公开(公告)号：US12267233B2

公开(公告)日：2025-04-01

申请号：US17538513

申请日：2021-11-30

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Pablo Camarillo Garvia ,  Ahmed Mohamed Ahmed Abdelsalam ,  Francois Clad

IPC: H04L45/00 ,  H04L45/302 ,  H04L45/74

Abstract: Disclosed are systems, apparatuses, methods, and computer-readable media to encode network functions in a packet header. A method includes receiving a first packet from a source device that is to be delivered to a destination address through a network; determining a route to the destination address; identifying at least one network function for the first packet; encapsulating the first packet in a second packet, wherein a header of the second packet includes the route to the destination address in a destination address field and local processing metadata associated with the at least one network function in a source address field; and forwarding the second packet to a next network node of the network identified in the destination address.

公开(公告)号：US20250062984A1

公开(公告)日：2025-02-20

申请号：US18934224

申请日：2024-10-31

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Ahmed Mohamed Ahmed Abdelsalam ,  Rakesh Gandhi ,  Jisu Bhattacharya ,  Pablo Camarillo Garvia

IPC: H04L45/24 ,  H04L43/10 ,  H04L45/00 ,  H04L45/02 ,  H04L45/50 ,  H04L47/32

Abstract: This disclosure describes techniques for detecting and monitoring paths in a network. The techniques include causing a source node to generate probe packets to traverse a multi-protocol label switching (MPLS) network, for instance. In some examples, the probe packets include entropy values that correspond to individual equal-cost multi-path (ECMP) paths of the network. The probe packets may be received at an SDN controller from a sink node after traversing the network. Analysis of the probe packets allow path discovery and mapping of the entropy values to ECMP paths. The mapping of discovered paths may be used for optimization of network monitoring activities, including second subsequent probe packets over particular ECMP paths based on the mapped entropy values.

公开(公告)号：US12206573B2

公开(公告)日：2025-01-21

申请号：US17691016

申请日：2022-03-09

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Ahmed Mohamed Ahmed Abdelsalam ,  Rakesh Gandhi ,  Jisu Bhattacharya ,  Pablo Camarillo Garvia

IPC: H04L45/24 ,  H04L43/10 ,  H04L45/00 ,  H04L45/02 ,  H04L45/50 ,  H04L47/32

Abstract: This disclosure describes techniques for detecting and monitoring paths in a network. The techniques include causing a source node to generate probe packets to traverse a multi-protocol label switching (MPLS) network, for instance. In some examples, the probe packets include entropy values that correspond to individual equal-cost multi-path (ECMP) paths of the network. The probe packets may be received at an SDN controller from a sink node after traversing the network. Analysis of the probe packets allow path discovery and mapping of the entropy values to ECMP paths. The mapping of discovered paths may be used for optimization of network monitoring activities, including second subsequent probe packets over particular ECMP paths based on the mapped entropy values.

公开(公告)号：US12206572B2

公开(公告)日：2025-01-21

申请号：US18372587

申请日：2023-09-25

Applicant: Cisco Technology, Inc.

Inventor： Rakesh Gandhi ,  Clarence Filsfils

IPC: H04L45/12 ,  H04L43/0852 ,  H04L45/50 ,  H04L12/46

Abstract: Techniques for utilizing entropy labels of a Multiprotocol Label Switching (MPLS) label stack for performing monitoring operations (e.g., telemetry, performance measurement, OAM, etc.) without altering the MPLS label stack and/or packet path (e.g., ECMP path). The techniques may include determining, by a node of a network, to perform a monitoring operation associated with traffic that is to be sent along a path through the network. In some examples, the node may receive a packet that is to be sent along the path and encapsulate the packet with an MPLS header. The MPLS header may include an entropy label, entropy label indicator, or other label that is capable of carrying a flag indicating the monitoring operation to be performed. The flag may be carried in a TTL field or traffic class field of the label such that the MPLS label stack is not altered to trigger the monitoring operation.

公开(公告)号：US12137093B2

公开(公告)日：2024-11-05

申请号：US17814410

申请日：2022-07-22

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Marc Portoles Comeras ,  David Delano Ward ,  Alberto Rodriguez Natal

IPC: H04L9/40

Abstract: In one embodiment, an apparatus of a LISP environment includes one or more processors and computer-readable non-transitory storage media coupled to the one or more processors. The computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the one or more processors to perform operations including receiving an attestation token from a first component of the LISP environment. The operations also include encoding the attestation token using a LISP message format. The operations further include distributing the encoded attestation token with a LISP signaling message to a third component of the LISP environment.

