公开(公告)号：US20150304206A1

公开(公告)日：2015-10-22

申请号：US14637510

申请日：2015-03-04

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Clarence Filsfils ,  Keyur P. Patel ,  David D. Ward ,  Pierre Jean Rene François ,  Stefano B. Previdi

IPC: H04L12/721 ,  H04L12/66

CPC classification number: H04L45/04 ,  H04L45/46

Abstract: In one embodiment, a controller device in a computer network domain learns border gateway protocol (BGP) egress peering segments from one or more border routers of the domain, and determines a selected flow to segment route via a particular egress peering segment, the selected flow from a given routing device within the domain to a given destination of a remote domain. As such, the controller device may then instruct the given routing device to segment route the selected flow via the particular egress peering segment. In another embodiment, an egress border router shares its BGP egress peering segments, and receives a flow to segment route. The egress border router may determine, from a segment route contained within the flow, to which particular egress peering segment of the border router to segment route the flow, and forwards the flow out of the domain via the particular egress peering segment.

Abstract translation: 在一个实施例中，计算机网络域中的控制器设备从该域的一个或多个边界路由器学习边界网关协议（BGP）出站对等分段，并且确定所选择的流经由特定出站对等分段来分段路由，所选择的流 从域内的给定路由设备到远程域的给定目的地。 因此，控制器设备然后可以指示给定的路由设备经由特定出口对等段来分段路由所选择的流。 在另一个实施例中，出口边界路由器共享其BGP出口对等分段，并且接收到分段路由的流。 出口边界路由器可以从流中包含的分段路由确定边界路由器的哪个特定出口对等分段对流进行分段，并且经由特定出口对等分段将流转发出该域。

公开(公告)号：US20140211651A1

公开(公告)日：2014-07-31

申请号：US14231370

申请日：2014-03-31

Applicant: Cisco Technology, Inc.

Inventor： Balaji Pitta Venkatachalapathy ,  Isidor Kouvelas ,  Keyur P. Patel ,  Anantha Ramaiah

IPC: H04L12/24 ,  H04L12/26

CPC classification number: H04L41/12 ,  H04L41/0893 ,  H04L43/00 ,  H04L43/0852 ,  H04L45/02 ,  H04L45/023 ,  H04L45/04

Abstract: In one embodiment, a router selects a particular peer from an original update group used with an Exterior Gateway Protocol (EGP) such as Border Gateway Protocol (BGP). The original update group includes a plurality of peers of the router that share a same outbound policy and that receive common update messages, from the router, of routing table information. The router determines that the particular peer is a potential slow peer based on a first type of indicia, wherein a slow peer is a peer that cannot keep up with a rate at which the router generates update messages over a prolonged period of time. The router confirms that one or more second types of indicia are consistent with the particular peer being a slow peer. In response to the confirmation, the router determines that the particular peer is a slow peer.

Abstract translation: 在一个实施例中，路由器从与诸如边界网关协议（BGP）的外部网关协议（EGP）一起使用的原始更新组中选择特定对等体。 原始更新组包括共享相同出站策略并且从路由器接收路由表信息的公共更新消息的路由器的多个对等体。 路由器基于第一类型的标记确定特定对等体是潜在的慢对等体，其中慢对等体是不能跟上路由器在较长时间段内生成更新消息的速率的对等体。 路由器确认一个或多个第二类型的标记与特定的对等体是慢对等体一致。 响应于确认，路由器确定特定对等体是慢对等体。

公开(公告)号：US09723106B2

公开(公告)日：2017-08-01

申请号：US14838963

申请日：2015-08-28

Applicant: Cisco Technology, Inc.

Inventor： Naiming Shen ,  Keyur P. Patel ,  Carlos M. Pignataro ,  James N. Guichard

IPC: H04L12/28 ,  H04L29/08 ,  H04L12/24 ,  H04L12/721

CPC classification number: H04L67/327 ,  H04L41/0806 ,  H04L41/5054 ,  H04L41/5058 ,  H04L45/306 ,  H04L45/44

Abstract: A system comprising a plurality of service nodes, a controller and a network device in communication with the controller. Each of the plurality of service nodes is configured to support one or more service functions to establish a service function chain that includes a plurality of service functions to be performed by routing traffic among the plurality of service nodes. The controller is configured to generate provisioning information for the service function chain. The provisioning information includes at least one condition upon which a service function reclassification or branching operation is to be performed by at least one service node. The network device is in communication with the controller, and is configured to distribute the provisioning information for the service function chain to the plurality of service nodes using a distributed routing protocol.

公开(公告)号：US20150372913A1

公开(公告)日：2015-12-24

申请号：US14842085

申请日：2015-09-01

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Gunter Johan Van de Velde ,  William Mark Townsley ,  Ole Troan ,  Keyur P. Patel

IPC: H04L12/56 ,  H04L12/66 ,  H04L29/12

CPC classification number: H04L45/741 ,  H04L12/4633 ,  H04L12/66 ,  H04L45/02 ,  H04L45/04 ,  H04L61/251 ,  H04L61/2592

Abstract: A method is provided in one particular example and may include obtaining routing information for a plurality of Internet Protocol (IP) addresses in a first network that natively supports a first Internet protocol, the routing information for the plurality of IP addresses in the first network further comprising an additional IP address in the first network and an indication that the additional IP address in the first network is to be used as a tunnel endpoint within the first network for receiving data destined to any of the plurality of IP addresses in the first network; and sending data destined to any one of the plurality of IP addresses in the first network to the additional IP address in the first network.

