公开(公告)号：US07099287B1

公开(公告)日：2006-08-29

申请号：US09799755

申请日：2001-03-06

申请人： Doron Oz ,  Eldad Bar-Eli ,  Moti Haimovsky

发明人： Doron Oz ,  Eldad Bar-Eli ,  Moti Haimovsky

IPC分类号： H04L12/28

CPC分类号： H04L12/437 ,  H04J3/1611 ,  H04J2203/0039 ,  H04J2203/0041 ,  H04J2203/0042 ,  H04L12/42 ,  H04L12/44 ,  H04L41/12 ,  H04L43/0811

摘要： A novel and useful mechanism for detecting the nodes connected to a network device and for creating a ring network from the nodes detected thereby. The invention simplifies insertion, removal and modification of nodes in the ring by detecting and reconfiguring the ring without requiring intervention by a user. Identification information messages generated by network devices and sent out on all links and received over a plurality of ports are used in identifying and determining the connectivity and topology of the network devices. The resulting topology information is stored in a node database. The contents of the node database are then used to generate one or more ring networks, wherein each ring generated corresponds to a unique line speed. The connectivity of the one or more rings generated is stored in a ring database and the rings configured therefrom.

摘要翻译： 一种新颖有用的机制，用于检测连接到网络设备的节点并用于从由此检测到的节点创建环网。 本发明通过检测和重新配置环而简化了环中节点的插入，移除和修改，而不需要用户干预。 由网络设备产生并在所有链路上发送并通过多个端口接收的识别信息消息用于识别和确定网络设备的连接性和拓扑。 生成的拓扑信息存储在节点数据库中。 然后，节点数据库的内容被用于生成一个或多个环形网络，其中产生的每个环对应于唯一的线速度。 生成的一个或多个环的连接性被存储在环形数据库中，并且由其配置的环。

公开(公告)号：US5910954A

公开(公告)日：1999-06-08

申请号：US910783

申请日：1997-08-13

申请人： Zvi Bronstein ,  Eytan Mann ,  Eldad Bar-Eli

发明人： Zvi Bronstein ,  Eytan Mann ,  Eldad Bar-Eli

IPC分类号： H04L12/28 ,  H04L12/66 ,  H04L12/70 ,  H04L12/935 ,  H04Q11/04

CPC分类号： H04L12/2801 ,  H04L12/66 ,  H04L49/3081 ,  H04Q11/0478 ,  H04L2012/5615 ,  H04L2012/5619

摘要： A network having at least one emulated local area network (LAN) therein includes groups of legacy LAN workstations, network switches and an ATM switch. The network switches are each connectable to one of the groups of the legacy LAN workstations. The ATM switch is connectable to the network switches and each network switch includes a cell memory, a cell memory manager, local switching apparatus and remote switching apparatus. The cell memory stores cells of data. The cell memory manager converts data back and forth between a format and a cell format, stores the cell format data in the cell memory and retrieves calls therefrom. The local switching apparatus locally switches cells of data among the group of legacy LAN workstations connectable to the network switch. The remote switching apparatus switches the cells of data from the network switch to a remote network switch via the ATM switch.

摘要翻译： 具有至少一个仿真局域网（LAN）的网络包括遗留LAN工作站，网络交换机和ATM交换机的组。 网络交换机可以连接到传统LAN工作站中的一个组。 ATM交换机可连接到网络交换机，每个网络交换机都包括一个单元存储器，单元存储器管理器，本地交换设备和远程交换设备。 单元存储器存储数据单元。 单元存储器管理器在格式和单元格式之间来回转换数据，将单元格格式数据存储在单元存储器中并从中检索调用。 本地交换设备在本地交换可连接到网络交换机的传统LAN工作站组中的数据单元。 远程交换设备通过ATM交换机将数据单元从网络交换机切换到远程网络交换机。

公开(公告)号：US20070280132A1

公开(公告)日：2007-12-06

申请号：US11421045

申请日：2006-05-30

申请人： Doron Oz ,  Eldad Bar-Eli ,  Moti Haimovsky

发明人： Doron Oz ,  Eldad Bar-Eli ,  Moti Haimovsky

IPC分类号： H04L12/28

CPC分类号： H04L12/437 ,  H04J3/1611 ,  H04J2203/0039 ,  H04J2203/0041 ,  H04J2203/0042 ,  H04L12/42 ,  H04L12/44 ,  H04L41/12 ,  H04L43/0811

摘要： A novel and useful mechanism for detecting the nodes connected to a network device and for creating a ring network from the nodes detected thereby. The invention simplifies insertion, removal and modification of nodes in the ring by detecting and reconfiguring the S ring without requiring intervention by a user. Identification information messages generated by network devices and sent out on all links and received over a plurality of ports are used in identifying and determining the connectivity and topology of the network devices. The resulting topology information is stored in a node database. The contents of the node database are then used to generate one or more ring networks, wherein each ring generated corresponds to a unique line speed. The connectivity of the one or more rings generated is stored in a ring database and the rings configured therefrom.

