公开(公告)号：US10063468B2

公开(公告)日：2018-08-28

申请号：US14997212

申请日：2016-01-15

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Hendrikus G. P. Bosch ,  Sape Jurriën Mullender ,  Jeffrey Napper ,  Surendra M. Kumar ,  Alessandro Duminuco

IPC: H04L12/50 ,  H04L12/721 ,  H04L12/741

CPC classification number: H04L45/38 ,  H04L45/745

Abstract: Particular embodiments described herein provide for a communication system that can be configured for receiving, at a network element, a flow offload decision for a first service node. The flow offload decision can include a portion of a service chain for processing a flow and updating next hop flow based routing information for the flow. A next hop in the flow can insert flow specific route information in its routing tables to bypass a packet forwarder serving the service that offloaded the flow in the reverse direction.

公开(公告)号：US20170310611A1

公开(公告)日：2017-10-26

申请号：US15347349

申请日：2016-11-09

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Surendra M. Kumar ,  Jeffrey Napper ,  Prashant Patadayya Hiremath ,  Vandana Saha

IPC: H04L12/931 ,  H04L12/947 ,  H04L12/813

CPC classification number: H04L69/00 ,  H04L67/2842

Abstract: In one embodiment, a method includes creating a catalog of service function (“SF”) profiles, wherein each of the profiles is associated with an SF and indicates a type of the associated SF; storing the catalog of SF profiles in a memory device of a service controller associated with the DVS; creating a service profile group template (“SPGT”) that includes at least one SF profile from the catalog of SF profiles, wherein the SPGT includes a service chain definition identifying at least one service chain comprising the SF associated with the at least one SF profile to be executed in connection with a service path and at least one policy for classifying traffic to the at least one service chain; deploying a first SPG instance based on the SPGT; and deploying an additional SPG instance based on the SPGT in accordance with a scaling policy included in the SPGT.

公开(公告)号：US20170208011A1

公开(公告)日：2017-07-20

申请号：US15171892

申请日：2016-06-02

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Hendrikus G.P. Bosch ,  Jeffrey Napper ,  Alessandro Duminuco ,  Humberto J. La Roche ,  Sape Jurriën Mullender ,  Surendra M. Kumar ,  Louis Gwyn Samuel ,  Bart A. Brinckman ,  Aeneas Sean Dodd-Noble ,  Luca Martini

IPC: H04L12/825 ,  H04L12/26 ,  H04L12/801

CPC classification number: H04L47/25 ,  H04L41/0896 ,  H04L45/64 ,  H04L47/29

Abstract: An example method is provided in one example embodiment and may include receiving traffic associated with at least one of a mobile network and a Gi-Local Area Network (Gi-LAN), wherein the traffic comprises one or more packets; determining a classification of the traffic to a service chain, wherein the service chain comprises one or more service functions associated at least one of one or more mobile network services and one or more Gi-LAN services; routing the traffic through the service chain; and routing the traffic to a network using one of a plurality of egress interfaces, wherein each egress interface of the plurality of egress interfaces is associated with at least one of the one or more mobile network services and the one or more Gi-LAN services.

公开(公告)号：US09479534B2

公开(公告)日：2016-10-25

申请号：US14522064

申请日：2014-10-23

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Alessandro Duminuco ,  Hendrikus G. P. Bosch ,  Surendra M. Kumar ,  Humberto J. La Roche ,  Jeffrey Napper ,  Kevin D. Shatzkamer ,  Daniel G. Wing

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/166 ,  H04L63/0281 ,  H04L63/0435 ,  H04L63/168 ,  H04L67/02 ,  H04L67/42

Abstract: In an embodiment, a method is provided for enabling in-band data exchange between networks. The method can comprise receiving, by a first enveloping proxy located in the first network, at least one regular secure sockets layer (SSL) record for a SSL session established between a client and a server; receiving the data from a network element located in the first network; encoding the data into at least one custom SSL record; and transmitting the at least one regular SSL record and the at least one custom SSL record to an enveloping proxy. In another embodiment, a method can comprise receiving at least one regular secure sockets layer (SSL) record and at least one custom SSL record for a SSL session established between a client and a server; extracting the data from the at least one custom SSL; transmitting the at least one regular SSL record.

Abstract translation: 在一个实施例中，提供了一种用于实现网络之间的带内数据交换的方法。 该方法可以包括通过位于第一网络中的第一包络代理接收在客户端和服务器之间建立的SSL会话的至少一个常规安全套接字层（SSL）记录; 从位于所述第一网络中的网元接收所述数据; 将数据编码成至少一个自定义SSL记录; 以及将所述至少一个常规SSL记录和所述至少一个定制SSL记录发送到包络代理。 在另一个实施例中，一种方法可以包括：在客户端和服务器之间建立的SSL会话接收至少一个常规安全套接字层（SSL）记录和至少一个定制SSL记录; 从至少一个自定义SSL提取数据; 发送所述至少一个常规SSL记录。

公开(公告)号：US20150334027A1

公开(公告)日：2015-11-19

申请号：US14285843

申请日：2014-05-23

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Hendrikus G. P. Bosch ,  Ian McDowell Campbell ,  Humberto J. La Roche ,  James N. Guichard ,  Surendra M. Kumar ,  Paul Quinn ,  Alessandro Duminuco ,  Jeffrey Napper ,  Ravi Shekhar

IPC: H04L12/851 ,  H04W72/04 ,  H04L12/801

CPC classification number: H04L47/2408 ,  H04L45/38 ,  H04L47/12 ,  H04L47/14 ,  H04W72/0493 ,  H04W88/16

Abstract: An example method is provided in one example embodiment and may include receiving a packet for a subscriber at a gateway, wherein the gateway includes a local policy anchor for interfacing with one or more policy servers and one or more classifiers for interfacing with one or more service chains, each service chain including one or more services accessible by the gateway; determining a service chain to receive the subscriber's packet; appending the subscriber's packet with a header, wherein the header includes, at least in part, identification information for the subscriber and an Internet Protocol (IP) address for the local policy anchor; and injecting the packet including the header into the service chain determined for the subscriber.

公开(公告)号：US20150271203A1

公开(公告)日：2015-09-24

申请号：US14522064

申请日：2014-10-23

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Alessandro Duminuco ,  Hendrikus G. P. Bosch ,  Surendra M. Kumar ,  Humberto J. La Roche ,  Jeffrey Napper ,  Kevin D. Shatzkamer ,  Daniel G. Wing

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/166 ,  H04L63/0281 ,  H04L63/0435 ,  H04L63/168 ,  H04L67/02 ,  H04L67/42

Abstract: In an embodiment, a method is provided for enabling in-band data exchange between networks. The method can comprise receiving, by a first enveloping proxy located in the first network, at least one regular secure sockets layer (SSL) record for a SSL session established between a client and a server; receiving the data from a network element located in the first network; encoding the data into at least one custom SSL record; and transmitting the at least one regular SSL record and the at least one custom SSL record to an enveloping proxy. In another embodiment, a method can comprise receiving at least one regular secure sockets layer (SSL) record and at least one custom SSL record for a SSL session established between a client and a server; extracting the data from the at least one custom SSL; transmitting the at least one regular SSL record.