公开(公告)号：US11283712B2

公开(公告)日：2022-03-22

申请号：US16915657

申请日：2020-06-29

Applicant: Cisco Technology, Inc.

Inventor： Sebastian Jeuk ,  Gonzalo Salgueiro

IPC: H04L12/715 ,  H04L45/64 ,  H04L45/42 ,  H04L47/2425 ,  H04L45/12

Abstract: Disclosed is a system and method of providing a segment routing as a service application. The method includes receiving a configuration of an internet protocol environment. The configuration can be a layer 3 configuration of a single cloud environment or even across multiple cloud environments. The configuration defines routing, forwarding, and paths in the environment between different entities such as virtual machines. The method includes receiving a parameter associated with a workload of a tenant. The parameter can be a service level agreement (i.e., a best bandwidth available), a pathway requirement, a parameter associated with specific workload, and so forth. Based on the configuration and the parameter, the method includes generating tenant-defined layer 3 overlay segment routing rules that define how the workload of the tenant will route data in the internet protocol environment using segment routing.

公开(公告)号：US11283688B2

公开(公告)日：2022-03-22

申请号：US16878370

申请日：2020-05-19

Applicant: Cisco Technology, Inc.

Inventor： Sridar Kandaswamy ,  Sebastian Jeuk

IPC: H04L12/751 ,  H04L41/12 ,  H04L41/0893 ,  H04L41/14 ,  H04L45/02

Abstract: Techniques are described herein for generating and modifying formal network topology models, and deploying network topologies based on the formal models across multiple workload resource domains. A topology deployment system may receive modification data for a deployed network topology, and analyze the modification data to determine whether the associated formal network topology model is to be recomputed. In some examples, modifications to a deployed network topology that do not impact operational performance or compromise functional equivalence with the underlying logical model, need not trigger a recomputation of the network topology model immediately and could be delayed. Modifications to deployed network topologies that do not trigger recomputations of the formal network topology model may be stored and tracked, so that subsequent recomputations of the model may incorporate the pending modifications.

公开(公告)号：US20210409277A1

公开(公告)日：2021-12-30

申请号：US16915706

申请日：2020-06-29

Applicant: Cisco Technology, Inc.

Inventor： Sebastian Jeuk ,  Sridar Kandaswamy

IPC: H04L12/24

Abstract: A deployment system may generate and deploy network topology models within one or more workload resource domains. In some examples, the deployment system may implement a hierarchical data structure to store and manage multiple variations of a network topology models, in which network topology definitions and other characteristics may be inherited between related elements in the data structure. Data structures storing network topology models may be implemented as hierarchical levels of elements storing related, overlapping, and/or alternative portions of network topologies. A network topology model may be generated for deployment by combining the portions of network topologies stored within a branch of elements in the hierarchy, and the model may be deployed across one or more workload resource domains. Modifications to network topology models may be applied to individual elements and/or propagated to related elements based on the relationships and metadata defined for the in the hierarchical structure.

公开(公告)号：US20210392049A1

公开(公告)日：2021-12-16

申请号：US16901558

申请日：2020-06-15

Applicant: Cisco Technology, Inc.

Inventor： Sebastian Jeuk ,  Sridar Kandaswamy

IPC: H04L12/24 ,  H04L12/911 ,  G06N20/00

Abstract: Techniques are described herein for deploying, monitoring, and modifying network topologies comprising various computing and network nodes deployed across multiple workload resource domains. A deployment system may receive operational data from a network topology deployed across multiple workload resource domains, such as public or private cloud computing environments, on-premise data centers, and the like. The operational data may be provided to a trained machine-learning model, and output from the trained model may be used, along with constraint inputs and resource inventories of the workload resource domains, to determine updated topology models which may be deployed within the workload resource domains.

公开(公告)号：US20210006489A1

公开(公告)日：2021-01-07

申请号：US17028772

申请日：2020-09-22

Applicant: Cisco Technology, Inc.

Inventor： Sebastian Jeuk ,  Ralf Rantzau ,  Gonzalo Salgueiro

IPC: H04L12/761 ,  H04L12/18 ,  H04L12/54 ,  H04L12/741

Abstract: In an embodiment, a data processing method comprises receiving, at a BIER replicator node that is programmed to implement Bit Index Explicit Replication (BIER) protocol, from a data source, a multicast stream packet identifying a service-level multicast group address; using the BIER replicator node, replicating the multicast stream packet according to BIER protocol and transmitting two or more replicated packet streams to two or more BIER receiver nodes that are programmed to implement BIER; using the two or more BIER receiver nodes, transmitting the two or more replicated packet streams to two or more receivers. Other embodiments may use modified iOAM (In-situ Operations, Administration, and Maintenance) techniques.

公开(公告)号：US10785122B2

公开(公告)日：2020-09-22

申请号：US16153417

申请日：2018-10-05

Applicant: Cisco Technology, Inc.

