公开(公告)号：US10432628B2

公开(公告)日：2019-10-01

申请号：US15051454

申请日：2016-02-23

Applicant: Cisco Technology, Inc.

Inventor： Thomas J. Edsall ,  Smita Rai ,  Satyam Sinha ,  Kit Chiu Chu ,  Sarang Dharmapurikar ,  Ashutosh Agrawal ,  Ravikanth Nasika

IPC: H04L29/06 ,  H04L12/911 ,  H04L12/725

Abstract: Disclosed are systems, methods, and computer-readable storage media for minimizing the number of entries in network access control lists (ACLs). In some embodiments of the present technology a networking device can receive, from a first computing device, a first data transmission intended for a second computing device, the first data transmission including first transmission data. The networking device can normalize at least a subset of the first transmission data based on a predetermined normalization algorithm, yielding a first normalized data set for the first data transmission. Subsequently, the networking device can identify a first access control list entry from a set of access control list entries based on the first normalized data set, the first access control list entry identifying a first action, and implement the first action in relation to the first data transmission.

公开(公告)号：US20190222516A1

公开(公告)日：2019-07-18

申请号：US16367868

申请日：2019-03-28

Applicant: Cisco Technology, Inc.

Inventor： Satyam Sinha ,  Smita Rai ,  Kit Chiu Chu ,  Ashutosh Agrawal ,  Wanli Wu ,  Ravikanth Nasika ,  Thomas J. Edsall ,  Geetha Anandakrishnan

IPC: H04L12/741 ,  H04L12/715 ,  H04L29/08 ,  H04L12/713

CPC classification number: H04L45/745 ,  H04L12/4641 ,  H04L45/02 ,  H04L45/04 ,  H04L45/54 ,  H04L45/586 ,  H04L45/74 ,  H04L67/10 ,  H04L67/20

Abstract: Aspects of the embodiments include receiving a packet at a network element of a packet-switched network; identifying a presence of a shared service destination address in a header of the packet; identifying a shared service destination address for the packet based, at least in part, on a destination internet protocol (IP) address stored in a forward information base; and forwarding the packet to the shared service destination address.

公开(公告)号：US10320672B2

公开(公告)日：2019-06-11

申请号：US15145647

申请日：2016-05-03

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Satyam Sinha ,  Smita Rai ,  Kit Chiu Chu ,  Ashutosh Agrawal ,  Wanli Wu ,  Ravikanth Nasika ,  Thomas J. Edsall ,  Geetha Anandakrishnan

IPC: H04L12/741 ,  H04L12/715 ,  H04L12/713 ,  H04L29/08 ,  H04L12/751 ,  H04L12/46

Abstract: Aspects of the embodiments include receiving a packet at a network element of a packet-switched network; identifying a presence of a shared service destination address in a header of the packet; identifying a shared service destination address for the packet based, at least in part, on a destination internet protocol (IP) address stored in a forward information base; and forwarding the packet to the shared service destination address.

公开(公告)号：US09876711B2

公开(公告)日：2018-01-23

申请号：US14477762

申请日：2014-09-04

Applicant: Cisco Technology, Inc.

Inventor： Kit Chiu Chu ,  Thomas J. Edsall ,  Navindra Yadav ,  Francisco M. Matus ,  Krishna Doddapaneni ,  Satyam Sinha

IPC: H04L12/46 ,  H04L12/741 ,  H04L29/12 ,  H04L12/703 ,  H04L12/26 ,  H04L12/751 ,  H04L29/06 ,  H04L12/58 ,  H04L29/08 ,  H04L12/707 ,  H04L12/709 ,  H04L12/723 ,  H04L12/24 ,  H04L12/931

