公开(公告)号：US20230300105A1

公开(公告)日：2023-09-21

申请号：US18069836

申请日：2022-12-21

Applicant: Cisco Technology, Inc.

Inventor： Vijay Chander ,  Yibin Yang ,  Praveen Jain ,  Munish Mehta

IPC: H04L61/2592 ,  H04L12/46 ,  H04L45/02

CPC classification number: H04L61/2592 ,  H04L12/4641 ,  H04L45/02 ,  H04L61/2514

Abstract: According to one or more embodiments of this disclosure, a network controller in a data center network establishes a translation table for in-band traffic in a data center network, the translation table resolves ambiguous network addresses based on one or more of a virtual network identifier (VNID), a routable tenant address, or a unique loopback address. The network controller device receives packets originating from applications and/or an endpoints operating in a network segment associated with a VNID. The network controller device translates, using the translation table, unique loopback addresses and/or routable tenant addresses associated with the packets into routable tenant addresses and/or unique loopback addresses, respectively.

公开(公告)号：US11546288B2

公开(公告)日：2023-01-03

申请号：US17174215

申请日：2021-02-11

Applicant: Cisco Technology, Inc.

Inventor： Vijay Chander ,  Yibin Yang ,  Praveen Jain ,  Munish Mehta

IPC: H04L29/12 ,  H04L61/2592 ,  H04L12/46 ,  H04L45/02 ,  H04L61/2514 ,  H04L61/2521

Abstract: According to one or more embodiments of this disclosure, a network controller in a data center network establishes a translation table for in-band traffic in a data center network, the translation table resolves ambiguous network addresses based on one or more of a virtual network identifier (VNID), a routable tenant address, or a unique loopback address. The network controller device receives packets originating from applications and/or an endpoints operating in a network segment associated with a VNID. The network controller device translates, using the translation table, unique loopback addresses and/or routable tenant addresses associated with the packets into routable tenant addresses and/or unique loopback addresses, respectively.

公开(公告)号：US10432428B2

公开(公告)日：2019-10-01

申请号：US15785134

申请日：2017-10-16

Applicant: Cisco Technology, Inc.

Inventor： Shyam Kapadia ,  Rick Chang ,  Yibin Yang ,  Rajesh Babu Nataraja

IPC: H04L12/46 ,  H04L12/24 ,  H04L12/931 ,  H04L12/753

Abstract: In accordance with one example embodiment, there is provided a system configured for virtual local area network (VLAN) blocking on a virtual port channel (vPC) member link to handle discrepant virtual network instance (VNI) to VLAN mappings. In other embodiments, the system can be configured for providing Virtual Switch Interface Discovery Protocol (VDP) and virtual switch enhancements to accommodate discrepant VNI to VLAN mappings. In another example embodiment, an apparatus is provided that includes a processor, and a memory coupled to the processor, where the apparatus is configured such that if a server is connected through a virtual port channel, a VDP is used to notify the server of different VNI to VLAN mappings. In another embodiment, the apparatus can extend a VDP Filter Info Field to carry a set of VLANs mapped to a VNI, keyed by leaf MAC addresses that serve as bridge identifiers.

公开(公告)号：US10171507B2

公开(公告)日：2019-01-01

申请号：US15159379

申请日：2016-05-19

Applicant: Cisco Technology, Inc.

Inventor： Praveen Jain ,  Munish Mehta ,  Saurabh Jain ,  Yibin Yang

IPC: G06F21/00 ,  H04L29/06 ,  H04L12/931 ,  G06F9/455 ,  H04L12/713

Abstract: Microsegmentation in a heterogeneous software-defined network can be performed by classifying endpoints associated with a first virtualized environment into respective endpoint groups based on respective attributes, and classifying endpoints associated with a second virtualized environment into respective security groups based on respective attributes. Each respective endpoint group can correspond to a respective security group having the same attribute. Each respective endpoint group and corresponding security group can be associated with a respective policy model defining rules for processing associated traffic. Each of the respective security groups can be used to generate a respective network attribute endpoint group, which can include the network addresses of those endpoints in the respective security group. Each respective network attribute endpoint group can inherit the policy model of the respective endpoint group corresponding to the respective security group. Traffic between the endpoints can then be processed based on the various classifications and associated rules.

