公开(公告)号：US11855802B2

公开(公告)日：2023-12-26

申请号：US18093530

申请日：2023-01-05

Applicant: Cisco Technology, Inc.

Inventor： Pierre Pfister ,  William Mark Townsley ,  Yoann Desmouceaux ,  David Delano Ward

IPC: H04L12/46 ,  G06F16/95

CPC classification number: H04L12/46 ,  G06F16/95

Abstract: This disclosure describes methods and systems to externally manage network-to-network interconnect configuration data in conjunction with a centralized database subsystem. An example of the methods includes receiving and storing, in the centralized database subsystem, data indicative of user intent to interconnect at least a first network and a second network. The example method further includes, based at least in part on the data indicative of user intent, determining and storing, in the centralized database subsystem, a network intent that corresponds to the user intent. The example method further includes providing data indicative of the network intent from the centralized database subsystem to a first data plane adaptor, associated with the first network, and a second data plane adaptor, associated with the second network.

公开(公告)号：US11570239B2

公开(公告)日：2023-01-31

申请号：US16853048

申请日：2020-04-20

Applicant: Cisco Technology, Inc.

Inventor： Yoann Desmouceaux ,  Pierre Pfister ,  Aloys Augustin ,  Mohammed Hawari

IPC: H04L67/1023 ,  H04L45/24 ,  H04L69/163 ,  H04L69/164 ,  H04L69/165 ,  H04L67/146 ,  H04L67/01

Abstract: Techniques are described for providing a distributed application load-balancing architecture that supports multipath transport protocol for client devices connecting to an application service. Rather than having client devices generate new network five-tuples for new subflows to the application servers, the techniques described herein include shifting the burden to the application servers to ensure that the new network five-tuples land in the same bucket in the consistent hashing table. The application servers may receive a hashing function utilized by the load balancers to generate the hash of the network five-tuple. By having the application servers generate the hashes, the load balancers are able to continue stateless, low-level processing of the packets to route them to the correct application servers. In this way, additional subflows can be opened for client devices according to a multipath transport protocol while ensuring that the subflows are routed to the correct application server.

公开(公告)号：US11558345B2

公开(公告)日：2023-01-17

申请号：US17099506

申请日：2020-11-16

Applicant: Cisco Technology, Inc.

Inventor： Yoann Desmouceaux ,  Marcel Paul Sosthène Enguehard ,  Jacques Olivier Samain ,  Jerome Tollet

IPC: H04L61/4541 ,  H04L45/00 ,  H04L41/0816 ,  H04L45/745 ,  H04L67/51

Abstract: Systems, methods, and computer-readable storage media are provided to populate databases with routing data for containers to eliminate the need for continuously accessing a global discovery service. An example method includes initiating, from a source container operating on a first machine in a first rack, a communication with a destination container operating on a second machine on a second rack, wherein a local database on the first machine does not know an address of the destination container. The method includes accessing a global discovery service to provide the address of the destination container, populating the local database on the first machine with the address of the destination container and routing a packet from the source container to the destination container according to the address of the destination container.

公开(公告)号：US10862857B2

公开(公告)日：2020-12-08

申请号：US16366466

申请日：2019-03-27

Applicant: Cisco Technology, Inc.

Inventor： Yoann Desmouceaux ,  Marcel Paul Sosthène Enguehard ,  Jacques Olivier Samain ,  Jerome Tollet

IPC: G06F15/177 ,  H04L29/12 ,  H04L29/08 ,  H04L12/24 ,  H04L12/721 ,  H04L12/741

Abstract: Systems, methods, and computer-readable storage media are provided to populate databases with routing data for containers to eliminate the need for continuously accessing a global discovery service. An example method includes initiating, from a source container operating on a first machine in a first rack, a communication with a destination container operating on a second machine on a second rack, wherein a local database on the first machine does not know an address of the destination container. The method includes accessing a global discovery service to provide the address of the destination container, populating the local database on the first machine with the address of the destination container and routing a packet from the source container to the destination container according to the address of the destination container.

公开(公告)号：US20200314056A1

公开(公告)日：2020-10-01

申请号：US16366466

申请日：2019-03-27

Applicant: Cisco Technology, Inc.

Inventor： Yoann Desmouceaux ,  Marcel Paul Sosthène Enguehard ,  Jacques Olivier Samain ,  Jerome Tollet

IPC: H04L29/12 ,  H04L29/08 ,  H04L12/741 ,  H04L12/721 ,  H04L12/24

Abstract: Systems, methods, and computer-readable storage media are provided to populate databases with routing data for containers to eliminate the need for continuously accessing a global discovery service. An example method includes initiating, from a source container operating on a first machine in a first rack, a communication with a destination container operating on a second machine on a second rack, wherein a local database on the first machine does not know an address of the destination container. The method includes accessing a global discovery service to provide the address of the destination container, populating the local database on the first machine with the address of the destination container and routing a packet from the source container to the destination container according to the address of the destination container.

公开(公告)号：US20200099610A1

公开(公告)日：2020-03-26

申请号：US16138595

申请日：2018-09-21

Applicant: Cisco Technology, Inc.