CPC classification number: H04L45/28 ,  H04L12/18 ,  H04L12/4633 ,  H04L12/4641 ,  H04L12/4645 ,  H04L41/0654 ,  H04L43/0811 ,  H04L43/0852 ,  H04L43/0894 ,  H04L43/16 ,  H04L45/02 ,  H04L45/021 ,  H04L45/22 ,  H04L45/24 ,  H04L45/245 ,  H04L45/48 ,  H04L45/50 ,  H04L45/64 ,  H04L45/74 ,  H04L45/745 ,  H04L45/7453 ,  H04L47/125 ,  H04L49/70 ,  H04L51/14 ,  H04L61/2503 ,  H04L61/2592 ,  H04L67/10 ,  H04L69/22 ,  H04L2212/00

Abstract: Systems, methods, and non-transitory computer-readable storage media for translating source addresses in an overlay network. An access switch in an overlay network, such as a VXLAN, may receive an encapsulated packet from a tunnel endpoint in the overlay network. The encapsulated packet may originate from a host associated with the tunnel endpoint and be encapsulated at the tunnel endpoint with a first source tunnel endpoint address and a destination tunnel endpoint address. The access switch may replace the first source tunnel endpoint address in the encapsulated packet with a second source tunnel endpoint address of the access switch to yield a translated packet. The access switch may then transmit the translated packet towards the destination tunnel endpoint address.

公开(公告)号：US20170244645A1

公开(公告)日：2017-08-24

申请号：US15051454

申请日：2016-02-23

Applicant: Cisco Technology, Inc.

Inventor： Thomas J. Edsall ,  Smita Rai ,  Satyam Sinha ,  Kit Chiu Chu ,  Sarang Dharmapurikar ,  Ashutosh Agrawal ,  Ravikanth Nasika

IPC: H04L12/911

CPC classification number: H04L63/10 ,  H04L45/30 ,  H04L47/70 ,  H04L63/08 ,  H04L63/101 ,  H04L63/105 ,  H04L63/20

Abstract: Disclosed are systems, methods, and computer-readable storage media for minimizing the number of entries in network access control lists (ACLs). In some embodiments of the present technology a networking device can receive, from a first computing device, a first data transmission intended for a second computing device, the first data transmission including first transmission data. The networking device can normalize at least a subset of the first transmission data based on a predetermined normalization algorithm, yielding a first normalized data set for the first data transmission. Subsequently, the networking device can identify a first access control list entry from a set of access control list entries based on the first normalized data set, the first access control list entry identifying a first action, and implement the first action in relation to the first data transmission.

公开(公告)号：US20170214619A1

公开(公告)日：2017-07-27

申请号：US15482437

申请日：2017-04-07

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Kit Chiu Chu ,  Thomas J. Edsall ,  Navindra Yadav ,  Francisco M. Matus ,  Krishna Doddapaneni ,  Satyam Sinha ,  Sameer Merchant

IPC: H04L12/743 ,  H04L12/46 ,  H04L12/753 ,  H04L12/18 ,  H04L12/707

CPC classification number: H04L45/28 ,  H04L12/18 ,  H04L12/4633 ,  H04L12/4641 ,  H04L12/4645 ,  H04L41/0654 ,  H04L43/0811 ,  H04L43/0852 ,  H04L43/0894 ,  H04L43/16 ,  H04L45/02 ,  H04L45/021 ,  H04L45/22 ,  H04L45/24 ,  H04L45/245 ,  H04L45/48 ,  H04L45/50 ,  H04L45/64 ,  H04L45/74 ,  H04L45/745 ,  H04L45/7453 ,  H04L47/125 ,  H04L49/70 ,  H04L51/14 ,  H04L61/2503 ,  H04L61/2592 ,  H04L67/10 ,  H04L69/22 ,  H04L2212/00

Abstract: The subject technology addresses a need for improving utilization of network bandwidth in a multicast network environment. More specifically, the disclosed technology provides solutions for extending multipathing to tenant multicast traffic in an overlay network, which enables greater bandwidth utilization for multicast traffic. In some aspects, nodes in the overlay network can be connected by virtual or logical links, each of which corresponds to a path, perhaps through many physical links, in the underlying network.