公开(公告)号：US10057120B2

公开(公告)日：2018-08-21

申请号：US14449923

申请日：2014-08-01

Applicant: Cisco Technology, Inc.

Inventor： Chiajen Tsai ,  Norman Finn ,  Yibin Yang ,  Nagabhushan K. Channabasappa ,  Debashis Patnala Rao

IPC: G06F15/16 ,  H04L12/24 ,  H04L12/721 ,  H04L12/46

CPC classification number: H04L41/0816 ,  H04L12/4687 ,  H04L12/4695 ,  H04L41/12 ,  H04L45/66

Abstract: In one embodiment, a method includes detecting a change in network topology and broadcasting a transient unconditional unpruning message to multiple nodes in the network. The message is configured to instruct each of the nodes receiving the message to start a phase timer in response to the broadcast message; unprune its operational ports; and, upon expiration of the phase timer, prune its ports in accordance with the results of a pruning protocol.

公开(公告)号：US09742586B2

公开(公告)日：2017-08-22

申请号：US14577052

申请日：2014-12-19

Applicant: Cisco Technology, Inc.

Inventor： Yibin Yang ,  Chia Tsai ,  Liqin Dong

IPC: H04L12/46 ,  H04L12/713 ,  H04L12/751

CPC classification number: H04L12/462 ,  H04L45/02 ,  H04L45/586

Abstract: Techniques are presented for distributing host route information of virtual machines to routing bridges (RBridges). A first RBridge receives a routing message that is associated with a virtual machine and is sent by a second RBridge. The routing message comprises of mobility attribute information associated with a mobility characteristic of the virtual machine obtained from an egress RBridge that distributes the routing message. The first RBridge adds a forwarding table attribute to the routing message that indicates whether or not the first RBridge has host route information associated with the virtual machine in a forwarding table of the first RBridge. The first RBridge also distributes the routing message including the mobility attribute information and the forwarding table attribute, to one or more RBridges in the network.

公开(公告)号：US09686383B2

公开(公告)日：2017-06-20

申请号：US14985146

申请日：2015-12-30

Applicant: Cisco Technology, Inc.

Inventor： Yuchen Zhou ,  Richard Stewart ,  Alex Tsai ,  Yibin Yang

IPC: G01R31/08 ,  G06F11/00 ,  G08C15/00 ,  H04J1/16 ,  H04J3/14 ,  H04L1/00 ,  H04L12/26 ,  H04L29/06 ,  H04L12/707 ,  H04L12/709 ,  H04L12/751

CPC classification number: H04L69/28 ,  H04L45/02 ,  H04L45/24 ,  H04L45/245 ,  H04L69/14 ,  Y02D50/30

Abstract: Synchronization of traffic multiplexing in link aggregation is described. In an embodiment, a first link aggregator and a second link aggregator are associated with a plurality of links. The first link aggregator maintains an identifier for each link indicating at least a state of enabled or disabled. A synchronized clock is established between the first link aggregator and the second link aggregator. A particular link of the plurality of links is transitioned. Wherein, the transitioning is performed by the first link aggregator sending, to the second link aggregator, a first message identifying a particular time to transition the particular link. The first link aggregator receives, from the second link aggregator, a second message indicating that the particular time is acceptable. In response to a determination that the second message indicates that the particular time is acceptable and that the synchronized clock has reached the particular time, transitioning the link.

公开(公告)号：US09313044B2

公开(公告)日：2016-04-12

申请号：US14334413

申请日：2014-07-17

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Chiajen Tsai ,  Yibin Yang ,  Patnala Debashis Rao ,  Manish Chandra Agrawal ,  Rick Chang

IPC: H04L12/28 ,  H04L12/46

CPC classification number: H04L41/0823 ,  G06F9/45558 ,  G06F2009/45595 ,  H04H20/53 ,  H04L12/4641 ,  H04L12/467 ,  H04L12/4675

Abstract: An example method for facilitating multiple mobility domains with VLAN translation in a multi-tenant network environment is provided and includes detecting attachment of a first virtual machine on a first port and a second virtual machine on a second port of a network element, the first port and the second port being configured with a first mobility domain and a second mobility domain, respectively, and the first and second virtual machines being configured on a same original VLAN, determining whether the original VLAN falls within a pre-configured VLAN range, translating the original VLAN to a first VLAN on the first port corresponding to the first mobility domain and to a second VLAN on the second port corresponding to the second mobility domain, and segregating traffic on the original VLAN into the first VLAN and the second VLAN according to the respective mobility domains for per-port VLAN significance.

