISMO LABS TECHNOLOGY LIM...

1. A network device for transmitting encapsulating packets via an aggregated plurality of logical network connections after
receiving packets, comprising:
a computer readable storage medium, wherein the computer readable storage medium stores a set of instructions and a plurality
of priority queues;

a plurality of network interfaces, wherein packets are received from at least one of the plurality of network interfaces;
and

a processing unit, wherein the processing unit executes the set of instructions to perform:
receiving a packet via of the plurality of network interfaces;
determining a global sequence number of the packet;
determining a priority level of the packet based on port number of the packet, content of the packet, and/or type of service
field in the packet;

storing the packet in one of the plurality of priority queues according to the determined priority level;
determining a priority sequence number corresponding to the determined priority level for the packet, wherein the priority
sequence number is based on the arrival sequence of the packet, wherein the priority sequence number is unique during a lifetime
of the aggregated plurality of logical network connection;

selecting a first priority queue from the plurality of priority queues; wherein (i) a highest priority queue is selected as
the first priority queue, (ii) a priority queue with the largest number of packets is selected as the first priority queue,
(iii) a priority queue which has a packet having been stored for the longest time is selected as the first priority queue,
(iv) a priority queue with the largest number of packets is selected as the first priority queue, or (v) a priority queue
is selected as the first priority queue according to an equation or a policy;

retrieving a first packet from the first priority queue when the network device is able to transmit the first packet;
selecting a first logical network connection from the plurality of logical network connections for transmission;
determining a logical network sequence number;
encapsulating the first packet, the determined priority level, the determined global sequence number, the determined priority
sequence number and the determined logical network sequence number in the at least one encapsulating packet; and

transmitting the at least one encapsulating packet via the selected logical network and via one of the plurality of network
interfaces;

wherein the network device is connected to a plurality of logical network connections via the plurality of network interfaces.

US Pat. No. 9,258,216

METHODS AND SYSTEMS FOR TRANSMITTING PACKETS THROUGH NETWORK INTERFACES

PISMO LABS TECHNOLOGY LIM...

1. A method for transmitting data packets at a first communications device comprising a plurality of network interfaces, comprising:
classifying the plurality of network interfaces into a first group of network interfaces, and a second group of network interfaces
according to a first group of condition(s);

wherein the first group of network interfaces comprises network interfaces, including a first network interface, that satisfy
all of the first group of conditions;

wherein the second group of network interfaces comprises network interfaces, including a second network interface, that satisfy
at least one, but not all of the first group of conditions;

determining a specific data type, wherein data packets belonging to the specific data type are transmitted through the at
least one of network interfaces of the second group of network interfaces;

transmitting data packets not belonging to the specific data type through at least one of network interfaces of the first
group of network interfaces;

when the first group of network interfaces comprises no network interface, transmitting data packets through the second group
of network interfaces;

transmitting no data packets through network interfaces not belonging to the first group of network interfaces or second group
of network interfaces;

reclassifying the plurality of network interfaces periodically by determining periodically whether the plurality of network
interfaces satisfy conditions of the first group of conditions;

removing the first network interface from the first group of network interfaces if the first network interface becomes not
satisfying all of the first group of conditions;

removing the second network interface from the second group of network interfaces and classifying the second network interface
into the first group of network interfaces if the second network interface becomes satisfying all of the first group of conditions;

wherein the first group of conditions are selected from the group consisting of service provider, geographical location, time,
usage prices security, user identity, Internet Protocol address range, communication technology, and device.

US Pat. No. 9,414,397

SELECTING BASE STATION AT A MULTI-SIM COMMUNICATION DEVICE

PISMO LABS TECHNOLOGY LIM...

1. A method to wirelessly connect to at least one base station at a multi-SIM communication device, wherein the multi-SIM
communication device comprises a plurality of SIM card interfaces and a plurality of RF units, comprising the steps of:
scanning for base stations using a first RF unit;
observing received signal quality using the first RF unit;
transmitting data packets based in part on the received signal quality through at least one of the plurality of RF units;
selecting a first base station based in part on the received quality for the first base station;
when a second RF unit is not available, making the second RF unit available by disconnecting a wireless connection that the
second RF unit has established;

establishing a wireless connection with the first base station using the second RF unit before performing the step of transmitting
data packets;

wherein the received signal quality for the first base station is above a threshold; and
wherein the second RF unit is one of the at least one of the plurality of RF units.

US Pat. No. 9,219,646

MANAGING ACTIONS OF A NETWORK DEVICE

PISMO LABS TECHNOLOGY LIM...

1. A method for managing actions of a network device based on policy settings retrieved according to the identity of at least
one connected removable wireless communications device (RWCD), the method comprising:
determining the identity of the at least one connected RWCD, wherein the identity of the at least one connected RWCD is at
least one of International Mobile Equipment Identity (IMEI) or telephone number;

determining whether the network device is able to use the at least one connected RWCD;
determining whether to retrieve the policy settings from an authorized party or a storage medium of the network device according
to the identity of the at least one connected RWCD, wherein the policy settings correspond to the identity of the at least
one connected RWCD;

sending a request to the authorized party to retrieve the policy settings when determined to retrieve the policy settings
from the authorized party, wherein the request includes authentication information and the identity of the at least one connected
RWCD, and wherein policy settings are not received from the authorized party if the authentication information is incorrect;

if there are policy settings associated with the identity of the at least one connected RWCD:
receiving the policy settings associated with the identity of the at least one connected RWCD from the storage medium or from
the authorized party through accessible networks using the at least one connected RWCD or using other network interfaces;

determining priority of policy settings when the network device has more one connected RWCD;
executing the policy settings of the network device, wherein the policy settings are determined to have highest priority,
wherein the execution of the received policy settings is performed after the network device received a confirmation; if identity
of the at least one connected RWCD cannot be determined, or the network device is not able to use the at least one connected
RWCD, or no policy settings associated with the identity of the at least one connected RWCD can be retrieved from the authorized
party or from the storage medium:

using the RWCD according to policy settings determined by an administrator of the network device, or according to default
policy settings;

wherein during receiving the policy settings through accessible networks using the at least one connected RWCD before executing
the policy settings, not using the at least one connected RWCD for any other communication purposes other than receiving the
policy settings;

wherein when policy settings associated with the identity of the at least one connected RWCD are executed successfully, the
at least one connected RWCD providing communication between the network device and a network over a wireless network communication
channel;

wherein when policy settings associated with the identity of the at least one connected RWCD are not executed successfully,
the at least one connected RWCD is not used for providing communication between the network device and a network over a wireless
network communication channel;

wherein the policy settings are retrieved from the authorized party if the policy settings are not found in the storage medium.

US Pat. No. 9,602,412

METHODS AND SYSTEMS FOR TRANSMITTING DATA PACKETS

PISMO LABS TECHNOLOGY LIM...

1. A method for transmitting data packets at a first communications device comprising a plurality of network interfaces, comprising:
(a) transmitting a plurality of evaluation packets through a plurality of connections respectively at the same time; wherein
the evaluation packets belong to the same data session;

(b) determining time required to transmit each of the plurality of evaluation packets through the plurality of connections;
(c) determining performance of each of a plurality of connections based on the time required to transmit the evaluation packets
through the plurality of connections, wherein the step of determining is performed by using evaluation packets, wherein the
step of determining is performed periodically and within a predefined period of time, wherein the plurality of connections
are aggregated together to form an aggregated connection, wherein the evaluation packets are based on data packets when the
data packets have been received by the first communication devices and have not been transmitted through the aggregated connection,
wherein the evaluation packets are based on predefined information when there is no data packets to be transmitted through
the aggregated connection, wherein the data packets are designated for a host or node reachable through the aggregated connection,
and wherein the plurality of connections are logical connections; wherein size of the evaluation packets and size of the data
packets is the same;

(d) selecting at least one first connection from the plurality of connections based on performance; and
(e) transmitting data packets through the at least one first connection;
(f) monitoring data transmission through the at least one first connection;
(g) performing steps (a)-(f) when at least one of the at least one first connection fails.

US Pat. No. 9,369,345

METHOD AND SYSTEM FOR ALLOWING THE USE OF DOMAIN NAMES IN ENFORCING NETWORK POLICY

PISMO LABS TECHNOLOGY LIM...

1. A method for creating Internet Protocol address based network policy (IPP) at a network device comprising the steps of:
(a) storing one or more domain name based network policies (DNNTP), wherein the DNNTPs contains parameters selected from a
group consisting of address of source traffic, one or more domain names of traffic destination, protocol, and algorithm;

(b) examining contents of network traffic passing through the network device;
(c) receiving an address record Domain Name System look-up reply;
(d) identifying one or more Internet Protocol addresses of one or more host names specified in the address record Domain Name
System look-up reply;

(e) determining whether the one or more host names contain a domain name used in the one or more DNNTPs;
(f) if the one or more host names contain a domain name used in the one or more DNNTPs, creating one or more IPP with one
or more IP addresses of the one or more host names; wherein the IPP contains parameters selected from a group consisting of
the address of source traffic, one or more IP addresses of traffic destination, protocol, and algorithm;

(g) if the one or more host names do not contain a domain name used in the one or more DNNTPs, not creating an IPP in relation
to the one or more host names;

(h) enforcing the one or more IPP on network traffic based on the IP address of the network traffic;
(i) when more than one IPP is created for a first IP address, enforcing an IPP with higher priority on network traffic with
the first IP address;

(j) removing the one or more IPPs from storage after a pre-determined period of time;
wherein the predetermined period of time is based on a time to live (TTL) associated with the address record Domain Name System
look-up reply;

wherein the address of source traffic is an TP address, IP address range, or Ethernet address; and
wherein the protocol is transmission control protocol, or user datagram protocol;
wherein the algorithm is selected from a group consisting of a-weight balance, least used, lowest latency or priority.

US Pat. No. 9,419,944

METHODS AND SYSTEMS FOR ESTABLISHING VPN CONNECTIONS AT A VPN MANAGEMENT SERVER

PISMO LABS TECHNOLOGY LIM...

1. A method for establishing virtual private network (VPN) connections among a plurality of VPN gateways at a VPN management
server, comprising the steps of:
(a) determining VPN gateways belonging to a first VPN gateway group; wherein a member list of the first VPN gateway group
is retrieved from a database, or a remote server;

(b) determining number of possible VPN connections for each VPN gateway of the first VPN gateway group;
(c) determining a configuration for each VPN gateway of the first VPN gateway group based on, at least in part, a VPN connection
topology, the number of VPN connection license(s) and number of VPN connection license(s) already deployed by each VPN gateway;
wherein information of the number of VPN connection license(s) of is retrieved from a license repository;

(d) when the VPN connection topology is a hub-and-spoke topology:
(i) determining an identity of a VPN gateway that serves as a hub;
(ii) configuring each VPN gateway of the first VPN gateway group according to the configuration;
(e) when the VPN connection topology is a partial-mesh topology:
(i) determining identities of VPN gateways that have a remaining possible VPN connection of more than zero;
(ii) pairing two VPN gateways that have number of remaining possible VPN connection (RPVPNC) more than zero;
(iii) updating configurations and reducing the number of RPVPNC by one for the two VPN gateways;
(iv) performing step (e)(iii) until all VPN gateways with RPVPNC more than zero have been paired up;
(f) when the VPN connection topology is a full-mesh topology: configuring each VPN gateway of the first VPN gateway group
to establish VPN connections with all other VPN gateways in the first VPN gateway group;

(g) establishing a plurality of VPN connections based on, at least in part, the configurations;
wherein the configuration is shown on a map; and wherein the map displays geographical locations of each VPN gateway and VPN
connections established between VPN gateways of the first VPN gateway group.

US Pat. No. 9,584,443

METHODS AND SYSTEMS FOR TRANSMITTING DATA THROUGH AN AGGREGATED CONNECTION

PISMO LABS TECHNOLOGY LIM...

1. A method for processing data packets received at a network node, comprising the steps of:
step (a): receiving data packets from a network interface of the network node;
step (b): selecting a first tunnel according to a selection policy;
step (c): selecting at least one second tunnel according to the selection policy;
step (d): transmitting original encapsulating packets (OEPs) through the first tunnel, wherein the OEPs encapsulate the data
packets, wherein each of the OEPs has an original encapsulating packet global sequence number (OEP-GSN);

step (e): determining number of duplicate encapsulating packets (DEP) to be transmitted;
selecting at least one second tunnel that has not been used to transmit any OEPs; and
determining whether a bandwidth limit of the at least one second tunnel is approaching;
step (f) transmitting at least one duplicate encapsulating packet (DEP) through the at least one second tunnel when at least
one second tunnel is selected if the bandwidth limit of the at least one second tunnel is not approaching; wherein the at
least one DEP encapsulates data packet information based on a plurality of the data packets, wherein each of the at least
one DEP has a duplicate encapsulating packet global sequence number (DEP-GSN); wherein each of the at least one DEP comprises
a list of OEP-GSNs corresponding to the at least one of the data packets;

wherein the OEP-GSN is stored in a field of each of the OEPs and the DEP-GSN is stored in a field of each of the at least
one DEP; and wherein the OEP-GSN and DEP-GSN are sequence numbers utilized to re-sequence each OEP or DEP of various sessions
into a proper order; wherein at least one tunnel is reserved for transmitting OEPs;

wherein when the number of DEPs to be transmitted is higher than number of available tunnels, number of DEPs transmitted is
reduced to the number of available tunnels;

wherein when the number of DEPs to be transmitted is lower than number of available tunnels, selecting tunnels from the available
tunnels based on the selection policy, wherein the number of tunnels selected is equal to the number of DEPs to be transmitted.

US Pat. No. 9,531,508

METHODS AND SYSTEMS FOR ESTIMATING MISSING DATA

PISMO LABS TECHNOLOGY LIM...

1. A method carried out at a first communications router for recreating missing data packets of a data session established
between the first communications router and a second communications router through an aggregated connection, comprising the
steps of:
a. receiving data packets belonging to a data session from the second communications router through the aggregated connection,
wherein the data packets are destined to a first host reachable through the first communications router;

b. transmitting the data packets to the first host;
c. determining whether there is one or more missing data packets; if there is one or more missing data packets:
d. determining global sequence number(s) (GSN) and per tunnel sequence numbers (PTSN) of the one or more missing data packets;
e. recreating payload(s) of a first one or more missing data packet(s) and a second one or more missing data packet(s); and
f. transmitting one or more new data packets comprising payload of the one or more missing data packets, wherein the one or
more new data packets are assigned with GSN(s) and PTSN(s) of the one or more missing data packets;

wherein step (e) is performed for the first one or more missing data packet(s) substantially based on a variance value and
an average value of payloads of one or more previous data packets of the same data session and/or one or more next data packets
of the same data session, wherein payload of the missing data packet is calculated using a combination of the average and
standard deviation of payloads of the one or more previous data packets and/or one or more next data packets.

US Pat. No. 9,313,092

METHOD AND APPARATUS FOR MANAGING IDENTIFIERS OF A MULTIPLE WANS NETWORK DEVICE

PISMO LABS TECHNOLOGY LIM...

