公开(公告)号：US20220311709A1

公开(公告)日：2022-09-29

申请号：US17686577

申请日：2022-03-04

Applicant: Cisco Technology, Inc.

Inventor： Sebastian Jeuk ,  Gonzalo Salgueiro

IPC: H04L45/64 ,  H04L45/42 ,  H04L47/2425 ,  H04L45/12

Abstract: Disclosed is a system and method of providing a segment routing as a service application. The method includes receiving a configuration of an internet protocol environment. The configuration can be a layer 3 configuration of a single cloud environment or even across multiple cloud environments. The configuration defines routing, forwarding, and paths in the environment between different entities such as virtual machines. The method includes receiving a parameter associated with a workload of a tenant. The parameter can be a service level agreement (i.e., a best bandwidth available), a pathway requirement, a parameter associated with specific workload, and so forth. Based on the configuration and the parameter, the method includes generating tenant-defined layer 3 overlay segment routing rules that define how the workload of the tenant will route data in the internet protocol environment using segment routing.

公开(公告)号：US11438226B2

公开(公告)日：2022-09-06

申请号：US17165364

申请日：2021-02-02

Applicant: Cisco Technology, Inc.

Inventor： Derek William Engi ,  Gonzalo Salgueiro ,  M. David Hanes ,  Bradley Wise ,  Md Atiqur Rahman

IPC: H04L41/0816 ,  H04L41/08 ,  H04L41/0604 ,  H04L41/22 ,  H04L41/085

Abstract: In one example, a logical representation of a first graph is generated. The first graph indicates a configuration of a network device in a network at a first time. The first graph includes a first node representative of a first configuration block of the network device, a second node representative of a second configuration block of the network device, and a first link that indicates, by connecting the first node and the second node, that the first configuration block is associated with the second configuration block. The logical representation of the first graph is compared to a logical representation of a second graph that indicates an actual or planned configuration of the network device at a second time subsequent to the first time. In response, one or more changes in the configuration of the network device from the first time to the second time are identified.

公开(公告)号：US11283712B2

公开(公告)日：2022-03-22

申请号：US16915657

申请日：2020-06-29

Applicant: Cisco Technology, Inc.

Inventor： Sebastian Jeuk ,  Gonzalo Salgueiro

IPC: H04L12/715 ,  H04L45/64 ,  H04L45/42 ,  H04L47/2425 ,  H04L45/12

Abstract: Disclosed is a system and method of providing a segment routing as a service application. The method includes receiving a configuration of an internet protocol environment. The configuration can be a layer 3 configuration of a single cloud environment or even across multiple cloud environments. The configuration defines routing, forwarding, and paths in the environment between different entities such as virtual machines. The method includes receiving a parameter associated with a workload of a tenant. The parameter can be a service level agreement (i.e., a best bandwidth available), a pathway requirement, a parameter associated with specific workload, and so forth. Based on the configuration and the parameter, the method includes generating tenant-defined layer 3 overlay segment routing rules that define how the workload of the tenant will route data in the internet protocol environment using segment routing.

公开(公告)号：US10979302B2

公开(公告)日：2021-04-13

申请号：US15830797

申请日：2017-12-04

Applicant: Cisco Technology, Inc.

Inventor： Charles Calvin Byers ,  Gonzalo Salgueiro ,  Joseph Michael Clarke ,  M. David Hanes

IPC: H04L12/24 ,  G06F9/50 ,  G06N20/00

Abstract: Meta behavioral analytics techniques include, at one or more network devices that are operatively coupled to a plurality of behavioral analytics systems associated with a network or system, monitoring data outputs of the plurality of behavioral analytics systems that are representative of activity in the network or system. The one or more network devices correlate the data outputs from two or more of the plurality of behavioral analytics systems that are dedicated to analyzing different subject matter domains. Additionally, based on the correlating, the one or more network devices detect a previously unidentified condition in (a) the network or system; or (b) one of the plurality of behavioral analytics systems.

公开(公告)号：US20210092068A1

公开(公告)日：2021-03-25

申请号：US17110196

申请日：2020-12-02

Applicant: Cisco Technology, Inc.

Inventor： Akramsheriff Ismailsheriff ,  Santosh Ramrao Patil ,  Gonzalo Salgueiro ,  M. David Hanes

IPC: H04L12/851 ,  H04L12/801 ,  H04L12/807 ,  H04L12/841 ,  H04L12/815

Abstract: Systems and methods provide for generating traffic class-specific congestion signatures and other machine learning models for improving network performance. In some embodiments, a network controller can receive historical traffic data captured by a plurality of network devices within a first period of time that the network devices apply one or more traffic shaping policies for a predetermined traffic class and a predetermined congestion state. The controller can generate training data sets including flows of the historical traffic data labeled as corresponding to the predetermined traffic class and predetermined congestion state. The controller can generate, based on the training data sets, traffic class-specific congestion signatures that receive input traffic data determined to correspond to the predetermined traffic class and output an indication whether the input traffic data corresponds to the predetermined congestion state. The controller can adjust, based on the congestion signatures, traffic shaping operations of the plurality of network devices.

