-
201.发明申请公开(公告)号:US20200162337A1
公开(公告)日:2020-05-21
申请号:US16373421
申请日:2019-04-02
Applicant: Cisco Technology, Inc.
Inventor: Prakash C. Jain , Sanjay Kumar Hooda
Abstract: Systems and methods provide for algorithmic problem identification and resolution in fabric networks by software defined operation, administration, and maintenance.
-
公开(公告)号:US10469381B2
公开(公告)日:2019-11-05
申请号:US15220441
申请日:2016-07-27
Applicant: Cisco Technology, Inc.
Inventor: Victor M. Moreno , Sanjay Kumar Hooda
IPC: H04L12/741 , H04L12/749 , H04L12/813
Abstract: A first network device may receive a frame from a first client device that may be destined for a second client device. Then a request may be sent to a network control plane of a network by the first network device in response to receiving the frame. The request may be for information on reachability for the second client device and may comprise an identifier of the second client device and first metadata corresponding to the first client device. The first network device may receive, from the network control plane, in response to sending the request, a policy rule-set for a flow corresponding to the frame and for a location of the second client device. The network control plane may use the identifier of the second client device and the first metadata as keys to lookup the location of the second client device and the policy rule-set.
-
公开(公告)号:US10397060B2
公开(公告)日:2019-08-27
申请号:US15447291
申请日:2017-03-02
Applicant: Cisco Technology, Inc.
Inventor: Sanjay Kumar Hooda , Syam Sundar V Appala , Kaushik Kumar Dam , Vimarsh Puneet
Abstract: A policy server correlates information from several messages associated with a client device to implement an identity-based network access policy. The policy server receives a first message from a network element connected to the client device. The first message requests an identity-based policy for the client device, and includes a first network address. The policy server receives a second message from an identity server. The second message includes information indicating an identity role and a second network address. The policy server receives a third message from a NAT device. The third message includes a NAT mapping that correlates the first network address with the second network address. After the policy server determines the identity-based policy based on a combination of the first message, the second message, and the third message, the policy server implements the identity-based policy in the network element.
-
公开(公告)号:US20190215303A1
公开(公告)日:2019-07-11
申请号:US15867124
申请日:2018-01-10
Applicant: Cisco Technology, Inc.
Inventor: Syam Sundar V Appala , Kiran Kumar Yedavalli , Shyamsundar Nandkishor Maniyar , Sanjay Kumar Hooda
IPC: H04L29/06
CPC classification number: H04L63/0236 , H04L63/104 , H04L63/20
Abstract: In one example, a network element in a first network receives a network packet including a first security group identifier. The network element identifies the first security group identifier, determines that the first security group identifier is hierarchically correlated with a second security group identifier, and inserts the second security group identifier into the network packet. The network element forwards the network packet including the second security group identifier.
-
205.发明申请公开(公告)号:US20190007368A1
公开(公告)日:2019-01-03
申请号:US15638413
申请日:2017-06-30
Applicant: Cisco Technology, Inc.
Inventor: Sanjay Kumar Hooda , Aniket Ghule , Vimarsh Puneet , Atri Indiresan
CPC classification number: H04L61/2015 , H04L12/4633 , H04L12/4645 , H04L63/0272 , H04L63/0471
Abstract: Address support and network address transparency may be provided. First, a border device may receive a processed network configuration parameter request having an address of a subnet to which a client device is associated and information data in an information field of the network configuration parameter request. The information data may comprise an address of a network device and an identifier of the subnet to which the client device is associated. Next, the border device may encapsulate the processed network configuration parameter request with the information data extracted from the processed network configuration parameter request. The border device may then forward the encapsulated network configuration parameter response to the network device.
-
Patent Agency Ranking
公开(公告)号:US10171306B2
公开(公告)日:2019-01-01
申请号:US14632070
申请日:2015-02-26
Applicant: Cisco Technology, Inc.
Inventor: Nalinaksh M. Pai , Sanjay Kumar Hooda , Peter Geoffrey Jones
IPC: H04L12/24 , H04L12/721 , H04L12/931 , H04L12/933
Abstract: Methods and system are disclosed which can simplify the configuration of a MCEC in a fabric environment such that is may become automatic. Furthermore, centralized identities (such as a host tracking database and/or a network controlled) may be employed to detect the presence of a MCEC. Requiring the creation of direct links between network devices participating in the MCEC may be avoided. Furthermore, logical L2 fabric connectivity (over a L3 fabric underlay) may be utilized to provide dual homing active-active services without additional configuration, as the tracking of peer network devices may be performed in a centralized manner. For example, a host tracking database or a network controller may be employed for peer tracking.
