-
公开(公告)号:US09014181B2
公开(公告)日:2015-04-21
申请号:US11147937
申请日:2005-06-08
IPC分类号: H04L12/50 , H04L12/703 , H04L12/715 , H04L12/721 , H04L12/707 , H04L12/773
CPC分类号: H04L45/28 , H04L45/04 , H04L45/123 , H04L45/22 , H04L45/60
摘要: An embodiment of the exemplary SoftRouter architecture includes two physically separate networks, a control plane network and a data plane network. The data plane network is one physical network for the data traffic, while the control plane network is another physical network for the control traffic. The topology of the data plane network is made up of interconnected forwarding elements (FEs). The topology of the control plane network is made up interconnected control elements (CEs). This physical independence of the control plane network from the data plane network provides for a secure mechanism to communicate among the CEs in the control plane network. In addition, this physical independence provides improved reliability and improved scalability, when compared to the traditional router architecture, where control plane message are in-band with the data plane.
摘要翻译: 示例性SoftRouter架构的实施例包括两个物理上分离的网络,控制平面网络和数据平面网络。 数据平面网络是数据流量的一个物理网络,而控制平面网络则是控制流量的另一个物理网络。 数据平面网络的拓扑结构由互连转发元素(FE)组成。 控制平面网络的拓扑结构由互连的控制元件(CE)组成。 控制平面网络与数据平面网络的这种物理独立性为安全机制提供了在控制平面网络中的CE之间进行通信。 此外,与传统路由器架构相比,这种物理独立性提供了改进的可靠性和改进的可扩展性,其中控制平面消息与数据平面内嵌。
-
公开(公告)号:US20140089506A1
公开(公告)日:2014-03-27
申请号:US13627003
申请日:2012-09-26
IPC分类号: G06F15/173
CPC分类号: H04L47/80 , H04L12/4641 , H04L45/42 , H04L45/50 , H04L45/64 , H04L45/7457 , H04L63/1458 , H04L63/20
摘要: A flow deflection capability is provided for deflecting data flows within a Software Defined Network (SDN) in order to provide security for the SDN. A flow forwarding rule is generated for a first network element of the SDN based on detection of a condition (e.g., TCAM utilization condition, CPU utilization condition, or the like) associated with the first network element. The flow forwarding rule is generated by a control element of the SDN or the first network element of the SDN. The flow forwarding rule is indicative that at least a portion of new flow requests received at the first network element are to be forwarded from the first network element to a second network element of the SDN. The flow forwarding rule may specify full flow deflection or selective flow deflection.
摘要翻译: 提供流量偏转能力用于偏转软件定义网络(SDN)内的数据流,以便为SDN提供安全性。 基于与第一网元相关联的条件(例如,TCAM利用条件,CPU利用条件等)的检测,为SDN的第一网元生成流转发规则。 流转发规则由SDN的控制元素或SDN的第一网元生成。 流转发规则指示在第一网元接收到的新流请求的至少一部分将从第一网元转发到SDN的第二网元。 流量转移规则可以指定全流量偏转或选择性流量偏转。
-
43.发明授权Method and apparatus for transparent cloud computing with a virtualized network infrastructure 有权具有虚拟化网络基础架构的透明云计算的方法和装置公开(公告)号:US08369333B2
公开(公告)日:2013-02-05
申请号:US12582939
申请日:2009-10-21
申请人: Fang Hao , Tirunell V. Lakshman , Sarit Mukherjee , Haoyu Song
发明人: Fang Hao , Tirunell V. Lakshman , Sarit Mukherjee , Haoyu Song
IPC分类号: H04L12/56
CPC分类号: H04L12/4641 , G06F9/45558 , G06F2009/45595 , H04L12/4633 , H04L49/70
摘要: A capability is provided for providing transparent cloud computing with a virtualized network infrastructure. A method for enabling use of a resource of a data center as an extension of a customer network includes receiving, at a forwarding element (FE), a packet intended for a virtual machine hosted at an edge domain of the data center, determining a VLAN ID of the VLAN for the customer network in the edge domain, updating the packet to include the VLAN ID of the VLAN for the customer network in the edge domain, and propagating the updated packet from the FE toward virtual machine. The edge domain supports a plurality of VLANs for a respective plurality of customer networks. The packet includes an identifier of the customer network and a MAC address of the virtual machine. The VLAN ID of the VLAN for the customer network in the edge domain is determined using the identifier of the customer network and the MAC address of the virtual machine. The FE may be associated with the edge domain at which the virtual machine is hosted, an edge domain of the data center that is different than the edge domain at which the virtual machine is hosted, or the customer network. Depending on the location of the FE at which the packet is received, additional processing may be provided as needed.
