公开(公告)号：US20250007834A1

公开(公告)日：2025-01-02

申请号：US18372088

申请日：2023-09-23

Applicant: Juniper Networks, Inc.

Inventor： Wen Lin ,  Kevin Wang ,  Kireeti Kompella

IPC: H04L45/745 ,  H04L45/02 ,  H04L45/586

Abstract: Different services through Virtual Routing and Forwarding instances (VRFs) are identified without needing a Multiprotocol Label Switching (MPLS) label or a Virtual Extensible Local Area Network (VXLAN) Network Identifier (VNI) by using, for example, different UDP port numbers to identify different connectivity services (e.g., customers, VRFs) when IP-in-IP (also referred to as IP over UDP) is used as a tunneling mechanism (e.g., in the data center).

公开(公告)号：US20250007829A1

公开(公告)日：2025-01-02

申请号：US18345737

申请日：2023-06-30

Applicant: Juniper Networks, Inc.

Inventor： Vinay K. Nallamothu ,  Muhammad Qasim Arham

IPC: H04L45/586 ,  H04L45/28 ,  H04L45/745

Abstract: An example computing device includes a first containerized router and processing circuitry. The computing device includes a containerized virtual router configured to execute on the processing circuitry and configured to implement a data plane for the first containerized router. The computing device includes a containerized routing protocol process configured to execute on the processing circuitry and configured to implement a control plane for the first containerized router wherein the containerized routing protocol process is configured to execute a routing protocol. The first containerized router is configured to program a virtual private cloud (VPC) route table in a VPC gateway based on routing information received by the containerized routing protocol process via the routing protocol. The first containerized router is communicatively coupled to a second containerized router via a virtual router redundancy protocol (VRRP) session.

公开(公告)号：US20250007821A1

公开(公告)日：2025-01-02

申请号：US18345887

申请日：2023-06-30

Applicant: Juniper Networks, Inc.

Inventor： Jeffrey Haas ,  Richard Roberts

IPC: H04L45/24 ,  H04L12/46 ,  H04L45/586 ,  H04L45/745

Abstract: This disclosure describes techniques for using multiple route distinguishers assigned to a single VRF to provide same-destination path diversity in a VPN. In an example, a method includes storing, by a device, to a single virtual routing and forwarding instance (VRF) of one or more VRFs configured for a network device of a network, a plurality of routes for a common address prefix of a virtual private network (VPN); and sending, by the device to a network router, each of the plurality of routes for the common address prefix with a different, corresponding route distinguisher.

公开(公告)号：US20250007818A1

公开(公告)日：2025-01-02

申请号：US18396482

申请日：2023-12-26

Applicant: Juniper Networks, Inc.

Inventor： Abilash Menon ,  Markus Jork ,  John M. Peterson

IPC: H04L45/12 ,  H04L45/02 ,  H04L45/121 ,  H04L45/24

Abstract: Techniques are disclosed for computing a cost of an advertised route to a next-hop network device along a path to a destination based at least in part on a preference for the path. In one example, a computing system computes a cost of a route to a next-hop network device along a path to a destination. The computed cost is based at least in part on (1) a metric for the route and (2) a preconfigured preference for the path. In some examples, the preference for the path is based at least in part on (a) a type of the path as compared to other types of other paths to the destination or (b) a latency of the path as compared to other latencies of the other paths. The computing system sends a route advertisement for the route that includes data indicative of the cost of the route.

公开(公告)号：US12182634B2

公开(公告)日：2024-12-31

申请号：US16983500

申请日：2020-08-03

Applicant: Juniper Networks, Inc.

Inventor： Sandip Kumar Ghosh

IPC: G06F9/52 ,  G06F9/54 ,  G06F11/30 ,  G06F11/34

Abstract: A device may receive a lock request associated with using an embedded device of a containerized environment from a first instance of an application being executed in a first container of the containerized environment. The device may perform a lock operation associated with the embedded device to permit the first instance of the application to use the embedded device and to prevent a second instance of the application, executing in a second container of the containerized environment, from using the embedded device. The device may monitor use of the embedded device during an access operation of the first instance of the application to detect an unlock event associated with unlocking the embedded device. The device may perform an unlock operation based on detecting the unlock event to permit the second instance of the application to use the embedded device.

公开(公告)号：US12177069B2

公开(公告)日：2024-12-24

申请号：US18341186

申请日：2023-06-26

Applicant: Juniper Networks, Inc.

