公开(公告)号：US20210377128A1

公开(公告)日：2021-12-02

申请号：US16930947

申请日：2020-07-16

Applicant: Cisco Technology, Inc.

Inventor： Shyam Kapadia ,  Liqin Dong ,  Lukas Krattiger

IPC: H04L12/24 ,  H04L12/751 ,  H04L12/715 ,  H04L9/08 ,  H04L9/32

Abstract: Techniques for utilizing a Software-Defined-Networking (SDN) controller and/or a Data Center Network Manager (DCNM) and network border gateway switches associated with a multi-site cloud computing network to provide reachability data indicating physical links between the border gateways disposed in different sites of the multi-site network to establish secure connection tunnels utilizing the physical links and unique encryption keys. The SDN controller and/or DCNM may be configured to generate a physical underlay model representing the physical underlay, or network transport capabilities, and/or a logical overlay model representing a logical overlay, or overlay control-plane, of the multi-site network. The SDN controller may also generate an encryption key model representing the associations between the encryption keys and the physical links between the associated network border gateway switches. The SDN controller may utilize the models to determine route paths for transmitting network traffic spanning over different sites of the multi-site network at line speed.

公开(公告)号：US20200274766A1

公开(公告)日：2020-08-27

申请号：US16283958

申请日：2019-02-25

Applicant: Cisco Technology, Inc.

Inventor： Jason David Notari ,  Manish Chandra Agrawal ,  Liqin Dong ,  Lukas Krattiger ,  Patnala Debashis Rao

IPC: H04L12/24

Abstract: The present technology provides a system, method and computer-readable medium for configuration pattern recognition and inference, directed to a device with an existing configuration, through an extensible policy framework. The policy framework uses a mixture of python template logic and CLI micro-templates as a mask to infer the intent behind an existing device configuration in a bottom-up learning inference process. Unique values for device/network identifiers and addresses as well as other resources are extracted and accounted for. The consistency of devices within the fabric is checked based on the specific policies built into the extensible framework definition. Any inconsistencies found are flagged for user correction or automatically remedied by a network controller. This dynamic configuration pattern recognition ability allows a fabric to grow without being destroyed and re-created, thus new devices with existing configurations may be added and automatically configured to grow a Brownfield fabric.

公开(公告)号：US10608984B2

公开(公告)日：2020-03-31

申请号：US15465496

申请日：2017-03-21

Applicant: Cisco Technology, Inc.

Inventor： Srividya Vemulakonda ,  Huilong Huang ,  Shyam Kapadia ,  Rajesh B Nataraja ,  Liqin Dong ,  Stephanie Wong

IPC: H04L29/12 ,  H04L12/24

Abstract: In one implementation, a method performed by a first node with interfaces configured as IP unnumbered interfaces sharing a single IP address and to communicate with a DHCP-associated second node includes: obtaining a first message that indicates a configuration status of a third node at a respective interface; obtaining a second message for the third node from the DHCP-associated second node that includes a temporary IP address for the third node and an indicator of a file server; obtaining a third message associated with the third node that includes the temporary IP address, the third message requests address information for the file server; and configuring the third node by establishing a connection between the third node and the file server to transfer at least one configuration file, where configuring the third node includes providing the temporary IP address to the DHCP-associated second node via BGP.

公开(公告)号：US20180191615A1

公开(公告)日：2018-07-05

申请号：US15910804

申请日：2018-03-02

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Suran Saminda de Silva ,  Chiajen Tsai ,  Liqin Dong ,  Yibin Yang

IPC: H04L12/741 ,  H04L12/713 ,  H04L12/46

CPC classification number: H04L45/74 ,  H04L12/4641 ,  H04L45/54 ,  H04L45/586

Abstract: Packet transmission techniques are disclosed herein. An exemplary method includes receiving a packet that identifies an internet protocol (IP) address assigned to more than one destination node; selecting a virtual routing and forwarding table based, at least in part, on a segmentation identification in the packet; identifying a designated destination node in the packet based, at least in part, on the selected virtual routing and forwarding table; and transmitting the packet to the designated destination node.