1. A method for managing a network device, wherein said network device has a plurality of wide area network (WAN) interfaces,
at least one wireless local area network (WLAN) interface, and at least one service set identifier (SSID) comprising:
monitoring WAN network connections in said plurality of WAN interfaces periodically;
receiving a request from a user through a first at least one corresponding SSID of a first WAN network connection, wherein
the user sends the request for sending and receiving data through the network device using the first WAN network connection;

when the first WAN network connection does not meet at least one condition:
responding to the request by sending a message to the user; wherein the message is sent for the purpose of allowing users
and hosts to have adequate time to perform necessary tasks before disabling the first at least one corresponding SSID; wherein
the message contains information that the first at least one corresponding SSID is to be disabled after a predefined time;
wherein the message also contains information of other available at least one SSID;

disabling the first at least one corresponding SSID of the first WAN network connection, wherein the first WAN network connection
is one of said WAN network connections;

not broadcasting the first at least one corresponding SSID;
when the first WAN network connection meets all conditions:
enabling disabled first at least one corresponding SSID;
broadcasting the first at least one corresponding SSID, wherein a user of a first host is capable of selecting one of the
first at least one corresponding SSIDs for connecting to the network device through a first WLAN connection associated with
the first at least one corresponding SSID;

wherein the first host transmits and receives data through the Internet using the first WAN network connection;
wherein the at least one SSID corresponds to no WAN network connection, one WAN network connection, or a plurality of WAN
network connection;

wherein determination of whether the first WAN network connection meets the at least one condition is based on (i) monitoring
results of a particular WAN network connection, (ii) a combination of different selected WAN network connection monitoring
results, or (iii) a logical operation performed on WAN network connection monitoring results observed in an aggregated WAN
network connection.

US Pat. No. 9,531,565

METHODS AND SYSTEMS FOR TRANSMITTING AND RECEIVING PACKETS

PISMO LABS TECHNOLOGY LIM...

1. A method of managing aggregated Virtual Private Network (VPN) connection performance at a first network node, comprising:
establishing an aggregated VPN connection with a first network element;
determining a first uplink bandwidth limit and/or a first downlink bandwidth limit;
limiting uplink bandwidth of the aggregated VPN connection at the first network node to the first uplink bandwidth limit if
the first uplink bandwidth limit is determined;

limiting downlink bandwidth of the aggregated VPN connection at the first network node to the first downlink bandwidth limit
if the first downlink bandwidth limit is determined;

wherein the data packets are transmitted and received between the first network node and the first network element through
the aggregated VPN connection;

wherein the aggregated VPN connection comprises at least two VPN tunnels.

US Pat. No. 9,497,135

METHOD AND SYSTEM FOR REDUCTION OF TIME VARIANCE OF PACKETS RECEIVED FROM BONDED COMMUNICATION LINKS

PISMO LABS TECHNOLOGY LIM...

1. A method for processing packets received from bonded communication links at a destination network device, comprising the
following steps:
(a) receiving one or more packets from the bonded communication links, wherein the one or more packets received contain sequence
numbers indicating sequence of the one or more packets sent from a source network device; wherein the one or more packets
are sent from the source network device without any particular order of sending through the bonded communication links;

(b) determining arrival time of the one or more packets arrived at the destination network device;
(c) determining latency difference among the bonded communication links by calculating a latency difference of a plurality
of packets according to the arrival time and the sequence numbers of the one or more packets; wherein the latency difference
of the plurality of packets is considered to be zero when sequence numbers of the plurality of packets are consecutive and
the plurality of packets are sent from the source network device through a single bonded communication link;

(d) processing the one or more packets upon the one or more packets arriving at the destination network device;
(e) delivering the plurality of packets according to the latency difference; and
(f) determining an expected sequence number of a next packet to be delivered by taking into account of a sequence number of
a packet being sent.

US Pat. No. 9,473,402

METHODS AND SYSTEMS FOR RECEIVING AND TRANSMITTING INTERNET PROTOCOL (IP) DATA PACKETS

PISMO LABS TECHNOLOGY LIM...

15. A system for receiving and transmitting Internet Protocol (IP) data packets, wherein the system comprises:
at least one digital processor;
at least one primary storage;
a plurality of network interfaces; and
at least one secondary storage storing program instructions executable by the at least one digital processor for:
(a) transmitting a first IP data packet via a second network interface of the system if the first IP data packet does not
satisfy an interception policy;

(b) not transmitting the first IP data packet via the second network interface and decrypting the first IP data packet if
the first IP data packet satisfies the interception policy;

wherein the first network interface and the second network interface are not assigned with IP addresses:
wherein the first IP data packet is either received by the system via a first network interface of the system or created by
the system;

wherein source address of the first IP data packet is an IP address reachable via the first network interface when the first
IP data packet is created by the system;

wherein the interception policy is based on port number, and wherein step (b) is performed if a source port number of the
first IP data packet is a predefined port number;

wherein the interception policy is based on contents of a header of the first IP data packet, wherein step (b) is performed
if a destination address of the first IP data packet belongs to a predefined subnet and a destination port is a predefined
destination port;

wherein the first network interface is a wide area network (WAN) interface, or a local area network (LAN) interface;
when the first network interface is a LAN interface:
(i) determining whether destination address of the first IP data packet is the IP address of the second network interface,
wherein the second network interface is a WAN interface:

(ii) not transmitting the first IP data packet if the destination address of the first IP data packet is not the IP address
of the second network interface.

US Pat. No. 9,503,276

METHOD AND SYSTEM TO REDUCE WIRELESS NETWORK PACKETS FOR CENTRALISED LAYER TWO NETWORK

PISMO LABS TECHNOLOGY LIM...

1. A method of operating a first communication system, comprising the steps of:
receiving a first Open Systems Interconnection (OSI) layer two packet from a first network interface;
determining whether transmission type of the first OSI layer two packet is unicast, broadcast, or multicast transmission;
determining whether destination address of the first OSI layer two packet is a predefined broadcast or multicast address;
if the destination address of the first OSI layer two packet is a first predefined broadcast or multicast address, sending
a second OSI layer two packet to the first predefined broadcast or multicast address according to predefined rules corresponding
to the predefined broadcast or multicast address;

sending the second OSI layer two packet to the destination address if: (i) transmission type of the first OSI layer two packet
is unicast, (ii) the destination address of the first OSI layer two packet is a predefined address, and/or (iii) the first
OSI layer two packet had been encapsulated in a first OSI layer three packet which is received by the first communications
system at a pre-defined port;

if the destination address of the first OSI layer two packet is a broadcast or multicast address, and the broadcast or multicast
address is not a predefined broadcast or multicast address: (i) converting the broadcast or multicast address to a first unicast
address; (ii) sending the second OSI layer two packet to the first unicast address through a second network interface according
to predefined rules;

wherein content of the second OSI layer two packet is based on content of the first OSI layer two packet;
wherein the predefined rules may be determined based on the origin of the first OSI layer two packet; and
wherein when the first OSI layer two packet is encapsulated in an OSI layer three packet, the second OSI layer two packet
is sent without being encapsulated in an OSI layer three packet; and wherein when the first OSI layer two packet is not encapsulated
in any OSI layer three packet, the second OSI layer two packet is sent and encapsulated in at least one OSI layer three packet.

US Pat. No. 9,473,274

METHODS AND SYSTEMS FOR TRANSMITTING DATA THROUGH AN AGGREGATED CONNECTION

PISMO LABS TECHNOLOGY LIM...

1. A method carried out at a first communications router for transmitting data packets to a second communications router through
an aggregated connection comprising a plurality of tunnels, comprising the steps of:
a. receiving a first data packet belonging to a data session from a first host through a local area network (LAN) Interface,
wherein the first data packet is destined to a second host reachable through the second communications router;

b. transmitting the lust data packet to the second, communications router through the aggregated connection;
c. storing the first data packet in a local storage medium;
d. determining whether an error correction mode is activated: and
e. if the error correction mode is activated:
i. retransmitting the first data packet to the second communications router;
ii. transmitting an error correction packet corresponding to the first data packet;
wherein when the error correction mode is activated, performing steps (e) (i) and (e) (ii) if an acknowledgement is not received
from the second host within a waiting time period; wherein the waiting time period is:

smaller than a first time period minus a third time period;
smaller than a second time period minus the third time period;
wherein the first time period is the time between the first host transmitting the first data packet and the first host deciding
to retransmit the first data packet;

wherein the second time period is the time between the first host transmitting the first data packet, and the second host,
sending a request to the first host for retransmitting the first data packet: and

wherein the third time period is the time required for the first data packet to be transmitted from the first communications
router to the second communications router.

US Pat. No. 9,497,069

MANAGING ACTIONS OF A NETWORK DEVICE THROUGH A MANUAL INFORMATION INPUT MODULE

PISMO LABS TECHNOLOGY LIM...

10. A network device comprising:
at least one manual information input module; wherein the manual information input module comprises a plurality of components,
wherein each of the plurality of the components is assigned with one or more policies;

at least one network interface;
at least one processing unit; and
at least one computer readable storage medium comprising program instructions executable by the at least one processing units
for:

(a) obtaining information from a first component of the manual information input module; wherein the manual information input
module is mounted on the network device; wherein the network device is capable of connecting to at least one accessible network;

wherein the plurality of components of the manual information input module are selected from the group consisting of a switch,
a knob switch capable of being pressed and turned, a display module with at least one key, a biased normally-closed switch,
a biased normally-open switch, a touch sensor and a sound receiver;

wherein the manual information input module comprises at least one component;
(b) determining whether to execute or to disable a first policy corresponding to the first component based on a position of
the first component;

(c) executing the first policy if the first component is in a first position;
(d) disabling the first policy if the first component is in a second position;
(e) further comprising obtaining information from a second component of the manual information input module;
(f) when multiple policies are corresponding to the second component, executing or disabling one or more policies from the
multiple policies based on position of the second component and position of the first component; wherein one or more policies
from the multiple policies can be continued to be executed;

(g) wherein the one or more policies are assigned to each of the plurality of components of the manual information input module
by a user or administrator of the network device; wherein the assigning comprising the steps of:

(i) receiving a new policy corresponding to one of the plurality of components of the manual information input module from
a user, and storing the new policy in a computer readable storage medium;

(ii) initiating assigning of the new policy to the one of the plurality of components of the manual information input module;
(iii) stopping associating any previous corresponding policy with the one of the plurality of components if any previous corresponding
policy exists;

(iv) retrieving the new policy from the computer readable storage medium;
(v) assigning the new policy to the one of the plurality of components of the manual information input module:
(h) executing a second policy and connecting to a first accessible network if the second component is set to a third position
and the first component is set to the first position;

(i) executing a third policy and connecting to a second accessible network if the second component is set to a fourth position
and the first component is set to the first position;

(j) executing a fourth policy and forming a bonded connection using connections established through the first and second accessible
networks if the second component is set to a fifth position and the first component is set to the first position; and wherein
the second policy is to connect to the first accessible network, the third policy is to connect to the second accessible network,
and the fourth policy is to form a bonded VPN connection using all connected accessible networks: wherein the second policy,
third policy, and fourth policy are corresponding to the third position, fourth position, and fifth position of the second
component respectively; wherein when all three of the second third and fourth polices are executed, the network device uses
a bonded VPN connection through the first and second accessible networks for sending and receiving data.

US Pat. No. 9,876,723

METHODS AND SYSTEMS FOR EVALUATING NETWORK PERFORMANCE OF AN AGGREGATED CONNECTION

PISMO LABS TECHNOLOGY LIM...

1. A method for evaluating network performance of a plurality of connections of an aggregated connection, wherein the aggregated
connection is established between a first communication device and a second communication device, comprising the steps of:
transmitting evaluation packets through the plurality of connections periodically;
determining the time required to transmit the evaluation packets through the plurality connections;
evaluating the network performance based on the time;
determining a first connection of the plurality of connections with the best performance;
wherein when the plurality of connections are used for transmitting data belonging to more than one data session, assigning
priority to at least one data session;

using the first connection for transmitting data packets belonging to the data session with a highest priority;
wherein the evaluation packets are substantially based on the data packets and have same size as the data packets when receiving
data packets; and

wherein the evaluation packets are substantially based on predefined information when there is no data packets to be transmitted
through the aggregated connection;

wherein the data packets have been received by the first communication device and are designated for a host or node reachable
through the aggregated connection, and

wherein the plurality of connections are logical connections.

US Pat. No. 9,635,541

USING A PLURALITY OF SIM CARDS AT A WIRELESS COMMUNICATION DEVICE

PISMO LABS TECHNOLOGY LIM...

1. A method for using a plurality of subscriber identity module (SIM) cards at a wireless communication system, the method
comprising:
a. when a first event trigger occurs:
i. stopping using a first SIM card;
ii. selecting a second SIM card from the plurality of SIM cards;
iii. starting using a second SIM card;
b. when a second event trigger occurs:
iv. stopping using the second SIM card;
v. selecting an operational SIM card from the plurality of SIM cards;
vi. starting using the operational SIM card;wherein when the first and second event triggers occur more frequent than a threshold, adding a time delay to both first and
second event triggers;wherein the operational SIM card can be the first SIM card, the second SIM card or another SIM card from the plurality of
SIM cards;wherein the criteria for the first event trigger and the second event trigger are different;wherein the selection of the second SIM is based on tariff price, usage frequency, expected network performance, and priority;
andwherein the selection of the operational SIM card is based on tariff price, usage frequency, expected network performance,
and priority.

US Pat. No. 9,629,005

SYSTEMS AND METHODS PROVIDING ASSISTED AIMING FOR WIRELESS LINKS

PISMO LABS TECHNOLOGY LIM...

1. A method for updating information at a database, performed at a server, wherein the information is used for providing proactive
aiming assistance guidance information at a wireless node for orienting the wireless node, comprising the steps of:
a. obtaining sensor information from a wireless node;
b. sending a list of candidate wireless nodes to the wireless node;
c. receiving a first information of a selected first candidate wireless node from the wireless node;
d. determining a radio map corresponding to the wireless node for deployment configuration determinations;
e. performing communication environment analysis, wireless link quality modeling;
f. determining positions of interferers in a wireless environment;
g. sending a second information based on steps (d), (e) and (f) to the wireless node;
h. receiving a third information regarding final deployment configuration of the wireless node and information regarding various
interference sources detected by the wireless node from the wireless node;

i. updating the database based on the third information received in step (h);
j. wherein the wireless node uses the second information received from the server for:
(i) determining proactive aiming assistance guidance information with respect to the first candidate wireless node;
(ii) providing proactive aiming assistance guidance information for reorientation;
(iii) presenting the proactive aiming assistance guidance information at an aiming assistance user interface of the wireless
node;

(iii) determining values of wireless link attributes;
(iv) when the values of wireless link attributes are not satisfactory, prompting the user to perform steps (i)-(ii) with another
candidate wireless node;

(v) when the values of wireless link attributes are satisfactory, prompting the user to stop the reorientation;
wherein the proactive aiming assistance guidance information includes a rotation direction and a tilt direction;
wherein the rotation direction corresponds to a direction to rotate the wireless node to orient the wireless node into the
desired deployment configuration; and

wherein the tilt direction corresponds to a direction to tilt the wireless node to orient the wireless node into the desired
deployment configuration.

US Pat. No. 9,854,435

METHODS AND SYSTEMS OF USING SIM CARDS INSERTED AT ANOTHER DEVICE

PISMO LABS TECHNOLOGY LIM...

1. A system for using a SIM card comprising:
a first apparatus, wherein the first apparatus comprising a remote data port, a remote SIM port, a SIM card interface and
a radio frequency transceiver;

a second apparatus, wherein the second apparatus comprising a local data port, a local SIM port, and at least one SIM socket;
wherein the SIM card is inserted at a corresponding SIM socket of the at least one SIM socket;
wherein the one remote data port is connected to the local data port through a first cable;
wherein the one remote SIM port is connected to the local SIM port through a second cable;
wherein data is transmitted and received through the first cable;
wherein SIM card information is transmitted and received through the second cable; and
wherein the second cable comprises at least eight wires.

US Pat. No. 9,692,853

METHODS AND SYSTEMS FOR PROCESSING A DNS REQUEST

PISMO LABS TECHNOLOGY LIM...

