公开(公告)号：US09667551B2

公开(公告)日：2017-05-30

申请号：US14532787

申请日：2014-11-04

Applicant: Cisco Technology, Inc.

Inventor： Thomas J. Edsall ,  Navindra Yadav ,  Kit Chiu Chu

IPC: H04L12/813 ,  H04L12/46 ,  H04L12/741 ,  H04L12/823 ,  H04L12/863 ,  H04L12/24 ,  H04L29/06 ,  H04L12/743

CPC classification number: H04L47/20 ,  H04L12/4645 ,  H04L41/0893 ,  H04L45/74 ,  H04L45/7457 ,  H04L47/32 ,  H04L47/62 ,  H04L63/10 ,  H04L63/164 ,  H04L63/20

Abstract: Systems, methods, and non-transitory computer-readable storage media for implementing a policy enforcement proxy are disclosed. A data packet associated with a source endpoint group and a destination endpoint group is received at a network device. The network device performs a policy lookup based on the source endpoint group and the destination endpoint group. The network device determines that the policy is not available and in response, modifies the data packet and forwards it to a policy enforcement proxy.

公开(公告)号：US09654409B2

公开(公告)日：2017-05-16

申请号：US14475349

申请日：2014-09-02

Applicant: Cisco Technology, Inc.

Inventor： Navindra Yadav ,  Satyam Sinha ,  Thomas J. Edsall ,  Mohammadreza Alizadeh Attar ,  Kit Chiu Chu

IPC: H04L12/863 ,  H04L12/937 ,  H04L29/08 ,  H04L12/875 ,  H04L12/06 ,  H04L12/743 ,  H04L12/947 ,  H04L12/741 ,  H04L29/12 ,  H04L12/803 ,  H04L29/06

CPC classification number: H04L47/50 ,  H04L45/74 ,  H04L45/7453 ,  H04L47/125 ,  H04L47/56 ,  H04L49/25 ,  H04L49/254 ,  H04L61/103 ,  H04L61/2084 ,  H04L61/6004 ,  H04L61/6095 ,  H04L67/22 ,  H04L67/322 ,  H04L69/167 ,  H04L69/22

Abstract: Various examples of the present disclosure provide methods for unifying various types of end-point identifiers, such as IPv4 (e.g., Internet protocol version 4 represented by a VRF and an IPv4 address), IPv6 (e.g., Internet protocol version 6 represented by a VRF and an IPv6 address) and L2 (e.g., Layer-2 represented by a bridge domain (BD) and a media access control (MAC) address), by mapping end-point identifiers to a uniform space (e.g., a synthetic IPv4 address and a synthetic VRF) and allowing different forms of lookups to be uniformly handled. In some examples, a lookup database residing on a switch device can be sharded into a plurality of lookup table subsets, each of which resides on a different one of multiple switch chipsets (e.g., Tridents) in the switch device.

公开(公告)号：US20150124826A1

公开(公告)日：2015-05-07

申请号：US14530550

申请日：2014-10-31

Applicant: Cisco Technology, Inc.

Inventor： Thomas James Edsall ,  Navindra Yadav ,  Francisco M. Matus ,  Kit Chiu Chu ,  Michael R. Smith ,  Sameer Merchant ,  Krishna Doddapaneni ,  Satyam Sinha

IPC: H04L12/741

CPC classification number: H04L45/74 ,  G06F9/45558 ,  G06F2009/45595 ,  H04L12/4633 ,  H04L45/66 ,  H04L49/10

Abstract: Disclosed herein are methods of forwarding packets on a network, such as a leaf-spine network having leaf devices and spine devices. The methods may include receiving a packet at an ingress leaf device, and determining based, at least in part, on a header of the packet whether the packet is to be transmitted to a spine device. The methods may further include ascertaining based, at least in part, on a header of the packet whether to perform encapsulation on the packet, encapsulating the packet according to a result of the ascertaining, and then transmitting the packet to a spine device according to a result of the determining. Also disclosed herein are network apparatuses which include a processor and a memory, at least one of the processor or the memory being configured to perform some or all of the foregoing described methods.