Inventor： Giles Douglas Yorke Heron ,  Edward A. Warnicke ,  William Mark Townsley ,  Yoann Desmouceaux

IPC: H04L12/707 ,  H04L12/715 ,  H04L12/721 ,  H04L12/725 ,  H04L29/12

Abstract: Systems and methods provide for segment routing (SR) with fast reroute in a container network. An SR ingress can receive a packet from a first container destined for a container service. The ingress can generate an SR packet including a segment list comprising a first segment to a first container service host, a second segment to a second service host, and a third segment to the service. The ingress can forward the SR packet to a first SR egress corresponding to the first host using the first segment. The first egress can determine whether the first service and/or host is reachable. If so, the first egress can forward the SR packet to the first host or the packet to the service. If not, the first egress can perform a fast reroute and forward the SR packet to a second SR egress corresponding to the second host using the second segment.

公开(公告)号：US20190149468A1

公开(公告)日：2019-05-16

申请号：US16249563

申请日：2019-01-16

Applicant: Cisco Technology, Inc.

Inventor： Pierre Pfister ,  Mark Townsley ,  Yoann Desmouceaux

IPC: H04L12/741 ,  H04L29/06

CPC classification number: H04L45/74 ,  H04L69/22

Abstract: Disclosed is a method that modifies a bit indexed explicit replication (BIER) algorithm. The method includes receiving a packet at a node, wherein the packet includes a BIER header identifying a bitstring, the bitstring including a first bit indicating a first destination and a second bit indicating a second destination and forwarding the packet through one or more networks toward the first destination and the second destination based on the bitstring and a predetermined bit selection order. The predetermined bit selection order causes a sequential delivery of the packet to the first destination and the second destination. After the packet arrives at the first destination, the method includes setting the first bit to zero in the bitstring and forwarding the packet through the one or more networks toward the second destination according to the updated bitstring.

公开(公告)号：US20230179652A1

公开(公告)日：2023-06-08

申请号：US18101845

申请日：2023-01-26

Applicant: Cisco Technology, Inc.

Inventor： Yoann Desmouceaux ,  Pierre Pfister ,  Aloys Augustin ,  Mohammed Hawari

IPC: H04L67/1023 ,  H04L45/24 ,  H04L69/163 ,  H04L69/164 ,  H04L69/165 ,  H04L67/146

CPC classification number: H04L67/1023 ,  H04L45/24 ,  H04L69/163 ,  H04L69/164 ,  H04L69/165 ,  H04L67/146 ,  H04L67/01

Abstract: Techniques are described for providing a distributed application load-balancing architecture that supports multipath transport protocol for client devices connecting to an application service. Rather than having client devices generate new network five-tuples for new subflows to the application servers, the techniques described herein include shifting the burden to the application servers to ensure that the new network five-tuples land in the same bucket in the consistent hashing table. The application servers may receive a hashing function utilized by the load balancers to generate the hash of the network five-tuple. By having the application servers generate the hashes, the load balancers are able to continue stateless, low-level processing of the packets to route them to the correct application servers. In this way, additional subflows can be opened for client devices according to a multipath transport protocol while ensuring that the subflows are routed to the correct application server.

公开(公告)号：US20220413975A1

公开(公告)日：2022-12-29

申请号：US17902677

申请日：2022-09-02

Applicant: Cisco Technology, Inc.

Inventor： Pierre Pfister ,  Ian James Wells ,  Kyle Andrew Donald Mestery ,  William Mark Townsley ,  Yoann Desmouceaux ,  Guillaume Ruty ,  Aloys Augustin

IPC: G06F11/20 ,  G06F9/455 ,  H04L61/2503 ,  H04L61/58 ,  H04L101/00

Abstract: This disclosure describes techniques for providing a distributed scalable architecture for Network Address Translation (NAT) systems with high availability and mitigations for flow breakage during failover events. The NAT servers may include functionality to serve as fast-path servers and/or slow-path servers. A fast-path server may include a NAT worker that includes a cache of NAT mappings to perform stateful network address translation and to forward packets with minimal latency. A slow-path server may include a mapping server that creates new NAT mappings, depreciates old ones, and answers NAT worker state requests. The NAT system may use virtual mapping servers (VMSs) running on primary physical servers with state duplicated VMSs on different physical failover servers. Additionally, the NAT servers may implement failover solutions for dynamically allocated routeable address/port pairs assigned to new sessions by assigning new outbound address/port pairs when a session starts and broadcasting pairing information.

公开(公告)号：US11436111B2

公开(公告)日：2022-09-06

申请号：US16592613

申请日：2019-10-03

Applicant: Cisco Technology, Inc.

Inventor： Pierre Pfister ,  Ian James Wells ,  Kyle Andrew Donald Mestery ,  William Mark Townsley ,  Yoann Desmouceaux ,  Guillaume Ruty ,  Aloys Augustin

IPC: G06F11/20 ,  G06F9/455 ,  H04L61/2503 ,  H04L61/58

Abstract: This disclosure describes techniques for providing a distributed scalable architecture for Network Address Translation (NAT) systems with high availability and mitigations for flow breakage during failover events. The NAT servers may include functionality to serve as fast-path servers and/or slow-path servers. A fast-path server may include a NAT worker that includes a cache of NAT mappings to perform stateful network address translation and to forward packets with minimal latency. A slow-path server may include a mapping server that creates new NAT mappings, depreciates old ones, and answers NAT worker state requests. The NAT system may use virtual mapping servers (VMSs) running on primary physical servers with state duplicated VMSs on different physical failover servers. Additionally, the NAT servers may implement failover solutions for dynamically allocated routable address/port pairs assigned to new sessions by assigning new outbound address/port pairs when a session starts and broadcasting pairing information.