公开(公告)号：US12081529B2

公开(公告)日：2024-09-03

申请号：US17812901

申请日：2022-07-15

Applicant: Cisco Technology, Inc.

Inventor： Ali Sajassi ,  Pradeep Kumar Kathail ,  Samir Thoria

IPC: H04L29/06 ,  H04L9/40 ,  H04L45/00

CPC classification number: H04L63/0435 ,  H04L45/22 ,  H04L63/029

Abstract: A system and method for adaptive encryption for SD-WAN includes identifying an encrypted conversational flow and determining whether a duration of the encrypted conversational flow exceeds a threshold. The method also includes selecting a header-less tunnel for the encrypted conversational flow when the duration is more than the threshold. The method further includes transmitting the encrypted conversational flow to an egress router over the selected header-less tunnel.

公开(公告)号：US12034707B2

公开(公告)日：2024-07-09

申请号：US18104603

申请日：2023-02-01

Applicant: Cisco Technology, Inc.

Inventor： David A. Maluf ,  Srinath Gundavelli ,  Pascal Thubert ,  Pradeep Kumar Kathail ,  Eric Levy-Abegnoli ,  Eric Voit ,  Ali Sajassi

IPC: H04L9/40 ,  H04L61/2521 ,  H04L61/2539 ,  H04L61/4511

CPC classification number: H04L63/0421 ,  H04L61/2525 ,  H04L61/2539 ,  H04L61/4511

Abstract: Techniques for using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to anonymize server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a random IP address that is mapped to the client device and the endpoint device. In this way, IP addresses of servers are obfuscated by a random IP address that cannot be used to identify the endpoint device or service. The client device may then communicate data packets to the server using the random IP address as the destination address, and a gateway that works in conjunction with DNS can convert the random IP address to the actual IP address of the server using NAT and forward the data packet onto the server.

公开(公告)号：US20240195648A1

公开(公告)日：2024-06-13

申请号：US18317895

申请日：2023-05-15

Applicant: Cisco Technology, Inc.

Inventor： Mankamana Prasad Mishra ,  Sameer R. Gulrajani ,  Ali Sajassi ,  Swadesh Agrawal ,  Nitin Kumar

IPC: H04L12/18 ,  H04L12/46

CPC classification number: H04L12/185 ,  H04L12/4633

Abstract: A system and associated methods provide procedures for establishing multicast connections and forwarding multicast content from a source to a subscriber when an ingress provider edge in communication with the subscriber is connected to an egress provider edge device belonging to an EVPN instance, especially in cases where the egress provider edge device is not receiving content from the source. The system configures “backup” provider edge devices belonging to the EVPN instance to temporarily forward the multicast content to the egress provider edge device on behalf of the source, enabling the ingress provider edge device and subscriber to continue to receive the multicast content from the source while the multicast network adjusts to recognize a new egress provider edge device. Methods of establishing connections between the ingress provider edge device and the correct egress provider edge device are also provided to avoid flooding and inefficient content forwarding throughout the network.

公开(公告)号：US11997005B2

公开(公告)日：2024-05-28

申请号：US18166775

申请日：2023-02-09

Applicant: Cisco Technology, Inc.

Inventor： Mankamana Prasad Mishra ,  Ijsbrand Wijnands ,  Anuj Budhiraja ,  Ali Sajassi ,  Stephane Litkowski ,  Satya Ranjan Mohanty

IPC: H04L45/00 ,  H04L12/18 ,  H04L12/46 ,  H04L45/02 ,  H04L45/16 ,  H04L45/586

CPC classification number: H04L45/16 ,  H04L12/185 ,  H04L12/1886 ,  H04L12/4641 ,  H04L45/02 ,  H04L45/586

Abstract: A method comprises, at a first router configured to perform Bit Index Explicit Replication (BIER) for forwarding of multicast packets in a network, storing configuration information that indicates that the first router belongs to multiple subdomains of a BIER domain, and is able to forward the multicast packets for a virtual private network on the multiple subdomains. The method further comprises, during an auto-discovery procedure, generating an auto-discovery message to include an auto-discovery route and route attributes that indicate the multiple subdomains, and sending the auto-discovery message to a second router of the virtual private network the network.

公开(公告)号：US20240146766A1

公开(公告)日：2024-05-02

申请号：US18051974

申请日：2022-11-02

Applicant: Cisco Technology, Inc.

Inventor： Eric A. Voit ,  David Maluf ,  Matthew S MacPherson ,  Sri Gundavelli ,  Ali Sajassi

IPC: H04L9/40

CPC classification number: H04L63/164

Abstract: Stateless network address privacy may be provided. A data packing may be received with an obfuscated destination address and an un-obfuscated source address. An un-obfuscated destination address may be determined based on the obfuscated destination address. An obfuscated source address may be determined based on the un-obfuscated source address. The obfuscated destination address may be replaced with the un-obfuscated destination address and the un-obfuscated source address may be replaced with the obfuscated source address. The packet may be forwarded.

公开(公告)号：US11757671B2

公开(公告)日：2023-09-12

申请号：US17329651

申请日：2021-05-25

Applicant: Cisco Technology, Inc.

