公开(公告)号：US20240291756A1

公开(公告)日：2024-08-29

申请号：US18656479

申请日：2024-05-06

Applicant: Cisco Technology, Inc.

Inventor： Rajagopalan Janakiraman ,  Suresh Pasupula ,  Manju Ramesh ,  Christophe Paggen ,  Huyen Trung Duong ,  Lukas Krattiger

IPC: H04L45/745 ,  H04L45/24 ,  H04L45/42 ,  H04L61/5007

CPC classification number: H04L45/745 ,  H04L45/24 ,  H04L45/42 ,  H04L61/5007

Abstract: Techniques for using more-specific routing to perform scalable Layer-2 (L2) stretching of subnets across hybrid-cloud environments. Routing tables in a public cloud may allow for routes that are more specific than the default local route, and the more-specific routes may be used to send all traffic to a dedicated, cloud router. The more-specific routes are set up for a VPC where a subnet resides such that the more specific-routes cover at least a portion of subnet range. The next hop for the more-specific routes point to the cloud router which is capable of doing host routing and segmentation extension. Thus, traffic originating from endpoints in a VPC is routed to the cloud router, and the cloud router determines whether the traffic is to be re-routed back to a destination endpoint in the VPC (or another cloud location), or sent to a destination endpoint residing in the on-premises site.

公开(公告)号：US20240048485A1

公开(公告)日：2024-02-08

申请号：US17882163

申请日：2022-08-05

Applicant: Cisco Technology, Inc.

Inventor： Rajagopalan Janakiraman ,  Suresh Pasupula ,  Manju Ramesh ,  Christophe Paggen ,  Huyen Trung Duong ,  Lukas Krattiger

IPC: H04L45/745 ,  H04L45/42 ,  H04L45/24 ,  H04L61/5007

CPC classification number: H04L45/745 ,  H04L45/42 ,  H04L45/24 ,  H04L61/5007

Abstract: Techniques for using more-specific routing to perform scalable Layer-2 (L2) stretching of subnets across hybrid-cloud environments. Routing tables in a public cloud may allow for routes that are more specific than the default local route, and the more-specific routes may be used to send all traffic to a dedicated, cloud router. The more-specific routes are set up for a VPC where a subnet resides such that the more specific-routes cover at least a portion of subnet range. The next hop for the more-specific routes point to the cloud router which is capable of doing host routing and segmentation extension. Thus, traffic originating from endpoints in a VPC is routed to the cloud router, and the cloud router determines whether the traffic is to be re-routed back to a destination endpoint in the VPC (or another cloud location), or sent to a destination endpoint residing in the on-premises site.

公开(公告)号：US11082258B1

公开(公告)日：2021-08-03

申请号：US16742604

申请日：2020-01-14

Applicant: Cisco Technology, Inc.

Inventor： Sivakumar Ganapathy ,  Rajagopalan Janakiraman ,  Suresh Pasupula ,  Sachin Gupta ,  Shashank Chaturvedi ,  Prashanth Matety

IPC: G06F15/177 ,  H04L12/46 ,  H04L12/741 ,  H04L29/06

Abstract: Techniques for maintaining isolation and segregation for network paths through multi-cloud fabrics using VRF technologies. The techniques include running virtual routers in a cloud network that connect the cloud network to an on-premises network using a network overlay that preserves VRF information in data packets. Further, the virtual routers connect to individual gateways in the cloud network using tunnels, and each individual gateway is connected to multiple VPCs without overlapping subnets. The virtual routers may assign a sink VRF to each gateway connection that can be used to perform source-IP based VRF selection by mapping source IP addresses in each tunnel connection to appropriate VRFs for the source IP addresses. In this way, virtual routers may use sink VRFs to translate into the VRF information for data packets from the VPCs via source-IP based lookup, and use the corresponding VRF route table to determine next hops for data packets.

公开(公告)号：US20210218598A1

公开(公告)日：2021-07-15

申请号：US16742604

申请日：2020-01-14

Applicant: Cisco Technology, Inc.

