公开(公告)号：US11228651B2

公开(公告)日：2022-01-18

申请号：US16559526

申请日：2019-09-03

Applicant: Cisco Technology, Inc.

Inventor： Edward A. Warnicke ,  Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Rajiv Asati

IPC: H04L29/08 ,  H04L12/26

Abstract: Techniques for network validation are provided. A first request is received at a first manager component, from a first client. The first client and the first manager component are on a first node of a plurality of nodes, and the first request specifies a desired network service. A first network service endpoint that is capable of providing the desired network service is identified, where the first network service endpoint is on a second node of the plurality of nodes. A connection is established between a first validation agent on the first node and a second validation agent on the second node. Finally, upon determining that the connection between the first and second validation agents satisfies predefined criteria, a connection is established between the first client and the first network service endpoint.

公开(公告)号：US11223567B2

公开(公告)日：2022-01-11

申请号：US16251625

申请日：2019-01-18

Applicant: Cisco Technology, Inc.

Inventor： Edward A. Warnicke ,  William Mark Townsley

IPC: H04L12/801 ,  H04L29/06 ,  H04L12/931 ,  H04L12/807 ,  H04L29/08

Abstract: A first node in a service mesh is configured to perform one or more services on network traffic obtained from an upstream network element via a pre-existing Transmission Control Protocol (TCP) session and provide the network traffic obtained from the upstream network element via the pre-existing TCP session to a downstream network element. The first node determines that the first node should no longer obtain the network traffic from the upstream network element via the pre-existing TCP session. In response, the first node provides state information for the pre-existing TCP session to the downstream network element. The downstream network element is configured to establish a new TCP session having the state information for the pre-existing TCP session with the upstream network element and to obtain further network traffic from the upstream network element via the new TCP session. The first node terminates the pre-existing TCP session.

公开(公告)号：US20210266262A1

公开(公告)日：2021-08-26

申请号：US16983346

申请日：2020-08-03

Applicant: Cisco Technology, Inc.

Inventor： Sridhar Subramanian ,  Fabio Rodolfo Maino ,  Alberto Rodriguez Natal ,  Vijoy Anand Pandey ,  Edward A. Warnicke ,  John Andrew Joyce ,  Timothy James Swanson ,  Loránd Jakab

IPC: H04L12/813 ,  H04L29/08 ,  H04L12/28 ,  H04L12/723 ,  H04L29/06 ,  H04L12/24

Abstract: In one embodiment, a device of a software-defined wide area network (SD-WAN) receives, from a cloud-native application, contextual data for the cloud-native application that identifies microservices of the cloud-native application. The device translates the contextual data for the cloud-native application into a network policy for traffic in the SD-WAN associated with the cloud-native application. The device applies the network policy to a traffic flow in the SD-WAN between an endpoint and a particular microservice of the cloud-native application.

公开(公告)号：US10812374B2

公开(公告)日：2020-10-20

申请号：US16138595

申请日：2018-09-21

Applicant: Cisco Technology, Inc.

Inventor： Giles Douglas Yorke Heron ,  Edward A. Warnicke ,  William Mark Townsley ,  Yoann Desmouceaux

IPC: H04L12/707 ,  H04L12/715 ,  H04L12/721 ,  H04L29/12 ,  H04L12/703 ,  H04L12/725

Abstract: Systems and methods provide for segment routing (SR) with fast reroute in a container network. An SR ingress can receive a packet from a first container destined for a container service. The ingress can generate an SR packet including a segment list comprising a first segment to a first container service host, a second segment to a second service host, and a third segment to the service. The ingress can forward the SR packet to a first SR egress corresponding to the first host using the first segment. The first egress can determine whether the first service and/or host is reachable. If so, the first egress can forward the SR packet to the first host or the packet to the service. If not, the first egress can perform a fast reroute and forward the SR packet to a second SR egress corresponding to the second host using the second segment.

公开(公告)号：US20200236055A1

公开(公告)日：2020-07-23

申请号：US16251625

申请日：2019-01-18

Applicant: Cisco Technology, Inc.

Inventor： Edward A. Warnicke ,  William Mark Townsley

IPC: H04L12/801 ,  H04L29/06 ,  H04L12/931 ,  H04L29/08 ,  H04L12/807

Abstract: A first node in a service mesh is configured to perform one or more services on network traffic obtained from an upstream network element via a pre-existing Transmission Control Protocol (TCP) session and provide the network traffic obtained from the upstream network element via the pre-existing TCP session to a downstream network element. The first node determines that the first node should no longer obtain the network traffic from the upstream network element via the pre-existing TCP session. In response, the first node provides state information for the pre-existing TCP session to the downstream network element. The downstream network element is configured to establish a new TCP session having the state information for the pre-existing TCP session with the upstream network element and to obtain further network traffic from the upstream network element via the new TCP session. The first node terminates the pre-existing TCP session.