公开(公告)号：US09985867B2

公开(公告)日：2018-05-29

申请号：US15043079

申请日：2016-02-12

Applicant: Cisco Technology, Inc.

Inventor： Liqin Dong ,  Shyam Kapadia ,  Neeraj Malhotra ,  Richard Lam ,  Lukas Krattiger

IPC: H04L12/751

CPC classification number: H04L45/02

Abstract: Presented herein are methods for advertising an IP prefix to address the connectivity problem in multi-chassis link aggregation scenario. A peer switch will advertise two VTEP addresses. It will use a physical IP (PIP) address as a next hop (NH) for a prefix route, while continuing to use a VIP for host IP and MAC route advertisement. A new virtual MAC is introduced and it is derived from the VIP as the router MAC associated with VIP. A switch is made to use a VIP for prefix advertisement when a device detects that the same prefix is reachable both locally and from its peer. This saves adjacency entries consumed in the remote VTEPs. These techniques fix the connectivity issue for prefix routes that is exposed with current EVPN, without requiring any additional adjacency resource consumption.

公开(公告)号：US20180013670A1

公开(公告)日：2018-01-11

申请号：US15711812

申请日：2017-09-21

Applicant: Cisco Technology, Inc.

Inventor： Shyam Kapadia ,  Liqin Dong ,  Yibin Yang

IPC: H04L12/715 ,  H04L12/24 ,  H04L12/46 ,  H04L12/741 ,  H04L12/721

CPC classification number: H04L45/64 ,  H04L12/46 ,  H04L12/4625 ,  H04L12/4633 ,  H04L41/04 ,  H04L45/38 ,  H04L45/66 ,  H04L45/74

Abstract: Systems, methods, and computer-readable media for OAM in overlay networks. In response to receiving a packet associated with an OAM operation from a device in an overlay network, the system generates an OAM packet. The system can be coupled with the overlay network and can include a tunnel endpoint interface associated with an underlay address and a virtual interface associated with an overlay address. The overlay address can be an anycast address assigned to the system and another device in the overlay network. Next, the system determines that a destination address associated with the packet is not reachable through the virtual interface, the destination address corresponding to a destination node in the overlay network. The system also determines that the destination address is reachable through the tunnel endpoint interface. The system then provides the underlay address associated with the tunnel endpoint interface as a source address in the OAM packet.

公开(公告)号：US09800497B2

公开(公告)日：2017-10-24

申请号：US14723291

申请日：2015-05-27

Applicant: Cisco Technology, Inc.

Inventor： Shyam Kapadia ,  Liqin Dong ,  Yibin Yang

IPC: H04L12/715 ,  H04L12/721 ,  H04L12/24 ,  H04L12/46 ,  H04L12/741

CPC classification number: H04L45/64 ,  H04L12/46 ,  H04L12/4625 ,  H04L12/4633 ,  H04L41/04 ,  H04L45/38 ,  H04L45/66 ,  H04L45/74

Abstract: Systems, methods, and computer-readable media for OAM in overlay networks. In response to receiving a packet associated with an OAM operation from a device in an overlay network, the system generates an OAM packet. The system can be coupled with the overlay network and can include a tunnel endpoint interface associated with an underlay address and a virtual interface associated with an overlay address. The overlay address can be an anycast address assigned to the system and another device in the overlay network. Next, the system determines that a destination address associated with the packet is not reachable through the virtual interface, the destination address corresponding to a destination node in the overlay network. The system also determines that the destination address is reachable through the tunnel endpoint interface. The system then provides the underlay address associated with the tunnel endpoint interface as a source address in the OAM packet.

公开(公告)号：US09660941B2

公开(公告)日：2017-05-23

申请号：US15095430

申请日：2016-04-11

Applicant: Cisco Technology, Inc.