1. A method for processing Domain Name Services (DNS) request in a gateway, wherein the gateway comprises at least one local
area network (LAN) interface and at least one wide area network (WAN) interface, the method comprising:
receiving a first DNS request from a host via one of the at least one LAN interface;
selecting a plurality of DNS servers, wherein at least one of the plurality of DNS server is accessible through at least one
tunnel;

transmitting a plurality of new DNS requests to the plurality of DNS servers via the at least one WAN interface;
receiving a first DNS response corresponding to the plurality of new DNS requests; and
transmitting a new DNS response to the host when the first DNS response is valid, wherein the new DNS response is based on
the first DNS response; and

wherein the contents of the plurality of new DNS requests are the same as the content of the first DNS request; and
wherein the transmitting of the new DNS response is performed when no other DNS response corresponding to the plurality of
new DNS requests has been transmitted to the host.

US Pat. No. 9,467,416

METHODS AND SYSTEMS FOR DYNAMIC DOMAIN NAME SYSTEM (DDNS)

PISMO LABS TECHNOLOGY LIM...

1. A method for a network node sending update messages to a first server, wherein the network node comprises a plurality of
network interfaces, comprising the steps of:
(a) determining whether a first predefined event or a second predefined event has occurred at at least one of the plurality
of network interfaces connected to the internet;

(b) sending a plurality of first update messages through the plurality of network interfaces to the first server when a first
predefined event has occurred or an update message has not been sent to the first server within a predefined time period;

(c) sending a second update message to the first server through a second network interface when a second predefined event
has occurred at a first network interface;

wherein each of update message, first update messages, and second update message is used for updating at least one Domain
Name System (DNS) resource record in the first server and comprises a unique identifier, a network interface identifier and
an IP address field;

wherein the unique identifier is a character string unique to the network node, cannot be changed by a user of the network
node, follows the specification of a domain name, and is not required to be a complete domain name;

wherein each of the plurality of network interfaces has different network interface identifier when sending a plurality of
first update messages at step (b);

wherein IP address field indicates an IP address of the network interface from the plurality of network interface that is
used for sending the update message when sending a plurality of first update messages at step (b);

wherein network interface identifier in the second update message corresponds to the first network interface when sending
the second update messages at step (c);

wherein IP address field of the second update message is empty or indicates IP address of the second network interface when
sending the second update message at step (c); and

wherein the unique identifier and the network interface identifier are used by the first server to retrieve an IP address;
wherein the first predefined event is selected from a group consisting of change of IP address of at least one of the plurality
of network interfaces, assignment of IP address of at least one of the plurality of network interfaces, change of DNS resource
record at least one of the plurality of network interfaces, change of performance observed at at least one of the plurality
of network interfaces connected to the Internet, detection of new Dynamic Host Configuration Protocol (DHCP) server, expiration
of DHCP IP address lease, status check, health check; wherein the second predefined event is selected from a group consisting
of access link disconnection, deterioration of performance observed at the first network interface, and unavailability of
the first network interface; wherein the first and second predefined events are selected based on preferences of an administrator
of the network node; wherein the administrator is allowed to configure, create, modify, delete, and store predefined events
through an access link connecting to one of the plurality of network interfaces, through the Internet, or through cloud services.

US Pat. No. 9,876,764

METHODS AND SYSTEMS FOR ESTABLISHING VPN CONNECTIONS AT A VPN GATEWAY

PISMO LABS TECHNOLOGY LIM...

1. A method carried out at a first VPN gateway for establishing virtual private network (VPN) connections with at least one
other VPN gateway, comprising the steps of:
(a) determining a first VPN gateway group that the first VPN gateway belongs to wherein the first VPN gateway is classified
into the first VPN gateway group by a VPN management server;

(b) determining a VPN connection topology; wherein the VPN connection topology is a hub-and-spoke topology, full-mesh topology,
or partial-mesh topology;

(c) determining information of number of remaining possible VPN connections (RPVPNC) of the first VPN gateway, number of VPN
connection license(s) of the first VPN gateway and number of VPN connection license(s) already deployed by the first VPN gateway,
and sending the information to the VPN management server;

(d) configuring the first VPN gateway according to a first configuration; wherein the first configuration is retrieved from
the VPN management server; wherein the first configuration comprises identity of the first VPN gateway, identity of a network
interface(s) of the first VPN gateway that is used for establishing VPN connections, identity of the at least one other VPN
gateway, and encryption information; wherein the configuration is shown to an administrator through a graphical user interface,
wherein VPN gateways belonging to the first VPN gateway are displayed as items containing a same pattern or colour;

(e) establishing VPN connections with other VPN gateways based on: VPN connection topology, configuration, and number of RPVPNC.

US Pat. No. 9,787,501

METHODS AND SYSTEMS FOR TRANSMITTING PACKETS THROUGH AGGREGATED END-TO-END CONNECTION

PISMO LABS TECHNOLOGY LIM...

1. A method for transmitting data packets by a first communications router to a second communications router comprising:
(a) establishing an aggregated end-to-end connection with the second communications router, wherein the aggregated end-to-end
connection comprising a plurality of established end-to-end connections; wherein the aggregated end-to-end connection is a
virtual private network (VPN) tunnel;

(b) transmitting data packets through a first established end-to-end connection when a first condition is satisfied;
(c) determining a probability of the first established end-to-end connection not being able to satisfy the first condition;
(d) transmitting warm-up packets through the second established end-to-end connection when the probability reaches a predefined
probability threshold;

(e) stopping to transmit data packets through the first established end-to-end connection;
(f) transmitting maintenance packets, health check packets or management packets through the first established end-to-end
connection when the first established end-to-end connection is not being used for transmitting data packets;

(g) transmitting data packets through a second established end-to-end connection when a second condition is satisfied;
(h) distributing and transmitting data packets through both the first established end-to-end connection and second established
end-to-end connection when both the first condition and the second condition are satisfied;

wherein the aggregated end-to-end connection comprising the first and second established end-to-end connections; wherein the
first condition and the second condition are selected from a group consisting of packet loss, service provider, geographical
location, time, usage price, security, user identity, and device;

wherein the first communications router comprises a plurality of network interfaces;
wherein at least one of the plurality of network interfaces of the first communications router is connected to a plurality
of network interfaces of the second communications router through at least two of the plurality of established end-to-end
connections.

US Pat. No. 9,699,627

METHODS AND SYSTEMS FOR PROCESSING MESSAGES AT A NETWORK NODE

PISMO LABS TECHNOLOGY LIM...

1. A method for processing messages at a network node, wherein the network node does not have any hardware components for
displaying messages, the method comprising:
(a) receiving a message, wherein the message is originated from a device operated by a wireless network service provider;
(b) determining whether the message matches any pre-defined pattern by performing a lookup on a first configuration database;
wherein the first configuration database comprises a plurality of pre-defined patterns;

(c) processing the message if the message matches any pre-defined pattern, comprising the steps:
(i) determining a configuration corresponding to the predefined pattern;
(ii) configuring the network node according to the determined configuration; and
(d) not processing the message if the message does not match any pre-defined pattern; wherein the plurality of predefined
patterns are selected from a group consisting of: a first predefined pattern indicating that a bandwidth cap of a connection
is approaching, a second predefined pattern indicating a maintenance schedule of a network, a third predefined pattern indicating
that a prepaid subscriber identity module (SIM) card inserted in a cellular modem of the network node needs to be recharged,
a fourth predefined pattern indicating that a bill for a post-paid connection of a SIM card inserted in a cellular modem needs
to be paid, a fifth predefined pattern matching a verification message from a service provider, a sixth predefined pattern
indicating a maintenance schedule of a mains electricity line, and a seventh predefined pattern matching a message comprising
weather information.

US Pat. No. 9,654,439

METHODS AND GATEWAYS FOR PROCESSING DNS REQUEST

PISMO LABS TECHNOLOGY LIM...

1. A method for processing Domain Name Service (DNS) request in a gateway with a plurality of network interfaces, the method
comprising:
receiving a first DNS request from a host via one of the network interfaces of the gateway;
when the gateway does not have information to respond to the first DNS request:
a. selecting, according to at least one predefined selection policy, at least one DNS server;
b. selecting at least one access network that is authorized to send new DNS requests to the selected at least one DNS server;
c. transmitting a plurality of new DNS requests to the selected at least one DNS server through the selected at least one
access network and via one of the network interfaces of the gateway that is capable of connecting to the selected at least
one access network; wherein the selected at least one DNS server is not restricted to be belonging to the service provider
of the selected at least one access network; wherein the content of the new DNS requests are the same as the content of the
first DNS request;

d. receiving a plurality of DNS responses corresponding to the plurality of new DNS requests within a pre-defined time period;
e. storing the plurality of DNS responses;
f. when the pre-defined time period has expired: selecting a DNS response from the received plurality of DNS responses according
to at least one predefined pre defined DNS response selection policy; wherein when at least one of the plurality of DNS responses
is valid, the predefined DNS response selection policy is to select one of the at least one valid DNS responses based on time
of arrival, contents of each of the plurality of DNS responses, identity of DNS servers from which each of the plurality of
DNS responses are received, or source of each of the plurality of DNS responses; wherein when none of the plurality of DNS
responses are valid: the predefined DNS response selection policy is to select one of the plurality of DNS responses randomly,
statistically, according to the time of receiving or according to the order of receiving;

g. transmitting a new DNS response to the host wherein the content of the new DNS response is based on the content of the
selected DNS response; wherein if the selected DNS response is not a valid DNS response, setting a return code (RCODE) of
the new DNS response to an RCODE contained in a majority of the plurality of DNS responses; and

when the gateway has information to respond to the first DNS request:
h. responding to the first DNS request; and not transmitting the plurality of new DNS requests.

US Pat. No. 9,716,643

SYSTEMS AND METHODS FOR CHANGING THE FREQUENCY OF RETRIEVING MONITORING DATA

PISMO LABS TECHNOLOGY LIM...

1. A method for receiving monitoring data from a network connected device by a monitoring server, comprising the steps of:
(a) sending notifications to the network connected device periodically according to a time interval, wherein the notifications
include a request for the monitoring data, wherein the time interval is set to a first value;

wherein the request for the monitoring data comprises a type and nature of data being requested, and is selected from a request
for global positioning system (GPS) location of the network connected device, nearby Wi-Fi service set identification (SSID),
client list, and information provided by a sensor; wherein the sensor is connected to the network connected device through
general-purpose input/output pins or through a local area network (LAN):

(b) receiving the monitoring data from the network connected device; wherein the network connected device taking measurement
and sending the monitoring data to the monitoring server periodically at a first time interval;

(c) storing the monitoring data;
(d) changing frequency of performing step (a) when the time interval is changed to a second value;
wherein the time interval is changed to the second value when at least one condition is satisfied; wherein the network connected
device taking measurement and sending the monitoring data to the monitoring server periodically at a second time interval;

(e) when an event has occurred: the network connected device determining whether the network connected device is in a bandwidth-saving
mode;

(f) if the network connected device is not in a bandwidth-saving mode: the network connected device taking measurements and
sending monitoring data to the monitoring server periodically at the second time interval; and

(g) if the network connected device is m a bandwidth-saving mode: the network connected device taking measurements and sending
monitoring data to the monitoring server periodically at a third time interval; wherein the second time interval is smaller
than the third time interval.

US Pat. No. 9,705,882

METHODS AND SYSTEMS FOR MANAGING A NODE

PISMO LABS TECHNOLOGY LIM...

1. A method for managing a node through a management server, comprising:
(a) allowing a first user group to manage the node;
(b) receiving a management request from a second user group to manage the node; wherein the management request comprises user
group identity information, user identity information and authentication information;

(c) displaying a confirmation waiting message at an administration user interface (AUI);
(d) verifying whether a management confirmation has been received; wherein the management confirmation comprises user group
identity information, user identity information and authentication information;

if the management confirmation is received:
(e) allowing a second user group to manage the node if the management confirmation is received; wherein when the second user
group is allowed to manage the node, users belonging to the second user group are capable of monitoring activities of the
node, geographical location of the node, list of clients connected to the node, list of Virtual Private Network (VPN) connections
established with the node, statistical reports of the node, usage information of the node, and is capable of changing configuration
of the node;

(f) updating a record of users or user groups that are allowed to manage the node;
if the management confirmation is not received:
(g) not allowing the second user group to manage the node if the management confirmation is not received;
(h) updating a record of users or groups that are not allowed to manage the node.

US Pat. No. 9,467,372

METHODS AND SYSTEMS FOR PROCESSING INTERNET PROTOCOL PACKETS

PISMO LABS TECHNOLOGY LIM...

1. A method performed by a network node used in a network system for forwarding IP packets, wherein the network node performs
the steps of:
(a) receiving an IP packet from a first network interface;
(b) determining whether the destination address of the IP packet matches an IP address in the IP address section of a first
routing rule;

(c) forwarding the IP packet through a second network interface if the destination address of the IP packet matches the IP
address in the IP address section of the first routing rule;

(d) when the first network interface is a local area network (LAN) interface and destination address of the IP packet does
not match the IP address in the IP address section of the first routing rule:

(i) determining whether the destination address of the IP packet matches an IP subnet of a local area network (LAN) interface
of the network node;

(ii) not forwarding the IP packet if the destination address of the IP packet matches the IP subnet of the LAN interface of
the network node;

(iii) forwarding the IP packet through a wide area network (WAN) interface of the network node if the IP packet does not match
the IP subnet of the LAN interface of the network node;

(e) when the first network interface is a WAN interface and the destination address of the IP packet matches an IP address
in the IP address section of the first routing rule:

(i) forwarding the IP packet through a WAN interface identified in the first routing rule if the destination address is reachable
through the first network interface;

(ii) not forwarding the IP packet if the destination address is not reachable through the first network interface;
(f) when the first network interface is a WAN interface and the destination address of the IP packet does not match an IP
address in the IP address section of the first routing rule:

(i) forwarding the IP packet through a LAN interface if the destination address of the IP packet matches an IP subnet of the
LAN interface;

(ii) not forwarding the IP packet if the destination address of the IP packet does not match an IP subnet of the LAN interface;
wherein one or both of the first network interface and second network interface is not assigned with an IP address;
wherein the network node comprises at least three network interfaces;
wherein the first routing rule comprises at least one IP address section and at least one network interface section.

US Pat. No. 9,807,598

CIRCUITS AND SYSTEMS TO EXCHANGE SUBSCRIBER IDENTITY MODULE (SIM) INFORMATION OVER A DISTANCE

PISMO LABS TECHNOLOGY LIM...

1. A wireless communication system comprising:
a first network node and a second network node;
wherein the first network node comprising at least one subscriber identification module (SIM) socket, at least one local data
port, and at least one local SIM port, wherein the at least one SIM socket is connected to corresponding local SIM port;

wherein the second network node comprising at least one SIM card interface, at least one remote data port, and at least one
remote SIM port, wherein the at least one SIM card interface is connected to corresponding remote SIM port;

wherein the at least one local SIM port and the at least one remote SIM port are capable of being coupled to a cable;
wherein the at least one local SIM port and the at least one remote SIM port are used for exchanging SIM card information
between the at least one SIM socket and the at least one SIM card interface; and

wherein the at least one local data port and the at least one remote data port are used for exchanging data packets between
the first network node and the second network node.

US Pat. No. 9,787,089

APPARATUS AND METHOD FOR A MOBILE ROUTER TO RECEIVE POWER FROM A PLURALITY OF POWER SUPPLIES

PISMO LABS TECHNOLOGY LIM...

11. A method of performing an action at a mobile router, wherein the mobile router is capable of receiving power from a plurality
of USB jacks, comprising the steps of:
measuring one or more of the voltages supplied through the plurality of USB jacks; and
determining whether the one or more of the voltages supplied is below a first reference voltage; wherein the first reference
voltage is determined from a reference voltage supplied to a reference voltage input provided by a voltage divider; wherein
the one or more of the voltages supplied is determined by a voltage sensor; wherein one of the input voltages of the voltage
sensor is connected to jointed cathodes of a plurality of first diodes; wherein at least one of the outputs of the voltage
sensor provides voltage level information to at least one processing unit of the mobile router;

if the one or more voltages supplied is below the first reference voltage: (i) determining whether a first action has been
performed within a predefined time period; (ii) performing the first action if the first action has not been performed within
the predefined time period; wherein the first action is to generate a first alarm.

