-
公开(公告)号:US10055246B2
公开(公告)日:2018-08-21
申请号:US15279993
申请日:2016-09-29
发明人: Liang Zhang , Yuming Xie , Jinwei Xia , Jun Wu , Fan Yang
CPC分类号: G06F9/45558 , G06F2009/4557
摘要: A data flow migration method and device are disclosed. When migration between a source virtual machine and a target virtual machine is started, determining a silent time used for processing data flow migration; and receiving, within the silent time, a data flow packet sent by a switching node; and sending the data flow packet to the target virtual machine according to the data flow packet and a data flow migration policy. In this way, the silent time is used, a newly arrived data flow is redirected, and the newly arrived data flow is directly sent to the target virtual machine according to the data flow migration policy, which avoids migration of the newly arrived data flow. Therefore, data flows that arrive at the source virtual machine are on the decrease, and system migration performance is effectively improved.
-
公开(公告)号:US11729042B2
公开(公告)日:2023-08-15
申请号:US17351994
申请日:2021-06-18
发明人: Yuming Xie , Xinyu Hu , Yuping Zhao , Fan Yang
IPC分类号: H04L41/0273 , H04L9/40 , H04L41/0893 , H04L9/08 , H04W76/10
CPC分类号: H04L41/0286 , H04L9/0841 , H04L41/0893 , H04L63/061 , H04L63/164 , H04L63/205 , H04W76/10
摘要: An Internet Protocol Security (IPsec) acceleration method includes generating, by an Internet Key Exchange (IKE) device, an IKE link establishment session packet according to an IPSec configuration parameter and a security policy in a security policy database (SPD), sending, by the IKE device, the IKE link establishment session packet to a peer device, establishing a security association (SA) with the peer device, and sending, by the IKE module, the SA to a data forwarding device, where the IKE device and the data forwarding device are discrete devices.
-
公开(公告)号:US11706079B2
公开(公告)日:2023-07-18
申请号:US17184772
申请日:2021-02-25
发明人: Yuming Xie , Liang Zhang , Wei Song , Lei Zhang
IPC分类号: H04L12/24 , H04L41/0631 , H04L41/0604 , H04L41/0654 , H04L41/12
CPC分类号: H04L41/0631 , H04L41/0627 , H04L41/0654 , H04L41/12
摘要: A fault recovery method and apparatus, and a storage medium are provided, and belong to the field of Internet technologies. In the method, network composition information and abnormal event information of a target network are obtained, where the network composition information includes a network topology of the target network and device information of a plurality of network devices on the target network, and the device information includes one or more of interface configuration information, protocol configuration information, and service configuration information; and then a possible root cause of a fault of the target network is determined based on the network composition information and the abnormal event information, where the possible root cause of the fault is used to determine a corresponding fault recovery plan.
-
公开(公告)号:US11188347B2
公开(公告)日:2021-11-30
申请号:US16010958
申请日:2018-06-18
发明人: Dongtian Yang , Xinyu Hu , Yuming Xie , Yuping Zhao
IPC分类号: G06F9/445 , G06F9/4401 , G06F9/455 , G06F9/50
摘要: A driver loading method and a server, where when receiving a service request, the server determines a first global index and a first global virtual function (VF) identifier corresponding to a first function description of a designated function included in the service request, determines a virtual machine (VM) corresponding to the service request, associates the first global VF identifier with the VM, allocates a first local index on the VM to the designated function, creates a correspondence between the first local index and the first function description, and sends the correspondence to the VM. The VM loads, according to the correspondence, a driver of the designated function for a first VF corresponding to the first global VF identifier. According to the foregoing method, different drivers can be loaded for VFs that have different functions and that are virtualized by a Peripheral Component Interconnect Express (PCIe) device.