Inventor： Sivakumar Ganapathy ,  Rajagopalan Janakiraman ,  Suresh Pasupula ,  Sachin Gupta ,  Shashank Chaturvedi ,  Prashanth Matety

IPC: H04L12/46 ,  H04L29/06 ,  H04L12/741

Abstract: Techniques for maintaining isolation and segregation for network paths through multi-cloud fabrics using VRF technologies. The techniques include running virtual routers in a cloud network that connect the cloud network to an on-premises network using a network overlay that preserves VRF information in data packets. Further, the virtual routers connect to individual gateways in the cloud network using tunnels, and each individual gateway is connected to multiple VPCs without overlapping subnets. The virtual routers may assign a sink VRF to each gateway connection that can be used to perform source-IP based VRF selection by mapping source IP addresses in each tunnel connection to appropriate VRFs for the source IP addresses. In this way, virtual routers may use sink VRFs to translate into the VRF information for data packets from the VPCs via source-IP based lookup, and use the corresponding VRF route table to determine next hops for data packets.

公开(公告)号：US20190036729A1

公开(公告)日：2019-01-31

申请号：US15662556

申请日：2017-07-28

Applicant: Cisco Technology, Inc.

Inventor： Priyanka Warade ,  Gaurav Badoni ,  Suresh Pasupula ,  Senthil Kenchiah

IPC: H04L12/28 ,  H04L12/54 ,  H04L12/46 ,  H04L12/705 ,  H04L12/721

CPC classification number: H04L12/2854 ,  H04L12/462 ,  H04L12/4641 ,  H04L12/5691 ,  H04L45/18 ,  H04L45/48 ,  H04L45/66

Abstract: Methods, devices, and computer-readable medium for preventing broadcast looping during a site merge are described herein. An example method can include detecting a site merge between a plurality of layer 2 (L2) networks using a spanning tree protocol (STP), blocking a data traffic port connecting the L2 networks in response to detecting the site merge, and performing an STP-Ethernet virtual private network (EVPN) handshake. The STP-EVPN handshake can include changing a root bridge in one of the L2 networks. Thereafter, the method can include unblocking the data traffic port connecting the L2 networks. In other words, the data traffic port connecting the L2 networks can be unblocked after changing the root bridge in the one of the L2 networks.

公开(公告)号：US12267240B2

公开(公告)日：2025-04-01

申请号：US18656479

申请日：2024-05-06

Applicant: Cisco Technology, Inc.

Inventor： Rajagopalan Janakiraman ,  Suresh Pasupula ,  Manju Ramesh ,  Christophe Paggen ,  Huyen Trung Duong ,  Lukas Krattiger

IPC: H04L45/745 ,  H04L45/24 ,  H04L45/42 ,  H04L61/5007

Abstract: Techniques for using more-specific routing to perform scalable Layer-2 (L2) stretching of subnets across hybrid-cloud environments. Routing tables in a public cloud may allow for routes that are more specific than the default local route, and the more-specific routes may be used to send all traffic to a dedicated, cloud router. The more-specific routes are set up for a VPC where a subnet resides such that the more specific-routes cover at least a portion of subnet range. The next hop for the more-specific routes point to the cloud router which is capable of doing host routing and segmentation extension. Thus, traffic originating from endpoints in a VPC is routed to the cloud router, and the cloud router determines whether the traffic is to be re-routed back to a destination endpoint in the VPC (or another cloud location), or sent to a destination endpoint residing in the on-premises site.

公开(公告)号：US12021750B2

公开(公告)日：2024-06-25

申请号：US17882163

申请日：2022-08-05

Applicant: Cisco Technology, Inc.