US Pat. No. 9,722,893

METHODS AND SYSTEMS FOR DISPLAYING NETWORK PERFORMANCE INFORMATION

PISMO LABS TECHNOLOGY LIM...

1. A computer-implemented method for displaying network performance information at a physical display, comprising:
(a) selecting an aggregated end-to-end connection profile of a first network node; wherein aggregated end-to-end connection
profiles specify a combination of end-to-end connections; wherein the end-to-end connections are virtual private network (VPN)
connections;

(b) retrieving network performance information corresponding to each aggregated end-to-end connection profile from at least
one storage unit, wherein the network performance information is stored in the at least one storage unit; wherein the network
performance information is determined at the first network node using steps comprising:

(i) transmitting reference packets from the first network node to a second network node using at least one end-to-end connection;
(ii) recording transmittal information;
(iii) receiving arrival information corresponding to the reference packets from the second node;
(iv) estimating network performance by utilizing the transmittal information and arrival information; wherein when estimating
network performance is complete, the first network node comparing the network performance and selecting at least one end-to-end
connection for transmitting and receiving data, wherein the selecting is based on a selection criteria;

(c) displaying the network performance information corresponding to the aggregated end-to-end connection profile in a table;
wherein the table comprises a first plurality of columns to indicate network interfaces used in an end-to-end connection,
a second plurality of columns to indicate network performance information corresponding to an end-to-end connection or an
aggregated end-to-end connection; wherein when network performance information corresponding to an aggregated end-to-end connection
is displayed, the network performance information is an average of network performance information of each end-to-end connection
in the aggregated end-to-end connection; wherein the network performance information is selected from a group consisting of
throughput, packet loss rate, latency, packet drop rate, packet jitter, end-to-end connection setup time, frequency of out-of-order
packet arrival and round trip time (RTT); and

(d) displaying network performance information corresponding to each end-to-end connection of the selected aggregated end-to-end
connection profile in a bar chart, wherein each bar of the bar chart represents network performance information of each end-to-end
connection, and wherein an average network performance is indicated with a horizontal line.

US Pat. No. 9,674,316

METHODS AND SYSTEMS FOR IDENTIFYING DATA SESSIONS AT A VPN GATEWAY

PISMO LABS TECHNOLOGY LIM...

1. A method for identifying Internet Protocol (IP) data sessions at a VPN gateway comprising:
(a) receiving encapsulating packets, wherein the encapsulating packets encapsulate IP packets;
(b) identifying a corresponding VPN connection;
(c) decapsulating encapsulating packets to retrieve IP packets;
(d) performing deep packet inspection (DPI) on the IP packets to identify one or more data sessions the IP packets belong
to; and

(e) updating a DPI database based, at least in part, on the one or more data sessions; wherein the DPI database comprises
information corresponding to the one or more data sessions, wherein the information comprises source IP address, destination
IP address, starting time, application, protocol, user identity, source port, destination port, security information, VPN
connection information, computing resource usage, bandwidth usage and statistical information, wherein statistical information
comprises network performance of a VPN connection, number of data sessions, duration of data sessions, and monetary cost of
data sessions;

(f) displaying information corresponding to the one or more data sessions at a user interface, wherein the information is
retrieved from the DPI database; wherein the user interface comprises a plurality of items, wherein the items are selected
from a group consisting of au IP address of a node, application, protocol of an encapsulating packet or IP packet, a policy,
a location of an IP address, performance range through a network interface, range of size of data being downloaded or uploaded,
and a user-identity; wherein the information displayed at the user interface comprises correlation between the plurality of
items; wherein the plurality of items are categorized and displayed according to a plurality of categories; wherein a specific
correlation is indicated to a user by changing a line color of a line representing the specific correlation or by flashing
the line representing the specific correlation.

US Pat. No. 9,736,047

METHODS AND SYSTEMS FOR REDUCING NETWORK CONGESTION

PISMO LABS TECHNOLOGY LIM...

1. A method carried out at a network device for reducing network congestion comprising the steps of:
(a) establishing an aggregated connection, wherein the aggregated connection comprising a plurality of virtual private network
(VPN) tunnels;

(b) assigning default weights to the plurality of VPN tunnels;
(c) transmitting and receiving data packets of a data session through the aggregated connection;
(d) when there is at least one missing data packets in the received data packets: recreating the at least one missing data
packets based on at least one previous or at least one next data packet: wherein the recreating is further based on a text
database, or an audio database: wherein using the text database and audio database to determine characters of words that are
in payload(s) of the at least one missing data packets: wherein when it is determined that there is more than one possibility
for the characters, determining the characters based on historical data:

(e) determining whether at least one VPN tunnel of the plurality of VPN tunnels is experiencing an unacceptable packet drop
rate:

(f) modifying a respective weight value for the at least one VPN tunnel at a first periodicity in response to an observed
packet drop rate: wherein when the observed packet drop rate is an unacceptable packet drop rate, the respective weight value
is decreased:

(g) updating an effective weight value to the modified respective weight value at a second periodicity, wherein the second
periodicity is longer than the first periodicity:

(h) when the at least one missing data packets is first or last in sequence of the data session: sending a request to a sender
for resending the at least one missing data packets.

US Pat. No. 9,787,776

METHODS AND SYSTEMS FOR TRANSMITTING PACKETS THROUGH AN AGGREGATED CONNECTION

PISMO LABS TECHNOLOGY LIM...

1. A method for transmitting a received packet at a first network node through an aggregated connection, wherein the aggregated
connection comprising a plurality of tunnels, comprising the steps of:
(a) assigning weights to each of the plurality of tunnels, wherein the higher the weight of a tunnel, the higher the number
of sessions the tunnel is selected for;

(b) defining a maximum number of sessions that each of the plurality of tunnels may be used to transmit;
(c) determining session information of the received packet;
(d) determining whether a new tunnel needs to be selected;
(e) when a new tunnel needs to be selected:
(i) determining a hash result, wherein the hash result is based, in part, on the session information and the number of available
tunnels, wherein availability of tunnels is determined according to bandwidth limit, usage price, latency, or packet drop
rate;

(ii) determining a first tunnel for transmitting the received packet according to the hash result;
(iii) storing the session information and corresponding tunnel ID of the first tunnel in a first database; and
(iv) transmitting the received packet through the first tunnel;
(f) when a new tunnel need not be selected:
(i) performing a lookup to determine a tunnel ID based, in part, on the session information;
(ii) determining a first tunnel for transmitting the received packet based on the tunnel ID; and
(iii) transmitting the received packet through the first tunnel;
(g) monitoring the state of the first tunnel; and
(h) performing step (e) when a trigger is received.

US Pat. No. 9,743,338

METHODS AND SYSTEMS FOR COMMUNICATIONS THROUGH A SLAVE GATEWAY

PISMO LABS TECHNOLOGY LIM...

1. A method for transmitting data packets through a plurality of connections and through a gateway at a network node, comprising
the steps of:
(a) receiving network performance observation report (NPOR) from the gateway;
(b) determining at least one of a plurality of wide area network (WAN) interfaces of the gateway for transmitting data packets
based on the NPOR;

(c) creating an instruction, wherein the instruction comprises information for the gateway to determine the at least one of
the plurality of WAN interfaces of the gateway for transmitting the data packets;

(d) transmitting the instructions to the gateway;
(e) transmitting the data packets to the gateway;
wherein the gateway operates as a slave gateway;
wherein the network node has a plurality of WAN interfaces; and
wherein the network node is connected to the gateway through one of the plurality of WAN interfaces of the network node and
one of local area network (LAN) interfaces of the gateway.

US Pat. No. 9,720,473

METHODS AND SYSTEMS FOR SUPPLYING AND RECEIVING POWER OVER ETHERNET

PISMO LABS TECHNOLOGY LIM...

1. A method, performed in a first power sourcing equipment (PSE) comprising at least one power-supply circuit, for supplying
power over Ethernet to a first powered device (PD), the method comprising:
(a) supplying power to the first PD using a first power-supply circuit after determining that the first PD is capable of receiving
power over Ethernet; wherein the first power-supply circuit is comprised in a PSE controller of the first PSE and is capable
of supplying power up to a first power limit, wherein the first power limit is set according to IEEE802.3at standard or IEEE802.3af
standard;

(b) determining to continue using the first power-supply circuit or to use a second power-supply circuit to supply power to
the first PD based, at least in part, on a first indication; wherein the second power-supply circuit is capable of supplying
power more than the first power limit and the second power-supply circuit is used by turning on a high-power PSE (HP-PSE)
switch; wherein the first indication is used for indicating whether the first PD is capable of receiving power more than the
first power limit and is based, at least in part, on one or more of (i) receiving a first expected message from the first
PD, (ii) a link status of an Ethernet link connecting the first PSE to the first PD becoming stable, and (iii) a manual switch
status indicating that an instruction has been received from a user to use the second power-supply circuit, wherein the manual
switch status can be controlled through a knob, button, webpage, user interface, application programming interface, console
port, or display module;

(c) using the second power-supply circuit instead of using the first power-supply circuit to supply power after it is determined
that the first PD is capable of receiving power more than the first power limit;

(d) determining whether or not to continue using the second power-supply circuit based on the link status;
(e) if the link status is unstable, turning off the HP-PSE switch and using the first power-supply circuit for supplying power
to the first PD.

US Pat. No. 10,116,591

METHODS AND SYSTEMS FOR TRANSMITTING DATA THROUGH AN AGGREGATED CONNECTION

PISMO LABS TECHNOLOGY LIM...

1. A method for forwarding data packets through an aggregated tunnel, which comprises a plurality of secured tunnels at a first network node, comprising:a. selecting a first secured tunnel according to a user's configuration;
b. selecting a second secured tunnel according to a selection policy based on one or more of the following criteria: service provider, usage limit, location, time, usage price, security, user identity, Internet Protocol address range, communication protocol, communication technology, application, and device;
c. transmitting original encapsulating packets (OEPs) through the first secured tunnel;
wherein the OEPs encapsulate all the data packets;
d. transmitting duplicate encapsulating packets (DEPs) through the second secured tunnel, wherein the DEPs encapsulate at least one of the data packets;
wherein the secured tunnels are secured by encryption; and
wherein when a first OEP and a first DEP encapsulate a same first data packet, the first OEP and the second DEP have the same global sequence number and have different tunnel sequence numbers.

US Pat. No. 10,009,754

METHODS AND SYSTEMS FOR TRANSFERRING SIM CARD INFORMATION FROM A FIRST DEVICE TO A FIRST SERVER FOR ENABLING THE USE OF A SIM CARD IN MULTIPLE DEVICES

PISMO LABS TECHNOLOGY LIM...

1. A method of transferring SIM card information from a first device to a first server, wherein a first SIM card is first housed in the first device or is first housed in a first modem connected to the first device, comprising:performing the following steps at the first device:
(a) when the first device has booted up:
(i) identifying the first SIM card;
(ii) retrieving SIM card information from the first SIM card;
(iii) sending authentication information to the first server;
(iv) requesting historical SIM card activity information from the first server;
(v) storing the historical SIM card activity information in a storage medium;
(b) determining whether to use the first SIM card based on the historical SIM card activity information stored in step (a)(v);
(c) creating new SIM card activity information corresponding to the first SIM card;
(d) storing the new SIM card activity information in the storage medium;
(e) when a first condition is satisfied:
(i) retrieving stored new SIM card activity information corresponding to the first SIM card from the storage medium;
(ii) sending the stored new SIM card activity information to the first server or the second device;
wherein steps (c) and (d) are not performed when the first SIM card is removed from the first device or from the first modem connected to the first device;
wherein when steps (c) and (d) are not performed, the stored new SIM card activity information is based on the historical SIM card activity information stored in step (a)(v);
performing the following steps at the first server:
(f) receiving a first request message from the first device;
(g) if the first request message is authentic:
(i) determining SIM card identity of the first SIM card specified in the first request message;
(ii) if the historical SIM card activity information of the first SIM card is not found in a first database, or the first database has not been updated within a predefined time period, receiving and storing historical SIM card activity information from a carrier server, wherein the first database is stored in a storage medium of the first server;
(iii) sending the stored historical SIM card activity information to the first device proactively or upon receiving a request from the first device;
wherein the SIM card information is sent to the first server from a third device before step (a) if the first SIM card has been used at the third device before.

US Pat. No. 10,044,521

METHODS AND SYSTEMS FOR INCREASING WIRELESS COMMUNICATION THROUGHPUT OF A BONDED VPN TUNNEL

PISMO LABS TECHNOLOGY LIM...

1. A method for increasing wireless communication throughput of a bonded virtual private network (VPN) tunnel between a first communication router and a second communication router via a first network, comprising:a. establishing a plurality of first connections between the first communication router and the first network;
b. establishing at least one second connection between the second communication router and the first network;
c. establishing a plurality of tunnels through the plurality of first connections and the at least one second connection;
d. assigning a respective weight value for each of the plurality of tunnels;
e. forming the bonded VPN tunnel using the plurality of tunnels;
f. assigning a per-tunnel sequence number and a global sequence number to each packet routed to a particular tunnel;
g. distributing packets of a session among the plurality of tunnels based, at least in part, on the respective weight values;
h. modifying the respective weight value for the plurality of tunnels at a first periodicity in response to an observed packet drop rate;
i. updating the respective weight value to the modified respective weight value at a second periodicity, wherein the second periodicity is longer than the first periodicity;
wherein the plurality of first connections are wireless connections;
wherein the at least one second connection is a wired connection;
wherein the respective weight value is based on packet throughput and packet drop rate of each tunnel;
wherein the packet drop rate is reported to the first communication router by the second communication router; and
wherein the per-tunnel sequence number and global sequence number are used to assist in packets buffering and re-sequencing.

US Pat. No. 9,894,694

METHODS AND SYSTEMS FOR TRANSMITTING AND RECEIVING DATA THROUGH ONE OR MORE TUNNEL FOR PACKETS SATISFYING ONE OR MORE CONDITIONS

PISMO LABS TECHNOLOGY LIM...

1. A method for a first node disposed in a network environment, the method comprising:
(a) receiving a packet via a local area network (LAN) interface;
(b) inspecting the packet;
(c) determining whether the packet satisfies at least one packet condition;
(d) transmitting the packet through a predefined tunnel if the packet satisfies the at least one packet condition; and
(e) transmitting the packet through a second tunnel if the packet does not satisfy the at least one packet condition,
wherein the predefined tunnel is a first tunnel and is established before the packet is received by the first node,
wherein the first tunnel belongs to a first tunnel group;
wherein the second tunnel belongs to one of, a first tunnel group or a second tunnel group;
wherein the first tunnel and the second tunnel are aggregated to form an aggregated connection;
wherein the at least one packet condition is based on one of the following: packet size, packet protocol, geographical location
of a sender of the packet, geographical location of the first node, time of day, and latency sensitivity of a session that
the packet belongs to;

wherein when the at least one packet condition is based on latency sensitivity, a first condition is met when a data transfer
from the first node to a second node is latency insensitive; and

wherein the predefined tunnel is selected based on at least one performance criterion;
wherein the at least one performance criterion is selected from a group comprising network latency, response time, packet
delay, bandwidth, throughput, packet loss, packet drop, power consumption, signal-to-noise ratio, round-trip time, interference
level, error rate, quality of service, queuing delay, and packet jitter;

wherein performance of a tunnel is used for determining whether a tunnel satisfies performance criteria to become a predefined
tunnel;

wherein the first tunnel group is established through at least one network, wherein the at least one network is selected based
on network latency of the at least one network; and

wherein the network latency is determined based on one of, average, maximum, minimum or other statistical calculations of
latency observed for each tunnel in the first tunnel group.