Abstract translation: 提供了一种用于在多租户网络环境中促进具有VLAN转换的多个移动性域的示例性方法，并且包括检测第一虚拟机在网元的第二端口上的第一端口和第二虚拟机上的附件，第一端口 并且第二端口分别被配置有第一移动性域和第二移动性域，并且第一和第二虚拟机被配置在相同的原始VLAN上，确定原始VLAN是否落在预配置的VLAN范围内，翻译 原始VLAN到对应于第一移动性域的第一端口上的第一VLAN和对应于第二移动性域的第二端口上的第二VLAN，并且根据原始VLAN将原始VLAN上的流量分为第一VLAN和第二VLAN 各端口VLAN的移动性域。

公开(公告)号：US20160099858A1

公开(公告)日：2016-04-07

申请号：US14967669

申请日：2015-12-14

Applicant: Cisco Technology, Inc.

Inventor： Rajagopalan Janakiraman ,  Yibin Yang ,  Pags Krishnamoorthy ,  Padmanabhan Krishnan

IPC: H04L12/26 ,  H04L12/24

CPC classification number: H04L43/18 ,  H04L41/12 ,  H04L43/00 ,  H04L43/08 ,  H04L43/12

Abstract: A monitoring session associated with a virtual nickname may be established in a TRILL network. A monitoring station may be connected to an edge switch of the TRILL network specifying the virtual nickname for the monitoring session. The monitoring station is set as a destination for the monitoring session and the virtual nickname is flooded throughout the TRILL network. A source may then be configured to the monitoring session by specifying the virtual nickname of the monitoring session without knowing the destination tied to the monitoring session. Network traffic through the source may then be forwarded to the destination tied to the monitoring session.

Abstract translation: 可以在TRILL网络中建立与虚拟昵称相关联的监视会话。 监控站可以连接到TRILL网络的边缘交换机，指定监视会话的虚拟昵称。 监控站被设置为监视会话的目的地，虚拟昵称在整个TRILL网络中泛滥。 然后，可以通过在不知道与监视会话相关联的目的地的情况下指定监视会话的虚拟昵称来将源配置为监视会话。 然后可以将通过源的网络流量转发到与监视会话相关联的目的地。

公开(公告)号：US09215147B2

公开(公告)日：2015-12-15

申请号：US13942426

申请日：2013-07-15

Applicant: Cisco Technology, Inc.

Inventor： Rajagopalan Janakiraman ,  Yibin Yang ,  Pags Krishnamoorthy ,  Padmanabhan Krishnan

IPC: H04L12/24 ,  H04L12/26

CPC classification number: H04L43/18 ,  H04L41/12 ,  H04L43/00 ,  H04L43/08 ,  H04L43/12

Abstract: A monitoring session associated with a virtual nickname may be established in a TRILL network. A monitoring station may be connected to an edge switch of the TRILL network specifying the virtual nickname for the monitoring session. The monitoring station is set as a destination for the monitoring session and the virtual nickname is flooded throughout the TRILL network. A source may then be configured to the monitoring session by specifying the virtual nickname of the monitoring session without knowing the destination tied to the monitoring session. Network traffic through the source may then be forwarded to the destination tied to the monitoring session.

Abstract translation: 可以在TRILL网络中建立与虚拟昵称相关联的监视会话。 监控站可以连接到TRILL网络的边缘交换机，指定监视会话的虚拟昵称。 监控站被设置为监视会话的目的地，虚拟昵称在整个TRILL网络中泛滥。 然后，可以通过在不知道与监视会话相关联的目的地的情况下指定监视会话的虚拟昵称来将源配置为监视会话。 然后可以将通过源的网络流量转发到与监视会话相关联的目的地。