-
207.发明申请公开(公告)号:US20180367459A1
公开(公告)日:2018-12-20
申请号:US15626150
申请日:2017-06-18
Applicant: CISCO TECHNOLOGY, INC.
IPC: H04L12/813 , H04L12/46
Abstract: One embodiment of a method includes receiving at a first network node traffic from a second network node; and sending by the first network node to a third network node information identifying the second network node via a Local Area Network (“LAN”) connection between the first and third network nodes. Subsequent to receipt of the information identifying the second network node, the third network node updates a locator table maintained by the third network node to include an entry including the information identifying the second network node received by the third network node from the first network node. Upon receipt by the third network node of a notification that the first network node has failed, the third network node sends an update only to network nodes that have an entry in the locator table indicating that the first network node has failed.
-
公开(公告)号:US20180343227A1
公开(公告)日:2018-11-29
申请号:US15607248
申请日:2017-05-26
Applicant: CISCO TECHNOLOGY, INC.
Inventor: Jesus Arango , Vina Ermagan , Johnson Leong , Sanjay Kumar Hooda
CPC classification number: H04L61/103 , H04L43/08 , H04L45/586 , H04L61/2084
Abstract: A Location/Identifier Separation Protocol (LISP) mapping server, including: a network interface for communicating with a LISP-enabled network; a mapping database; a subscription database; and an overlapping subscription publication engine (OSPE) to: receive a first mapping of a first subnetwork to a first routing locator (RLOC); add the first mapping to the mapping database; receive from a first ingress tunnel router (ITR) a subscription request for an endpoint identifier (EID) within the first subnetwork; add to a first subscription entry for the first subnetwork in the subscription database a subscription for the first ITR; receive a second mapping of a second subnetwork to a second RLOC, wherein the second subnetwork overlaps the first subnetwork; add the second mapping to the mapping database; and copy at least part of the first subscription entry to a second subscription entry for the second subnetwork.
-
公开(公告)号:US20170373936A1
公开(公告)日:2017-12-28
申请号:US15193482
申请日:2016-06-27
Applicant: Cisco Technology, Inc.
Inventor: Sanjay Kumar Hooda , Darrin Joseph Miller , Victor Moreno , Mark Montanez , Sridhar Subramanian
CPC classification number: H04L41/0816 , H04L41/12 , H04L45/64 , H04L63/08 , H04L63/0876 , H04L63/104 , H04L67/306
Abstract: Changes are made to a virtual network for an endpoint based on the authenticated user identity of the endpoint. The system includes a server and a controller associated with a network fabric to which the endpoint is connected. The network fabric includes network elements to carry network traffic for the endpoint. The server authenticates the endpoint associated with a network address and determines a user identity of the endpoint based on the authentication. The server determines a first virtual network associated with the user identity. The controller receives a notification from the server that the network traffic for the endpoint associated with the network address is to be routed over the first virtual network. The controller updates routing information to associate the network address with the first virtual network and sends the updated routing information to the network elements of the network fabric.
-
公开(公告)号:US09838314B1
公开(公告)日:2017-12-05
申请号:US15155393
申请日:2016-05-16
Applicant: Cisco Technology, Inc.
Inventor: Sanjay Kumar Hooda , Atri Indiresan , Sandesh Kumar B Narappa , Rajesh Arora
IPC: H04L29/12 , H04L12/741 , H04L12/46 , H04L12/947
CPC classification number: H04L45/74 , H04L12/4633 , H04L49/25
Abstract: In one embodiment, contextual service mobility in an enterprise fabric network environment (e.g., overlay and underlay networks) provides for moving of the location of a service being applied to packets with minimal updates to the mapping database. The mapping database is used to convert addresses of the overlay network to physical network and service addresses. The mapping database provides contextual lookup operations on the same destination address of a packet being forwarded in the overlay network to provide different results. The contextual lookup operations provide for a packet to be forwarded to a service node or its intended destination depending on the current context. In one embodiment, the enterprise fabric network uses Locator/ID Separation Protocol (LISP), a network architecture and set of protocols that uses different overlay and underlay namespaces and a distributed mapping database for converting an overlay address to an underlay address.
-
-
-
-
-
-
-
-
-
Search Results
214
records
(took 0.027 seconds)
