-
公开(公告)号:US20180367302A1
公开(公告)日:2018-12-20
申请号:US15968189
申请日:2018-05-01
Applicant: Cisco Technology, Inc.
Inventor: Satish Kondalam , Victor M. Moreno , Sanjay Kumar Hooda , Muhammad Ahmad Imam
CPC classification number: H04L9/30 , H04L9/0841 , H04L9/085 , H04L9/0866
Abstract: In accordance with various implementations, a method is performed at a source node of a fabric network coupled to a plurality of hosts respectively associated with a plurality of group identifiers. The method includes generating a source public key based on a source private key, a source group identifier of the plurality of group identifiers, and a destination group identifier of the plurality of group identifiers. The method includes sending, from the source node coupled to at least one host associated with the source group identifier to a destination node coupled to at least one host associated with the destination group identifier, the source public key. The method includes receiving, at the source node from the destination node, a destination public key based on a destination private key, the source group identifier, and the destination group identifier. The method further includes generating a shared secret based on the destination public key and the source private key.
-
72.发明申请公开(公告)号:US20180255017A1
公开(公告)日:2018-09-06
申请号:US15447291
申请日:2017-03-02
Applicant: Cisco Technology, Inc.
Inventor: Sanjay Kumar Hooda , Syam Sundar V Appala , Kaushik Kumar Dam , Vimarsh Puneet
CPC classification number: H04L41/0893 , H04L61/2514 , H04L61/2521 , H04L61/2571 , H04L67/306
Abstract: A policy server correlates information from several messages associated with a client device to implement an identity-based network access policy. The policy server receives a first message from a network element connected to the client device. The first message requests an identity-based policy for the client device, and includes a first network address. The policy server receives a second message from an identity server. The second message includes information indicating an identity role and a second network address. The policy server receives a third message from a NAT device. The third message includes a NAT mapping that correlates the first network address with the second network address. After the policy server determines the identity-based policy based on a combination of the first message, the second message, and the third message, the policy server implements the identity-based policy in the network element.
-
公开(公告)号:US20180255002A1
公开(公告)日:2018-09-06
申请号:US15446802
申请日:2017-03-01
Applicant: Cisco Technology, Inc.
Inventor: Sanjay Kumar Hooda , Kaushik Kumar Dam , Sandesh Kumar Narappa Bheemanakone , Victor M. Moreno , Shivangi Sharma
IPC: H04L12/931 , H04W72/12 , H04W74/00
CPC classification number: H04L49/201 , H04W72/121 , H04W74/002
Abstract: Group based multicasts may be provided. First, a request may be received. The request may comprise a receiver tag, a request source identifier, and a request multicast group identifier. Next, a source tag corresponding to the request source identifier may be obtained and then it may be determined that a group corresponding to the receiver tag is allowed to access content from a source corresponding to the obtained source tag. In response to determining that the group corresponding to the receiver tag is allowed to access content from the source corresponding to the obtained source tag, content may be received from the source at a multicast group corresponding to the request multicast group identifier. The content may then be forwarded to a receiver corresponding to the request.
-
公开(公告)号:US09918217B1
公开(公告)日:2018-03-13
申请号:US15405614
申请日:2017-01-13
Applicant: Cisco Technology, Inc.
Inventor: Sanjay Kumar Hooda , Gaurav Dawra , Sudhir Kumar Jain , Atri Indiresan
Abstract: Fast roaming across a network fabric may be provided. A route device may receive location information corresponding to a client device in response to roaming by the client device from a first access point connected to a first network device to a second access point connected to a second network device. The first network device and the second network device may comprise fabric edge nodes on the fabric network. The first network device and the second network device may be ones of a plurality of network devices in the fabric network. On detecting the roaming of the client device, the route device may be updated with the new location, and then the route device may send, to the plurality of network devices in the fabric network, the location information corresponding to the client device.
-
公开(公告)号:US20160269266A1
公开(公告)日:2016-09-15
申请号:US14656840
申请日:2015-03-13
Applicant: Cisco Technology, Inc.
Inventor: Sanjay Kumar Hooda , Venkatabalakrishnan Krishnamurthy , Tushar J. Patel , Ganesh Srinivasa Bhat
IPC: H04L12/26
CPC classification number: H04L43/16 , H04L41/0853 , H04L43/04 , H04L43/10
Abstract: A feature trace capability may be provided for features including, but not limited to, automatic quality of service (auto QoS), power over Ethernet (PoE), and fabric compatibility. A network command may be implemented with the capability to validate features across a network path or the network as a whole. The output of this network command may result in the display of details about supported features. Such a command may also result in a listing of what devices require upgrades to support any number of features of interest. Embodiments of the feature trace capability may be configured such that the query gets terminated once a final subnet (or endpoint) is reached. Alternatively, the feature trace capability may be configured such that the query gets terminated after a maximum hop count, or trace total (trace_ttl) is reached. Such a limit may prevent the continuous flooding of the network.
Abstract translation: 可以为特征提供特征追踪功能,包括但不限于自动服务质量(自动QoS),以太网供电(PoE)和结构兼容性。 可以实现网络命令,其具有通过网络路径或网络整体验证特征的能力。 此网络命令的输出可能会显示关于支持的功能的详细信息。 这样的命令还可以列出什么设备需要升级来支持任何数量的感兴趣的特征。 可以配置特征跟踪能力的实施例,使得一旦达到最终子网(或端点),则查询终止。 或者,可以配置特征跟踪能力,使得在达到最大跳数或跟踪总数(trace_ttl)之后,查询终止。 这样的限制可以防止网络的连续洪泛。
-
Patent Agency Ranking
76.发明申请公开(公告)号:US20140269329A1
公开(公告)日:2014-09-18
申请号:US13839159
申请日:2013-03-15
Applicant: CISCO TECHNOLOGY, INC.