公开(公告)号：US09627063B2

公开(公告)日：2017-04-18

申请号：US14490566

申请日：2014-09-18

Applicant: Cisco Technology, Inc.

Inventor： Sarang M. Dharmapurikar ,  Francisco M. Matus ,  Kit Chiu Chu ,  Georges Akis ,  Thomas J. Edsall

IPC: G06F12/00 ,  G11C15/04 ,  H04L12/707 ,  H04L12/803 ,  G11C11/4096 ,  G06K15/10 ,  G06F9/30 ,  G11C15/00

CPC classification number: H04L45/7453 ,  G06F9/30018 ,  G06K15/107 ,  G11C11/4096 ,  G11C15/00 ,  G11C15/04 ,  G11C2207/002 ,  H04L45/24 ,  H04L47/125

Abstract: A ternary content-addressable memory (TCAM) that is implemented based on other types of memory (e.g., SRAM) in conjunction with processing, including hashing functions. Such a H-TCAM may be used, for example, in implementation of routing equipment. A method of storing routing information on a network device, the routing information comprising a plurality of entries, each entry has a key value and a mask value, commences by identifying a plurality of groups, each group comprising a subset number of entries having a different common mask. The groups are identified by determining a subset number of entries that have a common mask value, meaning at least a portion of the mask value that is the same for all entries of the subset number of entries.

公开(公告)号：US09544224B2

公开(公告)日：2017-01-10

申请号：US14508909

申请日：2014-10-07

Applicant: Cisco Technology, Inc.

Inventor： Kit Chiu Chu ,  Thomas J. Edsall ,  Navindra Yadav ,  Francisco M. Matus ,  Krishna Doddapaneni ,  Satyam Sinha

IPC: H04L12/709 ,  H04L12/723 ,  H04L12/703 ,  H04L12/26 ,  H04L12/46 ,  H04L29/06 ,  H04L29/08 ,  H04L12/751 ,  H04L12/741 ,  H04L29/12 ,  H04L12/58 ,  H04L12/707

CPC classification number: H04L45/28 ,  H04L12/18 ,  H04L12/4633 ,  H04L12/4641 ,  H04L12/4645 ,  H04L41/0654 ,  H04L43/0811 ,  H04L43/0852 ,  H04L43/0894 ,  H04L43/16 ,  H04L45/02 ,  H04L45/021 ,  H04L45/22 ,  H04L45/24 ,  H04L45/245 ,  H04L45/48 ,  H04L45/50 ,  H04L45/64 ,  H04L45/74 ,  H04L45/745 ,  H04L45/7453 ,  H04L47/125 ,  H04L49/70 ,  H04L51/14 ,  H04L61/2503 ,  H04L61/2592 ,  H04L67/10 ,  H04L69/22 ,  H04L2212/00

Abstract: Aspects of the subject disclosure relate to methods for detecting a link failure between the first network device and a destination node, receiving a data packet addressed to the destination node, and rewriting encapsulation information of the first data packet. Subsequent to rewriting the encapsulation information of the first data packet, the first data packet is forwarded to a second network device (e.g., using updated address information in the packet header), wherein the second network device is paired with the first network device in the virtual port channel. In certain aspects, systems and computer readable media are also provided.

Abstract translation: 本公开的方面涉及用于检测第一网络设备和目的地节点之间的链路故障的方法，接收寻址到目的地节点的数据分组以及重写第一数据分组的封装信息。 在重写第一数据分组的封装信息之后，将第一数据分组转发到第二网络设备（例如，使用分组报头中的更新的地址信息），其中第二网络设备与第一网络设备配对 虚拟端口通道。 在某些方面，还提供了系统和计算机可读介质。

公开(公告)号：US20150124821A1

公开(公告)日：2015-05-07

申请号：US14477762

申请日：2014-09-04

Applicant: Cisco Technology, Inc.