摘要翻译: 提供了一种提供透明云计算与虚拟化网络基础架构的能力。 用于使数据中心的资源能够用作客户网络的扩展的方法包括在转发元件(FE)处接收旨在用于驻留在数据中心的边缘域的虚拟机的分组,确定VLAN 边缘域中客户网络的VLAN ID,更新报文,包括边缘域中客户网络的VLAN的VLAN ID,并将更新的报文从FE传播到虚拟机。 边缘域为相应的多个客户网络支持多个VLAN。 该分组包括客户网络的标识符和虚拟机的MAC地址。 边缘域中客户网络的VLAN的VLAN ID使用客户网络的标识符和虚拟机的MAC地址来确定。 FE可以与托管虚拟机的边缘域,数据中心的边缘域与虚拟机所在的边缘域或客户网络相关联。 根据接收到分组的FE的位置,可以根据需要提供额外的处理。
-
44.发明授权公开(公告)号:US07957272B2
公开(公告)日:2011-06-07
申请号:US11372895
申请日:2006-03-10
IPC分类号: G01R31/08
CPC分类号: H04L47/2441 , H04L43/00 , H04L47/10
摘要: The invention includes a method and apparatus for determining a coincidence count associated with a traffic flow in a network. The method includes receiving a first packet having a first flow identifier associated with one of the traffic flows, comparing the first flow identifier of the first packet to each of a plurality of other flow identifiers associated with a respective plurality of other packets, and determining a coincidence count associated with the first flow identifier based on the comparison of the first flow identifier to each of the plurality of other flow identifiers. The method for determining a coincidence count associated with one of a plurality of traffic flows may be extended for determining respective coincidence counts associated with a plurality of traffic flows. The determined coincidence counts may be used for determining at least one traffic flow statistic.
摘要翻译: 本发明包括一种用于确定与网络中的业务流相关联的重合计数的方法和装置。 该方法包括接收具有与业务流中的一个相关联的第一流标识符的第一分组,将第一分组的第一流标识符与与相应多个其他分组相关联的多个其他流标识符中的每一个进行比较,以及确定 基于第一流标识符与多个其他流标识符中的每一个的比较,与第一流标识符相关联的重合计数。 可以扩展用于确定与多个业务流中的一个业务流相关联的一致计数的方法,以确定与多个业务流相关联的相应重合计数。 确定的重合计数可用于确定至少一个交通流量统计量。
-
45.发明申请METHOD AND APPARATUS FOR MULTISET MEMBERSHIP TESTING USING COMBINATORIAL BLOOM FILTERS 有权使用组合式BLOOM过滤器进行多种成员测试的方法和装置公开(公告)号:US20100269024A1
公开(公告)日:2010-10-21
申请号:US12426227
申请日:2009-04-18
摘要: A method and apparatus providing improved set membership determination and group membership identification of candidate data elements using a single Bloom filter programmed to provide a plurality of non-zero f-bit binary vectors, where each of the f-bit binary vectors is associated with a respective group. The Bloom filter is programmed using one or more (but not all) of a plurality of hash filter sets.