Inventor: Sanjay Kumar Hooda , Rajagopalan Janakiraman , Vinay Parameswarannair , Vijay Sampath
IPC: H04L12/801
Abstract: Embodiments provide techniques for optimizing paths in a network environment with a virtual network device that includes a first physical network device and a second physical network device, connected using a virtual network device layer link. Embodiments receive a first data packet belonging to a first data flow, at the first physical network device, from the second physical network device, over the virtual network device layer link. An adjacent network device from which the second physical network device received the first data packet is determined. Embodiments also determine one or more links connecting the first physical network device and the adjacent network device. A network message is transmitted to the adjacent network device, where the adjacent network device is configured to transmit subsequent data packets from the first data flow to the virtual network device, using only the determined one or more links, responsive to receiving the network message.
Abstract translation: 实施例提供了利用包括使用虚拟网络设备层链路连接的第一物理网络设备和第二物理网络设备的虚拟网络设备来优化网络环境中的路径的技术。 实施例通过虚拟网络设备层链路从第二物理网络设备接收属于第一物理网络设备的第一数据流的第一数据包。 确定第二物理网络设备从其接收到第一数据分组的相邻网络设备。 实施例还确定连接第一物理网络设备和相邻网络设备的一个或多个链路。 将网络消息发送到相邻网络设备,其中相邻网络设备被配置为仅响应于接收到该网络消息而使用所确定的一个或多个链路,将后续数据分组从第一数据流发送到虚拟网络设备。
-
公开(公告)号:US20250126059A1
公开(公告)日:2025-04-17
申请号:US18984673
申请日:2024-12-17
Applicant: Cisco Technology, Inc.
Inventor: Prakash C. Jain , Vinay Saini , Sanjay Kumar Hooda
Abstract: Techniques for a Software-Defined Networking (SDN) controller associated with a multisite network to implement jurisdictional data sovereignty polices in a multisite network, route network traffic flows between user sites and destination services over one or more provider sites, and/or perform a routing operation on the network traffic flow(s) based on the jurisdictional data sovereignty policies. The jurisdictional data sovereignty polices may be implemented using destination group tags (DGTs) and/or source group tags (SGTs). A secure access service edge (SASE) associated with the network controller may generate, store, and distribute the DGTs to provider sites and/or the SGTs to user sites. Based on the SGT and/or DGT associated with a network traffic flow, one or more services may be applied to the network traffic flow, and the network traffic flow may be routed through a particular region of a software-defined access (SDA) transit.
-
公开(公告)号:US12212540B2
公开(公告)日:2025-01-28
申请号:US18513320
申请日:2023-11-17
Applicant: Cisco Technology, Inc.
Inventor: Rajeev Kumar , Sanjay Kumar Hooda , Ramesh Chandra Yeevani-Srinivas
IPC: H04L67/55 , H04L61/5014
Abstract: Automated techniques for converting network devices from a Layer 2 (L2) network into a Layer 3 (L3) network in a hierarchical manner are described herein. The network devices may be configured to boot such that their ports are in an initialization mode in which the ports are unable to transmit locally generated DHCP packets. When a network device detects that a neighbor (or “peer”) device has acquired an IP address or has been configured by a network controller, then the port on which the neighbor device is detected can then be transitioned from the initialization mode into a forwarding mode. In the forwarding mode, the port can be used to transmit packets to obtain an IP address. Thus, the network devices are converted from an L2 device to an L3 device in a hierarchical order such that upstream devices are discovered and converted into L3 devices before downstream devices.
-
公开(公告)号:US12127020B2
公开(公告)日:2024-10-22
申请号:US18524474
申请日:2023-11-30
Applicant: Cisco Technology, Inc.
Inventor: Balaji Sundararajan , Sanjay Kumar Hooda , Venkatesh Ramachandra Gota , Chandramouli Balasubramanian , Anand Oswal
CPC classification number: H04W24/08 , H04W28/0221 , H04W28/0284 , H04W28/0289 , H04W28/24 , H04W36/22 , H04W48/06
Abstract: Systems and methods for managing traffic in a hybrid environment include monitoring traffic load of a local network to determine whether the traffic load exceeds or is likely to exceed a maximum traffic load, where the maximum traffic load is a traffic load for which a service can be provided by the local network, based on a license. An excess traffic load is determined if the traffic load exceeds or is likely to exceed the maximum traffic load. One or more external networks which have a capacity to provide the service to the excess traffic load are determined, to which the excess traffic load is migrated. The local network includes one or more service instances for providing the service for up to the maximum traffic load, and the service to the excess traffic load is provided by one or more additional service instances in the one or more external networks.
-
公开(公告)号:US12095765B2
公开(公告)日:2024-09-17
申请号:US18163351
申请日:2023-02-02
Applicant: Cisco Technology, Inc.
Inventor: Muninder Sambi , Anand Oswal , Sanjay Kumar Hooda
CPC classification number: H04L63/0876 , H04L12/4641 , H04L63/20
Abstract: Cloud delivered access may be provided. A network device may provide a client device with a pre-authentication virtual network and a pre-authentication address. Next, a policy may be received in response to the client device authenticating. The client device may then be moved to a post-authentication virtual network based on the policy. A post-authentication address may then be obtained for the client device in response to moving the client device to a post-authentication virtual network. Traffic for the client device may then be translated to the post-authentication address.
-
-
-
-
-
-
-
-
-
Search Results
214
records
(took 0.018 seconds)
