公开(公告)号：US20220385538A1

公开(公告)日：2022-12-01

申请号：US17335798

申请日：2021-06-01

Applicant: Cisco Technology, Inc.

Inventor： Sebastian Jeuk ,  Sridar Kandaswamy

IPC: H04L12/24 ,  H04L29/08

Abstract: Techniques are described herein for generating network topologies based on models, and deploying the network topologies across hybrid clouds and other computing environments that include multiple workload resource domains. A topology deployment system may receive data representing a logical topology model, and may generate a network topology for deployment based on the logical model. The network topology may include various services and/or other resources provided by different tenants in the computing environment, and tenant may be associated with different set of resources and deployment constraints. The topology deployment system may determine and generate the network topology to use the various resources and comply with various deployment constraints of the different tenants providing the services, and the tenants consuming the network topology.

公开(公告)号：US11146456B2

公开(公告)日：2021-10-12

申请号：US17127152

申请日：2020-12-18

Applicant: Cisco Technology, Inc.

Inventor： Sridar Kandaswamy ,  Bob Melander

IPC: H04L12/24 ,  G06F30/3323

Abstract: In an embodiment, a computer-implemented method comprises receiving logical model input that specifies a logical topology model of networking elements and/or computing elements for deployment at least partially in a private cloud computing infrastructure and at least partially in a public cloud computing infrastructure; receiving resource input specifying an inventory of computing elements that are available at least partially in the private cloud computing infrastructure and at least partially in the public cloud computing infrastructure; automatically generating an intermediate topology comprising a set of deployment instructions that are capable of execution at least partially in the private cloud computing infrastructure and at least partially in the public cloud computing infrastructure to cause physical realization of a network deployment corresponding to the logical topology model; determining whether the intermediate topology is functionally equivalent to the logical topology model; in response to determining that the intermediate topology is functionally equivalent to the logical topology model, transmitting the deployment instructions at least partially to the private cloud computing infrastructure and at least partially to the public cloud computing infrastructure.

公开(公告)号：US10742686B2

公开(公告)日：2020-08-11

申请号：US16116521

申请日：2018-08-29

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Ralf Rantzau ,  Rajath Agasthya ,  Sebastian Jeuk ,  Sridar Kandaswamy

IPC: H04L29/06

Abstract: A method and apparatus for dynamic integration of a covert namespace are provided. A Software-Defined Networking (SDN) controller is configured to send a request for workload transfer to an endpoint where the endpoint is connected to a virtual switch. The SDN controller determines that a connection between the endpoint and the virtual switch is secure based on a tenant-specific policy associated with the endpoint. A first covert namespace is configured to be connected between the endpoint and the virtual switch to communicate to the endpoint and the virtual switch directly. The operations of the virtual switch are executed using the first covert namespace according to the tenant-specific policy. A workload is caused to be transmitted to the endpoint through the first covert namespace.

公开(公告)号：US11909599B2

公开(公告)日：2024-02-20

申请号：US18105542

申请日：2023-02-03

Applicant: Cisco Technology, Inc.

Inventor： Sebastian Jeuk ,  Sridar Kandaswamy

IPC: H04L41/12 ,  H04L67/1001

CPC classification number: H04L41/12 ,  H04L67/1001

Abstract: Techniques are described herein for generating network topologies based on models, and deploying the network topologies across hybrid clouds and other computing environments that include multiple workload resource domains. A topology deployment system may receive data representing a logical topology model, and may generate a network topology for deployment based on the logical model. The network topology may include various services and/or other resources provided by different tenants in the computing environment, and tenant may be associated with different set of resources and deployment constraints. The topology deployment system may determine and generate the network topology to use the various resources and comply with various deployment constraints of the different tenants providing the services, and the tenants consuming the network topology.

公开(公告)号：US11469965B2

公开(公告)日：2022-10-11

申请号：US17217532

申请日：2021-03-30

Applicant: Cisco Technology, Inc.

Inventor： Sridar Kandaswamy ,  Sebastian Jeuk

IPC: H04L41/12 ,  H04L41/5051 ,  H04L41/0813 ,  H04L41/142 ,  H04L41/0823 ,  H04L41/08 ,  H04L41/0895 ,  H04L41/122 ,  H04L41/0897 ,  H04L67/10

Abstract: Techniques for deploying, monitoring, and modifying network topologies operating across multi-domain environments using formal models and weighting factors assigned to computing elements in the network topologies. The weighting factors restrict or allow the movement of various computing elements and/or element groupings to prevent undesirable disruptions or outages in the network topologies. Generally, the weighting factors may be determined based on an amount of disruption experienced in the network topologies if the corresponding computing element or grouping was migrated. As the amount of disruption caused by modifying a particular computing element increases, the weighting factor represents a greater measure of resistivity for migrating the computing element. In this way, topology deployment systems may allow, or disallow, the modification of particular computing elements based on weighting factors. Thus, the amount of disruption in the functioning of network topologies may be considered when optimizing the allocation of computing elements across multi-domain environments.

公开(公告)号：US20210111965A1

公开(公告)日：2021-04-15

申请号：US17127152

申请日：2020-12-18

Applicant: Cisco Technology, Inc.

