公开(公告)号：US08165023B2

公开(公告)日：2012-04-24

申请号：US11846011

申请日：2007-08-28

申请人： Mohamed Khalid ,  Khalil Jabr ,  Rajiv Asati ,  Warren Scott Wainner ,  Scott Thomas Fanning

发明人： Mohamed Khalid ,  Khalil Jabr ,  Rajiv Asati ,  Warren Scott Wainner ,  Scott Thomas Fanning

IPC分类号： H04L12/56

CPC分类号： H04L12/4666 ,  H04L12/2854 ,  H04L45/00 ,  H04L45/02

摘要： One embodiment provides a method to interconnect virtual network segments (VNETs) defined for a local-area network (LAN) infrastructure separated by a wide-area network infrastructure. The technique involves the routing device at the LAN-WAN interconnection points to impose or dispose the VNET-shim, which encodes the VNET-id information in a Layer 4 portion of the packet. In a data plane, a new IP protocol value may be used to signify the presence of the VNET-shim followed by cryptography specific information in an IP packet. In a control plane, the routing protocol is expanded to exchange the routing information along with the VNET information.

摘要翻译： 一个实施例提供了一种互连为由广域网基础设施分开的局域网（LAN）基础设施定义的虚拟网段（VNET）的互连方法。 该技术涉及LAN-WAN互联点处的路由设备，以对VNET-shim进行处理或配置，VNET-shim将数据包的第4层部分中的VNET-id信息编码。 在数据平面中，可以使用新的IP协议值来表示VIP-shim的存在，随后是IP分组中的加密特定信息。 在控制平面中，路由协议被扩展以便与VNET信息一起交换路由信息。

公开(公告)号：US07869446B2

公开(公告)日：2011-01-11

申请号：US12246432

申请日：2008-10-06

申请人： Mohamed Khalid ,  Rajiv Asati ,  Ciprian Popoviciu ,  Aamer Akhter ,  Manikchand Roopchand Bafna

发明人： Mohamed Khalid ,  Rajiv Asati ,  Ciprian Popoviciu ,  Aamer Akhter ,  Manikchand Roopchand Bafna

IPC分类号： H04L12/28

CPC分类号： H04L12/4641 ,  H04L29/12358 ,  H04L61/251

摘要： Method and apparatus including registering a first spoke router with a hub router, forwarding an Internet Protocol version Four (IPv4) data packet from the first spoke router to a second spoke router over an Internet Protocol version Six (IPv6) multipoint tunnel via the hub router, transmitting a binding information associated with the first spoke router from the hub router to the second spoke router, and establishing a direct communication path by the second spoke router with the first spoke router based on the received binding information are provided.

摘要翻译： 一种方法和装置，包括：将第一辐条路由器与集线器路由器进行注册;经由集线器路由器通过互联网协议版本六（IPv6）多点隧道将互联网协议版本四（IPv4）数据分组从第一分支路由器转发到第二分支路由器 向所述第二分支路由器发送与所述第一分支路由器相关联的绑定信息，以及基于所接收的绑定信息，利用所述第二分支路由器与所述第一分支路由器建立直接通信路径。

公开(公告)号：US07773594B2

公开(公告)日：2010-08-10

申请号：US11776200

申请日：2007-07-11

申请人： Rajiv Asati ,  John Chapman ,  James Neil Guichard ,  Luca Martini

发明人： Rajiv Asati ,  John Chapman ,  James Neil Guichard ,  Luca Martini

IPC分类号： H04L12/28

CPC分类号： H04L12/2801 ,  H04L12/4633 ,  H04L12/4641 ,  H04L45/507 ,  H04L45/68 ,  H04N21/6118 ,  H04N21/6168

摘要： In one embodiment, label distribution sessions are established between a Modular Cable Modem Termination System (M-CMTS) core and one or more remote PHYs. The label distribution sessions facilitate association of labels with either Radio Frequency (RF) channels or groups of the RF channels that extend from the remote PHYs to one or more cable modems. The labels are then used to facilitate communications between the M-CMTS core and the remote PHYs over a MultiProtocol Label Switching (MPLS) network.

摘要翻译： 在一个实施例中，在模块化有线调制解调器终端系统（M-CMTS）核心和一个或多个远程PHY之间建立标签分发会话。 标签分配会话便于标签与从远程PHY延伸到一个或多个电缆调制解调器的射频（RF）信道或RF信道的组的关联。 然后，标签用于通过多协议标签交换（MPLS）网络促进M-CMTS核心和远程PHY之间的通信。

公开(公告)号：US20100054245A1

公开(公告)日：2010-03-04

申请号：US12202454

申请日：2008-09-02

申请人： Rajiv Asati ,  Yiqun Cai ,  Mohamed Khalid

发明人： Rajiv Asati ,  Yiqun Cai ,  Mohamed Khalid

IPC分类号： H04L12/56

CPC分类号： H04L45/00 ,  H04L12/18 ,  H04L45/16

摘要： A method is provided in one example implementation and includes sending a PIM join message to the second spoke router by the hub router. The second spoke router dynamically determines each interested remote spoke router by parsing a hub-sent PIM message and accordingly constructs the multicast routing entry such that the first and second spoke routers establish multicast communication independent of a hub router. In more specific embodiments, the PIM join/prune messaging includes a list of each downstream spoke router that sent a PIM join/prune, in a new attribute. The PIM join/prune message is sent by the hub router towards a multicast source. A new receiver-list attribute is created that the hub router populates with a non-broadcast multi-access (NBMA) address for each interested spoke router.