Abstract translation: 这里公开了在诸如具有叶装置和脊柱装置的叶脊网络的网络上转发分组的方法。 所述方法可以包括在入口叶设备处接收分组，以及至少部分地基于所述分组的报头确定所述分组是否要传送到脊柱设备。 所述方法可以进一步包括至少部分地基于分组的报头来确定是否对分组进行封装，根据确定的结果封装分组，然后根据所述分组将分组发送到脊柱设备 决定的结果。 本文还公开了包括处理器和存储器的网络设备，处理器或存储器中的至少一个被配置为执行前述所描述的方法中的一些或全部。

公开(公告)号：US20150124822A1

公开(公告)日：2015-05-07

申请号：US14477791

申请日：2014-09-04

Applicant: Cisco Technology, Inc.

Inventor： Kit Chiu Chu ,  Thomas J. Edsall ,  Navindra Yadav ,  Francisco M. Matus ,  Krishna Doddapaneni ,  Satyam Sinha

IPC: H04L12/741 ,  H04L29/06 ,  H04L12/751

CPC classification number: H04L45/28 ,  H04L12/18 ,  H04L12/4633 ,  H04L12/4641 ,  H04L12/4645 ,  H04L41/0654 ,  H04L43/0811 ,  H04L43/0852 ,  H04L43/0894 ,  H04L43/16 ,  H04L45/02 ,  H04L45/021 ,  H04L45/22 ,  H04L45/24 ,  H04L45/245 ,  H04L45/48 ,  H04L45/50 ,  H04L45/64 ,  H04L45/74 ,  H04L45/745 ,  H04L45/7453 ,  H04L47/125 ,  H04L49/70 ,  H04L51/14 ,  H04L61/2503 ,  H04L61/2592 ,  H04L67/10 ,  H04L69/22 ,  H04L2212/00

Abstract: Systems, methods, and non-transitory computer-readable storage media for managing routing information in overlay networks. A first tunnel endpoint in an overlay network may receive an encapsulated packet from a second tunnel endpoint. The encapsulated packet may have been encapsulated at the second tunnel endpoint based on another packet originating from a source host that is associated with the second tunnel endpoint. The encapsulated packet can include a source host address for the source host and a source tunnel endpoint address for the second tunnel endpoint. The first tunnel endpoint can then update a lookup table based on an association between the source host address and the source tunnel endpoint address.

Abstract translation: 用于在覆盖网络中管理路由信息的系统，方法和非暂时计算机可读存储介质。 覆盖网络中的第一隧道端点可以从第二隧道端点接收封装的分组。 基于来自与第二隧道端点相关联的源主机的另一分组，封装的分组可能已经在第二隧道端点被封装。 封装的分组可以包括源主机的源主机地址和第二隧道端点的源隧道端点地址。 然后，第一个隧道端点可以基于源主机地址和源隧道端点地址之间的关联来更新查找表。

公开(公告)号：US20150124820A1

公开(公告)日：2015-05-07

申请号：US14472148

申请日：2014-08-28

Applicant: Cisco Technology, Inc.

Inventor： Mohammadreza Alizadeh Attar ,  Navindra Yadav ,  Satyam Sinha ,  Thomas J. Edsall ,  Kit Chiu Chu

IPC: H04L12/743 ,  H04L12/947

CPC classification number: H04L47/50 ,  H04L45/74 ,  H04L45/7453 ,  H04L47/125 ,  H04L47/56 ,  H04L49/25 ,  H04L49/254 ,  H04L61/103 ,  H04L61/2084 ,  H04L61/6004 ,  H04L61/6095 ,  H04L67/22 ,  H04L67/322 ,  H04L69/167 ,  H04L69/22

Abstract: Various embodiments of the present disclosure provide methods for randomly mapping entries in a suitable lookup table across multiple switch devices and/or multiple switch chipsets in each of the multiple switch devices by using two or more independent hash functions. In some embodiments, the number of entries in the lookup table is equal to be the least common multiple of all possible M (i.e., a number of switch devices) choosing R values (i.e., a desired redundancy level).