Inventor： Kaustubh Inamdar ,  Ram Mohan Ravindranath ,  Gonzalo Salgueiro ,  Sebastian Jeuk

IPC: G06F15/173 ,  H04L12/24 ,  H04L29/08 ,  H04L12/26

Abstract: Systems and methods provide for validating a canary release of containers in a containerized production environment. A first container of the containerized production environment can receive network traffic. The first container can transmit the network traffic to a first version of a second container of the containerized production environment and to a traffic analysis engine. First metrics relating to processing by the first version of the second container can be captured. The traffic analysis engine can determine one or more traffic patterns included in the network traffic. The traffic analysis engine can cause simulated network traffic corresponding to the one or more traffic patterns to be transmitted to a second version (e.g., a canary release) of the containerized production environment. Second metrics relating to processing by the second version of the second container can be captured. A comparison between the first metrics and the second metrics can be presented.

公开(公告)号：US10652155B2

公开(公告)日：2020-05-12

申请号：US16384464

申请日：2019-04-15

Applicant: Cisco Technology, Inc.

Inventor： Sebastian Jeuk ,  Gonzalo Salgueiro

IPC: H04L12/14 ,  H04L12/813 ,  H04L12/851 ,  H04L12/859 ,  H04L12/24

Abstract: Disclosed is a system and method of providing transport-level identification and isolation of container traffic. The method includes assigning, by a software-defined-network (SDN) controller in an SDN-enable cloud environment, a service-ID to a service, a tenant-ID to a tenant and/or workload-ID to yield universal cloud classification details, and extracting, from a data flow, the universal cloud classification details. The method includes receiving a policy, generating flow rules based on the policy and universal cloud classification details, and transmitting the flow rules to an openflow application to confine packet forwarding decisions for the data flow.

公开(公告)号：US10601672B2

公开(公告)日：2020-03-24

申请号：US15791587

申请日：2017-10-24

Applicant: Cisco Technology, Inc.

Inventor： Sebastian Jeuk ,  Gonzalo Salgueiro ,  Ralf Rantzau

IPC: G06F15/173 ,  H04L12/24 ,  G06N5/04 ,  G06N20/00 ,  G06F9/50 ,  H04L29/08

Abstract: The present disclosure involves systems and methods for obtaining and correlating workload performance information from multiple tenants on a computing network and providing deployment improvement suggestions to a cloud operator or tenant based at least on the correlated workload performance information. In one particular implementation, applications deployed and executed on the cloud environment may provide performance logs and/or metrics to an inter-tenant workload engine of the cloud environment. The workload engine may utilize the received performance information to detect performance patterns of an application across the different tenant deployments. A recommendation engine may analyze the performance characteristics across the multiple tenant applications and determine an optimized deployment of the application and generate recommended deployment instructions to a cloud environment administrator and/or one or more tenants of the cloud environment.

公开(公告)号：US20200076717A1

公开(公告)日：2020-03-05

申请号：US16117235

申请日：2018-08-30

Applicant: Cisco Technology, Inc.

Inventor： Ralf Rantzau ,  Rajath Agasthya ,  Sebastian Jeuk ,  Gonzalo Salgueiro

IPC: H04L12/26 ,  H04L12/927

Abstract: Techniques for monitoring packet loss in communications using stochastic streaming algorithms are provided. In an embodiment, a server computer receives data identifying a plurality of data packet drop events from an electronic digital network element. The server computer creates and stores in computer memory a plurality of frequency tables which track packet loss for a plurality of items, each frequency table corresponding to an attribute of a monitored attribute type and a snapshot time. The server computer identifies, for each frequency table, one or more items of the plurality of items that are associated with a frequency of packet loss higher than the remaining items of the plurality of items. The server computer stores a plurality of snapshot data items, each of the plurality of snapshot data items comprising a frequency table, a snapshot time corresponding to the frequency table, an attribute of the monitored attribute type corresponding to the frequency table, and the identified one or more items for the frequency table.

公开(公告)号：US20200067818A1

公开(公告)日：2020-02-27

申请号：US16107040

申请日：2018-08-21

Applicant: Cisco Technology, Inc.

Inventor： Sebastian Jeuk ,  Ralf Rantzau ,  Gonzalo Salgueiro

IPC: H04L12/761 ,  H04L12/741 ,  H04L12/18 ,  H04L12/54

Abstract: In an embodiment, a data processing method comprises receiving, at a BIER replicator node that is programmed to implement Bit Index Explicit Replication (BIER) protocol, from a data source, a multicast stream packet identifying a service-level multicast group address; using the BIER replicator node, replicating the multicast stream packet according to BIER protocol and transmitting two or more replicated packet streams to two or more BIER receiver nodes that are programmed to implement BIER; using the two or more BIER receiver nodes, transmitting the two or more replicated packet streams to two or more receivers. Other embodiments may use modified iOAM (In-situ Operations, Administration, and Maintenance) techniques comprising: using the source, encapsulating an iOAM header and placing in the header one of: an identifier of a replicator policy; a definition of a replicator policy expressed in a symbolic language; receiving the iOAM header at one or more of the BIER replicator nodes; at a particular one of the replicator nodes, performing one of: reading the identifier of the replicator policy, retrieving a pre-defined packet replication policy that matches the identifier, and executing the pre-defined packet replication policy to dynamically adjust packet processing behavior of the particular one of the BIER replicator nodes; or parsing the definition of the replicator policy in the symbolic language to yield a new packet replication policy, and executing the new packet replication policy to dynamically adjust packet processing behavior of the particular one of the BIER replicator nodes.