Inventor： Mankamana Mishra ,  Swadesh Agrawal ,  Ali Sajassi ,  Ijsbrand Wijnands ,  Samir Thoria

IPC: H04L12/18 ,  H04L45/50 ,  H04L1/00 ,  H04L45/16

CPC classification number: H04L12/1859 ,  H04L12/185 ,  H04L12/1895 ,  H04L45/50 ,  H04L45/16 ,  H04L2001/0093

Abstract: A computer network efficiently provides a multicast network flow to a multicast recipient across a multihomed network element. The multihomed network element includes network devices that receive multicast data from a source of a multicast network flow. Each particular network device that received the multicast data publishes a notification indicating that the multicast network flow is available from the particular network device. The computer network receives a subscription to the multicast network flow from a multicast recipient, and determines whether to bridge the multicast data across the multihomed network element based on a multicast configuration of the computer network. The multihomed network element provides the multicast data to the multicast recipient from at least one of the particular network devices that received the multicast data from the source of the multicast network flow.

公开(公告)号：US20230247484A1

公开(公告)日：2023-08-03

申请号：US17591026

申请日：2022-02-02

Applicant: Cisco Technology, Inc.

Inventor： Ali Sajassi ,  Arman Rezaee ,  Pradeep Kumar Kathail

IPC: H04W28/08 ,  H04B7/185 ,  H04W24/10

CPC classification number: H04W28/0967 ,  H04B7/18521 ,  H04W24/10 ,  H04W84/06

Abstract: According to an embodiment, a node comprises one or more processors operable to execute instructions to cause the node to perform operations. The operations comprise determining a link quality associated with each satellite link of a plurality of satellite links and applying load balancing to the plurality of satellite links. The load balancing is based at least in part on the respective link quality associated with each satellite link. The load balancing comprises determining which of the satellite links to include in an active set selected to communicate data to or from the node and, for each satellite link in the active set, determining a portion of the data to communicate via the respective satellite link. The operations further comprise transmitting or receiving the data via the satellite links in the active set. Each satellite link in the active set communicates its respective portion of the data.

公开(公告)号：US20220337499A1

公开(公告)日：2022-10-20

申请号：US17857861

申请日：2022-07-05

Applicant: Cisco Technology, Inc.

Inventor： Satya Ranjan Mohanty ,  Mankamana Prasad Mishra ,  Ali Sajassi ,  Mrinmoy Ghosh

IPC: H04L43/0882 ,  H04L12/66 ,  H04L49/25 ,  H04L12/18 ,  H04L12/46 ,  H04L69/326

Abstract: In one embodiment, a method includes receiving, by a first router, data from a network component. The method also includes determining, by the first router, a first link bandwidth capacity between the first router and a host device and determining, by the first router, a first score for the first router based on the first link bandwidth capacity, The method also includes determining, by the first router, a second link bandwidth capacity between a second router and the host device and determining, by the first router, a second score for the second router based on the second link bandwidth capacity. The method further includes comparing, by the first router, at least the first score and the second score to determine a highest score and assigning, by the first router, an edge router associated with the highest score to communicate the data to the host device.

公开(公告)号：US11388084B2

公开(公告)日：2022-07-12

申请号：US16514942

申请日：2019-07-17

Applicant: Cisco Technology, Inc.

Inventor： Ali Sajassi ,  Mankamana P. Mishra ,  Samir Thoria ,  Patrice Brissette ,  Mei Zhang ,  Tapraj Singh

IPC: H04L45/00 ,  H04L12/46 ,  H04L45/16 ,  H04L45/7453 ,  H04L45/745 ,  H04L45/50 ,  H04L49/354 ,  H04L45/02 ,  H04L101/677

Abstract: Techniques for routing traffic across different virtual local area networks (VLANs) within a single bridge domain are described. One technique includes receiving at a first network device a packet from a second network device on a first interface of multiple interfaces within a bridge domain at the first network device. Attachment circuit information associated with the packet is determined. An information element that includes an indication of the attachment circuit information is generated. The information element is transmitted to the third network device.

公开(公告)号：US20220209977A1

公开(公告)日：2022-06-30

申请号：US17329651

申请日：2021-05-25

Applicant: Cisco Technology, Inc.

Inventor： Mankamana Mishra ,  Swadesh Agrawal ,  Ali Sajassi ,  Ijsbrand Wijnands ,  Samir Thoria

IPC: H04L12/18 ,  H04L45/50

Abstract: A computer network efficiently provides a multicast network flow to a multicast recipient across a multihomed network element. The multihomed network element includes network devices that receive multicast data from a source of a multicast network flow. Each particular network device that received the multicast data publishes a notification indicating that the multicast network flow is available from the particular network device. The computer network receives a subscription to the multicast network flow from a multicast recipient, and determines whether to bridge the multicast data across the multihomed network element based on a multicast configuration of the computer network. The multihomed network element provides the multicast data to the multicast recipient from at least one of the particular network devices that received the multicast data from the source of the multicast network flow.