Abstract translation: 本公开的各种实施例提供了通过使用两个或多个独立散列函数在多个交换设备中的多个交换设备和/或多个交换机设备中的多个交换机芯片组中随机映射合适的查找表中的条目的方法。 在一些实施例中，查找表中的条目数量等于选择R值的所有可能的M（即，多个交换设备）的最小公倍数（即，期望的冗余级别）。

公开(公告)号：US11843531B2

公开(公告)日：2023-12-12

申请号：US17329288

申请日：2021-05-25

Applicant: Cisco Technology, Inc.

Inventor： Smita Rai ,  Ajay Modi ,  Krishna Doddapaneni ,  Kit Chiu Chu

IPC: H04W56/00 ,  H04L43/0852 ,  H04L43/062 ,  H04L43/026 ,  H04L43/18

CPC classification number: H04L43/0852 ,  H04L43/026 ,  H04L43/062 ,  H04L43/18

Abstract: Disclosed is a method for continuous in-line monitoring of data-centric traffic to guarantee application performance. The method includes, in each switch of a plurality of switches in a network fabric, grouping all packets entering each respective switch of the plurality of switches based on either 5-tuple applications or EPG based applications, collecting performance statistics at every hop in the network fabric across all flows in-line in a flow table maintained in each respective switch and periodically exporting the performance statistics to analysis module.

公开(公告)号：US11811555B2

公开(公告)日：2023-11-07

申请号：US17327381

申请日：2021-05-21

Applicant: Cisco Technology, Inc.

Inventor： Kit Chiu Chu ,  Thomas J. Edsall ,  Navindra Yadav ,  Francisco M. Matus ,  Krishna Doddapaneni ,  Satyam Sinha ,  Sameer Merchant

IPC: H04L12/46 ,  H04L45/00 ,  H04L45/24 ,  H04L45/50 ,  H04L51/214 ,  H04L45/16 ,  H04L43/0852 ,  H04L43/0894 ,  H04L43/16 ,  H04L45/745 ,  H04L61/2503 ,  H04L45/02 ,  H04L69/22 ,  H04L67/10 ,  H04L41/0654 ,  H04L43/0811 ,  H04L45/74 ,  H04L49/00 ,  H04L61/2592 ,  H04L12/18 ,  H04L45/48 ,  H04L45/7453 ,  H04L45/021 ,  H04L45/64 ,  H04L47/125

CPC classification number: H04L12/4633 ,  H04L12/18 ,  H04L12/4641 ,  H04L12/4645 ,  H04L41/0654 ,  H04L43/0811 ,  H04L43/0852 ,  H04L43/0894 ,  H04L43/16 ,  H04L45/02 ,  H04L45/021 ,  H04L45/16 ,  H04L45/22 ,  H04L45/24 ,  H04L45/245 ,  H04L45/48 ,  H04L45/50 ,  H04L45/74 ,  H04L45/745 ,  H04L45/7453 ,  H04L49/70 ,  H04L51/214 ,  H04L61/2503 ,  H04L61/2592 ,  H04L67/10 ,  H04L69/22 ,  H04L45/64 ,  H04L47/125 ,  H04L2212/00

Abstract: The subject technology addresses a need for improving utilization of network bandwidth in a multicast network environment. More specifically, the disclosed technology provides solutions for extending multipathing to tenant multicast traffic in an overlay network, which enables greater bandwidth utilization for multicast traffic. In some aspects, nodes in the overlay network can be connected by virtual or logical links, each of which corresponds to a path, perhaps through many physical links, in the underlying network.