摘要翻译： 在一个示例实现中提供了一种方法，并且包括由集线器路由器向第二分支路由器发送PIM加入消息。 第二分支路由器通过解析集中发送的PIM消息来动态地确定每个感兴趣的远程分支路由器，并因此构建多播路由条目，使得第一和第二分支路由器独立于集线器路由器建立组播通信。 在更具体的实施例中，PIM加入/剪枝消息包括在新属性中发送PIM加入/剪枝的每个下游分支路由器的列表。 PIM加入/剪枝消息由集线器路由器向组播源发送。 创建一个新的接收者列表属性，集线器路由器为每个感兴趣的辐条路由器填充非广播多址（NBMA）地址。

公开(公告)号：US07602737B2

公开(公告)日：2009-10-13

申请号：US11414787

申请日：2006-05-01

申请人： Rajiv Asati ,  Mohamed Khalid ,  Brian E. Weis ,  Pratima Pramod Sethi

发明人： Rajiv Asati ,  Mohamed Khalid ,  Brian E. Weis ,  Pratima Pramod Sethi

IPC分类号： H04L12/28

CPC分类号： H04L12/4633 ,  H04L45/00 ,  H04L45/30

摘要： A system transmits, to a hub from a first spoke, first routing information associated with the first spoke. The system receives, at the first spoke, from the hub, second routing information associated with a plurality of spokes in communication with the hub. The plurality of spokes includes a second spoke. The system resolves, at the first spoke, a next hop determination for the packet based on the second routing information received from the hub. The system routes the packet from the first spoke to the second spoke using the next hop determination.

摘要翻译： 系统从第一辐条向中枢发送与第一辐条相关联的第一路由信息。 系统在第一辐条时从集线器接收与与集线器通信的多个辐条相关联的第二路由信息。 多个辐条包括第二辐条。 基于从集线器接收到的第二路由信息，系统在第一个分支处解析分组的下一跳确定。 系统使用下一跳确定路由数据包从第一个辐条到第二个辐条。

公开(公告)号：US20090175194A1

公开(公告)日：2009-07-09

申请号：US11969457

申请日：2008-01-04

申请人： Aamer Akhter ,  Manikchand Roopchand Bafna ,  Rajiv Asati ,  Mohamed Khalid

发明人： Aamer Akhter ,  Manikchand Roopchand Bafna ,  Rajiv Asati ,  Mohamed Khalid

IPC分类号： H04L12/28

CPC分类号： H04L45/302 ,  H04L41/0803 ,  H04L45/00 ,  H04L45/02 ,  H04L63/164

摘要： A method for IP Security within Multi-Topology Routing is disclosed. Disclosed methods may also include IKE extensions. A route eligible for IPSec protection is injected into a topology routing table. Network traffic can then be protected in accordance with a security session, such as an IPSec session, between a first network node and a second network node and forwarded through a selected topology to take advantage of the service-differentiation capabilities of MTR.

摘要翻译： 披露了多拓扑路由中IP安全的方法。 公开的方法还可以包括IKE扩展。 符合IPSec保护条件的路由注入到拓扑路由表中。 然后可以根据第一网络节点和第二网络节点之间的安全会话（例如IPSec会话）来保护网络流量，并通过选定的拓扑转发，以利用MTR的服务区分能力。

公开(公告)号：US20090157901A1

公开(公告)日：2009-06-18

申请号：US11954831

申请日：2007-12-12

申请人： Rajiv Asati ,  Mohamed Khalid ,  Alvaro Enrique Retana ,  Donnie Van Savage ,  Pratima Pramod Sethi

发明人： Rajiv Asati ,  Mohamed Khalid ,  Alvaro Enrique Retana ,  Donnie Van Savage ,  Pratima Pramod Sethi

IPC分类号： G06F15/173

CPC分类号： H04L29/12386 ,  H04L45/02 ,  H04L61/2521

摘要： Systems and methods for using routing protocol extensions to improve spoke to spoke communication in a computer network are disclosed. Embodiments provide systems and methods to establish a tunnel between a first spoke and a hub, exchange routing information between the first spoke and the hub using a routing protocol, extend the routing protocol and an associated database to include next hop mapping information, and establish a tunnel between the first spoke and a second spoke according to information in the database.

