公开(公告)号：US10476700B2

公开(公告)日：2019-11-12

申请号：US15228899

申请日：2016-08-04

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Victor Manuel Moreno ,  Padmanabhan Krishnan ,  Nilesh Shah ,  Suvil Singh Deora ,  Shyam Kapadia

IPC: H04L12/66 ,  H04L12/46 ,  H04L29/08 ,  H04L12/24

Abstract: In one embodiment a method includes receiving a first message including information regarding a first host connected to a first tunnel endpoint in a first network domain, the received information being encoded in accordance with a control plane protocol of the first network domain; translating the received first message in accordance with an API and/or a database schema of a second network domain; and transmitting the translated first message to the second network domain. The method further includes receiving a second message comprising information regarding a second host connected to a second tunnel endpoint in the second network domain, the received information being encoded in accordance with the API and/or the database schema of the second network domain; translating the second received message in accordance with the control plane protocol of the first network domain; and transmitting the translated second message to the first network domain.

公开(公告)号：US20180183678A1

公开(公告)日：2018-06-28

申请号：US15902916

申请日：2018-02-22

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Girija Raghavendra Rao ,  Victor Manuel Moreno ,  Marc Binderberger ,  Lev Shvarts ,  Vrushali Ashtaputre

IPC: H04L12/24 ,  H04L12/751

CPC classification number: H04L41/12 ,  H04L45/02

Abstract: A method for assisting communication of a source host upon movement from a first Data center (DC) to a second DC is disclosed. The method includes identifying that the source host has moved from the first DC to the second DC, ensuring that packets identifying a source as the source host in the second DC are copied to a control plane network element, and, for a first destination host identified in a first packet copied to the control plane network element and identified as a host that is not in the second DC, updating an Address Resolution Protocol (ARP)/Neighbor Discovery Protocol (NDP) cache of the source host by sending, to the source host, a first ARP message/unsolicited neighbor advertisement specifying a Media Access Control (MAC) address of an edge router associated with the source host in the second DC as a destination MAC address for the first destination host.

公开(公告)号：US20150188723A1

公开(公告)日：2015-07-02

申请号：US14644828

申请日：2015-03-11

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Victor Manuel Moreno ,  Ian Bruce Bernard Cox

IPC: H04L12/18 ,  H04L29/12 ,  H04L12/46

CPC classification number: H04L12/1886 ,  H04L12/4633 ,  H04L45/64 ,  H04L61/103 ,  H04L61/2038

Abstract: Technologies are provided in example embodiments for intercepting a packet being multicast from a first tunnel endpoint in a network, determining first address mapping information of the first tunnel endpoint and a first host, wherein the first host created the packet, generating a control protocol message with the first address mapping information, and communicating the control protocol message through a control plane in the network. In more specific example embodiments, the communicating the control protocol message includes sending the control protocol message to a network repository, where the first address mapping information is registered in the network repository. In other more specific example embodiments, the communicating the control protocol message includes pushing the control protocol message to one or more other tunnel endpoints. Further embodiments include decapsulating the packet to determine an endpoint identifier of the first host and a location of the first tunnel endpoint.

Abstract translation: 在示例实施例中提供了技术，用于截取来自网络中的第一隧道端点的多播的分组，确定第一隧道端点和第一主机的第一地址映射信息，其中第一主机创建分组，生成具有 第一地址映射信息，并通过网络中的控制平面传送控制协议消息。 在更具体的示例实施例中，传送控制协议消息包括将控制协议消息发送到网络存储库，其中第一地址映射信息被登记在网络存储库中。 在其他更具体的示例实施例中，传达控制协议消息包括将控制协议消息推送到一个或多个其他隧道端点。 另外的实施例包括解封装分组以确定第一主机的端点标识符和第一隧道端点的位置。

公开(公告)号：US20230379270A1

公开(公告)日：2023-11-23

申请号：US17749930

申请日：2022-05-20

Applicant: Cisco Technology, Inc.

Inventor： Sanjay Kumar Hooda ,  Victor Manuel Moreno ,  Prakash C. Jain

IPC: H04L49/25 ,  H04L67/2885 ,  H04L47/31

CPC classification number: H04L49/252 ,  H04L67/2885 ,  H04L47/31

Abstract: Techniques and architecture are described that utilize switchport protected flags to provide switchport protected functionality across network devices, e.g., switches, routers, etc., in fabric networks. For example, a first port of a first network device of a fabric network receives a packet from a first host destined for a second host. The second host is onboarded to the fabric network via a second port of a second network device. It is determined (i) if a first protected flag associated with the first port of the first network device is set as true and (ii) if a second protected flag associated with the second host is set as true. Based at least in part on (i) the first protected flag associated with the first port being set as true and (ii) the second protected flag being set as true, the first network device drops the packet.

公开(公告)号：US11601496B1

公开(公告)日：2023-03-07

申请号：US17728657

申请日：2022-04-25

Applicant: Cisco Technology, Inc.

Inventor： Prakash C. Jain ,  Sanjay Kumar Hooda ,  Marc Portoles Comeras ,  Vinay Saini ,  Victor Manuel Moreno

IPC: G06F15/16 ,  H04L67/1001 ,  H04L41/122 ,  H04L67/51 ,  H04L45/76 ,  H04L41/0893

Abstract: This disclosure describes techniques and mechanisms for providing hybrid cloud services for enterprise fabric. The techniques include enhancing an on-demand protocol (e.g., such as LISP) and allowing simplified security and/or firewall service insertion for datacenter servers providing those services. Accordingly, the techniques described herein provide hybrid cloud services that work in disaggregated, distributed, and consistent way, while avoiding complex datacenter network devices (e.g., such running overlay on TOR), replacing and moving the functionality to on demand protocol enabled servers, which intelligently receive the required mappings as well as registers and publishes the service information to intelligently interact with the network.