-
公开(公告)号:US20210168021A1
公开(公告)日:2021-06-03
申请号:US17106915
申请日:2020-11-30
发明人: Zhongyu Wang , Yuming Xie , Zhenwei Zhang , Yunpeng Gao , Xin Xiao
摘要: In a fault root cause determining method, a management device obtains a fault feature of a target network in which a fault occurs. The fault feature is determined based on a knowledge graph of the target network in which the fault occurs. The knowledge graph includes a network entity and an abnormal event entity. The abnormal event entity is connected to an abnormal network entity. The abnormal network entity is a network entity that generates an abnormal event in the target network. The abnormal event entity is configured to indicate the abnormal event generated by the abnormal network entity. A type of the network entity is a network device, an interface, a protocol, or a service. The management device determines a fault root cause of the target network based on the fault feature.
-
公开(公告)号:US10990670B2
公开(公告)日:2021-04-27
申请号:US16185971
申请日:2018-11-09
发明人: Bo Zhang , Yuming Xie , Zhigang Huang , Yang Wang , Liang Xia
摘要: A virtual network function (VNF) audit method and apparatus, used to audit a VNF generated by a platform that includes an authentication and authorization component, a service component, and a virtualized infrastructure. The method includes receiving an event reported by the authentication and authorization component, receiving an event reported by the service component, and receiving an event reported by the virtualized infrastructure, obtaining an event occurrence sequence of each VNF according to all received events, and auditing the event occurrence sequence of each VNF to obtain an audit result of the VNF. According to the method, the events that are distributed in different components are integrated into one event occurrence sequence in order to visually and quickly detect a malicious VNF generated by bypassing a component, and more comprehensively detect the malicious VNF, thereby reducing a missed detection rate of a VNF operation audit.
-
公开(公告)号:US20200036605A1
公开(公告)日:2020-01-30
申请号:US16595066
申请日:2019-10-07
发明人: Yuming Xie , Qian Xiao , Zhiman Xiong , Li Xue , Ming Chen
摘要: A network element health status detection method and device, where the method includes: determining sampled data of at least one key performance indicator (KPI) of a target network element in a first time window; obtaining a fluctuation score of any KPI in the at least one KPI according to sampled data of the any KPI in the first time window and a steady state value of the any KPI; and determining a health status of the target network element based on a fluctuation score of each KPI. Therefore, a network element health status is determined using single-point performance data of a network element and performance data in a network element time window.
-
公开(公告)号:US20190140823A1
公开(公告)日:2019-05-09
申请号:US16222152
申请日:2018-12-17
发明人: Yuming Xie , Bo Zhang , Zhigang Huang , Jianjie You , Yang Wang
摘要: A method for detecting encrypted content and a device, where the method includes receiving, by a middlebox network device using a first secure channel, key information of a Transport Layer Security (TLS) secure channel from a key manager, obtaining, by the middlebox network device based on 5-tuple information of the TLS secure channel, encrypted application data transmitted over the TLS secure channel, decrypting, by the middlebox network device, the encrypted application data using a session key, and detecting decrypted content. Hence, the middlebox network device decrypts the encrypted application data, and detects decrypted application data. In this way, detection of encrypted content does not rely on a TLS proxy server, and detection complexity and detection costs can be reduced.
-
公开(公告)号:US20170359214A1
公开(公告)日:2017-12-14
申请号:US15670736
申请日:2017-08-07
发明人: Yuming Xie , Xinyu Hu , Yuping Zhao , Fan Yang
CPC分类号: H04L41/0286 , H04L9/0841 , H04L41/0893 , H04L63/061 , H04L63/164 , H04L63/205 , H04W76/10
摘要: An Internet Protocol Security (IPSec) acceleration method, an apparatus, and a system, where the method includes generating, by an Internet Key Exchange (IKE) device, an IKE link establishment session packet according to an IPSec configuration parameter and a security policy in a security policy database (SPD), sending, by the IKE device, the IKE link establishment session packet to a peer device, establishing a security association (SA) with the peer device, and sending, by the IKE module, the SA to a data forwarding device. The IKE device and the data forwarding device are discrete devices. In this way, the IKE device and the data forwarding device can be deployed in different devices in order to increase the IPSec speed.
-
-
-
-
-
-
-
-
搜索结果
29 条记录 (耗时 0.023 秒)