US Pat. No. 10,050,867

METHODS AND SYSTEMS FOR TRANSMITTING BROADCAST DATA

PISMO LABS TECHNOLOGY LIM...

1. A method at a first communication gateway of transmitting broadcast data from a first communication gateway to a second communication gateway, comprising:(a) receiving a broadcast packet from a host or node, wherein the broadcast packet is a service request or a response to a service advertisement;
(b) determining whether the broadcast packet satisfies at least one condition, wherein the at least one condition is based on one or more of source address, destination address, and port number of the broadcast packet;when the broadcast packet satisfies the at least one condition:(c) determining whether or not to modify a time to live (TTL) value;
(d) modifying the TTL value if determined to modify the TTL value;
(e) forwarding the broadcast packet through at least one tunnel to a destination address of the broadcast packet based on the TTL value of the broadcast packet; wherein the at least one tunnel is selected according to at least one policy; wherein the at least one policy is based on time, identity of the host or node, and/or capacity of the at least one tunnel; wherein the broadcast data is transmitted through the at least one tunnel only during a certain period of time if the at least one policy is based on time;
encapsulating the broadcast packet in an Internet Protocol (IP) packet before forwarding the broadcast packet to the destination address in step (e), and wherein the broadcast packet is a Boniour protocol based packet;
wherein a plurality of tunnels are established between the first communication gateway and the second communication gateway; and
wherein the at least one tunnel is selected from the plurality of tunnels; and wherein the destination address is reachable through an interconnected network.

US Pat. No. 9,960,966

METHODS AND SYSTEMS FOR MANAGING VPN TUNNELS

PISMO LABS TECHNOLOGY LIM...

1. A method carried out at a system, wherein the system is implemented using Virtual Private Network (VPN) techniques, comprising:(a) establishing, by way of a VPN concentrator, a first aggregated VPN connection and a second aggregated VPN connection with a first host and a second host, respectively;
(b) when the first aggregated VPN connection comprises a first plurality of VPN tunnels, the VPN concentrator applying uplink and downlink bandwidth limits to each of the first plurality of VPN tunnels;
(c) when the second aggregated VPN connection comprises a second plurality of VPN tunnels, the VPN concentrator applying uplink and downlink bandwidth limits to each of the second plurality of VPN tunnels;
(d) the first host encapsulating a first data packet in a first encapsulating packet;
(e) the first host transmitting the first encapsulating packet to the VPN concentrator using the first aggregated VPN connection;
(f) the VPN concentrator receiving the first encapsulating packet;
(g) the VPN concentrator decapsulating the first data packet from the first encapsulating packet;
(h) the VPN concentrator encapsulating the first data packet in a second encapsulating packet;
(i) the VPN concentrator transmitting the second encapsulating packet to the second host using the second aggregated VPN connection; and
(j) the second host decapsulating the first data packet from the second encapsulating packet;
(k) the VPN concentrator setting a first ratio of bandwidth limit among VPN tunnels of the first plurality of VPN tunnels and setting a second ratio of bandwidth limit among VPN tunnels of the second plurality of VPN tunnels; wherein the first ratio and the second ratio are set dynamically, according to a policy, or according to a predefined configuration.

US Pat. No. 10,044,841

METHODS AND SYSTEMS FOR CREATING PROTOCOL HEADER FOR EMBEDDED LAYER TWO PACKETS

PISMO LABS TECHNOLOGY LIM...

1. A method for creating a protocol header for a virtual private network (VPN) tunnel at a network device, wherein the VPN tunnel is implemented using at least one network link, comprising:a. receiving layer two packets through at least one local area network (LAN) interface;
b. determining a network link identification, wherein the network link identification is for identifying network links to which at least one layer three packet belongs;
c. determining a tunnel sequence number, wherein the tunnel sequence number is for assisting a receiving network device to re-order the at least one layer three packet per VPN tunnel;
d. determining a global sequence number, wherein the global sequence number is for arranging the at least one layer three packet to a correct sequence;
e. creating a protocol header, wherein the protocol header comprises tunnel association information; wherein the tunnel association information comprises the network link identification, the tunnel sequence number and the global sequence number;
f. embedding the layer two packets in the at least one layer three packet along with the protocol header;
wherein the at least one layer three packet is sent through at least one wide area network;
wherein the protocol header is part of payload of the at least one layer three packets packet.

US Pat. No. 10,135,681

METHODS AND SYSTEMS FOR CONFIGURING ELECTRONIC DEVICES

PISMO LABS TECHNOLOGY LIM...

1. A method for configuring a first electronic device, comprising the steps of:(a) receiving sensor information based on a trigger; wherein the trigger is received when a monitoring time interval has expired, or a trigger rule has been satisfied; wherein the trigger is created by a profile server; wherein the first electronic device is connected to the profile server via interconnected networks;
(b) determining a profile based, at least in part, on the sensor information and identity of a user; wherein the user is authenticated for confirming the identity of the user; wherein the profile is comprised of a profile identity field, a condition field and a configuration field;
(c) retrieving a configuration based on the profile; wherein if the first electronic device is a mobile router, the profile is selected from a group consisted of power saving profile, low bandwidth profile, first location profile, and default profile; wherein if the first electronic device is an air purifier, the profile is selected from a group consisting of a strong profile and a quiet profile, wherein the air purifier filters more air in the strong profile and less air in the quiet profile; wherein if the first electronic device is a virtual private network (VPN) hub, the profile is selected from a group consisting of hub-and-spoke profile and full mesh profile; and
(d) configuring the first electronic device with at least one setting based, at least in part, on the configuration; wherein if the first electronic device is a mobile router, the setting includes selection of a SIM card slot, limitation of transmission speed and the choice network to be used.

US Pat. No. 10,051,544

METHODS AND SYSTEMS FOR SELECTING SIM CARD

PISMO LABS TECHNOLOGY LIM...

1. A method for selecting at least one SIM card at a wireless communication device, wherein the wireless communication device is configured to house a plurality of SIM cards, the method comprising:determining whether a switching condition is satisfied;
when a switching condition is satisfied:
(a) selecting a second SIM card group from a plurality of SIM cards groups;
(b) disconnecting a connection established using a non-second group SIM card, wherein non-second group SIM cards are SIM cards not in the second SIM card group;
(c) using a SIM card selected from the second SIM card group for data communication; and
(d) repeating steps (b) and (c) after a connection can be established using the SIM card selected from the second SIM card group or a timeout until (i) the switching condition is no longer satisfied, (ii) no more SIM cards selected from the second SIM card group can be used for data communications or (iii) no more connection is made using non-second group SIM cards;
(e) classifying SIM cards according to a grouping policy after a new SIM card is inserted into the wireless communication device or during initialization of the wireless communication device;
(f) wherein the wireless communication device is configured to use simultaneously at least one SIM card from the second SIM card group and at least one non-second group SIM card to establish a plurality of connections.

US Pat. No. 10,044,628

METHODS AND SYSTEMS FOR RECEIVING AND TRANSMITTING PACKETS BASED ON PRIORITY LEVELS

PISMO LABS TECHNOLOGY LIM...

1. A method for transmitting and receiving packets at a first network device, wherein the first network device comprises a plurality of network interfaces, comprising the steps of:(a) establishing a plurality of logical network connections with a second network device, wherein each logical network connections comprises a plurality of network links, and wherein the plurality of logical network connections are aggregated to form an aggregated logical network connection;
(b) receiving a first packet through one of the plurality of network interfaces;
(c) determining whether the first packet has been received through a logical network connection or from a host connected through a local area network (LAN) connection, wherein when the packet has been received through a logical network connection, the first packet is an encapsulating packet;
(d) if the first packet has been received through a logical network connection:
(i) identifying priority level of a packet encapsulated in the first packet;
(ii) determining whether or not to store the first packet in queue based on priority level, global sequence number (GSEQ), priority sequence number (PSEQ) and logical network connection sequence number (TSEQ) of the packet encapsulated in the first packet;
(iii) storing the first packet in the queue if the GSEQ is larger than an expected GSEQ (E-GSEQ)
(iv) when the GSEQ is larger than the E-GSEQ but the PSEQ is smaller or equal to an expected PSEQ (E-PSEQ), and when the first packet has a high priority level, not storing the first packet in the queue, decapsulating the packet from the first packet, transmitting the packet, and storing a placeholder in the queue; wherein transmitting the packet is performed through a LAN connection;
(v) updating the E-PSEQ and E-GSEQ after the packet has been transmitted;
(e) if the first packet has been received through a LAN connection, is from a highest available priority queue and has a lowest PSEQ:
(i) retrieving the first packet from a first priority queue; wherein the first priority queue is the highest available priority queue;
(ii) selecting a first logical network connection to use for transmitting the first packet;
(iii) assigning a TSEQ to the first packet according to the first logical network connection determined to be used;
(iv) creating payload of a second packet, wherein payload of the second packet encapsulates the first packet, and GSEQ, TSEQ, PSEQ, and priority level of the first packet;
(v) transmitting the second packet through the first logical network connection determined to be used.

US Pat. No. 9,967,193

METHOD AND SYSTEM FOR INCREASING DATA FLOW TRANSMISSION

PISMO LABS TECHNOLOGY LIM...

1. A system for transmitting a data flow, comprising:at least one first network interface connected to a transmitting terminal; and
at least two second network interfaces connected to a receiving terminal through at least two access networks;
at least one storage unit; and
at least one processing unit is used for:
(a) receiving a data packet of a data flow from the transmitting terminal through the at least one first network interface;
(b) selecting one access network from the at least two access networks and sending an encapsulating packet to the receiving terminal via the selected access network, wherein the encapsulating packet encapsulates the data packet; wherein the selected access network is used until there is a change of status of the selected access network;
(c) determining whether to create at least one nominal reception acknowledgement message corresponding to the data packet of the data flow; wherein the determining is based on at least one of: storage size of at least one storage unit available to store data packets, speed of network connection, processing capacity of the system;
(d) if it is determined to create at least one nominal reception acknowledgement message, the at least one nominal reception acknowledgement message is created on behalf of the receiving terminal;
(e) sending the at least one nominal reception acknowledgement message to the transmitting terminal; wherein network device stops creating and sending nominal reception acknowledgement message until the network device receives a reception acknowledgement message from the receiving terminal;
(f) if it is determined not to create at least one nominal reception acknowledgement message: waiting for a reception acknowledgement of the data packet or a reception acknowledgement of other data packets of the data flow from the receiving terminal;
(g) if no reception acknowledgement is received from the receiving terminal within a predefined time period: resending the encapsulating packet to the receiving terminal; wherein if a reception acknowledgement message corresponds to two or more data packets of the data flow, resending encapsulating packets encapsulating the two or more data packets of the data flow corresponding to the reception acknowledgement message;
(h) controlling the transmission rate of sending the at least one nominal reception acknowledgement message to the transmitting terminal, comprising: increasing the transmission rate of sending the at least one nominal reception acknowledgement message for increasing transmission rate of data packets at the transmitting terminal; and decreasing the transmission rate of sending the at least one nominal reception acknowledgement message for decreasing transmission rate of data packets at the transmitting terminal;
(i) when the data flow uses transmission control protocol (TCP), receiving a synchronization (SYN) packet from the transmitting terminal; transmitting a SYN encapsulating packet to the receiving terminal, wherein the SYN encapsulating packet encapsulates the SYN packet; wherein the SYN packet is used for establishing the data flow;
wherein the at least one storage unit storing program instructions executable by the at least one processing unit and temporarily storing data packets of the data flow; and
wherein the at least one processing unit is connected to the at least one first network interface, the at least two second network interfaces and the at least one storage unit.

US Pat. No. 9,888,128

METHODS AND SYSTEMS FOR SHARING DATA USAGE AT A PLURALITY OF NETWORK DEVICES

PISMO LABS TECHNOLOGY LIM...

1. A method of sharing data usage at a plurality of network devices, wherein the data usage is shared by a plurality of SIM
cards, wherein each of the plurality of network devices is capable of housing at least one SIM card; wherein the at least
one SIM card belongs to the plurality of SIM cards; comprising the steps:
(a) determining the total data usage allowance;
(b) determining the remaining total data usage allowance by:
(i) retrieving the remaining total data usage allowance from a carrier server; or
(ii) subtracting aggregated data usage information from the total data usage allowance, wherein the aggregated data usage
information is based on data usage information received from each of the plurality of network devices;

(c) restricting use of one or more of the plurality of SIM cards when the remaining total data usage allowance is below a
first threshold;

(d) performing step (c) until the remaining total data usage allowance is above the first threshold;
(e) changing the total data usage allowance to a first value periodically or according to an administrator's instruction;
wherein the plurality of SIM cards use the same cellular network or use different cellular networks.

US Pat. No. 10,069,686

METHODS AND SYSTEMS FOR MANAGING A DEVICE THROUGH A MANUAL INFORMATION INPUT MODULE

PISMO LABS TECHNOLOGY LIM...

1. A method for supplying and receiving power over Ethernet at a device and managing the device through a manual information input module, the method comprising:(a) obtaining power mode information through the manual information input module by a user; wherein the manual information input module is mounted on the device; wherein the manual information input module comprises a high power (HP) switch, a standard power (SP) switch, a power sourcing equipment (PSE) switch, a powered device (PD) switch, a PSE-PD switch, a first switch, a knob, a display module, and navigation keys;
(b) determining a current power mode of the device;
(c) determining whether to apply an input power mode or reset the current power mode; wherein the input power mode is determined based on the information obtained in step (a), or is determined based on policies, wherein the policies are defined by a user using the manual information input module; wherein each policy is assigned to a mark in the knob, or listed in a policies menu in the display module;
(d) stop receiving power or stop supplying power through any Ethernet interfaces if determined to reset the current power mode; wherein it is determined to reset the current power mode when the current power mode and the input power mode are the same;
(e) opening or closing internal switches if determined to apply the input power mode when the current power mode and the input power mode are not the same; and
(f) supplying or receiving power over Ethernet according to the input power mode;
wherein the device is a power over Ethernet (PoE) device configured to transmit and receive power over Ethernet at the same time.

US Pat. No. 10,044,811

METHODS AND SYSTEMS FOR FORWARDING DATA

PISMO LABS TECHNOLOGY LIM...

1. A method for allowing communication between a first network element and a terminal at a management server, wherein the management server is connected to a plurality of network elements through a plurality of connections, comprising:(a) maintaining a database used for recording a list of connections that have been established; updating the database by sending probing packets to determine status of the connections;
(b) receiving a request from the terminal to communicate with the first network element during a first data session; wherein the terminal uses a first session identifier and the first network element uses a second session identifier, wherein the first and second session identifiers allow the terminal and the first network element to be recognized by the management server during the first data session; wherein the first and second session identifiers are provided by the management server;
(c) determining whether a first connection has been established with the first network element;
(d) establishing the first connection with the first network element if the first connection has not been established with the first network element; wherein when the management server is unable to communicate with the first network element, the first connection is initiated by the network element; and
(e) periodically checking status of the first connection during the first data session;
(f) maintaining the first connection if the first data session is not terminated;
(g) forwarding data between the first network element and the terminal using the first connection during the first data session; wherein the forwarding is performed by:
(i) receiving original first Internet Protocol (IP) packets from the first network element through the first connection;
(ii) encapsulating the original first IP packets in other second IP packets;
(iii) sending the other second IP packets to the terminal;
(iv) the terminal decapsulating the original first IP packets from the other second IP packets;
(v) the terminal encapsulating original third IP packets in other fourth IP packets and sending the other fourth IP packets to the management server;
(vi) decapsulating the original third IP packets;
(vii) encapsulating the original third IP packets in other fifth IP packets; and
(viii) sending the other fifth IP packets to the first network element.