公开(公告)号：US20210006489A1

公开(公告)日：2021-01-07

申请号：US17028772

申请日：2020-09-22

Applicant: Cisco Technology, Inc.

Inventor： Sebastian Jeuk ,  Ralf Rantzau ,  Gonzalo Salgueiro

IPC: H04L12/761 ,  H04L12/18 ,  H04L12/54 ,  H04L12/741

Abstract: In an embodiment, a data processing method comprises receiving, at a BIER replicator node that is programmed to implement Bit Index Explicit Replication (BIER) protocol, from a data source, a multicast stream packet identifying a service-level multicast group address; using the BIER replicator node, replicating the multicast stream packet according to BIER protocol and transmitting two or more replicated packet streams to two or more BIER receiver nodes that are programmed to implement BIER; using the two or more BIER receiver nodes, transmitting the two or more replicated packet streams to two or more receivers. Other embodiments may use modified iOAM (In-situ Operations, Administration, and Maintenance) techniques.

公开(公告)号：US10785122B2

公开(公告)日：2020-09-22

申请号：US16153417

申请日：2018-10-05

Applicant: Cisco Technology, Inc.

Inventor： Kaustubh Inamdar ,  Ram Mohan Ravindranath ,  Gonzalo Salgueiro ,  Sebastian Jeuk

IPC: G06F15/173 ,  H04L12/24 ,  H04L29/08 ,  H04L12/26

Abstract: Systems and methods provide for validating a canary release of containers in a containerized production environment. A first container of the containerized production environment can receive network traffic. The first container can transmit the network traffic to a first version of a second container of the containerized production environment and to a traffic analysis engine. First metrics relating to processing by the first version of the second container can be captured. The traffic analysis engine can determine one or more traffic patterns included in the network traffic. The traffic analysis engine can cause simulated network traffic corresponding to the one or more traffic patterns to be transmitted to a second version (e.g., a canary release) of the containerized production environment. Second metrics relating to processing by the second version of the second container can be captured. A comparison between the first metrics and the second metrics can be presented.

公开(公告)号：US20200272859A1

公开(公告)日：2020-08-27

申请号：US16282781

申请日：2019-02-22

Applicant: Cisco Technology, Inc.

Inventor： Volodymyr Iashyn ,  Gonzalo Salgueiro ,  M. David Hanes

IPC: G06K9/62 ,  G06F9/48 ,  H04L29/08 ,  G06N20/00

Abstract: Systems, methods, and computer-readable mediums for distributing machine learning model training to network edge devices, while centrally monitoring training of the models and controlling deployment of the models. A machine learning model architecture can be generated at a machine learning structure controller. The machine learning model architecture can be deployed to network edge devices in a network environment to instantiate and train a machine learning model at the network edge devices. Performance reports indicating performance of the machine learning model at the network edge devices can be received by the machine learning structure controller from the network edge devices. The machine learning structure controller can determine whether to deploy another machine learning model architecture to the network edge devices based on the performance reports and subsequently deploy the another architecture to the network edge devices if it is determined to deploy the architecture based on the performance reports.

公开(公告)号：US10652155B2

公开(公告)日：2020-05-12

申请号：US16384464

申请日：2019-04-15

Applicant: Cisco Technology, Inc.

Inventor： Sebastian Jeuk ,  Gonzalo Salgueiro

IPC: H04L12/14 ,  H04L12/813 ,  H04L12/851 ,  H04L12/859 ,  H04L12/24

Abstract: Disclosed is a system and method of providing transport-level identification and isolation of container traffic. The method includes assigning, by a software-defined-network (SDN) controller in an SDN-enable cloud environment, a service-ID to a service, a tenant-ID to a tenant and/or workload-ID to yield universal cloud classification details, and extracting, from a data flow, the universal cloud classification details. The method includes receiving a policy, generating flow rules based on the policy and universal cloud classification details, and transmitting the flow rules to an openflow application to confine packet forwarding decisions for the data flow.

公开(公告)号：US10601672B2

公开(公告)日：2020-03-24

申请号：US15791587

申请日：2017-10-24

Applicant: Cisco Technology, Inc.

Inventor： Sebastian Jeuk ,  Gonzalo Salgueiro ,  Ralf Rantzau

IPC: G06F15/173 ,  H04L12/24 ,  G06N5/04 ,  G06N20/00 ,  G06F9/50 ,  H04L29/08

Abstract: The present disclosure involves systems and methods for obtaining and correlating workload performance information from multiple tenants on a computing network and providing deployment improvement suggestions to a cloud operator or tenant based at least on the correlated workload performance information. In one particular implementation, applications deployed and executed on the cloud environment may provide performance logs and/or metrics to an inter-tenant workload engine of the cloud environment. The workload engine may utilize the received performance information to detect performance patterns of an application across the different tenant deployments. A recommendation engine may analyze the performance characteristics across the multiple tenant applications and determine an optimized deployment of the application and generate recommended deployment instructions to a cloud environment administrator and/or one or more tenants of the cloud environment.