-
公开(公告)号:US20220116354A1
公开(公告)日:2022-04-14
申请号:US17492214
申请日:2021-10-01
IPC分类号: H04L29/12 , H04L12/751 , H04L29/06
摘要: Systems and methods may include sending, to a network registrar, a first message including a first nonce generated by a host computing device, and receiving, from the network registrar, a second message including a second nonce, the second nonce being signed by the network registrar via a private key of a first public key infrastructure (PKI) key pair of the network registrar via a first signature. The method further includes sending a first neighbor advertisement (NA) message to the host computing device including the second nonce. The second nonce and the private key of the network registrar verifies the first signature from the network registrar, the verification of the first signature indicating that the router is not impersonating the network.
-
公开(公告)号:US11283831B2
公开(公告)日:2022-03-22
申请号:US16421858
申请日:2019-05-24
发明人: Pascal Thubert , Eric Levy-Abegnoli , Eliot Lear , Brian E. Weis
IPC分类号: H04L29/06 , H04L29/12 , H04L61/4511 , H04L61/5014 , H04L61/103
摘要: In one embodiment, a device in a network inserts a profile tag into an address request sent by an endpoint node in the network to a lookup service. The lookup service is configured to identify one or more addresses with which the endpoint node is authorized to communicate based on a profile for the endpoint node associated with the inserted profile tag. The device receives an address response sent from the lookup service to the endpoint node that indicates the set of one or more addresses with which the endpoint node is authorized to communicate. The device determines whether a communication between the endpoint node and a particular network address is authorized using the set of one or more addresses with which the endpoint node is authorized to communicate. The device blocks the communication based on a determination that the particular network address is not in the set of one or more addresses with which the endpoint node is authorized to communicate.
-
公开(公告)号:US20220070156A1
公开(公告)日:2022-03-03
申请号:US17004368
申请日:2020-08-27
摘要: This disclosure describes techniques for authenticating a user device for a session. For instance, an authentication entity may authenticate a user device using single sign-on authentication and/or multi-factor authentication. The authentication entity may then determine a duration for which the user device is authenticated for the session. For example, the authentication entity may receive information representing a state of an environment of the user device. The authentication entity may then use the information to identify one or more transitions associated with the environment between the session and a previous session. Using the one or more transitions, the authentication entity may determine the duration for the session by increasing or decreasing a previous duration associated with the previous session.
-
公开(公告)号:US20210105668A1
公开(公告)日:2021-04-08
申请号:US16594316
申请日:2019-10-07
IPC分类号: H04W28/22
摘要: In one embodiment, a device in a mesh network joins a source-destination oriented partial directed acyclic graph (SDO-PDAG) between a source node and a destination node in the network. The device receives operations, administration and maintenance (OAM) packets flooded along reverse paths of the SDO-PDAG. The device determines, based on the received OAM packets, packet drop rate (PDR) capacities of different paths between the device and the destination node. The device replicates a data packet sent from the source node to the destination node along two or more of the paths between the device and the destination node, based on the determined PDR capacities of those paths.
-
公开(公告)号:US20210058478A1
公开(公告)日:2021-02-25
申请号:US16545225
申请日:2019-08-20
摘要: Presented herein are techniques that aggregate messages using a subroot node. A plurality of messages is received from a corresponding plurality of nodes by a subroot node acting as a proxy in a wireless mesh sub-network. The plurality of messages is aggregated into a single message according to a template. The single message is wireless transmitted to a root node, wherein the root node has a wired connection to a network.
-
66.发明授权公开(公告)号:US10812388B2
公开(公告)日:2020-10-20
申请号:US16269723
申请日:2019-02-07
IPC分类号: H04L12/803 , H04L12/24 , H04L12/715 , H04L12/851
摘要: In one embodiment, a supervisory device for a software defined networking (SDN) fabric predicts a failure in the SDN fabric using a machine learning-based failure prediction model. The supervisory device identifies a plurality of traffic flows having associated leaves in the SDN fabric that would be affected by the predicted failure. The supervisory device selects a subset of the identified plurality of traffic flows and their associated leaves. The supervisory device disaggregates routes for the selected subset of traffic flows and their associated leaves, to avoid the predicted failure.
-
67.发明申请公开(公告)号:US20200304406A1
公开(公告)日:2020-09-24
申请号:US16360101
申请日:2019-03-21
IPC分类号: H04L12/715 , H04L12/46 , H04L12/723 , H04L12/753
摘要: In one embodiment, a device configures a plurality of subinterfaces for each of a plurality of physical ports of a software defined network (SDN). The device allocates a fixed amount of bandwidth to each of the subinterfaces. The device forms a plurality of midlays for the SDN by assigning subsets of the plurality of subinterfaces to each of the midlays. The device assigns a network slice to one or more of the midlays, based on a bandwidth requirement of the network slice.
-
公开(公告)号:US20200259740A1
公开(公告)日:2020-08-13
申请号:US16274567
申请日:2019-02-13
发明人: Patrick Wetterwald , Pascal Thubert , Jean-Philippe Vasseur , Eric Levy-Abegnoli , Stephane Labetoulle
IPC分类号: H04L12/721 , H04L12/725 , H04L12/801 , H04L12/911 , H04L12/26 , G06F9/455
摘要: In one embodiment, a supervisory device for a software defined networking (SDN) fabric predicts characteristics of a new traffic flow to be admitted to the fabric, based on a set of initial packets of the flow. The supervisory device predicts an impact of admitting the flow to the SDN fabric, using a heatmap-based saturation model for the SDN fabric. The supervisory device admits the flow to the SDN fabric, based on the predicted impact. The supervisory device uses reinforcement learning to adjust one or more call admission control (CAC) parameters of the SDN fabric, based on captured telemetry data regarding the admitted flow.
-
公开(公告)号:US10652135B2
公开(公告)日:2020-05-12
申请号:US15216007
申请日:2016-07-21
发明人: Pascal Thubert , IJsbrand Wijnands , Patrick Wetterwald , Eric Levy-Abegnoli , Jean-Philippe Vasseur
IPC分类号: H04L12/727 , H04L12/753 , H04L12/751 , H04L12/721 , H04L29/06 , H04L12/725
摘要: In one embodiment, a multicast listener device floods a path lookup request to search for a multicast tree, and may then receive path lookup responses from candidate nodes on the multicast tree, where each of the path lookup responses indicates a unicast routing cost from a respective candidate node to the multicast listener device, and where each of the candidate nodes is configured to suppress a path lookup response if a total path latency from a source of the multicast tree to the multicast listener device via that respective candidate node is greater than a maximum allowable path latency. The multicast listener device may then select a particular candidate node as a join point for the multicast tree based on the particular node having a lowest associated unicast routing cost to the multicast listener device from among the candidate nodes, and joins the multicast tree at the selected join point.
-
公开(公告)号:US10348481B1
公开(公告)日:2019-07-09
申请号:US15966131
申请日:2018-04-30
IPC分类号: H04L7/00
摘要: In one embodiment, a device in a network receives a plurality of packets from one or more neighbors of the device. Each of the packets has a scheduled delivery time interval according to a deterministic communication schedule. The device determines an amount of clock drift for each of the one or more neighbors of the device by comparing arrival times of the received packets to their scheduled delivery time intervals according to the deterministic communication schedule. The device calculates a clock adjustment based on the amount of clock drift for each of the one or more neighbors. The device adjusts a clock of the device using the calculated clock adjustment.
-
-
-
-
-
-
-
-
-
搜索结果
152 条记录 (耗时 0.027 秒)