公开(公告)号：US11018898B2

公开(公告)日：2021-05-25

申请号：US16846091

申请日：2020-04-10

Applicant: Cisco Technology, Inc.

Inventor： Kit Chiu Chu ,  Thomas J. Edsall ,  Navindra Yadav ,  Francisco M. Matus ,  Krishna Doddapaneni ,  Satyam Sinha ,  Sameer Merchant

IPC: H04L12/46 ,  H04L12/707 ,  H04L12/709 ,  H04L12/723 ,  H04L12/26 ,  H04L12/741 ,  H04L29/12 ,  H04L12/751 ,  H04L29/06 ,  H04L12/58 ,  H04L29/08 ,  H04L12/24 ,  H04L12/931 ,  H04L12/18 ,  H04L12/753 ,  H04L12/743 ,  H04L12/755 ,  H04L12/715 ,  H04L12/803

Abstract: The subject technology addresses a need for improving utilization of network bandwidth in a multicast network environment. More specifically, the disclosed technology provides solutions for extending multipathing to tenant multicast traffic in an overlay network, which enables greater bandwidth utilization for multicast traffic. In some aspects, nodes in the overlay network can be connected by virtual or logical links, each of which corresponds to a path, perhaps through many physical links, in the underlying network.

公开(公告)号：US10581635B2

公开(公告)日：2020-03-03

申请号：US15596613

申请日：2017-05-16

Applicant: Cisco Technology, Inc.

Inventor： Kit Chiu Chu ,  Thomas J. Edsall ,  Navindra Yadav ,  Francisco M. Matus ,  Krishna Doddapaneni ,  Satyam Sinha

IPC: H04L12/46 ,  H04L12/707 ,  H04L12/709 ,  H04L12/723 ,  H04L12/26 ,  H04L12/741 ,  H04L29/12 ,  H04L12/751 ,  H04L29/06 ,  H04L12/58 ,  H04L29/08 ,  H04L12/24 ,  H04L12/931 ,  H04L12/18 ,  H04L12/753 ,  H04L12/743 ,  H04L12/755 ,  H04L12/715 ,  H04L12/803

Abstract: Aspects of the subject technology relate to solutions for transporting network traffic over an overlay network. A first tunnel endpoint in an overlay network can receive an encapsulated packet from a second tunnel endpoint. The encapsulated packet may have been encapsulated at the second tunnel endpoint based on another packet originating from a source host that is associated with the second tunnel endpoint. The encapsulated packet can include a source host address for the source host and a source tunnel endpoint address for the second tunnel endpoint. The first tunnel endpoint can then update a lookup table based on an association between the source host address and the source tunnel endpoint address.

公开(公告)号：US10516612B2

公开(公告)日：2019-12-24

申请号：US15792587

申请日：2017-10-24

Applicant: Cisco Technology, Inc.

Inventor： Sarang M. Dharmapurikar ,  Mohammadreza Alizadeh Attar ,  Kit Chiu Chu ,  Francisco M. Matus ,  Adam Hutchin ,  Janakiramanan Vaidyanathan

IPC: H04L12/743 ,  G11C15/04 ,  H04L12/707 ,  H04L12/803 ,  G11C11/4096 ,  G06K15/10 ,  G06F9/30 ,  G11C15/00

Abstract: Apparatus, systems and methods may be used to monitor data flows and to select and track particularly large data flows. A method of tracking data flows and identifying large-data (“elephant”) flows comprises extracting fields from a packet of data to construct a flow key, computing a hash value on the flow key to provide a hashed flow signature, entering and/or comparing the hashed flow signature with entries in a flow hash table. Each hash table entry includes a byte count for a respective flow. When the byte count for a flow exceeds a threshold value, the flow is added to a large-data flow (“elephant”) table and the flow is then tracked in the large-data flow table.