公开(公告)号：US09203643B2

公开(公告)日：2015-12-01

申请号：US13644100

申请日：2012-10-03

Applicant: Cisco Technology, Inc.

Inventor： Yibin Yang ,  Chiajen Tsai ,  Patnala Debashis Rao ,  Yuchen Zhou

IPC: H04L12/801 ,  H04L12/26 ,  H04L12/24 ,  H04L12/721 ,  H04L12/753 ,  H04L12/46

CPC classification number: H04L12/462 ,  H04L45/48 ,  H04L45/66

Abstract: Methods and apparatuses for rapid TRILL convergence are disclosed herein. The methods can be implemented in a network including a plurality of RBridges or in a cloud network environment including a plurality of cloud switch domains. An example method for rapid TRILL convergence can include: Executing a spanning tree protocol (STP) for network topology in a network; and executing a Hello protocol for control and forwarding at the RBridge. The Hello protocol can be configured to elect a designated RBridge and assign an appointed forwarder. The method can also include assigning a transient appointed forwarder during a period of time between convergence of the STP and convergence of the Hello protocol. The transient appointed forwarder can be configured to forward frames in the network during the period of time between convergence of the STP and convergence of the Hello protocol.

Abstract translation: 本文公开了用于快速TRILL收敛的方法和装置。 该方法可以在包括多个RBridge的网络中或在包括多个云交换机域的云网络环境中实现。 快速TRILL融合的示例方法可以包括：对网络中的网络拓扑执行生成树协议（STP）; 并在RBridge执行Hello协议进行控制和转发。 Hello协议可以配置为选择指定的RBridge并分配指定的转发器。 该方法还可以包括在STP的收敛和Hello协议的收敛之间的一段时间内分配临时指定的转发器。 临时指定的转发器可以配置为在STP收敛和Hello协议收敛之间的时间段内转发网络中的帧。

公开(公告)号：US09065661B2

公开(公告)日：2015-06-23

申请号：US13787453

申请日：2013-03-06

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Yibin Yang ,  Chiajen Tsai ,  Liqin Dong ,  Shyam Kapadia

IPC: H04L12/00 ,  H04L12/18

CPC classification number: H04L12/18 ,  H04L12/1886 ,  H04L45/16

Abstract: A method is provided in one example embodiment and includes determining a route target (“RT”) membership for a network element; determining at least one attribute for the RT membership; and advertising the RT membership with the at least one attribute to other network elements. The at least one attribute may include an RT membership type attribute for indicating whether the RT membership is due to a local virtual network connection, transit support, or both. Additionally or alternatively, the at least one attribute may include a distribution tree binding attribute for indicating a distribution tree for the RT membership.

Abstract translation: 在一个示例实施例中提供了一种方法，并且包括确定网络元件的路由目标（“RT”）成员资格; 确定RT成员资格的至少一个属性; 以及将具有至少一个属性的RT成员资格广告到其他网络元件。 所述至少一个属性可以包括用于指示RT成员资格是由于本地虚拟网络连接，中转支持还是两者的RT成员资格类型属性。 另外或替代地，所述至少一个属性可以包括用于指示RT成员资格的分发树的分发树绑定属性。

公开(公告)号：US10891147B1

公开(公告)日：2021-01-12

申请号：US15376365

申请日：2016-12-12

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Vijayan Ramakrishnan ,  Saurabh Jain ,  Vijay Chander ,  Ronak K. Desai ,  Praveen Jain ,  Munish Mehta ,  Yibin Yang

IPC: G06F9/455

Abstract: Aspects of the embodiments are directed to forming a virtual machine management (VMM) domain in a heterogeneous datacenter. Aspects can include mapping an endpoint group to multiple VMM domains, each VMM domain associated with one or more virtual machine management systems of a single type that each share one or more management system characteristics; instantiating a virtual switch instance, the virtual switch instance associated with a the VMM domain; and instantiating the endpoint group mapped to the VMM domain as a network component associated with the virtual switch instance.

公开(公告)号：US10469402B2

公开(公告)日：2019-11-05

申请号：US15353093

申请日：2016-11-16

Applicant: Cisco Technology, Inc.

Inventor： Saurabh Jain ,  Vijay K. Chander ,  Vijayan Ramakrishnan ,  Ronak K. Desai ,  Praveen Jain ,  Munish Mehta ,  Yibin Yang

IPC: G06F15/167 ,  H04L12/919 ,  H04L12/24

Abstract: The techniques presented herein use dynamic endpoint group (EPG) binding changes to facilitate cross-tenant resource sharing. A first node of a multi-tenant software defined network determines that an application on a first endpoint has initiated operation and needs temporary access to resources located at a second endpoint. The first and second endpoints are associated with first and second tenants, respectively, that are logically segregated from one another by the software defined network. The first node dynamically changes an initial EPG binding associated with the first endpoint to a second EPG binding that enables the first endpoint to temporarily directly access the resources at the second endpoint. The first node subsequently determines that the application on the first endpoint no longer needs access to the resources located at a second endpoint and, as such, changes the second EPG binding associated with the first endpoint back to the initial EPG binding.