摘要翻译: 一种使用编程为提供多个非零f位二进制向量的单个Bloom滤波器来提供候选数据元素的改进的集合隶属确定和组成员标识的方法和装置,其中每个f位二进制向量与 各自组。 布隆过滤器使用多个散列滤波器组中的一个或多个(但不是全部)进行编程。
-
公开(公告)号:US20100266215A1
公开(公告)日:2010-10-21
申请号:US12425576
申请日:2009-04-17
申请人: Nan Hua , Tirunell V. Lakshman , Haoyu Song
发明人: Nan Hua , Tirunell V. Lakshman , Haoyu Song
IPC分类号: G06K9/72
CPC分类号: G06K9/62
摘要: A variable-stride multi-pattern matching apparatus segments patterns and input streams into variable-size blocks according to a modified winnowing algorithm. The variable-stride pattern segments are used to determine the block-symbol alphabet for a variable-stride discrete finite automaton (VS-DFA) that is used for detecting the patterns in the input streams. Applications include network-intrusion detection and protection systems, genome matching, and forensics. The modification of the winnowing algorithm includes using special hash values to determine the position of delimiters of the patterns and input streams. The delimiters mark the beginnings and ends of the segments. In various embodiments, the patterns are segmented into head, core, and tail blocks. The approach provides for memory, memory-bandwidth, and processor-cycle efficient, deterministic, high-speed, line-rate pattern matching.
摘要翻译: 可变跨度多模式匹配装置根据修改的风选算法将模式和输入流分割成可变大小的块。 可变步长模式段用于确定用于检测输入流中的模式的可变步长离散有限自动机(VS-DFA)的块符号字母表。 应用包括网络入侵检测和保护系统,基因组匹配和取证。 风选算法的修改包括使用特殊哈希值来确定模式和输入流的分隔符的位置。 分隔符标记段的开头和结尾。 在各种实施例中,图案被分割为头部,芯部和尾部块。 该方法提供了存储器,存储器带宽和处理器周期效率,确定性,高速的线速率模式匹配。
-
47.发明授权公开(公告)号:US07398438B2
公开(公告)日:2008-07-08
申请号:US11394356
申请日:2006-03-30
IPC分类号: G01R31/28
CPC分类号: H04L45/123 , H04L45/02 , H04L45/42
摘要: The invention includes a method and apparatus for determining a routing table for use in a network comprising a plurality of type-one nodes and a plurality of type-two nodes where the type-two nodes use respective type-two routing tables having one next-hop node associated with each of a plurality of destination nodes of the network. The method includes obtaining, from the type-one nodes and the type-two nodes, link status information associated with each of a plurality of links of the network, obtaining traffic measurement information from the type-one nodes and the type-two nodes, and determining, using the link status and traffic measurement information, type-one routing tables for the respective type-one nodes. The type-one routing tables are determined as a group in a substantially coordinated manner, and each type one routing table includes a plurality of next-hop nodes associated with each of the destination nodes.
摘要翻译: 本发明包括一种用于确定在网络中使用的路由表的方法和装置,包括多个类型一个节点和多个第二类节点,其中第二类节点使用具有一个下一个节点的相应的二型路由表, 跳数节点与网络的多个目的地节点中的每一个相关联。 所述方法包括:从所述一类节点和所述二类节点获得与所述网络的多个链路中的每一个相关联的链路状态信息,从所述一类节点和所述二类节点获取业务测量信息, 以及使用所述链路状态和业务测量信息来确定所述相应类型一个节点的一类路由表。 第一类路由表以基本上协调的方式被确定为一组,并且每个类型一个路由表包括与每个目的地节点相关联的多个下一跳节点。
-
48.发明授权Apparatus and method for photonic contention resolution in a large ATM switch 失效大型ATM交换机中光子争用解决的装置和方法
公开(公告)号:US5539559A
公开(公告)日:1996-07-23
申请号:US934098
申请日:1992-08-21
CPC分类号: H04L12/5601 , H04L49/1561 , H04L49/1576 , H04Q11/0478 , H04L2012/5627 , H04L2012/5672 , H04L2012/5679 , H04L2012/5681
摘要: Apparatus and methods are provided for photonic contention resolution in a switch including a plurality of input modules and a plurality of output modules, wherein at least two of the plurality of input modules have cells to be transmitted to a destination output module. The photonic contention resolution device includes a plurality of coherent light sources for emitting a beam of coherent light and a plurality of tunable receivers. Each of the coherent light sources and tunable receivers are tunable by an associated input module to a plurality of distinct wavelengths. Each tunable laser preferably illuminates at least one of the plurality of tunable receivers at the particular wavelength associated with the destination output module such that one of the at least two input modules transmits its cell to the destination output module if none of the plurality of coherent light sources is illuminating its associated tunable receiver at the particular wavelength.
