公开(公告)号：US20220103551A1

公开(公告)日：2022-03-31

申请号：US17038222

申请日：2020-09-30

Applicant: Juniper Networks, Inc.

Inventor： Manish Talwar ,  Ajay Kachrani ,  Gert Grammel ,  Hao Wang ,  Tanweer Biswas

IPC: H04L29/06 ,  H04L29/12 ,  H04L12/26 ,  H04L12/24 ,  H04L12/707

Abstract: Embodiments improve error detection and recovery in media access control security sessions. A MACsec session is torn down after three liveness time intervals elapse without receiving a MACsec key exchange protocol data unit (MKPDU) from a remote peer. This delay between a cessation of effective network communication over the MACsec session and the expiration of the three “liveness” intervals results in increased packet loss and an increased network convergence time as a network continues to route/forward data over the MACsec session for a period of time after the MACsec session has entered secure block mode. To solve this problem, embodiments define a new alarm, called a MACsec link alert, which is raised earlier than a MACsec session timeout generated by traditional embodiments. The MACsec link alert is raised, by at least some embodiments, after a failure to successfully receive an MKPDU from the remote peer after a single MACsec “liveness” timeout interval elapses.

公开(公告)号：US12244642B1

公开(公告)日：2025-03-04

申请号：US18166762

申请日：2023-02-09

Applicant: Juniper Networks, Inc.

Inventor： Gert Grammel ,  Ajay Kachrani ,  Hao Wang

IPC: H04L29/06 ,  H04L9/40 ,  H04L45/00 ,  H04L45/28 ,  H04L45/60

Abstract: In some examples, a system includes a router device and a first adapter device in communication with the router device. The first adapter device includes processing circuitry configured to: communicate with the router device, wherein the router device is incapable of communicating in accordance with the MACsec protocol. The processing circuitry is further configured to establish an encrypted connection in accordance with the MACsec protocol between the first adapter device and a remote device, determine that the encrypted connection is offline, and output a message to the router device that the encrypted connection is offline. The router device is configured to communicate with the remote device via a second adapter device configured to communicate in accordance with the MACsec protocol and bypass the first adapter device.

公开(公告)号：US11968232B2

公开(公告)日：2024-04-23

申请号：US17643246

申请日：2021-12-08

Applicant: Juniper Networks, Inc.

Inventor： Manish Talwar ,  Ronald Bonica ,  Ajay Kachrani

IPC: H04L29/06 ,  H04L9/40 ,  H04L45/30 ,  H04L47/17 ,  H04L12/46 ,  H04L12/66 ,  H04L47/28

CPC classification number: H04L63/18 ,  H04L45/30 ,  H04L47/17 ,  H04L63/162

Abstract: In some implementations, a network device may determine, based on a routing table, a plurality of routing paths from the network device to another network device, wherein the plurality of routing paths are respectively associated with a plurality of security classifications. The network device may receive network traffic that is destined for the other network device and that is associated with a particular security classification of the plurality of security classifications. The network device may forward the network traffic based on a particular routing path, of the plurality of routing paths, that is associated with the other network device and the particular security classification.

公开(公告)号：US11606390B1

公开(公告)日：2023-03-14

申请号：US17217999

申请日：2021-03-30

Applicant: Juniper Networks, Inc.

Inventor： Gert Grammel ,  Ajay Kachrani ,  Hao Wang

IPC: H04L29/06 ,  H04L9/40 ,  H04L45/28 ,  H04L45/60 ,  H04L45/00

Abstract: In some examples, a system includes a router device and a first adapter device in communication with the router device. The first adapter device includes processing circuitry configured to: communicate with the router device, wherein the router device is incapable of communicating in accordance with the MACsec protocol. The processing circuitry is further configured to establish an encrypted connection in accordance with the MACsec protocol between the first adapter device and a remote device, determine that the encrypted connection is offline, and output a message to the router device that the encrypted connection is offline. The router device is configured to communicate with the remote device via a second adapter device configured to communicate in accordance with the MACsec protocol and bypass the first adapter device.

公开(公告)号：US11595146B2

公开(公告)日：2023-02-28

申请号：US17734561

申请日：2022-05-02

Applicant: Juniper Networks, Inc.

Inventor： Gert Grammel ,  Ajay Kachrani ,  Patrick Michael McEachern

IPC: H04B10/08 ,  H04J14/02 ,  H04L45/00 ,  H04Q11/00 ,  H04B10/079 ,  H04B10/077

Abstract: An apparatus includes a reconfigurable optical add/drop multiplexer (ROADM) having an input port to receive a first optical signal from a second device. The ROADM also includes a first wavelength selective switch (WSS), in optical communication with the input port, to convert the first optical signal into a second optical signal, a loopback, in optical communication with the first WSS, to transmit the second optical signal, and a second WSS, in optical communication with the loopback, to convert the second optical signal to a third optical signal and direct the third optical signal back to the second device via the input port.

公开(公告)号：US20220103473A1

公开(公告)日：2022-03-31

申请号：US17032450

申请日：2020-09-25

Applicant: Juniper Networks, Inc.

Inventor： Manish Talwar ,  Ajay Kachrani ,  Gert Grammel ,  Hao Wang ,  Tanweer Biswas

IPC: H04L12/741 ,  H04L12/751 ,  H04L29/06

Abstract: Disclosed embodiments utilize a layer three and/or layer four protocol to collect physical layer properties along a multi-hop network path between a source node and a destination node. The use of a layer three or layer four protocol provides an ability to span multiple links or networks between the source node and destination node, while also collecting the physical layer properties. Once physical layer properties along a network path can be understood, decisions relating to the configuration of the network path and/or whether to communicate via the network path are improved.

公开(公告)号：US11044035B2

公开(公告)日：2021-06-22

申请号：US16836102

申请日：2020-03-31

Applicant: Juniper Networks, Inc.

Inventor： Gert Grammel ,  Ajay Kachrani ,  Patrick Michael McEachern

IPC: H04J14/02 ,  H04L12/721 ,  H04Q11/00 ,  H04B10/079 ,  H04B10/077

Abstract: An apparatus includes a reconfigurable optical add/drop multiplexer (ROADM) having an input port to receive a first optical signal from a second device. The ROADM also includes a first wavelength selective switch (WSS), in optical communication with the input port, to convert the first optical signal into a second optical signal, a loopback, in optical communication with the first WSS, to transmit the second optical signal, and a second WSS, in optical communication with the loopback, to convert the second optical signal to a third optical signal and direct the third optical signal back to the second device via the input port.