公开(公告)号：US20180131610A1

公开(公告)日：2018-05-10

申请号：US15864762

申请日：2018-01-08

Applicant: Cisco Technology, Inc.

Inventor： Liqin Dong ,  Yibin Yang

IPC: H04L12/741 ,  H04L12/931 ,  H04L12/46 ,  H04L12/713

Abstract: A method for programming a MAC address table by a first leaf node in a network comprising a plurality of leaf nodes is provided. Each leaf node comprises one or more Virtual Tunnel End Points (“VTEPs”) and instantiates a plurality of Virtual Routing and Forwarding elements (“VRFs”), with a corresponding Bridge Domain (“BD”) assigned to each VRF. The method includes obtaining information indicating one or more VTEP Affinity Groups (VAGs), each VAG comprising an identification of one VTEP per leaf node, obtaining information indicating assignment of each VRF to one of the VAGs, assigning each VAG to a unique Filtering Identifier (“FID”), thereby generating one or more FIDs, and programming the MAC address table, using FIDs instead of BDs, by populating the MAC address table with a plurality of entries, each entry comprising a unique combination of a FID and a MAC address of a leaf node.

公开(公告)号：US20180054326A1

公开(公告)日：2018-02-22

申请号：US15785134

申请日：2017-10-16

Applicant: Cisco Technology, Inc.

Inventor： Shyam Kapadia ,  Rick Chang ,  Yibin Yang ,  Rajesh Babu Nataraja

IPC: H04L12/46 ,  H04L12/24 ,  H04L12/931 ,  H04L12/753

CPC classification number: H04L12/4641 ,  H04L12/4625 ,  H04L12/4633 ,  H04L41/0803 ,  H04L41/0816 ,  H04L41/12 ,  H04L41/26 ,  H04L45/48 ,  H04L49/354

Abstract: In accordance with one example embodiment, there is provided a system configured for virtual local area network (VLAN) blocking on a virtual port channel (vPC) member link to handle discrepant virtual network instance (VNI) to VLAN mappings. In other embodiments, the system can be configured for providing Virtual Switch Interface Discovery Protocol (VDP) and virtual switch enhancements to accommodate discrepant VNI to VLAN mappings. In another example embodiment, an apparatus is provided that includes a processor, and a memory coupled to the processor, where the apparatus is configured such that if a server is connected through a virtual port channel, a VDP is used to notify the server of different VNI to VLAN mappings. In another embodiment, the apparatus can extend a VDP Filter Info Field to carry a set of VLANs mapped to a VNI, keyed by leaf MAC addresses that serve as bridge identifiers.

公开(公告)号：US20170339188A1

公开(公告)日：2017-11-23

申请号：US15159379

申请日：2016-05-19

Applicant: Cisco Technology, Inc.

Inventor： Praveen Jain ,  Munish Mehta ,  Saurabh Jain ,  Yibin Yang

IPC: H04L29/06

CPC classification number: H04L63/20 ,  G06F9/455 ,  H04L45/586 ,  H04L49/70 ,  H04L63/0428

Abstract: Microsegmentation in a heterogeneous software-defined network can be performed by classifying endpoints associated with a first virtualized environment into respective endpoint groups based on respective attributes, and classifying endpoints associated with a second virtualized environment into respective security groups based on respective attributes. Each respective endpoint group can correspond to a respective security group having the same attribute. Each respective endpoint group and corresponding security group can be associated with a respective policy model defining rules for processing associated traffic. Each of the respective security groups can be used to generate a respective network attribute endpoint group, which can include the network addresses of those endpoints in the respective security group. Each respective network attribute endpoint group can inherit the policy model of the respective endpoint group corresponding to the respective security group. Traffic between the endpoints can then be processed based on the various classifications and associated rules.

公开(公告)号：US09819574B2

公开(公告)日：2017-11-14

申请号：US14535665

申请日：2014-11-07

Applicant: Cisco Technology, Inc.