US Pat. No. 10,015,733

METHODS AND SYSTEMS FOR TRANSMITTING AND RECEIVING DATA

PISMO LABS TECHNOLOGY LIM...

1. A method of at least one of, transmitting and receiving data at a network device, the network device including a plurality of network adapters, the method comprising:(a) classifying the plurality of network adapters into a first group of network adapters and a second group of network adapters according to a first condition; wherein the first group of network adapters comprises a first network adapter and the second group of network adapters comprises a second network adapter; wherein the first network adapter and the second network adapter are identified by a globally unique identifier; wherein the first condition is selected from a group consisting of performance metric, service provider, location, time, usage price, security, user identity, Internet Protocol (IP) address range, communication protocol, communication technology, application, and device;
(b) retrieving configuration corresponding to each of the plurality of network adapters; wherein the configuration comprises the globally unique identifier of each of the plurality of network adapters;
(c) determining a corresponding communication technology for each of the plurality of network adapters; wherein the corresponding communication technology allows the each of the plurality of network adapters to connect to a corresponding access network; wherein the first network adapter and the second network adapter are first configured to use a first communication technology; wherein when the first network adapter and the second network adapter are restricted to use the first communication technology even when networks corresponding to other communication technologies are available;
(d) establishing end-to-end connections using at least two of the plurality of network adapters;
(e) if a second condition is satisfied: transmitting and receiving data through the first group of network adapters using the corresponding communications technology of each of the first group of network adapters; if the second condition is not satisfied: transmitting and receiving data through the second group of network adapters using a corresponding communications technology of each of the second group of network adapters; wherein the second condition is satisfied if at least one end-to-end connection is established through the first group of network adapters; wherein the data is transmitted and received through an aggregated end-to-end connection and wherein the aggregated end-to-end connection comprises a plurality of end-to-end connections established through at least one of the first group of network adapters;
(f) when an access network using the first communication technology is not accessible through the first network adapter: transmitting and receiving data through the second network adapter using the first communication technology instead of transmitting and receiving data through the first network adapter;
(g) when one of, the access network using the first communication technology becomes accessible again through the first network adapter, or the first network adapter connects to an another access network using the first communication technology, starting to use the first network adapter for transmitting and receiving data;
(h) when the first condition is based on location and the first condition is satisfied when the network device is used in a first location: restricting the network device to use a third communication technology when the network device is in the first geographical area; and restricting the network device to use the first communication technology when the network device is outside the first geographical area; wherein the first geographical location range has at least one network using the second communication technology;
wherein the each network adapter of the first group of network adapters is configured by a configuration corresponding to the each network adapter;
wherein when the data is latency sensitive, a communication technology with a low latency is selected as the first communication technology; and
wherein the corresponding communication technology is a wireless communication technology.

US Pat. No. 9,979,793

METHODS AND SYSTEMS FOR SENDING AND RECEIVING INFORMATION DATA

PISMO LABS TECHNOLOGY LIM...

1. A method for sending and receiving information data at a network device, wherein the network device includes a plurality of network interfaces, the method comprising:(a) sending testing data using a plurality of network interface groups to test servers;
(b) determining a performance data for the plurality of network interface groups according to at least one performance metric based on a performance report received from the test servers, wherein each of the plurality of network interface groups includes at least one network interface, wherein the performance data is for selecting a first network interface group automatically
(c) assigning weights to performance metrics when there are more than one performance metrics;
(d) calculating a weighted score of performance metrics based on weights assigned to each performance metric, wherein the weighted score is utilized for determining the performance data, wherein the performance data of a network interface group is a combination of performance data of each network interface belonging to the network interface group;
(e) storing data in a computer readable storage medium, wherein the data comprises the performance data, a list of network interface groups, and the testing data;
(f) selecting a first network interface group automatically for sending and receiving information data according to the performance data determined;
(g) when the performance data of the plurality of network interface groups are the same or considered to be the same, a network interface group with the lowest number of common wireless channels is selected as the first network interface group;
(h) selecting at least one network interface of the first network interface group based on usage of wireless channels;
(i) when more than one network interface uses a wireless channel, selecting a first network interface of the more than one network interface and disabling the rest of the more than one network interface, wherein the first network interface is determined according to a predefined setting;
(j) when no wireless channel is used by more than one network interface, all network interfaces of the first network interface group are selected in step (h);
(k) sending and receiving information data via at least one of the network interfaces of the first network interface group; and
wherein at least one network interface of the plurality of network interfaces is configured to connect to a wireless access network.

US Pat. No. 10,511,522

METHODS AND SYSTEMS FOR EVALUATING NETWORK PERFORMANCE OF AND TRANSMITTING PACKETS THROUGH AN AGGREGATED CONNECTION

PISMO LABS TECHNOLOGY LIM...

1. A method for transmitting data packets through a plurality of connections at a first communication device, wherein the plurality of connections are established between the first communication device and a second communication device, the method comprising:a. determining performance of at least one of the plurality of connections;
b. determining a first group of connections based on the performance of the at least one of the plurality of connections;
c. creating a first plurality of data packets;
d. transmitting the first plurality of data packets through the first group of connections at about the same time; and
e. determining performance of at least one of the plurality of connections periodically at every five seconds to one minute;
wherein the performance of the at least one of the plurality of connections is determined based on transmission and receipt of the first plurality of data packets;
f. terminating or not using a connection when the performance is based on at least one of, latency and packet drop and the plurality of connections has a latency difference higher than a latency discrepancy threshold;
wherein the connection has the highest latency among the plurality of connections;
wherein the plurality of connections belong to an aggregated connection;
wherein the transmission and receipt of the first plurality of data packets is performed for a predefined time period;
wherein the predefined time period may be set by a user, manufacturer or an administrator;
wherein the plurality of connections are classified into more than one group, based on conditions;
wherein the conditions are selected from a group consisting of performance metric, service provider, usage metric, location, time, usage price, security, user, Internet Protocol address range, communication protocol, communication technology, application, and device.

US Pat. No. 10,142,282

METHODS AND GATEWAYS FOR PROCESSING DNS REQUEST

PISMO LABS TECHNOLOGY LIM...

11. A gateway for processing DNS requests comprising:a plurality of WAN interfaces;
at least one LAN interface;
at least one processing unit;
wherein each of the WAN interfaces is able to connect to a plurality of DNS servers via one access network; and
at least one computer readable storage medium comprising program instructions executable by the at least one processing unit for:
receiving a first DNS request from a host via the at least one LAN interface of the gateway;
when the gateway does not have information to respond to the first DNS request:
(a) selecting, according to at least one predefined selection policy, a plurality of DNS servers;
(b) selecting a plurality of access networks that are authorized to send a plurality of new DNS requests, wherein the content of the plurality of new DNS requests is the same as the content of the first DNS request;
(c) transmitting the plurality of new DNS requests to the selected plurality of DNS servers through the selected plurality of access networks via the plurality of WAN interfaces that are connected to the selected plurality of access networks, wherein the gateway does not transmit more than one of the new DNS requests to a selected DNS server through the same access network;
(d) receiving a plurality of DNS responses within a predefined period of time, wherein the plurality of DNS responses correspond to the plurality of new DNS requests;
(e) identifying valid DNS responses from the plurality of DNS responses, wherein the identified valid DNS responses have a return code (RCODE) of zero;
(f) when the pre-defined period of time has expired and no DNS response corresponding to the first DNS request has already sent to the host, if at least one valid DNS response was identified, selecting a valid DNS response from the at least one identified valid DNS response, and generating a first new DNS response, wherein the content of the first new DNS response is the same as the content of the selected valid DNS response, else if no valid DNS responses were identified, generating a first new DNS response, wherein the first new DNS response has a non-zero RCODE;
(g) sending the first new DNS response to the host.

US Pat. No. 10,313,494

METHODS AND SYSTEMS FOR IDENTIFYING DATA SESSIONS AT A VPN GATEWAY

PISMO LABS TECHNOLOGY LIM...

1. A method for transmitting data packets from a host to a destination via a virtual private network (VPN) connection at a first VPN gateway, the method comprising:A) receiving encapsulated packets via the VPN connection, wherein the encapsulated packets encapsulate the data packets originated from the host;
B) decapsulating the encapsulated packets to retrieve the data packets;
C) determining whether the data packets originated from an IoT device based on a control message received from a second VPN gateway;
D) when the host is the IoT device:
i) performing deep packet inspection (DPI) on the data packets;
ii) determining whether the data packets are allowed to be transmitted to the destination;
iii) transmitting the data packets when the data packets are allowed to be transmitted to the destination;
iv) storing the data packets for further processing when the data packets are not allowed to be transmitted to the destination;
E) when the host is not an IoT device:
i) performing deep packet inspection (DPI) on the data packets for collecting information on the data packets to update a DPI database; and
ii) transmitting the data packets to the destination.

US Pat. No. 10,291,431

METHODS AND SYSTEMS FOR TRANSMITTING AND RECEIVING DATA THROUGH TUNNEL GROUPS

PISMO LABS TECHNOLOGY LIM...

1. A method for a first node disposed in a network environment comprising:when a first condition is not met:
transmitting data to a second node through a first tunnel group;
when the first condition is met:
transmitting data to the second node through a second tunnel group;
monitoring performance of each tunnel of the first tunnel group in order to determine whether the tunnel satisfies a first threshold;
when the first threshold of a tunnel of the first tunnel group is not satisfied, removing the tunnel from the first tunnel group;
when the first threshold of a tunnel of the first tunnel group is satisfied, keeping the tunnel in the first tunnel group;
when a second condition is not met:
receiving data from the second node through the second tunnel group;
when the second condition is met:
receiving data from the second node through the first tunnel group;
monitoring performance of each tunnel of the second tunnel group in order to determine whether the tunnel satisfies a second threshold;
when the second threshold of a tunnel of the second tunnel group is not satisfied, removing the tunnel from the second tunnel group;
when the second threshold of a tunnel of the second tunnel group is satisfied, keeping the tunnel in the second tunnel group;
wherein the first tunnel group and the second tunnel group are selected based on one or more tunnel group performance criteria;
wherein the first tunnel group comprises at least two tunnels;
wherein the second tunnel group comprises at least two tunnels;
wherein each of the tunnels of the first tunnel group is assigned with a priority;
wherein each of the tunnels of the second tunnel group is assigned with a priority;
wherein the transmitting of data and the receiving of data are performed through the tunnels with higher priorities;
wherein latency of the second tunnel group is higher than latency of the first tunnel group;
wherein the at least two tunnels in the first tunnel group and the at least two tunnels in the second tunnel group are formed using at least two network interfaces of the first node and at least one network interface of the second node; and
wherein the first condition and the second condition are based on geographical location of the first node and at least one of the following criteria: performance, and latency sensitivity.

US Pat. No. 10,244,382

USING A PLURALITY OF SIM CARDS AT AN ELECTRONIC DEVICE

PISMO LABS TECHNOLOGY LIM...

1. An apparatus, comprising:a plurality of radio frequency (RF) units;
a plurality of group of SIM card interfaces;
at least one processing unit;
at least one non-transitory computer readable storage medium;
at least one input module;
at least one output module;
a plurality of SIM card selectors, wherein each of the plurality of SIM card selectors has a circuitry different from the at least one processing unit and the circuitry is not part of a circuitry of the at least one processing unit;
wherein the at least one non-transitory computer readable storage medium, has computer-executable instructions embodied thereon, wherein when executed by the at least one processing unit, the computer-executable instructions cause the at least one processing unit to:
a) receive data from a first input module and send data to a first output module;
b) communicate with a first wireless network through a first RF unit;
c) communicate with a second wireless network through a second RF unit;
d) control each of the plurality of SIM card selectors to connect one SIM card interface from a corresponding group of SIM card interfaces to a corresponding RF unit;
e) when a first event trigger occurs:
i. stop using a first SIM card interface; wherein the first SIM card interface is the operational SIM card interface;
ii. start using a second SIM card interface;
f) when a second event trigger occurs:
i. stop using the second SIM card interface; wherein the second SIM card interface is the operational SIM card interface;
ii. start re-using the first SIM card interface;
wherein the SIM card interfaces are selected based on selection criteria; wherein the selection criteria are entered by an administrator or retrieved from a remote device;
wherein the first RF unit is one of the plurality of RF units;
wherein the first RF unit is connected to a first SIM card interface;
wherein the first SIM card interface is one of a first group of SIM card interfaces selected by a first SIM card selector;
wherein the second RF unit is one of the plurality of RF units;
wherein the second RF unit is connected to a second SIM card interface; and
wherein the second SIM card interface is one of a second group of SIM card interfaces selected by a second SIM card selector.

US Pat. No. 10,204,073

MANAGING ACTIONS OF A NETWORK DEVICE BASED ON POLICY SETTINGS CORRESPONDING TO A REMOVABLE WIRELESS COMMUNICATION DEVICE

PISMO LABS TECHNOLOGY LIM...

1. A method for configuring a network device according to the identity of a plurality of removable wireless communications devices (RWCDs), the method comprising the steps of:(a) determining the identities of the plurality of RWCDS, wherein identities are based on one or more of International Mobile Equipment Identity (IMEI), Media Access Control (MAC) address, a telephone number, a user account, and a user profile;
(b) determining whether the network device is capable of using the plurality of RWCDs;
(c) retrieving policy settings from an authorized party or a storage medium of the network device according to the identities of the plurality of RWCDs;
(d) determining whether there are conflicts among groups of the policy settings;
(e) determining priorities of groups of the policy settings when there are conflicts among the groups of the policy settings; wherein the priorities of the groups of the policy settings are based on at least one of the following: information retrieved from the authorized party, physical positions of the plurality of RWCDs at the network device, pre-determined settings inputted into the storage medium, chronological order in which the plurality of RWCDs were connected with the network device, and the identities of the plurality of RWCDs; and
(f) configuring the network device according to at least one of the groups of the policy settings;wherein the plurality of RWCDs are plugged to the network device; andwherein the network device provides wireless wide area network (WAN) connectivity through the plurality of RWCDs.

US Pat. No. 10,566,789

APPARATUS FOR PROVIDING ELECTRICITY WITH A PLURALITY OF AC-DC REGULATORS

Pismo Labs Technology Lim...

1. A DC current supply circuit, comprising:a. a plurality of power connectors;
b. a first plurality of multiplexers;
c. a second plurality of multiplexers;
d. a plurality of alternating current to direct current (AC-DC) regulators; and
e. an OR-ing circuit;wherein inputs of each multiplexer in the first plurality of multiplexers are connected to live wires of at least two power connectors in the plurality of power connectors and wherein each output of each multiplexer in the first plurality of multiplexers is connected to an input of a corresponding AC-DC regulator in the plurality of AC-DC regulators;wherein inputs of each multiplexer in the second plurality of multiplexers are connected to neutral wires of at least two power connectors in the plurality of power connectors and wherein each output of each multiplexer in the second plurality of multiplexers is connected to an input of a corresponding AC-DC regulator in the plurality of AC-DC regulators;wherein each selector pin of the first plurality of multiplexers is connected to an output of a corresponding alternating current (AC) current sensor;wherein each selector pin of the second plurality of multiplexers is connected to an output of a corresponding AC current sensor;wherein outputs of the corresponding AC-DC regulators are connected to the OR-ing circuit;wherein each of the AC current sensors connects to a respective live wire and a respective neutral wire of one power connector in the plurality of power connectors; andwherein the number of AC-DC regulators in the plurality of AC-DC regulators is more than the number of power connectors in the plurality of power connectors.

US Pat. No. 10,560,884

METHODS AND SYSTEMS FOR SELECTING SIM CARD

Pismo Labs Technology Lim...