摘要翻译: 在包括多个输入模块和多个输出模块的开关中提供用于光子争用分辨率的装置和方法,其中多个输入模块中的至少两个具有要发送到目的地输出模块的单元。 光子争用解决装置包括用于发射相干光束的多个相干光源和多个可调接收器。 每个相干光源和可调谐接收器可由相关的输入模块调谐到多个不同的波长。 每个可调谐激光器优选地以与目的地输出模块相关联的特定波长照亮多个可调谐接收器中的至少一个,使得如果不存在多个相干光,则至少两个输入模块中的一个将其单元发送到目的地输出模块 光源在特定波长下照亮其相关联的可调谐接收器。
-
公开(公告)号:US5301055A
公开(公告)日:1994-04-05
申请号:US39546
申请日:1993-03-29
CPC分类号: H04Q11/0478 , H04L49/203 , H04Q11/0001 , H04Q11/0066
摘要: A scheduler for a packet switch capable of atomic multicasts, that is, allowing one packet at an input port to be simultaneously transmitted to multiple output ports. The scheduling algorithm sequentially polls each of the input ports to determine to which output ports it desires connection for the next transmission slot. If those output ports are available, that input port assigns itself to the slot, and subsequent input ports are blocked from those output ports. The scheduling algorithm does not poll these blocked input ports for the current slot. The scheduler can be advantageously implemented in an optical system having one optical path for indexing control and multiple optical paths corresponding to each of the output ports. Sub-schedulers are arranged serially along all the optical paths. When a sub-scheduler is notified by the indexing control path that its turn to assign has arrived, it checks all of the optical paths corresponding to the output ports to which it desires connection. If those output ports are available, it assigns itself to the current slot, indicates on the output port optical paths that those desired output ports are no longer available, and indicates on the indexing control path that its assigning turn is over. If those output ports are not available, it nonetheless indicates on the indexing control path that its assigning turn is over and waits till the next assigning period.
摘要翻译: 用于能够进行原子组播的分组交换机的调度器,即允许在输入端口处的一个分组被同时发送到多个输出端口。 调度算法顺序地轮询每个输入端口,以确定其期望下一个传输时隙连接的输出端口。 如果这些输出端口可用,则该输入端口将自身分配给插槽,并且后续输入端口从这些输出端口被阻止。 调度算法不会轮询当前时隙的这些阻塞的输入端口。 调度器可以有利地在具有用于索引控制的一个光路和对应于每个输出端口的多个光路的光学系统中实现。 子调度器沿着所有光路顺序排列。 当子调度器通过其转向分配的索引控制路径到达时,它检查与其期望连接的输出端口相对应的所有光路径。 如果这些输出端口可用,则将其分配给当前时隙,在输出端口光纤路径上指示那些所需输出端口不再可用,并在索引控制路径上指示其分配转向结束。 如果这些输出端口不可用,它仍然在索引控制路径上指示其分配转向结束,并等待到下一个分配周期。
-
公开(公告)号:US20170244619A1
公开(公告)日:2017-08-24
申请号:US15047988
申请日:2016-02-19
IPC分类号: H04L12/26 , H04L12/927 , H04L29/08
CPC分类号: H04L43/08 , H04L47/80 , H04L67/141 , H04L67/143 , H04W36/12 , H04W88/16
摘要: This disclosure generally discloses an anchor mobility mechanism. The anchor mobility mechanism is configured to support migration of flows between mobility anchors within a wireless communication system. The anchor mobility mechanism may be configured to support migration of flows between mobility anchors within a wireless communication system in a highly seamless manner. The anchor mobility mechanism may be configured to support migration of a flow of a wireless device between mobility anchors within a wireless communication system using functions performed by a control element (CE) and one or more forwarding elements (FEs) within the data plane of the flow of the wireless device. The functions may include identifying a time at which to initiate migration of the flow, initiating migration of the flow based on identification of the time at which to initiate migration of the flow, or the like, as well as various combinations thereof.
-
-
-
-
-
-
-
-
-
搜索结果
87 条记录 (耗时 0.033 秒)