Inventor： Yibin Yang ,  Liqin Dong ,  Alex Tsai ,  Rajagopalan Janakiraman

IPC: H04L12/761 ,  H04L12/947 ,  H04L29/08

CPC classification number: H04L45/16 ,  H04L49/25 ,  H04L69/325

Abstract: Coordinating gateways for multi-destination traffic across a TRILL fabric and a VXLAN/IP fabric with a plurality of TRILL IS-IS TLVs and a plurality of Layer 3 IS-IS TLVs is provided herein. The plurality of TRILL IS-IS TLVs and the plurality of Layer 3IS-IS TLVs effectuate: grafting an IP multicast share tree with a plurality of TRILL distribution trees at only one of a plurality of gateways in a network interworking a TRILL fabric and a VXLAN/IP fabric; ensuring that multicast traffic traversing from the plurality of TRILL distribution trees is not looped back to the TRILL fabric through the VXLAN/IP fabric; restoring connectivity among a plurality of VXLAN/IP fabric partitions through the TRILL fabric if the VXLAN/IP fabric is partitioned; and restoring connectivity among a plurality of TRILL fabric partitions through the VXLAN/IP fabric if the TRILL fabric is partitioned.

公开(公告)号：US09559854B2

公开(公告)日：2017-01-31

申请号：US14312347

申请日：2014-06-23

Applicant: Cisco Technology, Inc.

Inventor： Liqin Dong ,  Yibin Yang ,  Xinggang Zhou

IPC: G01R31/08 ,  H04L12/18 ,  H04L12/24 ,  H04L12/801

CPC classification number: H04L12/18 ,  H04L12/185 ,  H04L12/1886 ,  H04L41/0654 ,  H04L41/0843 ,  H04L45/16 ,  H04L47/12

Abstract: Multi-destination frames in a network fabric may be carried in IP multicast packets. As such, the network fabric may us IP multicast technique such as a PIM protocol for handling the multi-destination frames. To provide redundancy, the system administrator can use phantom rendezvous points (RPs) that include multiple physical RPs where one of the RPs serves as a primary RP and the other RPs serve as secondary RPs (e.g., backup RPs). Instead of the system administrator manually configuring the phantom RPs, the RPs are automatically configured. To do so, the system administrator may use a GUI to provide multicast groups allocated for the multi-destination traffic, the number of desired phantom RPs (or physical RPs), and the desired RP redundancy. Based on these parameters, a data center manager generates one or more templates that automatically configure the network devices in the fabric as they are booted.

Abstract translation: 网络结构中的多目的帧可以在IP组播数据包中携带。 因此，网络结构可能需要IP组播技术，例如用于处理多目的地帧的PIM协议。 为了提供冗余，系统管理员可以使用包含多个物理RP的幻像会合点（RP），其中一个RP用作主RP，而其他RP用作辅助RP（例如备份RP）。 而不是系统管理员手动配置幻像RP，RP会自动配置。 为此，系统管理员可以使用GUI来提供为多目的地业务分配的组播组，所需的幻象RP（或物理RP）的数量以及期望的RP冗余。 基于这些参数，数据中心管理器生成一个或多个模板，在模板启动时自动配置网络设备。

公开(公告)号：US20160352633A1

公开(公告)日：2016-12-01

申请号：US14723291

申请日：2015-05-27

Applicant: Cisco Technology, Inc.

Inventor： Shyam Kapadia ,  Liqin Dong ,  Yibin Yang

IPC: H04L12/715 ,  H04L12/721

CPC classification number: H04L45/64 ,  H04L12/46 ,  H04L12/4625 ,  H04L12/4633 ,  H04L41/04 ,  H04L45/38 ,  H04L45/66 ,  H04L45/74

Abstract: Systems, methods, and computer-readable media for OAM in overlay networks. In response to receiving a packet associated with an OAM operation from a device in an overlay network, the system generates an OAM packet. The system can be coupled with the overlay network and can include a tunnel endpoint interface associated with an underlay address and a virtual interface associated with an overlay address. The overlay address can be an anycast address assigned to the system and another device in the overlay network. Next, the system determines that a destination address associated with the packet is not reachable through the virtual interface, the destination address corresponding to a destination node in the overlay network. The system also determines that the destination address is reachable through the tunnel endpoint interface. The system then provides the underlay address associated with the tunnel endpoint interface as a source address in the OAM packet.

Abstract translation: 覆盖网络中的OAM的系统，方法和计算机可读介质。 响应于从覆盖网络中的设备接收到与OAM操作相关联的分组，系统生成OAM分组。 该系统可以与覆盖网络耦合，并且可以包括与底层地址相关联的隧道端点接口和与覆盖地址相关联的虚拟接口。 覆盖地址可以是分配给系统的任播地址和覆盖网络中的另一个设备。 接下来，系统确定与分组相关联的目的地地址不能通过虚拟接口访问，该目的地址对应于覆盖网络中的目的地节点。 系统还通过隧道端点接口确定目的地址可达。 然后，该系统提供与隧道端点接口相关联的底层地址作为OAM分组中的源地址。