公开(公告)号：US12107754B2

公开(公告)日：2024-10-01

申请号：US17712342

申请日：2022-04-04

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Venkatavaradhan Devarajan ,  Vinayak Joshi

IPC: H04L45/02 ,  H04L9/40 ,  H04L12/46

CPC classification number: H04L45/02 ,  H04L12/4641 ,  H04L45/04 ,  H04L63/08 ,  H04L63/105

Abstract: In an example, a switch may receive an authentication request from a host associated with a first wireless access point (WAP) connected to the switch. The switch acts as a VXLAN Tunnel Endpoint (VTEP) in a Border Gateway Protocol (BGP) Ethernet Virtual Private Network (EVPN) based Virtual Extensible Local Area Network (VXLAN). The switch forwards the authentication request to an authentication server and on successful authentication of the host, may associate a role information with the host based on an authentication response from the authentication server. Further, the switch may create a BGP extended community field carrying the role identifier indicative of network policies to be implemented for the host and attach the BGP extended community field with a route advertisement. The switch then sends the route advertisement to another switch. The another switch is configured as a peer VTEP in the VXLAN. The switch and the another switch is configured in a single Virtual Local Area Network (VLAN).

公开(公告)号：US12095656B2

公开(公告)日：2024-09-17

申请号：US17391836

申请日：2021-08-02

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Saumya Dikshit ,  Vinayak Joshi ,  Venkatavaradhan Devarajan

IPC: H04L45/28 ,  H04L12/46 ,  H04L41/0604 ,  H04L41/0816 ,  H04L45/24 ,  H04L45/74 ,  H04L101/622

CPC classification number: H04L45/28 ,  H04L12/4633 ,  H04L12/4641 ,  H04L41/0627 ,  H04L41/0816 ,  H04L45/245 ,  H04L45/74 ,  H04L2101/622

Abstract: In an example, a failure event is detected in a network, where the failure event is indicative of a network outage in a network device or a peer network device of an MC-LAG. The network device and the peer network device may be configured as a first VTEP in an overlay network. It may be determined that reprovisioning of virtual tunnels in the network device is incomplete. State parameters between the network device and the peer network device is synchronized. The set of virtual tunnels in the network device is provisioned based on the state parameters. After completion of provisioning of the virtual tunnels, an IP address of the first VTEP is published to underlay network devices connecting the first VTEP to a second VTEP over an underlay network. Subsequently, communication links between the MC-LAG and a host device is enabled.

公开(公告)号：US11528224B1

公开(公告)日：2022-12-13

申请号：US17503157

申请日：2021-10-15

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Saumya Dikshit ,  Venkatavaradhan Devarajan

IPC: G06F15/173 ,  H04L45/64

Abstract: A system for redirecting traffic is provided. The system can allow a first switch to participate in a virtual switch in conjunction with a second switch of an overlay tunnel fabric. A path between a respective switch pair of an underlying network of the fabric can be determined based on a routing process. The first and second switches may individually participate in the routing process. Hence, the packets to a tunnel to the virtual switch can be distributed among paths to the first and second switches. The system can determine a trigger condition indicating that packets subsequently received via the tunnel is to be directed to a path to the second switch. The first and second switches can remain in an operational state. The system can then advertise a high cost for a link to the first switch for the routing process in the underlying network.

公开(公告)号：US11425031B2

公开(公告)日：2022-08-23

申请号：US16368192

申请日：2019-03-28

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Tathagata Nandy ,  Venkatavaradhan Devarajan ,  Mithun Kumar Halder

IPC: H04L45/24 ,  H04L69/14 ,  H04L69/325 ,  H04L61/5007 ,  H04L45/74 ,  H04L61/103 ,  H04L45/58 ,  H04L12/46

Abstract: Examples disclosed herein relate to establishing a layer 3 (L3) Multi-Chassis Link Aggregation Group (MC-LAG). In an example, a common IP address and a common MAC address may be associated with a primary network device and a secondary network device. A layer 3 MC-LAG may be established in a multi-homing configuration between the primary network device and the secondary network device to provide a redundant L3 connectivity to a core network device in a network. A dedicated communication link may be established between the primary network device and the secondary network device, for the primary network device and the secondary network device to share network packets.

公开(公告)号：US11108622B2

公开(公告)日：2021-08-31

申请号：US16690290

申请日：2019-11-21

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Tathagata Nandy ,  Venkatavaradhan Devarajan ,  Guru Gurram Janardhan

IPC: G06F11/00 ,  H04L12/24 ,  H04L12/18

Abstract: Systems and methods are provided for performing a node-level redundant failover-type process with respect to the protocol-independent multicast (PIM) functionality in a multi-chassis environment. When a PIM-related failure occurs on a first network device, but otherwise it remains operational, a second network device is configured to assume responsibility for performing PIM data traffic forwarding. Upon detecting the PIM-related failure of the first network device, the second network device sends a PIM-DR failover event signal to the second network device's PIM module by loading multicast route states used by the first network device into the PIM data traffic forwarding hardware of the second network device. Upon the second network device assuming responsibility, the first network device disables its PIM data traffic forwarding functionality.