Inventor： Yibin Yang ,  Liqin Dong ,  Chia Tsai

IPC: H04L12/931 ,  H04L12/751 ,  H04L12/24

CPC classification number: H04L49/70 ,  H04L41/0813 ,  H04L45/02

Abstract: Techniques are provided for managing movements of virtual machines in a network. At a first switch, a virtual machine (VM) is detected. The VM is hosted by a physical server coupled to the first switch. A message is sent to other switches and it indicates that the VM is hosted by the physical server. When the first switch is paired with a second switch as a virtual port channel (vPC) pair, the message includes a switch identifier that identifies the second switch. A receiving switch receives the message from a source switch in the network comprising a route update associated with the VM. A routing table of the receiving switch is evaluated to determine whether the host route is associated with a server facing the physical port. The message is examined to determine it contains the switch identifier.

公开(公告)号：US20160285761A1

公开(公告)日：2016-09-29

申请号：US14674900

申请日：2015-03-31

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Liqin Dong ,  Yibin Yang

IPC: H04L12/741 ,  H04L12/46

CPC classification number: H04L45/745 ,  H04L12/4641 ,  H04L12/4666 ,  H04L45/586 ,  H04L49/354

Abstract: A method for programming a MAC address table by a first leaf node in a network comprising a plurality of leaf nodes is provided. Each leaf node comprises one or more Virtual Tunnel End Points (“VTEPs”) and instantiates a plurality of Virtual Routing and Forwarding elements (“VRFs”), with a corresponding Bridge Domain (“BD”) assigned to each VRF. The method includes obtaining information indicating one or more VTEP Affinity Groups (VAGs), each VAG comprising an identification of one VTEP per leaf node, obtaining information indicating assignment of each VRF to one of the VAGs, assigning each VAG to a unique Filtering Identifier (“FID”), thereby generating one or more FIDs, and programming the MAC address table, using FIDs instead of BDs, by populating the MAC address table with a plurality of entries, each entry comprising a unique combination of a FID and a MAC address of a leaf node.

公开(公告)号：US20160285760A1

公开(公告)日：2016-09-29

申请号：US14670185

申请日：2015-03-26

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Liqin Dong ,  Yibin Yang

IPC: H04L12/741 ,  H04L12/46 ,  H04L12/713

CPC classification number: H04L45/745 ,  H04L12/4641 ,  H04L12/4666 ,  H04L45/586 ,  H04L49/354

Abstract: A method for programming a MAC address table by a first leaf node in a network comprising a plurality of leaf nodes is provided. Each leaf node comprises one or more Virtual Tunnel End Points (“VTEPs”) and instantiates a plurality of Virtual Routing and Forwarding elements (“VRFs”), with a corresponding Bridge Domain (“BD”) assigned to each VRF. The method includes obtaining information indicating one or more VTEP Affinity Groups (VAGs), each VAG comprising an identification of one VTEP per leaf node, obtaining information indicating assignment of each VRF to one of the VAGs, assigning each VAG to a unique Filtering Identifier (“FID”), thereby generating one or more FIDs, and programming the MAC address table, using FIDs instead of BDs, by populating the MAC address table with a plurality of entries, each entry comprising a unique combination of a FID and a MAC address of a leaf node.

Abstract translation: 提供了一种由包括多个叶节点的网络中的第一叶节点编程MAC地址表的方法。 每个叶节点包括一个或多个虚拟隧道终点（“VTEP”）并且实例化多个虚拟路由和转发元件（“VRF”），以及分配给每个VRF的对应的桥接域（“BD”）。 该方法包括获得指示一个或多个VTEP亲和组（VAG）的信息，每个VAG包括每个叶节点的一个VTEP的标识，获得指示每个VRF分配给VAG之一的信息，将每个VAG分配给唯一的过滤标识符 “FID”），从而生成一个或多个FID，并且通过使用FID而不是BD来编程MAC地址表，通过用多个条目填充MAC地址表，每个条目包括FID和MAC地址的唯一组合 的叶节点。