Inventor： Prasad Miriyala ,  Rosh Perumpully Ramadass ,  FNU Nadeem

IPC: H04L12/00 ,  G06F9/38 ,  G06F9/50 ,  G06F9/54 ,  H04L9/40 ,  H04L41/0803 ,  H04L41/0813 ,  H04L41/0866 ,  H04L41/40 ,  H04L45/42 ,  H04L69/00

Abstract: In an example, a method comprises obtaining, by a policy controller from a first SDN architecture system, flow metadata for packet flows exchanged among workloads of a distributed application deployed to the first SDN architecture system; identifying, using flow metadata for a packet flow of the packet flows, a source endpoint workload and a destination endpoint workload of the packet flow; generating a network policy rule to allow packet flows from the source endpoint workload to the destination endpoint workload of the packet flow; and adding the network policy rule to a configuration repository as configuration data for a second SDN architecture system to cause a deployment system to configure the second SDN architecture system with the network policy rule to allow packet flows from the source endpoint workload to the destination endpoint workload when the distributed application is deployed to the second SDN architecture system.

公开(公告)号：US12177066B2

公开(公告)日：2024-12-24

申请号：US18321842

申请日：2023-05-23

Applicant: Juniper Networks, Inc.

Inventor： Sukhdev S. Kapur ,  Michael Henkel

IPC: H04L41/0803 ,  H04L41/12 ,  H04L49/25

Abstract: A method includes deploying a network device within a fabric having a management network by attaching the network device through the management network to a port of a role allocator, wherein the role allocator includes one or more ports designated as first level port connections and one or more other ports designated as second level port connections. If the deployed network device is attached to one of the ports designated as first level port connections, the deployed network device is configured as a first level device. If the deployed network device is attached to one of the ports designated as second level port connections, the deployed network device is configured as a second level device.

公开(公告)号：US20240422167A1

公开(公告)日：2024-12-19

申请号：US18815417

申请日：2024-08-26

Applicant: Juniper Networks, Inc.

Inventor： Prasad Miriyala ,  Sajeesh Mathew ,  Akhilesh Pathodia ,  Tashi Garg

IPC: H04L9/40 ,  G06F9/54

Abstract: A network controller for a software-defined networking (SDN) architecture system may receive a request to generate an access control policy for a role in a container orchestration system, where the request specifies a plurality of functions. The network controller may execute the plurality of functions and may log execution of the plurality of functions in an audit log. The network controller may parse the audit log to determine a plurality of resources of the container orchestration system accessed from executing the plurality of functions and, for each resource of the plurality of resources, a respective one or more types of operations performed on the respective resource. The network controller may create, based at least in part on the parsed audit log, the access control policy for the role that permits a role to perform, on each of the plurality of resources, the respective one or more types of operations.

公开(公告)号：US12170645B2

公开(公告)日：2024-12-17

申请号：US18475418

申请日：2023-09-27

Applicant: Juniper Networks, Inc.

Inventor： Raghuram Malpe Pai ,  Nilesh Kantilal Simaria ,  Harsha Lakshmikanth ,  Sri Ram Sankar

IPC: G06F15/173 ,  H04L43/12 ,  H04L61/256

Abstract: A device comprises processing circuitry configured to identify a telemetry packet indicating telemetry data for a plurality of packets output by a network device of a plurality of network devices and select a source identifier for the network device from a plurality of source identifiers. The processing circuitry is further configured to modify the telemetry packet to further indicate the selected source identifier and output the modified telemetry packet.

公开(公告)号：US20240413892A1

公开(公告)日：2024-12-12

申请号：US18354464

申请日：2023-07-18

Applicant: Juniper Networks, Inc.

Inventor： Lyubov Nesteroff ,  Ojas Gupta ,  Arda Akman ,  Georgios Oikonomou

IPC: H04B7/185

Abstract: An example network provisioning system is configured to obtain one or more network slice subnet templates (NSSTs), including a template for a satellite access network (SAN) and, optionally, a template for a terrestrial access network (TAN). The network provisioning system defines a network slice template (NST) based on the one or more NSSTs. The network provisioning system deploys a network slice in accordance with the NST to enable service management and orchestration of the network slice including the SAN. The network provisioning system is configured to execute a user interface configured to display a representation of the network slice comprising the SAN. The network provisioning system is configured to receive via the user interface an indication to add a base station provided by a satellite and modify the network slice based in part on the selection. In some examples, the network slice is a 5G communications network slice.