摘要翻译： 公开了使用路由协议扩展来改进计算机网络中的辐条通信的系统和方法。 实施例提供了在第一辐条和集线器之间建立隧道的系统和方法，使用路由协议在第一辐条与集线器之间交换路由信息，扩展路由协议和相关联的数据库以包括下一跳映射信息，并建立 根据数据库中的信息，第一个辐条和第二个辐条之间的隧道。

公开(公告)号：US20080298592A1

公开(公告)日：2008-12-04

申请号：US11754780

申请日：2007-05-29

申请人： Mohamed Khalid ,  Aamer S. Akhter ,  Rajiv Asati ,  Brian E. Weis

发明人： Mohamed Khalid ,  Aamer S. Akhter ,  Rajiv Asati ,  Brian E. Weis

IPC分类号： H04L9/12

CPC分类号： H04L9/0833 ,  H04L9/0891 ,  H04L63/0272 ,  H04L63/065

摘要： In one embodiment, a technique for updating an address associated with a first entity in a communications network with a second entity in the communications network wherein the address is used to forward information to the first entity from the second entity. The first entity registers a first address associated with the first entity with the second entity. The first entity determines that a second address associated with the first entity is to be used instead of the first address to communicate with the first entity. The first entity generates an update message containing the second address, the update message obviating having to register the second address with the second entity. The first entity forwards the update message to the second entity to cause the second entity to use the second address instead of the first address to forward information to the first entity.

摘要翻译： 在一个实施例中，一种用于在通信网络中与第二实体更新与通信网络中的第一实体相关联的地址的技术，其中所述地址用于将信息从所述第二实体转发到所述第一实体。 第一实体将与第一实体相关联的第一地址与第二实体注册。 第一实体确定将使用与第一实体相关联的第二地址而不是与第一实体进行通信的第一地址。 第一实体生成包含第二地址的更新消息，更新消息消除了必须向第二实体注册第二地址。 第一实体将更新消息转发给第二实体以使第二实体使用第二地址而不是第一地址来将信息转发到第一实体。

公开(公告)号：US20080117821A1

公开(公告)日：2008-05-22

申请号：US11601948

申请日：2006-11-20

申请人： Rajiv Asati ,  Mohamed Khalid ,  Aamer Akhter ,  Pratima Sethi

发明人： Rajiv Asati ,  Mohamed Khalid ,  Aamer Akhter ,  Pratima Sethi

IPC分类号： H04L12/26

CPC分类号： H04L41/5006 ,  H04L12/4641 ,  H04L41/0893 ,  H04L41/5003 ,  H04L47/10 ,  H04L47/20

摘要： In one embodiment, a QoS manager process that receives, at an EzVPN server device, connection speed data from an EzVPN client device. In addition, the QoS manager process processes, at the EzVPN server device, the connection speed data to determine a QoS policy for a communications session between the EzVPN client device and the EzVPN server device. Furthermore, the QoS manager process applies, at the EzVPN server device, the QoS policy to the communications session between the EzVPN client device and the EzVPN server device as determined by the processing of the connection speed data.

摘要翻译： 在一个实施例中，在EzVPN服务器设备处接收来自EzVPN客户端设备的连接速度数据的QoS管理器进程。 另外，QoS管理器处理在EzVPN服务器设备处理连接速度数据，以确定EzVPN客户端设备和EzVPN服务器设备之间的通信会话的QoS策略。 此外，QoS管理器进程在EzVPN服务器设备处将QoS策略应用于由连接速度数据的处理确定的EzVPN客户端设备和EzVPN服务器设备之间的通信会话。

公开(公告)号：US20060193329A1

公开(公告)日：2006-08-31

申请号：US11096649

申请日：2005-04-01

申请人： Rajiv Asati

发明人： Rajiv Asati

IPC分类号： H04L12/28 ,  H04L12/56

CPC分类号： H04L45/04 ,  H04L12/4641 ,  H04L45/46

摘要： A method, apparatus and computer program product for limiting Virtual Private Network (VPNv4) prefixes per VPN in an inter-autonomous system environment are presented. A limit on the number of VPNv4 routes per VPN for a Route Distributor (RD) or a group of RDs associated with a VPN is defined, at an Autonomous System Border Router (ASBR). When the number of received routes at the ASBR exceeds the limit, then a soft notification is sent to a neighboring ASBR and routes exceeding the limit are discarded at the ASBR.

摘要翻译： 介绍了一种用于在自主系统环境中每个VPN限制虚拟专用网（VPNv4）前缀的方法，装置和计算机程序产品。 在自治系统边界路由器（ASBR）上定义了路由分配器（RD）或与VPN相关联的一组RD的每个VPN的VPNv4路由数量的限制。 当ASBR接收到的路由数超过限制时，会向邻近的ASBR发送软通知，并在ASBR上丢弃超过限制的路由。