公开(公告)号：US10079744B2

公开(公告)日：2018-09-18

申请号：US15114872

申请日：2014-01-31

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Jung Gun Lee ,  Yoshio Turner ,  Sujata Banerjee

IPC: G06F15/173 ,  H04L12/26 ,  H04L12/64 ,  H04L12/46 ,  H04L12/24

CPC classification number: H04L43/0894 ,  H04L12/4641 ,  H04L12/4695 ,  H04L12/6418 ,  H04L41/0896

Abstract: Identifying a component within an application executed in a network includes obtaining a traffic matrix, the traffic matrix defining a rate for which packets of data are exchanged between VMs corresponding to an application, analyzing the traffic matrix to identify VMs within a component, modifying the traffic matrix to create a modified traffic matrix, and defining, for the application, a tenant application graph (TAG) model based on the modified traffic matrix.

公开(公告)号：US10009285B2

公开(公告)日：2018-06-26

申请号：US14908745

申请日：2013-07-30

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Jeffrey Clifford Mogul ,  Alvin Auyoung ,  Sujata Banerjee ,  Jung Gun Lee ,  Jean Tourrilhes ,  Michael Schlansker ,  Puneet Sharma ,  Lucian Popa

IPC: G06F15/173 ,  H04L12/911 ,  G06F9/50 ,  H04L12/24

CPC classification number: H04L47/70 ,  G06F9/50 ,  H04L41/0893 ,  Y02D10/22

Abstract: An example method for allocating resources in accordance with aspects of the present disclosure includes collecting proposals from a plurality of modules, the proposals assigning the resources to the plurality of modules and resulting in topology changes in a computer network environment, identifying a set of proposals in the proposals, the set of proposals complying with policies associated with the plurality of modules, instructing the plurality of modules to evaluate the set of proposals, selecting a proposal from the set of proposals, and instructing at least one module associated with the selected proposal to instantiate the selected proposal.

公开(公告)号：US20180077037A1

公开(公告)日：2018-03-15

申请号：US15261701

申请日：2016-09-09

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Ying Zhang ,  Sujata Banerjee ,  Joon-Myung Kang

IPC: H04L12/26 ,  H04L29/06 ,  H04L29/12 ,  H04L12/803 ,  H04L29/08 ,  H04L12/66 ,  G06F17/30

CPC classification number: H04L43/0817 ,  G06F16/951 ,  H04L12/66 ,  H04L41/024 ,  H04L41/0866 ,  H04L43/18 ,  H04L61/2514

Abstract: In some examples, a system can verify a network function by inquiring a model using a query language is described. In some examples, the system can include at least a memory and a processor coupled to the memory. The processor can execute instructions stored in the memory to transmit a plurality of packets into at least one network function that is unverifiable; describe the at least one network function using a model comprising a set of match action rules and a state machine; inquire the model using a query language comprising a temporal logic to obtain a query result indicating an expected behavior of the plurality of packets; and verify the at least one network function based on the query result and the expected behavior of the plurality of packets.

公开(公告)号：US10594574B2

公开(公告)日：2020-03-17

申请号：US15345123

申请日：2016-11-07

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Wenfei Wu ,  Ying Zhang ,  Sujata Banerjee

IPC: H04L12/26 ,  H04L29/08 ,  H04L12/24

Abstract: In some examples, a method includes parsing, by a network device, a section of source code associated with a network function provided by a middlebox in a network; extracting, by the network device, a packet processing slice and a state transition slice from the section of source code; generating, by the network device, a plurality of execution paths from the packet processing slice and the state transition slice; and modeling the middlebox by inserting, by the network device, the plurality of execution paths to a match-action table that describes a packet processing model for the middlebox.

公开(公告)号：US20180123911A1

公开(公告)日：2018-05-03

申请号：US15336495

申请日：2016-10-27

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Ying Zhang ,  Sujata Banerjee ,  Sharon Barkai

IPC: H04L12/24 ,  H04L12/26 ,  H04L12/733

CPC classification number: H04L41/5019 ,  H04L41/5009 ,  H04L43/08 ,  H04L43/0852 ,  H04L43/0876 ,  H04L43/0894 ,  H04L45/122

Abstract: In some examples, a method includes parsing, by a network device, a set of flow rules and network function configurations to identify an equivalent class of packets passing through network function chains; identifying, by the network device, a plurality of paths that packets belonging to the equivalent class pass through; computing, by the network device, a first set of Service Level Agreement (SLA) performance metrics for the equivalent class; constructing, by the network device, a set of stateful forwarding criteria comprising the first set of SLA performance metrics; and verifying, by the network device, whether the network function chains comply with a SLA based on the stateful forwarding criteria.