公开(公告)号：US10924396B2

公开(公告)日：2021-02-16

申请号：US16276853

申请日：2019-02-15

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Anoop Govindan Nair ,  Anil Raj ,  Venkatavaradhan Devarajan

IPC: H04L12/713 ,  H04L12/46 ,  H04L12/66 ,  H04L1/22 ,  H04L29/14

Abstract: A method for use in a network, including: receiving network traffic at a redundant gateway device established according to a redundant gateway protocol; forwarding known unicast traffic received at the redundant gateway device from the redundant gateway device to a tunnel endpoint through a tunnel established according to a tunneling protocol; forwarding broadcast, unknown unicast, and multicast traffic to the tunnel endpoint through the tunnel if the redundant gateway device is a master gateway under the redundant gateway protocol; and dropping the broadcast, unknown unicast, and multicast traffic if the redundant gateway device is a backup gateway under the redundant gateway protocol.

公开(公告)号：US20200084144A1

公开(公告)日：2020-03-12

申请号：US16276853

申请日：2019-02-15

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Anoop Govindan Nair ,  Anil Raj ,  Venkatavaradhan Devarajan

IPC: H04L12/713 ,  H04L12/46 ,  H04L29/14 ,  H04L1/22 ,  H04L12/66

Abstract: A method for use in a network, including: receiving network traffic at a redundant gateway device established according to a redundant gateway protocol; forwarding known unicast traffic received at the redundant gateway device from the redundant gateway device to a tunnel endpoint through a tunnel established according to a tunneling protocol; forwarding broadcast, unknown unicast, and multicast traffic to the tunnel endpoint through the tunnel if the redundant gateway device is a master gateway under the redundant gateway protocol; and dropping the broadcast, unknown unicast, and multicast traffic if the redundant gateway device is a backup gateway under the redundant gateway protocol.

公开(公告)号：US20200044965A1

公开(公告)日：2020-02-06

申请号：US16201319

申请日：2018-11-27

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Anil Raj ,  Anoop Govindan Nair ,  Venkatavaradhan Devarajan

IPC: H04L12/713 ,  H04L12/733 ,  H04L12/721 ,  H04L12/709

Abstract: Examples disclosed herein relate to a method comprising receiving, at a first switch, a bidirectional forwarding detection packet, wherein the first switch and a second switch are part of a virtualized switch and each switch in the virtualized switch has a same Media Access Control (MAC) address, determining, at the first switch, that a destination MAC address included in the bidirectional forwarding detection packet is not owned by the first switch, determining, at the first switch, that the destination MAC address is owned by the second switch and bridging, from the first switch, the bidirectional forwarding detection packet to the second switch that owns the MAC address.

公开(公告)号：US20190158381A1

公开(公告)日：2019-05-23

申请号：US16258831

申请日：2019-01-28

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Suresh Kumar Reddy Beeram ,  Venkatavaradhan Devarajan

IPC: H04L12/761 ,  H04L12/18 ,  H04L29/12 ,  H04L29/06 ,  H04L12/753 ,  H04L12/931 ,  H04L12/46 ,  H04L12/823

CPC classification number: H04L45/16 ,  H04L12/18 ,  H04L12/1886 ,  H04L12/4633 ,  H04L12/4641 ,  H04L45/48 ,  H04L47/32 ,  H04L49/70 ,  H04L61/2069 ,  H04L69/22 ,  H04L2212/00

Abstract: An example system in accordance with an aspect of the present disclosure includes an inspection engine and a forwarding engine. The inspection engine is to identify whether a tunneled network packet is associated with the multicast group address and a VNI that is contained in the mapping table. The forwarding engine is to forward or discard the packet in response to whether the VNI is contained in the mapping table.

公开(公告)号：US11888901B2

公开(公告)日：2024-01-30

申请号：US17409179

申请日：2021-08-23

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Vinayak Joshi ,  Venkatavaradhan Devarajan ,  Rajib Majila ,  Tathagata Nandy

IPC: H04L9/40 ,  H04L9/32

CPC classification number: H04L63/20 ,  H04L63/0236 ,  H04L63/105

Abstract: Examples disclosed herein relate to a method for defining an ingress access policy at an ingress network device based on instructions from an egress network device. The egress network device receives data packets directed to a first entity from a second entity connected to an ingress network device. Each data packet transmitted includes a source role tag corresponding to the second entity. At the egress network device, the data packets may be dropped based on the enforcement of an egress access policy. When the number of data packets that are being dropped increases beyond a pre-defined threshold, the egress network device transmits a command to the ingress network device instructing the ingress network device to create a restriction on the transmission of subsequent data packets. The command is transmitted in a Border Gateway Protocol (BGP) Flow Specification (FlowSpec) route.