公开(公告)号：US12095651B2

公开(公告)日：2024-09-17

申请号：US17399937

申请日：2021-08-11

Applicant: Cisco Technology, Inc.

Inventor： Peter Psenak ,  Paul William Wells ,  Ketan Jivan Talaulikar ,  Clarence Filsfils

IPC: H04L45/12 ,  H04L9/40

CPC classification number: H04L45/127 ,  H04L63/205

Abstract: In one embodiment, an apparatus includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors. The one or more computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the apparatus to perform operations including receiving a first type-length-value (TLV) associated with a winning flexible algorithm definition (FAD) from a first element of a network. The operations also include determining a security level for the winning FAD based on the TLV. The operations further include determining a data transmission route through a plurality of elements of the network based on the security level for the winning FAD.

公开(公告)号：US11863522B2

公开(公告)日：2024-01-02

申请号：US16825068

申请日：2020-03-20

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Swadesh Agrawal ,  Apoorva Karan

IPC: H04L9/40 ,  G06F21/60

CPC classification number: H04L63/0209 ,  G06F21/602

Abstract: In one embodiment, a method by an apparatus of a Border Gateway Protocol (BGP) network includes accessing an attestation token for the apparatus. The method further includes encoding the attestation token in a BGP signaling message. The method further includes sending the BGP signaling message with the encoded attestation token to a second apparatus of the BGP network.

公开(公告)号：US11848757B2

公开(公告)日：2023-12-19

申请号：US17987029

申请日：2022-11-15

Applicant: Cisco Technology, Inc.

Inventor： Rakesh Gandhi ,  Clarence Filsfils ,  Sagar Soni ,  Patrick Khordoc

IPC: H04J3/14 ,  H04L45/00 ,  H04L45/50 ,  H04L69/22 ,  H04L43/0823 ,  H04L47/20 ,  H04L45/74

CPC classification number: H04L45/70 ,  H04L43/0847 ,  H04L45/50 ,  H04L45/66 ,  H04L45/74 ,  H04L47/20 ,  H04L69/22

Abstract: Techniques for in-situ passive performance measurement are described. In one embodiment, a method includes receiving a data packet at a first network element, determining whether measurement information is to be collected for the data packet, providing one or more measurement fields for the data packet based on a determination that measurement information is to be collected for the data packet in which at least one measurement field identifies a measurement type, and forwarding the data packet to a second network element. The method further includes determining, by the second network element, the measurement type for the data packet, and performing one or more actions based on the measurement type.

公开(公告)号：US20230396486A1

公开(公告)日：2023-12-07

申请号：US18345246

申请日：2023-06-30

Applicant: Cisco Technology, Inc.

Inventor： Peter Psenak ,  Lester C. Ginsberg ,  Ketan Jivan Talaulikar ,  Clarence Filsfils ,  Francois Clad ,  Stephane Litkowski

IPC: H04L41/0654 ,  H04L41/0631 ,  H04L41/0686

CPC classification number: H04L41/0654 ,  H04L41/0631 ,  H04L41/0686

Abstract: The present technology is directed to signaling unreachability of a network device, more specifically, a prefix of the network device in network that utilizes route summarization. A pulse trigger agent can detect an unreachability of at least one Provider Edge (PE) device in a network domain of a network and determine that a route summarization is being used within the network where the unreachability of the at least one PE device is hidden by the route summarization. A pulse distribution agent can transmit a failure message informing other PE devices of the unreachability of the at least one PE device.

公开(公告)号：US20230135261A1

公开(公告)日：2023-05-04

申请号：US18147158

申请日：2022-12-28

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  Zafar Ali ,  Syed Kamran Raza ,  Ahmed Bashandy ,  Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Jaganbabu Rajamanickam ,  Rakesh Gandhi ,  Bhupendra Yadav ,  Faisal Iqbal

IPC: H04L45/00 ,  H04L43/106 ,  H04L45/02 ,  H04L41/0246

Abstract: In one embodiment, a service chain data packet is instrumented as it is communicated among network nodes in a network providing service-level and/or networking operations visibility. The service chain data packet includes a particular header identifying a service group defining one or more service functions, and is a data packet and not a probe packet. A network node adds networking and/or service-layer operations data to the particular service chain data packet, such as, but not limited to, in the particular header. Such networking operations data includes a performance metric or attribute related to the transport of the particular service chain packet in the network. Such service-layer operations data includes a performance metric or attribute related to the service-level processing of the particular service chain data packet in the network.