公开(公告)号：US11265289B2

公开(公告)日：2022-03-01

申请号：US16685969

申请日：2019-11-15

Applicant: Cisco Technology, Inc.

Inventor： Victor Manuel Moreno ,  Sanjay Kumar Hooda

IPC: H04L29/12 ,  H04L12/46 ,  H04L12/58 ,  H04L61/2557 ,  H04L61/2575 ,  H04L61/5038 ,  H04L61/2592 ,  H04L51/04

Abstract: This disclosure describes techniques for implementing network address translation as a distributed service over the nodes of a logical network fabric, such as a software-defined network fabric. A method includes registering, by an edge node of a network, an IP address of a client device. The method further includes forwarding, by the edge node, the registered IP address to a control plane of the network. The method further includes checking, by the control plane, a network address translation policy. The method further includes recording, by the control plane, translations between the registered IP address and an allocated IP address in a translation table, each of the translations being related to the edge node. The method further includes returning, by the control plane, the translations between the registered IP address and the allocated IP address to the edge node.

公开(公告)号：US10516544B2

公开(公告)日：2019-12-24

申请号：US15649479

申请日：2017-07-13

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Victor Manuel Moreno ,  Shyam Kapadia ,  Sanjay Kumar Hooda

IPC: G06F17/30 ,  H04L29/12 ,  H04L12/18 ,  H04L29/06 ,  H04L12/46 ,  H04L12/24 ,  H04L12/733 ,  H04L12/761

Abstract: A Location/Identifier Separation Protocol (LISP) mapping server, including: a network interface for communicating with a LISP-enabled network; a mapping database; an extranet policy table; and a shared subnetwork mapping engine (SSME), including at least a hardware platform, configured to: receive a map request from a first endpoint serviced by a first xTR, the first endpoint on a first subnetwork, the map request for a second endpoint; determine that the second endpoint is not a member of the first subnetwork; query the extranet policy table to identify a second subnetwork that the first subnetwork subscribes to, and to determine that the second endpoint is a member of the second subnetwork; and provide to the first subnetwork a routing locator (RLOC) of an xTR servicing the second endpoint.

公开(公告)号：US09998356B2

公开(公告)日：2018-06-12

申请号：US14800269

申请日：2015-07-15

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Victor Manuel Moreno ,  Dhananjaya Rao

IPC: G06F15/173 ,  H04L12/707 ,  H04L29/08 ,  G06F9/455

CPC classification number: H04L45/22 ,  G06F9/45558 ,  G06F2009/4557 ,  G06F2009/45595 ,  H04L67/1095

Abstract: A system and a method are disclosed for synchronizing network convergence and virtual host migration in a network environment. An exemplary method includes upon receiving a message indicating that a mobile host manger will migrate a virtual host from a source node to a destination node in a network, pre-calculating a route for the virtual host at the destination node; and upon receiving a message indicating that the mobile host manager will freeze the virtual host, activating the pre-calculated route at a switch to minimize packet loss while the network converges. The pre-calculated route may be activated at a switch through which the virtual host at the source node connected to the network.

公开(公告)号：US09985837B2

公开(公告)日：2018-05-29

申请号：US14878716

申请日：2015-10-08

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Girija Raghavendra Rao ,  Victor Manuel Moreno ,  Marc Binderberger ,  Lev Shvarts ,  Vrushali Ashtaputre

IPC: H04L12/24 ,  H04L12/751

CPC classification number: H04L41/12 ,  H04L45/02

Abstract: A method for assisting communication of a source host upon movement from a first Data center (DC) to a second DC is disclosed. The method includes identifying that the source host has moved from the first DC to the second DC, ensuring that packets identifying a source as the source host in the second DC are copied to a control plane network element, and, for a first destination host identified in a first packet copied to the control plane network element and identified as a host that is not in the second DC, updating an Address Resolution Protocol (ARP)/Neighbor Discovery Protocol (NDP) cache of the source host by sending, to the source host, a first ARP message/unsolicited neighbor advertisement specifying a Media Access Control (MAC) address of an edge router associated with the source host in the second DC as a destination MAC address for the first destination host.

公开(公告)号：US20170317919A1

公开(公告)日：2017-11-02

申请号：US15143202

申请日：2016-04-29

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Rex Emmanuel Fernando ,  Victor Manuel Moreno ,  Shyam Kapadia ,  Liqin Dong ,  Murali Venkateshaiah

IPC: H04L12/761 ,  H04L12/46 ,  H04L29/12

CPC classification number: H04L61/103 ,  H04L12/4633 ,  H04L41/0806 ,  H04L41/12 ,  H04L61/6022

Abstract: A system and a method are disclosed for enabling interoperability between data plane learning endpoints and control plane learning endpoints in an overlay network environment. An exemplary method for managing network traffic in the overlay network environment includes receiving network packets in an overlay network from data plane learning endpoints and control plane learning endpoints, wherein the overlay network extends Layer 2 network traffic over a Layer 3 network; operating in a data plane learning mode when a network packet is received from a data plane learning endpoint; and operating in a control plane learning mode when the network packet is received from a control plane learning endpoint. Where the overlay network includes more than one overlay segment, the method further includes operating as an anchor node for routing inter-overlay segment traffic to and from hosts that operate behind the data plane learning endpoints.