Abstract translation: 在一个特定示例中提供了一种方法，并且可以包括获得本地支持第一互联网协议的第一网络中的多个因特网协议（IP）地址的路由信息​​，第一网络中的多个IP地址的路由信息​​进一步 包括第一网络中的附加IP地址以及指示第一网络中的附加IP地址将被用作第一网络内的隧道端点，用于接收去往第一网络中的多个IP地址中的任一个的数据; 以及将发往第一网络中的多个IP地址中的任一个的数据发送到第一网络中的附加IP地址。

公开(公告)号：US09191318B1

公开(公告)日：2015-11-17

申请号：US13872777

申请日：2013-04-29

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Gunter Johan Van de Velde ,  William Mark Townsley ,  Ole Troan ,  Keyur P. Patel

IPC: H04L12/28 ,  H04L12/56

CPC classification number: H04L45/741 ,  H04L12/4633 ,  H04L12/66 ,  H04L45/02 ,  H04L45/04 ,  H04L61/251 ,  H04L61/2592

Abstract: A method is provided in one particular example and may include obtaining routing information for a natively supported Internet protocol of a first network that uses a first routing policy; identifying a route with a tunnel endpoint using the routing information, where the tunnel endpoint supports transitioning between a plurality of Internet protocols; generating tunnel information for the route; and sending the route and the tunnel information to a network element in a second network that uses a second routing policy.

Abstract translation: 在一个特定示例中提供了一种方法，并且可以包括获得使用第一路由策略的第一网络的本地支持的因特网协议的路由信息​​; 使用所述路由信息来识别具有隧道端点的路由，其中​​所述隧道端点支持在多个因特网协议之间转换; 生成路由的隧道信息; 以及将路由和隧道信息发送到使用第二路由策略的第二网络中的网元。

公开(公告)号：US20150207818A1

公开(公告)日：2015-07-23

申请号：US14160968

申请日：2014-01-22

Applicant: Cisco Technology, Inc.

Inventor： Roque Gagliano ,  Alvaro E. Retana ,  Keyur P. Patel

IPC: H04L29/06

CPC classification number: H04L63/108 ,  H04L63/029

Abstract: In one embodiment, a validation server in a computer network determines that an edge router of the computer network has blocked access to a desired server address based on the edge router not having authentication information for the desired server address. In response, the server creates a white-listing policy to temporarily allow access to the desired server address at the edge router, and sends the white-listing policy to the edge router. The validation server may then proceed with performing server fetching operations to the desired server address from the validation server while the white-listing policy is in effect, and instructs the edge device to remove the white-listing policy once the server fetching operations are completed.

Abstract translation: 在一个实施例中，计算机网络中的验证服务器基于没有所需服务器地址的认证信息的边缘路由器确定计算机网络的边缘路由器已经阻止对所需服务器地址的访问。 作为响应，服务器创建一个白名单策略，以临时允许访问边缘路由器上所需的服务器地址，并将白名单策略发送到边缘路由器。 然后，当白名单策略生效时，验证服务器可以继续从验证服务器执行服务器提取操作到所需的服务器地址，并且一旦完成了服务器提取操作，就指示边缘设备删除白名单策略。

公开(公告)号：US20150207728A1

公开(公告)日：2015-07-23

申请号：US14160736

申请日：2014-01-22

Applicant: Cisco Technology, Inc.

Inventor： Roque Gagliano ,  Alvaro E. Retana ,  Keyur P. Patel ,  Carlos M. Pignataro

IPC: H04L12/721 ,  H04L12/24

CPC classification number: H04L45/44 ,  H04L9/3265 ,  H04L41/12 ,  H04L43/10 ,  H04L45/04

Abstract: In one embodiment, a plurality of packets is sent from an origin device along a communication path toward a destination device. Each packet includes a lifespan indicator which is incrementally increased for each subsequently sent packet. A plurality of response messages are received at the origin device from a plurality of intermediate devices, respectively. A plurality of secure path objects included in the plurality of response messages, respectively, is determined. Additionally, the plurality of secure path objects are validated based on validation information accessible by the origin device. Validation results of the plurality of secure path objects are checked to determine whether a packet that is sent from the origin device and received by the destination device travels along a particular communication path as dictated by control plane information.

Abstract translation: 在一个实施例中，多个分组从原始设备沿着通信路径发送到目的设备。 每个分组包括一个寿命指示符，其对于每个随后发送的分组而递增地增加。 在原始设备上分别从多个中间设备接收多个响应消息。 确定分别包括在多个响应消息中的多个安全路径对象。 另外，基于原始设备可访问的验证信息来验证多个安全路径对象。 检查多个安全路径对象的验证结果以确定从原始设备发送并且由目的地设备接收的分组是否沿着由控制平面信息指定的特定通信路径传播。