1. A method for selecting at least two SIM cards at a wireless communication device, wherein the wireless communication device is configured to house a plurality of SIM cards, the method comprising:using the at least two SIM cards simultaneously to establish a plurality of connections;
determining whether a switching condition is satisfied; and
when the switching condition is satisfied:
(a) selecting a substitute SIM card from the plurality of SIM cards based on at least one factor;
(b) disconnecting a corresponding connection established by one of the at least two SIM cards, wherein the corresponding connection is in the plurality of connections;
(c) determining whether the substitute SIM card is capable of transmitting and receiving data;
(d) using the substitute SIM card to establish a substitute connection after the substitute SIM card is determined to be capable of transmitting and receiving data;
(e) repeating steps (a) to (d) until (i) the switching condition is no longer satisfied or (ii) no SIM card is selected based on the at least one factor;
wherein the plurality of SIM cards is classified into a plurality of groups according to the at least one factor; and
wherein the at least two SIM cards are from two different groups in the plurality of groups.

US Pat. No. 10,374,826

METHODS AND SYSTEMS FOR TRANSMITTING BROADCAST DATA

PISMO LABS TECHNOLOGY LIM...

1. A method of processing Bonjour protocol Internet Protocol (IP) packets at a first gateway and a second gateway, comprising:receiving Bonjour protocol IP packets from a first local area network (LAN), wherein the first LAN is reachable through at least one LAN network interface of the first gateway;
determining whether to forward the Bonjour protocol IP packets to a second LAN,
wherein the second LAN is reachable through at least one LAN network interface of the second gateway;
when determined to forward the Bonjour protocol IP packets to the second LAN:
a. at the first gateway:
i. encapsulating the Bonjour protocol IP packets in encapsulating IP packets;
ii. sending the encapsulating IP packets to the second gateway through at least one tunnel of a plurality of tunnels;
b. at the second gateway:
i. retrieving the Bonjour protocol IP packets from the encapsulating IP packets;
ii. determining recipients of the Bonjour protocol IP packets at the second LAN;
iii. sending the Bonjour protocol IP packets to the recipients;
wherein the first gateway and the second gateway are connected through the plurality of tunnels;
wherein each of the first gateway and the second gateway comprises a plurality of network interfaces for establishing the plurality of tunnels;
wherein the plurality of tunnels are aggregated;
wherein the at least one tunnel of the plurality of tunnels for transmitting the Bonjour protocol IP packets is selected according to at least one policy;
wherein the at least one policy is based on at least one of, capacity of the at least one tunnel, a certain period of time, and identity of senders of the Bonjour protocol IP packets;
wherein when the at least one policy is based on the certain period of time, the Bonjour protocol IP packets are transmitted through the at least one tunnel during the certain period of time;
wherein the second LAN is reachable by the first gateway by at least one wide area network (WAN) network interface of the first gateway; and
wherein the first LAN is reachable by the second gateway by at least one WAN network interface of the second gateway.

US Pat. No. 10,199,726

SYSTEMS AND METHODS PROVIDING ASSISTED AIMING FOR WIRELESS LINKS THROUGH A PLURALITY OF EXTERNAL ANTENNAS

PISMO LABS TECHNOLOGY LIM...

1. A method for providing proactive aiming assistance guidance information at a wireless node, comprising:(a) positioning the wireless node according to a selected location and, positioning a plurality of external antennas in respective initial orientations and according to an operational configuration;
(b) determining proactive aiming assistance guidance information to provide proactive guidance for reorienting each of the plurality of external antennas from the initial orientation to a desired wireless link deployment configuration;
(c) reorienting the plurality of external antennas in accordance with the proactive aiming assistance guidance information as provided by a user interface of the wireless node to achieve the desired wireless link deployment configuration calculated to provide a wireless link having one or more desired attributes; the user interface further comprising azimuth guidance outputs, elevation guidance outputs, hold guidance output, guidance control inputs and guidance response inputs;wherein the wireless node is connected to the plurality of external antennas via at least one wireless communication module;wherein the proactive aiming assistance guidance information includes rotation directions and tilt directions;wherein the rotation directions correspond to directions to rotate the plurality of external antennas into the desired wireless link deployment configuration respectively;wherein the tilt directions correspond to directions to tilt the plurality of external antennas into the desired wireless link deployment configuration respectively;wherein the proactive aiming assistance guidance information is to orient the rotation directions and tilt directions of a plurality of external antennas; andwherein the directions to rotate and directions to tilt the plurality of antennas are adjusted through motor modules.

US Pat. No. 10,194,317

METHODS AND SYSTEMS TO PERFORM AT LEAST ONE ACTION ACCORDING TO A USER'S GESTURE AND IDENTITY

PISMO LABS TECHNOLOGY LIM...

1. A method of performing at least one action at a system according to a user's gesture information, comprising:a. capturing the user's movement and converting the user's movement to captured gesture information by a mobile apparatus, wherein the mobile apparatus comprises an antenna, a processor, a storage medium and at least one accelerometer, wherein the accelerometer has at least three axes;
b. comparing the captured gesture information with one or more predefined gesture information at the mobile apparatus;
c. when the captured gesture information matches a predefined gesture information, at the mobile apparatus:
i. selecting a first identity based on a matched predefined gesture information;
ii. when the mobile apparatus is physically close to a reader by a first wireless strength signal:
A. generating an encrypted information, wherein the encrypted information comprises the predefined gesture information used in step (b) for comparison with the captured gesture information in step (a), a first identity, a timestamp, and a device identity;
B. sending the encrypted information to a security system through a reader, wherein the mobile apparatus is physically close to the reader;
C. performing the at least one action at the security system according to the encrypted information; and
d. when the captured gesture information does not match any predefined gesture information, at the mobile apparatus:
sending a failure notice to the user.

US Pat. No. 10,173,535

METHODS AND SYSTEMS FOR MANAGING POWER SUPPLY AT A DEVICE

PISMO LABS TECHNOLOGY LIM...

1. A method for managing power supply through a first switch at a device, wherein the device is configured to receive power via a plurality of power inputs for a load of the device and is originally receiving power from a second power supply, the method comprising:(a) determining whether a first condition is satisfied; wherein the first condition is based on at least one factor;
(b) when the first condition is satisfied, maintaining the first switch in a closed position to receive power from a first power supply for the load;
(c) when the first condition is not satisfied, determining whether a second condition is satisfied;
(d) maintaining the first switch in the closed position for receiving power from the first power supply for the load if the second condition is satisfied;
(e) if the second condition is not satisfied, opening the first switch after a predefined time period for not further receiving power from the first power supply and not further receiving power from the second power supply;wherein the first condition and the second condition are based on at least two different factors;wherein the first power supply is configured to supply more power than the second power supply;wherein the power supplied by the first power supply and the second power supply are for the load;wherein the at least two different factors are configured by at least one of a user and an administrator of the device;wherein the first switch is comprised of a latch and two field-effect transistors; andwherein the latch is controlled by a processing unit of the device.

US Pat. No. 10,594,515

METHODS AND SYSTEMS FOR TRANSMITTING PACKETS THROUGH AGGREGATED END-TO-END CONNECTION

PISMO LABS TECHNOLOGY LIM...

1. A method for transmitting data packets by a first communications router to a second communications router through a plurality of network interfaces, comprising:when probability of a first aggregated end-to-end connection not satisfying a first condition has reached a predefined threshold:
a. allowing a second network interface to transmit and receive data packets when a predefined number of data packet drops within a predefined time period is detected;
wherein the first aggregated end-to-end connection is established through at least two of the plurality of network interfaces;
wherein packet drop rate information for transmitting the data packets is monitored continuously;
wherein the established end-to-end connections have different bandwidth capabilities:
wherein the first condition is selected from a group consisting of performance metric, service provider, location, time, usage price, security, user identity, Internet Protocol (IP) address range, communication protocol, communication technology, application, and device.

US Pat. No. 10,569,664

METHODS AND SYSTEMS FOR MANAGING POWER SUPPLY AT A DEVICE

PISMO LABS TECHNOLOGY LIM...

1. A method for receiving power supply at a device, wherein the device is connected to a first power supply and a second power supply, comprising:a. detecting whether voltage at the second power supply is below a reference voltage;
b. when the voltage at the second power supply is below the reference voltage:
i. maintaining a switch in a closed position for receiving power from the first power supply for a period of time;
ii. after the period of time, when the voltage at the second power supply is still below the reference voltage:
A. performing a shut-down process;
B. opening the switch to an open position to stop receiving power from the first power supply;
c. when the voltage at the second power supply is above the reference voltage, maintaining the switch in the closed position for receiving power from the first power supply; andwherein the power supplied by the first power supply is greater than the power supplied by the second power supply.

US Pat. No. 10,511,723

METHODS OF SHARING DATA USAGE AT A PLURALITY OF NETWORK DEVICES

PISMO LABS TECHNOLOGY LIM...

1. A method of sending notifications according to data usage of a group of SIM cards at a device, comprising:a. determining a first threshold;
b. determining a total data usage; wherein the total data usage is based on data usage information of each SIM card of the group of SIM cards; and
c. sending, when the total data usage is larger than the first threshold, one or more notifications;
wherein each SIM card in the group of SIM cards is either housed in the device or housed in a respective modem connected to the device;
and
wherein the first threshold is retrieved from a remote server.

US Pat. No. 10,298,416

METHOD AND SYSTEM FOR CONVERTING A BROADCAST PACKET TO A UNICAST PACKET AT AN ACCESS POINT

PISMO LABS TECHNOLOGY LIM...

1. A method for processing a first layer two packet bar converting a first layer two packet into a first unicast layer two packet at a wireless access point, comprising:(a) receiving first one or more layer three packets;
(b) extracting the first layer two packet from the first one or more layer three packets;
(c) determining whether the first layer two layer packet is a multicast packet;
(d) when the first layer two packet is determined to be the multicast packet:
(i) determining whether the first layer two packet satisfies one of predefined rules; wherein at least one predefined rule is based on whether a destination address of the first layer two packet is a predefined broadcast destination address; and wherein the predefined rules are determined based on an origin of the first layer two packet;
(ii) when the first layer two packet satisfies one of the predefined rules: converting the first layer two packet into a layer two unicast packet with a first destination address; and sending the first layer two packet with the first destination address to a local area network (LAN) network interface; wherein the first destination address is learned by the wireless access point by one of: (A) receiving the first destination address as input by a network administrator, (B) receiving the first destination address by querying another communication system whose address is pre-configured, or (C) receiving the first destination address in a response after sending a predefined layer three packet;
(iii) when the first layer two packet does not satisfy any predefined rules, and when payload of the first layer two packet matches a predefined format or content: broadcasting the first layer two packet to one or more LAN network interfaces; and
(iv) when a multicast address is not a predefined broadcast or multicast address: converting the broadcast or multicast address into a first unicast address; and sending the first layer two packet to the first unicast address through a second network interface according to predefined rules; wherein the first unicast address is determined by: (1) listening to a specific User Data Protocol (UDP) port; (2) sending a first UDP packet with a predefined content to the specific UDP port of a second communication system, wherein IP address of the second communication system is determined using Dynamic Host Configuration Protocol (DHCP) or predetermined configuration; (3) receiving a second UDP packet from the second communication system; (4) if content of the second UDP packet matches a predefined content, storing a layer two source address of the second UDP packet; and
(5) determining the unicast address to be the same as the layer two source address of the second UDP packet; and
(e) when the first layer two packet is not a multicast packet, sending the first layer two packet to its corresponding destination address through one or more LAN networks.

US Pat. No. 10,218,467

METHODS AND SYSTEMS FOR MANAGING ERROR CORRECTION MODE

PISMO LABS TECHNOLOGY LIM...

1. A method carried out at a first communications router for managing an error correction mode, comprising the steps of:(a) transmitting a first data packet to a second communications router;
(b) storing the first data packet in a local non-transitory storage medium;
(c) activating the error correction mode when a delay inquiry message is received from the second communications router; wherein the delay inquiry message indicates that the first data packet has not been received by the second communications router successfully;
(d) retransmitting the first data packet to the second communications router;
(e) transmitting an error correction packet corresponding to the first data packet; wherein the delay inquiry message comprises a global sequence number of the first data packet;
(f) deactivating the error correction mode when a back-to-normal message is received from the second communications router; wherein the back-to-normal message indicates that the first communications router no longer needs to be in error correction mode.

US Pat. No. 10,471,846

METHODS AND SYSTEMS FOR SUPPLYING ELECTRICITY TO MULTIPLE LOADS WITH CURRENT MEASUREMENTS

PISMO LABS TECHNOLOGY LIM...

1. A method for scheduling electricity supply to a plurality of electric vehicle (EV) chargers at a power supply enabler (PSE), wherein each of the plurality of EV chargers is connected with one power controller respectively, the method comprising:a) receiving from a plurality of power controllers, measurements of amount of current received by a plurality of loads respectively; wherein the power controllers are configured to transmit and receive data through mobile communication technology; wherein the measurements are received through mobile communication technology;
b) determining a difference between a total amount of current supplied and a total amount of current received; wherein the total amount of current received is based on the measurements from the plurality of power controllers received in step (a); wherein the total amount of current supplied is retrieved through a current measurement device coupled to the power supply enabler;
c) wherein when the difference is above a first threshold:
i. selecting one or more power controllers to be disabled;
ii. sending a disabling message to each of the one or more power controllers to be disabled, wherein the disabling messages are for instructing the one or more power controllers to be disabled to disable their respective relays; wherein the disabling messages are sent wirelessly using mobile communication technology;
d) wherein when the difference is below the first threshold:
iii. selecting one or more power controllers to be enabled;
iv. enabling one or more power controllers to be enabled;
v. sending an enabling message to each of the one or more power controllers to be enabled, wherein the enabling messages are for instructing the one or more power controllers to be enabled to enable their respective relays; wherein the enabling messages are sent wirelessly using mobile communication technology.

US Pat. No. 10,469,597

METHODS AND SYSTEMS FOR SELECTING A TUNNEL OF TRANSMITTING PACKETS THROUGH AN AGGREGATED CONNECTION

PISMO LABS TECHNOLOGY LIM...

1. A method for selecting a tunnel of an aggregated connection for transmitting packets, wherein the aggregated connection is comprised of a plurality of tunnels at a network node, the method comprising:a. determining, at the network node, a hash result;
b. selecting, when a packet is a first packet in a sequence of a first session, a first tunnel according to the hash result;
c. storing identification of the first tunnel and the hash result in a database; and
d. when the packet is not the first packet in the sequence of the first sessions:
searching for the hash result in the database to identify the first tunnel; and
selecting the first tunnel based on the search results.

US Pat. No. 10,425,249

METHODS AND SYSTEMS FOR INCREASING WIRELESS COMMUNICATION THROUGHPUT OF A BONDED VPN TUNNEL

PISMO LABS TECHNOLOGY LIM...

1. A method for transmitting Transport Control Protocol (TCP) packets at a first network node including a plurality of communication adapters, comprising:(a) establishing a plurality of tunnels through the plurality of communication adapters with a second network node;
(b) encapsulating received TCP packets in transmitted Internet Protocol (IP) packets;
(c) assigning a respective per-tunnel sequence number and a respective global sequence number to each of the transmitted IP packets;
(d) encapsulating the per-tunnel sequence number and the global sequence number in each of the transmitted IP packets;
(e) assigning a respective weight value for each tunnel in a group of tunnels, wherein the group of tunnels is selected from the plurality of tunnels according to tunnel information included in feedback packets and the group of tunnels does not comprise any tunnels determined to be down; and
(f) distributing the transmitted IP packets to the second network node through the group of tunnels, wherein:
the plurality of tunnels are bonded to form a bonded connection;
the respective weight values are based on observations received from the second network node;
each tunnel in the plurality of tunnels is monitored by receiving heartbeat packets through each tunnel in the plurality of tunnels from the second network node; and
the respective per-tunnel sequence number and the respective global sequence number are used to assist in packet buffering and resequencing of the transmitted IP packets at the second network node.