公开(公告)号：US20170163493A1

公开(公告)日：2017-06-08

申请号：US15327021

申请日：2014-07-30

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Alvin AuYoung ,  Yadi Ma ,  Sujata Banerjee ,  Juggun Lee ,  Puneet Sharma ,  Yoshio Turner

IPC: H04L12/24 ,  H04L12/927 ,  H04L12/911

Abstract: Example implementations disclosed herein can be used to allocate network resources in a software defined network (SDN). In one example implementation, a method can include receiving a plurality of resource allocation proposals from a plurality of controller modules, instructing the controller modules to generate votes for the plurality of resource allocation proposals, and selecting one of the plurality of resource allocation proposals based on the votes to instantiate the selected resource allocation proposal in the SDN.

公开(公告)号：US10958547B2

公开(公告)日：2021-03-23

申请号：US15261701

申请日：2016-09-09

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Ying Zhang ,  Sujata Banerjee ,  Joon-Myung Kang

IPC: G06F16/00 ,  H04L12/26 ,  H04L12/66 ,  G06F16/951 ,  H04L29/12 ,  H04L12/24

Abstract: In some examples, a system can verify a network function by inquiring a model using a query language is described. In some examples, the system can include at least a memory and a processor coupled to the memory. The processor can execute instructions stored in the memory to transmit a plurality of packets into at least one network function that is unverifiable; describe the at least one network function using a model comprising a set of match action rules and a state machine; inquire the model using a query language comprising a temporal logic to obtain a query result indicating an expected behavior of the plurality of packets; and verify the at least one network function based on the query result and the expected behavior of the plurality of packets.

公开(公告)号：US10812342B2

公开(公告)日：2020-10-20

申请号：US15581826

申请日：2017-04-28

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Joon Myung Kang ,  Anubhavnidhi Abhashkumar ,  Sujata Banerjee ,  Ying Zhang ,  Wenfei Wu

IPC: H04L12/24 ,  H04L12/26 ,  G06F8/65 ,  H04L29/06 ,  G06F8/10

Abstract: Example method includes: receiving, by a network device in a network, a first network policy and a second network policy configured by a network administrator, wherein the first network policy comprises a first metric and the second network policy comprises a second and different metric; detecting, by the network device, a conflict between the first network policy and the second network policy; determining, by the network device, a relationship between the first metric and the second metric; modifying, by the network device, at least one of the first network policy and the second network policy to resolve the conflict based on the relationship between the first metric and the second metric; and combining, by the network device, the first network policy and the second network policy to generate a composite network policy that is represented on a single policy graph.

公开(公告)号：US10567384B2

公开(公告)日：2020-02-18

申请号：US15686552

申请日：2017-08-25

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Joon-Myung Kang ,  Mario Antonio Sanchez ,  Ying Zhang ,  Anu Mercian ,  Raphael Amorim Dantas Leite ,  Sujata Banerjee

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/60 ,  H04L12/26

Abstract: Example method includes: receiving, by a network device, a plurality of input policy graphs and a composed policy graph associated with the input policy graphs; dividing the composed policy graph into a plurality of sub-graphs, each sub-graph comprising a plurality of edges and a plurality of source nodes and destination nodes that the edges are connected to; selecting a first subset of sub-graphs that include, as a source node, a disjoint part of an original source EPG for each input policy graph; identifying a second subset within the first subset of sub-graphs that include, as a destination node, a disjoint part of an original destination EPG for the each input policy graph; and verifying whether connectivity in the composed policy graph reflects a corresponding policy in the plurality of input policy graphs for each sub-graph in the second subset.

公开(公告)号：US20190068598A1

公开(公告)日：2019-02-28

申请号：US15686552

申请日：2017-08-25

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Joon-Myung Kang ,  Mario Antonio Sanchez ,  Ying Zhang ,  Anu Mercian ,  Raphael Amorim Dantas Leite ,  Sujata Banerjee

IPC: H04L29/06 ,  G06F21/57

Abstract: Example method includes: receiving, by a network device, a plurality of input policy graphs and a composed policy graph associated with the input policy graphs; dividing the composed policy graph into a plurality of sub-graphs, each sub-graph comprising a plurality of edges and a plurality of source nodes and destination nodes that the edges are connected to; selecting a first subset of sub-graphs that include, as a source node, a disjoint part of an original source EPG for each input policy graph; identifying a second subset within the first subset of sub-graphs that include, as a destination node, a disjoint part of an original destination EPG for the each input policy graph; and verifying whether connectivity in the composed policy graph reflects a corresponding policy in the plurality of input policy graphs for each sub-graph in the second subset.