Inventor： Sridar Kandaswamy ,  Bob Melander

IPC: H04L12/24 ,  G06F30/3323

Abstract: In an embodiment, a computer-implemented method comprises receiving logical model input that specifies a logical topology model of networking elements and/or computing elements for deployment at least partially in a private cloud computing infrastructure and at least partially in a public cloud computing infrastructure; receiving resource input specifying an inventory of computing elements that are available at least partially in the private cloud computing infrastructure and at least partially in the public cloud computing infrastructure; automatically generating an intermediate topology comprising a set of deployment instructions that are capable of execution at least partially in the private cloud computing infrastructure and at least partially in the public cloud computing infrastructure to cause physical realization of a network deployment corresponding to the logical topology model; determining whether the intermediate topology is functionally equivalent to the logical topology model; in response to determining that the intermediate topology is functionally equivalent to the logical topology model, transmitting the deployment instructions at least partially to the private cloud computing infrastructure and at least partially to the public cloud computing infrastructure.

公开(公告)号：US20200076851A1

公开(公告)日：2020-03-05

申请号：US16116521

申请日：2018-08-29

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Ralf Rantzau ,  Rajath Agasthya ,  Sebastian Jeuk ,  Sridar Kandaswamy

IPC: H04L29/06 ,  H04L29/12 ,  H04L12/24 ,  H04L12/931 ,  G06F9/50

Abstract: A method and apparatus for dynamic integration of a covert namespace are provided. A Software-Defined Networking (SDN) controller is configured to send a request for workload transfer to an endpoint where the endpoint is connected to a virtual switch. The SDN controller determines that a connection between the endpoint and the virtual switch is secure based on a tenant-specific policy associated with the endpoint. A first covert namespace is configured to be connected between the endpoint and the virtual switch to communicate to the endpoint and the virtual switch directly. The operations of the virtual switch are executed using the first covert namespace according to the tenant-specific policy. A workload is caused to be transmitted to the endpoint through the first covert namespace.

公开(公告)号：US09225605B2

公开(公告)日：2015-12-29

申请号：US13680503

申请日：2012-11-19

Applicant: Cisco Technology, Inc.

Inventor： Rajasekhar Manam ,  Venkata Naga Ramesh Ponnapalli ,  Sridar Kandaswamy

IPC: H04L12/24 ,  H04L12/931

CPC classification number: H04L41/12 ,  H04L41/0668 ,  H04L41/0886 ,  H04L41/0893 ,  H04L41/5054 ,  H04L49/70

Abstract: Embodiments generally provide techniques for mapping service modules on a network device. Embodiments identify a plurality of service modules, each configured to perform a respective service. A first one of the plurality of service modules is mapped to a first one of a plurality of virtual switches on the network device. Service policy information for a plurality of virtual switches is retrieved. The service policy information is indicative of service requirements for each of the plurality of virtual switches. Upon detecting an occurrence of a predefined event, embodiments determine a second one of the plurality of virtual switches to map the first service module to, based on the service policy information. The first service module is then mapped to the second virtual switch.

Abstract translation: 实施例通常提供用于在网络设备上映射服务模块的技术。 实施例识别多个服务模块，每个服务模块被配置为执行相应的服务。 多个服务模块中的第一个被映射到网络设备上的多个虚拟交换机中的第一个。 检索多个虚拟交换机的服务策略信息。 服务策略信息指示多个虚拟交换机中的每一个的服务需求。 在检测到预定事件的发生时，实施例基于服务策略信息确定多个虚拟交换机中的第二虚拟交换机，以将第一服务模块映射到该第一服务模块。 然后将第一个服务模块映射到第二个虚拟交换机。

公开(公告)号：US11336719B2

公开(公告)日：2022-05-17

申请号：US17124069

申请日：2020-12-16

Applicant: Cisco Technology, Inc.

Inventor： Sebastian Jeuk ,  Gonzalo A. Salgueiro ,  Sridar Kandaswamy ,  Bob C. Melander

IPC: H04L29/08 ,  H04L67/1021 ,  H04L41/16 ,  H04W36/00 ,  H04L41/0816 ,  H04W4/029 ,  H04L47/765 ,  H04W28/02

Abstract: Techniques for edge cloud identification. An indication of edge clouds is received. Each edge cloud is uniquely identifiable via an associated edge cloud identifier. A characteristic is received from each of the edge clouds. An edge cloud for communication is determined based on the characteristic. The edge cloud is communicated with using its associated edge cloud identifier.

公开(公告)号：US11283688B2

公开(公告)日：2022-03-22

申请号：US16878370

申请日：2020-05-19

Applicant: Cisco Technology, Inc.

Inventor： Sridar Kandaswamy ,  Sebastian Jeuk

IPC: H04L12/751 ,  H04L41/12 ,  H04L41/0893 ,  H04L41/14 ,  H04L45/02

Abstract: Techniques are described herein for generating and modifying formal network topology models, and deploying network topologies based on the formal models across multiple workload resource domains. A topology deployment system may receive modification data for a deployed network topology, and analyze the modification data to determine whether the associated formal network topology model is to be recomputed. In some examples, modifications to a deployed network topology that do not impact operational performance or compromise functional equivalence with the underlying logical model, need not trigger a recomputation of the network topology model immediately and could be delayed. Modifications to deployed network topologies that do not trigger recomputations of the formal network topology model may be stored and tracked, so that subsequent recomputations of the model may incorporate the pending modifications.