摘要翻译： 一种新颖有用的机制，用于检测连接到网络设备的节点并用于从由此检测到的节点创建环网。 本发明通过检测和重新配置S环而简化了环中节点的插入，移除和修改，而无需用户干预。 由网络设备产生并在所有链路上发送并通过多个端口接收的识别信息消息用于识别和确定网络设备的连接性和拓扑。 生成的拓扑信息存储在节点数据库中。 然后，节点数据库的内容被用于生成一个或多个环形网络，其中产生的每个环对应于唯一的线速度。 生成的一个或多个环的连接性被存储在环形数据库中，并且由其配置的环。

公开(公告)号：US08024787B2

公开(公告)日：2011-09-20

申请号：US11416297

申请日：2006-05-02

申请人： Doron Oz ,  Nir Ben-Dvora ,  Eldad Bar Eli

发明人： Doron Oz ,  Nir Ben-Dvora ,  Eldad Bar Eli

IPC分类号： G06F9/455

CPC分类号： H04L45/00 ,  H04L45/56 ,  H04L63/0227

摘要： One or more firewalls are used to perform firewall functionality on packets based on the entry and exit accesses of each of the one or more firewalls being applied to a packet. For example, when firewalls are included in a router, the interfaces of the router are typically mapped to virtual firewalls and access thereof. Based on the determined routing of a particular packet, the firewalls to apply and their corresponding entry and exit accesses are identified. In order to decouple the application by the firewall itself of the security policies from the network topology and routing architecture (e.g., the network routing address information which is typically relied upon by current firewalls), the firewall functionality is defined based on the identified entry and exit accesses of a firewall, rather than based on network defined addresses, for example.

摘要翻译： 一个或多个防火墙用于基于对应用于分组的一个或多个防火墙中的每一个的进入和退出访问在分组上执行防火墙功能。 例如，当防火墙包含在路由器中时，路由器的接口通常映射到虚拟防火墙并进行访问。 基于确定的特定分组的路由，识别要应用的防火墙及其相应的进入和退出接入。 为了将安全策略中的防火墙本身的应用从网络拓扑和路由架构（例如，当前防火墙通常依赖的网络路由地址信息）分离，防火墙功能基于所识别的条目和 例如，防火墙的出口访问，而不是基于网络定义的地址。

公开(公告)号：US07073053B1

公开(公告)日：2006-07-04

申请号：US09976222

申请日：2001-10-11

申请人： Doron Oz ,  Eldad Bar-Eli ,  Rami Tamir

发明人： Doron Oz ,  Eldad Bar-Eli ,  Rami Tamir

IPC分类号： G06F9/24 ,  G06F15/177 ,  G06F11/00

CPC分类号： G06F11/1417 ,  G06F11/1433

摘要： Methods and apparatus are disclosed for a boot progression scheme for reliably initializing a system. A boot progression data structure is maintained to indicate which of multiple boot images should be initially loaded upon startup of the system. During a boot phase, the boot progression data structure (e.g., a stack or other data structure) is modified to indicate a next boot image to use upon a next startup of the system. If the boot image provides a functional system, then the boot progression data structure is updated to once again indicate to boot with this image, and possibly removing references to other boot images. Otherwise, a reset or restart operation is performed to boot using another image. In this manner, a remote system can be upgraded across a network, and should the upgrade not perform correctly, the system reverts to a previous boot image.