US Pat. No. 10,412,658

METHODS AND SYSTEMS FOR COMMUNICATIONS THROUGH A SLAVE GATEWAY

PISMO LABS TECHNOLOGY LIM...

1. A method for distributing data packets through a plurality of wide area network (WAN) interfaces at a network node, wherein a first WAN interface is connected to at least one gateway, comprising the steps of:a. sending at least one identification request to the at least one gateway;
b. determining whether the at least one gateway is configured as a slave gateway;
c. when the at least one gateway is configured as a slave gateway, transmitting an instruction to the at least one gateway; and
d. distributing data packets among one or more of the plurality of WAN interfaces,wherein the first WAN interface is one of the plurality of WAN interfaces.

US Pat. No. 10,390,214

USING A PLURALITY OF SIM CARD INTERFACES AND A PLURALITY OF RADIO FREQUENCY UNITS

PISMO LABS TECHNOLOGY LIM...

1. An apparatus comprising:a first plurality of radio frequency (RF) units;
a first plurality of Subscriber Identification Module (SIM) card interfaces;
at least one processing unit;
at least one non-transitory computer readable storage medium;
at least one SIM card interface selector;
wherein the at least one SIM card interface selector is connected to a first group of SIM card interfaces and a first group of RF units;
wherein the at least one non-transitory computer readable storage medium has computer-executable instructions embodied thereon;
wherein when executed by the at least one processing unit, the computer-executable instructions cause the at least one processing unit to:
a) select a second plurality of SIM card interfaces and a second plurality of RF units; wherein the first group of SIM card interfaces includes the second plurality of SIM card interfaces; wherein the first group of RF units includes the second plurality of RF units;
b) control the at least one SIM card interface selector to connect each of the second plurality of SIM card interfaces to a corresponding RF unit of the second plurality of RF units;
c) control a first RF unit to scan base stations capable of establishing wireless connection; wherein the first RF unit is one of the first plurality of RF units;
d) control a second RF unit to observe received signal quality of the base stations; wherein the second RF unit is one of the first plurality of RF units;
e) adjust data transmission performance metric monitoring frequency based on observed received signal quality;
f) select a second group of SIM card interfaces and a second group of RF units; wherein the first group of SIM card interfaces includes the second group of SIM card interfaces; wherein the first group of RF units includes the second group of RF units;
g) control the at least one SIM card interface selector to connect each of the second group of SIM card interfaces to corresponding RF units of the second group of RF units;
h) establish wireless connections through the first group of RF units;
i) establish a plurality of tunnels through the wireless connections;
j) aggregate the plurality of tunnels to form one aggregated tunnel;
k) negotiate tunnel configuration variables with a receiver node before transmitting and receiving data packets; wherein the tunnel configuration variables comprise address assignments, compression parameters and encryption method;
wherein the first RF unit and the second RF unit are the same or different RF unit(s);
wherein a quantity of SIM card interfaces in the first group of SIM card interfaces is the same as or more than a quantity of RF units in the first group of RF units;
wherein the first plurality of SIM card interfaces include the first group of SIM card interfaces;
wherein the first plurality of RF units include the first group of RF units;
wherein the at least one SIM card interface selector and the at least one processing unit are different hardware;
wherein the at least one SIM card interface selector is controlled by the at least one processing unit; and
wherein step (a) is performed substantially based on at least one of the following selection criteria: time, duration of usage, and billing cycle information.

US Pat. No. 10,386,902

METHODS AND SYSTEMS FOR SUPPLYING AND RECEIVING POWER OVER ETHERNET

PISMO LABS TECHNOLOGY LIM...

1. A method, performed in a first power sourcing equipment (PSE) comprising at least a first power-supply circuit and a second power-supply circuit and at least a first power-receiving circuit and a second power-receiving circuit, comprising the steps of:a. determining to use the first power-receiving circuit or to use the second power-receiving circuit to receive power from a second PSE;
b. receiving power from the second PSE through the second power-receiving circuit, wherein:
when it is determined to use the first power-receiving circuit, power is received from the second PSE through the first power-receiving circuit; and
the first power-receiving circuit is capable of receiving power up to a power limit;
c. supplying power to a first powered device (PD) using the first power-supply circuit after determining that the first PD is capable of receiving power over Ethernet, wherein the first power-supply circuit is in a PSE controller of the first PSE and is capable of supplying power up to the power limit;
d. determining to continue using the first power-supply circuit or to use the second power-supply circuit to supply power to the first PD based, at least in part, on a first indication, wherein the second power-supply circuit is capable of supplying more power more than the power limit; and
e. using the second power-supply circuit instead of using the first power-supply circuit to supply power after it is determined that the first PD is capable of receiving more power than the power limit.

US Pat. No. 10,341,286

METHODS AND SYSTEMS FOR UPDATING DOMAIN NAME SERVICE (DNS) RESOURCE RECORDS

PISMO LABS TECHNOLOGY LIM...

1. A method for updating domain name service (DNS) resource records at a first system, comprising:(a) receiving an update message from a network node periodically and upon occurrence of a first predefined event;
(b) updating a corresponding DNS resource record substantially based on the update message;
wherein the update message comprises an Internet Protocol (IP) address field, a unique identifier field and a network interface identifier field;
wherein the network node comprises a plurality of network interfaces; and
wherein the first predefined event is selected from a group consisting of change of IP address of at least one of the plurality of network interfaces, assignment of IP address of at least one of the plurality of network interfaces, change of DNS resource recorded in at least one of the plurality of network interfaces, change of performance observed in at least one of the plurality of network interfaces connected to the Internet, detection of new Dynamic Host Configuration Protocol (DHCP) server, expiration of DHCP IP address lease, status check, and health check.

US Pat. No. 10,237,724

METHODS AND SYSTEMS FOR CONFIGURING RADIO FREQUENCY MODULE

PISMO LABS TECHNOLOGY LIM...

1. A method for configuring at least one radio frequency (RF) module by a wireless communication apparatus, comprising:(a) sending a first message to the at least one RF module; wherein the first message comprises a request for at least one international mobile subscriber identity (IMSI) of at least one subscriber identity module (SIM) card;
(b) receiving a second message from the at least one RF module; wherein the second message comprises the at least one IMSI of the at least one SIM card; wherein the at least one RF module retrieves the at least one IMSI from the at least one SIM card;
(c) determining which wireless network service provider(s) the at least one SIM card is associated with according to the at least one IMSI;
(d) identifying at least one configuration information based on identity of the wireless network service provider according to the at least one IMSI;
(e) sending a third message to the at least one RF module, wherein the third message comprises the at least one configuration information;
(f) configuring the at least one RF module based on the at least one configuration information if the at least one SIM card is with the highest priority;
wherein the at least one RF module is housed in one of, the wireless communication apparatus or in an external device;
wherein the at least one SIM card is configured to be housed in one of, the wireless communication apparatus or in the external device;
wherein the wireless communication apparatus is configured to be connected to the external device;
wherein one of, the wireless communication apparatus or the external device houses a plurality of SIM cards; and
wherein each of the plurality of SIM cards is assigned with a priority by using a predefined configuration of the wireless communication apparatus.

US Pat. No. 10,516,594

SYSTEMS AND METHODS FOR CHANGING THE FREQUENCY OF MONITORING DATA

PISMO LABS TECHNOLOGY LIM...

1. A method for sending monitoring data at a network connected device, wherein the network connected device comprises a plurality of network interfaces, the method comprising:(a) taking at least one measurement according to a first measurement taking time interval value;
(b) when a first event occurs and the network connected device is in a bandwidth-saving mode:
(i) changing the first measurement taking time interval value to a second measurement taking time interval value;
(ii) changing a first monitoring time interval value to a second monitoring time interval value;
(c) when a second event occurs:
(i) changing the first measurement taking time interval value to a third measurement taking time interval value;
(ii) changing the first monitoring time interval value to a third monitoring time interval value;
(d) sending a monitoring data to a monitoring server periodically according to the first monitoring time interval value; wherein the monitoring data is sent through one or more network interfaces of the plurality of network interfaces;wherein the first measurement taking time interval value, the second measurement taking time interval value, the third measurement taking time interval value, the first monitoring time interval value, the second monitoring time interval value, and the third monitoring time interval value are pre-configured in the network connected device or retrieved from a server;wherein the third monitoring time interval value is a value of a monitoring time interval before the first event occurs; andwherein the network connected device is connected to a plurality of access networks through the plurality of network interfaces.

US Pat. No. 10,454,879

METHODS AND SYSTEMS FOR PROCESSING A DNS REQUEST

PISMO LABS TECHNOLOGY LIM...

1. A method for processing a Domain Name Services (DNS) request in a gateway, wherein the gateway comprises a plurality of wide area network (WAN) interfaces, comprising:a. sending, via one or more WAN interfaces in the plurality of WAN interfaces, a first plurality of DNS requests to a plurality of DNS servers through a plurality of connections, wherein the first plurality of DNS requests are created based on a second DNS request;
b. receiving one or more first DNS responses within a time threshold;
c. selecting a second DNS response from the one or more first DNS responses; and
d. creating and transmitting a third DNS response, wherein the third DNS response is based on the second DNS response and corresponds to the second DNS request.

US Pat. No. 10,270,656

METHODS AND SYSTEMS FOR CONFIGURING SYSTEM

PISMO LABS TECHNOLOGY LIM...

1. A method performed by a network node after receiving a configuration from a server, wherein the network node comprises a plurality of cellular modems, the method comprising:(a) at the network node, receiving the configuration through a Short Message Service (SMS) through any of the plurality of cellular modems;
(b) at the network node, validating the configuration;
(c) at the network node, configuring the network node according to the configuration;
(d) at the network node, performing network functions through at least a second one of any of the plurality of cellular modems based on the configuration;
wherein the configuration is received from the server and is based on identity information of the network node; and
wherein the network node is initially not connected to Internet.

US Pat. No. 10,270,724

METHODS AND SYSTEMS FOR PROCESSING MESSAGES AT A MULTI-SIM NETWORK NODE

PISMO LABS TECHNOLOGY LIM...

1. A method for processing messages at a network node, wherein the network node is comprised of at least one cellular modem and a plurality of subscriber identity module (SIM) card slots, and wherein each of the plurality of SIM card slots is configured to hold a SIM card, comprising: (a) selecting a SIM card; (b) associated with the SIM card selected at (a); (c) receiving a message, wherein the message is originated from a device operated by the wireless network service provider; (d) determining whether the message matches any pre-defined pattern; wherein step (d) is performed by performing a lookup on a first configuration database; wherein the first configuration database comprises a plurality of pre-defined patterns; wherein the message is one of, short messaging service (SMS) message, a multimedia messaging service (MMS) message, or an email message; wherein when the message is one of, a SMS message or an email message, the pre-defined pattern is set by defining a character string; wherein when the message is a MMS message, the pre-defined pattern is set by defining an image, audio, video or a combination of image, audio and/or video; and wherein the plurality of predefined patterns is selected from a group consisting of: a first predefined pattern indicating that a bandwidth cap of a connection through the SIM card is approaching a threshold, and a second predefined pattern indicating that the SIM card needs to be recharged; and (e) processing the message if the message matches any pre-defined pattern.

US Pat. No. 10,250,608

METHODS AND SYSTEMS FOR MANAGING A NETWORK NODE THROUGH A SERVER

PISMO LABS TECHNOLOGY LIM...

1. A method for allowing a user to manage a network node through a management server, comprising:(a) at the network node, receiving an user's identity and authentication information from an administrator;
(b) at the network node, sending the user's identity and authentication information from the network node to the management server;
(c) at the management server, updating a record of users according to the users' identities and authentication information; and
(d) at the management server, allowing the user to manage the network node through the management server; wherein the user is allowed to manage when a management request is received from the user at a management user interface (MSUI) with the same user's identity and authentication information as the user's identity and authentication information sent by the network node.

US Pat. No. 9,473,402

METHODS AND SYSTEMS FOR RECEIVING AND TRANSMITTING INTERNET PROTOCOL (IP) DATA PACKETS

PISMO LABS TECHNOLOGY LIM...

15. A system for receiving and transmitting Internet Protocol (IP) data packets, wherein the system comprises:
at least one digital processor;
at least one primary storage;
a plurality of network interfaces; and
at least one secondary storage storing program instructions executable by the at least one digital processor for:
(a) transmitting a first IP data packet via a second network interface of the system if the first IP data packet does not
satisfy an interception policy;

(b) not transmitting the first IP data packet via the second network interface and decrypting the first IP data packet if
the first IP data packet satisfies the interception policy;

wherein the first network interface and the second network interface are not assigned with IP addresses:
wherein the first IP data packet is either received by the system via a first network interface of the system or created by
the system;

wherein source address of the first IP data packet is an IP address reachable via the first network interface when the first
IP data packet is created by the system;

wherein the interception policy is based on port number, and wherein step (b) is performed if a source port number of the
first IP data packet is a predefined port number;

wherein the interception policy is based on contents of a header of the first IP data packet, wherein step (b) is performed
if a destination address of the first IP data packet belongs to a predefined subnet and a destination port is a predefined
destination port;

wherein the first network interface is a wide area network (WAN) interface, or a local area network (LAN) interface;
when the first network interface is a LAN interface:
(i) determining whether destination address of the first IP data packet is the IP address of the second network interface,
wherein the second network interface is a WAN interface:

(ii) not transmitting the first IP data packet if the destination address of the first IP data packet is not the IP address
of the second network interface.

US Pat. No. 9,473,964

METHODS AND SYSTEMS FOR ESTIMATING NETWORK PERFORMANCE

PISMO LABS TECHNOLOGY LIM...

1. A method of estimating network performance, comprising the following steps:
(a) selecting at least one first network interface of a first node;
(b) selecting at least one second network interface of a second node;
(c) exchanging test parameters with the second node through control messages;
(d) establishing at least one end-to-end connection between the at least one first network interface and the at least one
second network interface, according to at least one end-to-end connection profile; wherein the at least one end-to-end connection
profile comprises WAN interface identities of the at least one first network interface and the at least one second network
interface, source address of the at least one first network interface, destination address of the at least one second network
interface, encryption standard for packets transmitted and received through the at least one end-to-end connections authentication
parameters, and details of digital certificates used for authentication;

(e) transmitting reference packets from the first node to the second node through the at least one first network interface
to the at least one second network interface over a first time period;

(f) recording transmittal information; wherein the transmittal information comprises CPU usage of the first node while transmitting
the reference packets. number of bytes transmitted over the first time period, and duration over which the reference packets
are transmitted;

(g) receiving arrival information corresponding to the reference packets from the second node; wherein the arrival information
comprises CPU usage of the second node while receiving the reference packets, number of bytes received over the first time
period, duration over which the reference packets are received, number of reference packets that were retransmitted and round
trip time (RTT);

(h) estimating network performance by utilizing the transmittal information and arrival information;
(i) retrieving a selection criteria; wherein the selection criteria is stored in a storage medium or a remote server;
(j) when estimating network performance is complete, comparing the network performances and selecting at least one end-to-end
connection established using the at least one first network interface and the at least one second network interface, wherein
the selecting is based on the selection criteria; and

(k) displaying information on a display; wherein the information comprises end-to-end connection profiles, network performance
information of end-to-end connections, and network performance information of aggregated end-to-end connection: wherein the
display is integrated in the first node, or is a laptop, a handheld computer device, a desktop, or a mobile phone that receives
the network performance information from the first node or second node;

wherein reference packets are not transmitted through more than one end-to-end connection established through a single first
network interface at substantially the same time.