Inventor： Kit Chiu Chu ,  Thomas J. Edsall ,  Navindra Yadav ,  Francisco M. Matus ,  Krishna Doddapaneni ,  Satyam Sinha

IPC: H04L12/46 ,  H04L12/741 ,  H04L29/12

CPC classification number: H04L45/28 ,  H04L12/18 ,  H04L12/4633 ,  H04L12/4641 ,  H04L12/4645 ,  H04L41/0654 ,  H04L43/0811 ,  H04L43/0852 ,  H04L43/0894 ,  H04L43/16 ,  H04L45/02 ,  H04L45/021 ,  H04L45/22 ,  H04L45/24 ,  H04L45/245 ,  H04L45/48 ,  H04L45/50 ,  H04L45/64 ,  H04L45/74 ,  H04L45/745 ,  H04L45/7453 ,  H04L47/125 ,  H04L49/70 ,  H04L51/14 ,  H04L61/2503 ,  H04L61/2592 ,  H04L67/10 ,  H04L69/22 ,  H04L2212/00

Abstract: Systems, methods, and non-transitory computer-readable storage media for translating source addresses in an overlay network. An access switch in an overlay network, such as a VXLAN, may receive an encapsulated packet from a tunnel endpoint in the overlay network. The encapsulated packet may originate from a host associated with the tunnel endpoint and be encapsulated at the tunnel endpoint with a first source tunnel endpoint address and a destination tunnel endpoint address. The access switch may replace the first source tunnel endpoint address in the encapsulated packet with a second source tunnel endpoint address of the access switch to yield a translated packet. The access switch may then transmit the translated packet towards the destination tunnel endpoint address.

Abstract translation: 用于翻译覆盖网络中的源地址的系统，方法和非暂时的计算机可读存储介质。 覆盖网络（例如VXLAN）中的接入交换机可以从覆盖网络中的隧道端点接收封装的分组。 封装的分组可以源自与隧道端点相关联的主机，并且在隧道端点处封装有第一源隧道端点地址和目的地隧道端点地址。 接入交换机可以用接入交换机的第二源隧道端点地址替换封装分组中的第一源隧道端点地址，以产生转换的分组。 然后，接入交换机可以将转换的分组发送到目的地隧道端点地址。

公开(公告)号：US20150124640A1

公开(公告)日：2015-05-07

申请号：US14480482

申请日：2014-09-08

Applicant: Cisco Technology, Inc.

Inventor： Kit Chiu Chu ,  Jeff Hill ,  Thomas J. Edsall ,  Mohammadreza Alizadeh Attar

IPC: H04L12/26

CPC classification number: H04L45/28 ,  H04L12/18 ,  H04L12/4633 ,  H04L12/4641 ,  H04L12/4645 ,  H04L41/0654 ,  H04L43/0811 ,  H04L43/0852 ,  H04L43/0894 ,  H04L43/16 ,  H04L45/02 ,  H04L45/021 ,  H04L45/22 ,  H04L45/24 ,  H04L45/245 ,  H04L45/48 ,  H04L45/50 ,  H04L45/64 ,  H04L45/74 ,  H04L45/745 ,  H04L45/7453 ,  H04L47/125 ,  H04L49/70 ,  H04L51/14 ,  H04L61/2503 ,  H04L61/2592 ,  H04L67/10 ,  H04L69/22 ,  H04L2212/00

Abstract: The subject technology addresses the need in the art for directly measuring a maximum latency number with respect to a percentile of network traffic, which a network operator may utilize as an performance indication or metric. Given a traffic percentile, a tracking algorithm in accordance with embodiments described herein may be implemented in hardware and/or software to determine a maximum latency for this specific percentile of traffic.

Abstract translation: 主题技术解决了本领域对直接测量关于网络运营商的百分位数的最大等待时间数量的需求，网络运营商可以利用这一数量作为性能指示或度量。 给定交通百分位数，根据本文描述的实施例的跟踪算法可以在硬件和/或软件中实现，以确定该特定百分位数的业务的最大等待时间。