摘要翻译： 公开了用于可靠地初始化系统的引导进程方案的方法和装置。 维护引导进程数据结构以指示在系统启动时应该最初加载多个引导映像。 在引导阶段期间，修改引导进程数据结构（例如，堆栈或其他数据结构）以指示在系统的下次启动时使用的下一启动映像。 如果引导映像提供功能系统，则更新引导进程数据结构以再次指示使用该映像引导，并且可能移除对其他引导映像的引用。 否则，执行复位或重新启动操作以使用另一图像引导。 以这种方式，可以通过网络升级远程系统，如果升级不能正确执行，系统将恢复到以前的启动映像。

公开(公告)号：US06580693B1

公开(公告)日：2003-06-17

申请号：US09316973

申请日：1999-05-24

申请人： Arcady Chernyak ,  Eldad Bar-Eli ,  Miki Kennet

发明人： Arcady Chernyak ,  Eldad Bar-Eli ,  Miki Kennet

IPC分类号： G01R3108

CPC分类号： H04L12/5601 ,  H04L2012/5626 ,  H04L2012/5627

摘要： A method for detecting leaks in an ATM network, the method including the steps of a) creating an entity interconnection map including mappings of port interconnections among a plurality of network nodes, the plurality of network nodes includes a plurality of network endpoints and at least one network switch, b) creating an endpoint map including at least one endpoint mapping of at least one port to at least one virtual identifier for at least one of the network endpoints and a leak indicator for the at least one network endpoint indicating that the network endpoint is either of a transmitting endpoint and a receiving endpoint, c) creating a switch map including at least one switch mapping of at least one port and virtual identifier grouping to at least one other port and virtual identifier grouping for the at least one network switch, d) initializing a leak indicator for each of the endpoint mappings and the switch mappings to indicate a leak condition, e) traversing a virtual channel connection from each transmitting endpoint in the endpoint map to a corresponding receiving endpoint in the endpoint map via the switch map, and f) setting each leak indicator for each endpoint mapping and switch mapping traversed along the virtual channel connection to indicate a no-leak condition.

摘要翻译： 一种用于检测ATM网络中的泄漏的方法，所述方法包括以下步骤：a）创建包括多个网络节点之间的端口互连的映射的实体互连图，所述多个网络节点包括多个网络端点和至少一个 网络交换机，b）创建包括至少一个端口的至少一个端点映射到至少一个所述网络端点的至少一个虚拟标识符的端点映射，以及用于所述至少一个网络端点的泄漏指示符，其指示所述网络端点 是发送端点和接收端点之一; c）创建包括至少一个端口和虚拟标识符分组的至少一个交换机映射到至少一个其他端口的交换机映射以及用于所述至少一个网络交换机的虚拟标识符分组， d）初始化每个端点映射和交换机映射的泄漏指示符以指示泄漏状况，e）遍历虚拟信道 通过交换机映射将端点映射中的每个发送端点的连接从端点映射中的相应接收端点连接起来，以及f）设置沿着虚拟通道连接遍历的每个端点映射和交换映射的每个泄漏指示符，以指示无泄漏条件 。

公开(公告)号：US06188691B1

公开(公告)日：2001-02-13

申请号：US09039725

申请日：1998-03-16

申请人： Sharon Barkai ,  Eldad Bar-Eli ,  Yoram Shamir

发明人： Sharon Barkai ,  Eldad Bar-Eli ,  Yoram Shamir

IPC分类号： H04L1228

CPC分类号： H04L12/4679 ,  H04L12/1886 ,  H04L41/0213 ,  H04L41/046

摘要： A method whereby local area network (LAN) multicast traffic flows are defined and set up by the network management system (NMS). Network efficiency is maximized and performance degradation of the network and workstations connected thereto is reduced. The method utilizes standard 802.1D bridging infrastructure built into conventional level 2 network switching devices to permit a administrator to define a multicast flow, otherwise known as a virtual LAN (VLAN) or a ‘Session VLAN,’ as a multicast application that can be mapped to a multicast MAC address. The multicast MAC address is then utilized in the transmission of the multicast messages. The NMS declares a session VLAN across all the level 2 devices in the network utilizing standard SNMP and members of the session VLAN can be added and removed. Each device then translates the SNMP requests to an operation on its standard 802.1D static addresses.

摘要翻译： 网络管理系统（NMS）定义和设置局域网（LAN）组播业务流的一种方法。 网络效率最大化，与之相连的网络和工作站的性能下降降低。 该方法利用内置于常规2级网络交换设备中的标准802.1D桥接基础架构，允许管理员定义组播流，也称为虚拟LAN（VLAN）或“会话VLAN”，作为可映射的组播应用 组播MAC地址，然后在多播消息的传输中使用组播MAC地址，NMS使用标准SNMP在网络中的所有二级设备上声明会话VLAN，并且会话VLAN的成员可以添加和删除 然后，每个设备将SNMP请求转换为其标准802.1D静态地址的操作。