Inventor： Rajagopalan Janakiraman ,  Suresh Pasupula ,  Manju Ramesh ,  Christophe Paggen ,  Huyen Trung Duong ,  Lukas Krattiger

IPC: H04L45/745 ,  H04L45/24 ,  H04L45/42 ,  H04L61/5007

CPC classification number: H04L45/745 ,  H04L45/24 ,  H04L45/42 ,  H04L61/5007

Abstract: Techniques for using more-specific routing to perform scalable Layer-2 (L2) stretching of subnets across hybrid-cloud environments. Routing tables in a public cloud may allow for routes that are more specific than the default local route, and the more-specific routes may be used to send all traffic to a dedicated, cloud router. The more-specific routes are set up for a VPC where a subnet resides such that the more specific-routes cover at least a portion of subnet range. The next hop for the more-specific routes point to the cloud router which is capable of doing host routing and segmentation extension. Thus, traffic originating from endpoints in a VPC is routed to the cloud router, and the cloud router determines whether the traffic is to be re-routed back to a destination endpoint in the VPC (or another cloud location), or sent to a destination endpoint residing in the on-premises site.

公开(公告)号：US20210320817A1

公开(公告)日：2021-10-14

申请号：US16848647

申请日：2020-04-14

Applicant: Cisco Technology, Inc.

Inventor： Rajagopalan Janakiraman ,  Sivakumar Ganapathy ,  Shashank Chaturvedi ,  Suresh Pasupula ,  Prashanth Matety ,  Sachin Gupta

IPC: H04L12/46 ,  H04L29/08 ,  H04L29/12

Abstract: Techniques and architecture for routing data packets through networks that include TGWs. A data packet may be received from a TGW at an infra VPC. A TGW attachment on which the data packet was received is determined. Based at least in part on the TGW attachment, the data packet is routed to a CSR at the infra VPC. Load balancing may be achieved by defining VRF groups that include VPCs and the TGWs. Each VRF group may be assigned to an interface of one or more CSRs. Also, the VRF groups allow for supporting overlapping subnets.

公开(公告)号：US20210266255A1

公开(公告)日：2021-08-26

申请号：US16799476

申请日：2020-02-24

Applicant: Cisco Technology, Inc.

Inventor： Sivakumar Ganapathy ,  Saurabh Jain ,  Neelesh Kumar ,  Prashanth Matety ,  Hari Hara Prasad Muthulingam ,  Suresh Pasupula

IPC: H04L12/741 ,  H04L29/08 ,  H04L12/46

Abstract: Techniques for maintaining virtual routing and forwarding (VRF) segregation for network paths through multi-cloud fabrics that utilize shared services, e.g., application load balancers. The router of a first network of a multi-cloud fabric receives a first data packet from a source end-point group within the first network and forwards the first data packet to a service end-point group. The service end-point group may forward the first data packet to a destination end-point group of a second network of the multi-cloud fabric. The service end-point group may receive a second data packet from the destination end-point group and forward the second data packet to the router. Based on one of (i) an identity of the service end-point group or (ii) an address of the source end-point group, a VRF may be identified and the second data packet may be forwarded by the router to the source end-point group using the VRF.

公开(公告)号：US10432420B2

公开(公告)日：2019-10-01

申请号：US15662556

申请日：2017-07-28

Applicant: Cisco Technology, Inc.

Inventor： Priyanka Warade ,  Gaurav Badoni ,  Suresh Pasupula ,  Senthil Kenchiah

IPC: H04L12/28 ,  H04L12/54 ,  H04L12/46 ,  H04L12/705 ,  H04L12/721

Abstract: Methods, devices, and computer-readable medium for preventing broadcast looping during a site merge are described herein. An example method can include detecting a site merge between a plurality of layer 2 (L2) networks using a spanning tree protocol (STP), blocking a data traffic port connecting the L2 networks in response to detecting the site merge, and performing an STP-Ethernet virtual private network (EVPN) handshake. The STP-EVPN handshake can include changing a root bridge in one of the L2 networks. Thereafter, the method can include unblocking the data traffic port connecting the L2 networks. In other words, the data traffic port connecting the L2 networks can be unblocked after changing the root bridge in the one of the L2 networks.