公开(公告)号：US08018932B1

公开(公告)日：2011-09-13

申请号：US10184486

申请日：2002-06-28

申请人： Eldad Bar Eli ,  Doron Oz

发明人： Eldad Bar Eli ,  Doron Oz

IPC分类号： H04L12/56

CPC分类号： H04L12/18

摘要： Methods and apparatus are disclosed for sending a multicast packet from multiple network interfaces across multiple networks using the same media access source address (MAC source address). One implementation includes a processing element and a network interface for each of the multiple networks. The processing element generates and initiates sending of a multicast packet having a same media access source address (MAC source address) from at least two of the multiple network interfaces. In one implementation, a single copy of the multicast packet is buffered, and each of the network interfaces retrieves, such as via a direct memory access (DMA) request, the multicast packet and forwards it to an attached network.

摘要翻译： 公开了用于使用相同的媒体访问源地址（MAC源地址）从多个网络的多个网络接口发送多播分组的方法和装置。 一个实现包括用于多个网络中的每一个的处理元件和网络接口。 所述处理单元从所述多个网络接口中的至少两个生成并发起具有相同的媒体访问源地址（MAC源地址）的多播分组的发送。 在一个实现中，缓冲多播分组的单个副本，并且每个网络接口例如经由直接存储器访问（DMA）请求来检索多播分组，并将其转发到附接的网络。

公开(公告)号：US07801062B2

公开(公告)日：2010-09-21

申请号：US11421045

申请日：2006-05-30

申请人： Doron Oz ,  Eldad Bar-Eli ,  Moti Haimovsky

发明人： Doron Oz ,  Eldad Bar-Eli ,  Moti Haimovsky

IPC分类号： H04L12/28

CPC分类号： H04L12/437 ,  H04J3/1611 ,  H04J2203/0039 ,  H04J2203/0041 ,  H04J2203/0042 ,  H04L12/42 ,  H04L12/44 ,  H04L41/12 ,  H04L43/0811

摘要： A novel and useful mechanism for detecting the nodes connected to a network device and for creating a ring network from the nodes detected thereby. The invention simplifies insertion, removal and modification of nodes in the ring by detecting and reconfiguring the S ring without requiring intervention by a user. Identification information messages generated by network devices and sent out on all links and received over a plurality of ports are used in identifying and determining the connectivity and topology of the network devices. The resulting topology information is stored in a node database. The contents of the node database are then used to generate one or more ring networks, wherein each ring generated corresponds to a unique line speed. The connectivity of the one or more rings generated is stored in a ring database and the rings configured therefrom.

摘要翻译： 一种新颖有用的机制，用于检测连接到网络设备的节点并用于从由此检测到的节点创建环网。 本发明通过检测和重新配置S环而简化了环中节点的插入，移除和修改，而无需用户干预。 由网络设备产生并在所有链路上发送并通过多个端口接收的识别信息消息用于识别和确定网络设备的连接性和拓扑。 生成的拓扑信息存储在节点数据库中。 然后，节点数据库的内容被用于生成一个或多个环形网络，其中产生的每个环对应于唯一的线速度。 生成的一个或多个环的连接性被存储在环形数据库中，并且由其配置的环。

公开(公告)号：US07388830B1

公开(公告)日：2008-06-17

申请号：US11499022

申请日：2006-08-04

申请人： Doron Oz ,  Eldad Bar-Eli

发明人： Doron Oz ,  Eldad Bar-Eli

IPC分类号： G01R11/00

CPC分类号： H04L12/42

摘要： Connecting a new node to a double ring network or establishing a new network having a double ring network is greatly simplified by automatic mapping of logical interfaces to physical interfaces to conform to a mapping or polarity observed by other nodes in the network. A node may discover the network polarity via a message received from an adjacent node and, if necessary, invert the mapping between its two logical interfaces and two physical interfaces. This facilitates installation by relaxing the requirement that the correct media pair be connected to the correct node physical interface. Nodes equipped with this automatic side selection capability may interoperate with nodes that are not so-equipped.

摘要翻译： 将新节点连接到双环网络或建立具有双环网络的新网络通过将逻辑接口自动映射到物理接口来大大简化，以符合网络中其他节点所观察到的映射或极性。 节点可以通过从相邻节点接收到的消息发现网络极性，如果需要，可以反转其两个逻辑接口和两个物理接口之间的映射。 通过放松将正确的媒体对连接到正确的节点物理接口的要求，便于安装。 配备这种自动侧面选择功能的节点可能与没有配备的节点进行互操作。