-
公开(公告)号:US11563833B2
公开(公告)日:2023-01-24
申请号:US17392241
申请日:2021-08-02
Applicant: Cisco Technology, Inc.
Inventor: Advait Dixit , Ramana Rao Kompella
IPC: G06F15/173 , H04L69/40 , H04L41/14 , H04L41/0681 , H04L41/0893 , H04L41/12 , H04L67/50 , H04L41/0654 , H04L45/00 , H04L45/28
Abstract: Systems, methods, and computer-readable media for receiving an indication of an equivalence failure, the equivalence failure corresponding to one or more models of network intents. The indication of the equivalence failure is analyzed and one or more constituent intents that caused the equivalence failure are identified, wherein the one or more constituent intents are associated with a model of the one or more models of network intents. The granularity of the equivalence failure and the identified one or more constituent intents is determined, and an event for external consumption is generated, the event based at least in part on the equivalence failure, the granularity of the equivalence failure, and the identified one or more constituent intents.
-
公开(公告)号:US20210152607A1
公开(公告)日:2021-05-20
申请号:US17157957
申请日:2021-01-25
Applicant: Cisco Technology, Inc.
Inventor: Advait Dixit , Navneet Yadav , Navjyoti Sharma , Ramana Rao Kompella , Kartik Mohanram
Abstract: In some examples, a system creates a requirement including EPG selectors representing EPG pairs, a traffic selector, and a communication operator; determines that EPGs in distinct pairs are associated with different network contexts and, for each pair, which network context(s) contains associated policies; creates first data representing the pair, operator, and traffic selector; when only one network context contains the associated policies, creates second data representing a network model portion associated with the only network context and determines whether the first data is contained in the second data to yield a first check; when both network contexts contain the associated policies, also creates third data representing a network model portion associated with a second network context, and determines whether the first data is contained in the second and/or third data to yield a second check; and determines whether policies for the pairs comply with the requirement based on the checks.
-
公开(公告)号:US20200007583A1
公开(公告)日:2020-01-02
申请号:US16217559
申请日:2018-12-12
Applicant: Cisco Technology, Inc.
Inventor: Advait Dixit , Navneet Yadav , Navjyoti Sharma , Ramana Rao Kompella , Kartik Mohanram
IPC: H04L29/06
Abstract: Systems, methods, and computer-readable media for assurance of rules in a network. An example method can include creating a compliance requirement including a first endpoint group (EPG) selector, a second EPG selector, a traffic selector, and a communication operator, the first and second EPG selectors representing sets of EPGs and the communication operator defining a communication condition for traffic associated with the first and second EPG selectors and the traffic selector. The method can include creating, for each distinct pair of EPGs, a first respective data structure representing the distinct pair of EPGs, the communication operator, and the traffic selector; creating a second respective data structure representing a logical model of the network; determining whether the first respective data structure is contained in the second respective data structure to yield a containment check; and determining whether policies on the network comply with the compliance requirement based on the containment check.
-
公开(公告)号:US11824728B2
公开(公告)日:2023-11-21
申请号:US17112854
申请日:2020-12-04
Applicant: Cisco Technology, Inc.
Inventor: Divjyot Sethi , Chandra Nagarajan , Advait Dixit , John Thomas Monk , Gabriel Cheukbun Ng , Ramana Rao Kompella , Sundar Iyer
CPC classification number: H04L41/145 , H04L41/5019 , H04W24/04 , H04W24/06 , G06F9/45533 , H04L43/50 , H04L43/55
Abstract: Systems, methods, and computer-readable media for emulating a state of a network environment for purposes of re-executing a network assurance appliance in the emulated state of the network environment. In some embodiments, a method can include receiving snapshot data for a network environment corresponding to a specific time in the network environment and including network events occurring in the network environment generated by a network assurance appliance. A state of the network environment at the specific time can be emulated using the snapshot data to create an emulated state of the network environment. Subsequently, the network assurance appliance can be re-executed in the emulated state of the network environment corresponding to the specific time and the network assurance appliance can be debugged outside of the network environment based on re-execution of the network assurance appliance in the emulated state of the network environment.
-
公开(公告)号:US11563645B2
公开(公告)日:2023-01-24
申请号:US17153831
申请日:2021-01-20
Applicant: Cisco Technology, Inc.
Inventor: Advait Dixit , Ramana Rao Kompella , Kartik Mohanram , Sundar Iyer , Shadab Nazar , Chandra Nagarajan
IPC: G06F15/173 , H04L41/16 , H04L41/14 , H04L41/5022 , H04L41/5054 , H04L41/0631 , H04L41/0866 , H04L41/142 , H04L41/147 , H04L41/12 , H04L41/0893
Abstract: Systems, methods, and computer-readable media for receiving one or more models of network intents, comprising a plurality of contracts between providers and consumers, each contract containing entries with priority values. Each contract is flattened into a listing of rules and a new priority value is calculated. The listing of rules encodes the implementation of the contract between the providers and the consumers. Each entry is iterated over and added to a listing of entries if it is not already present. For each rule, the one or more entries associated with the contract from which the rule was flattened are identified, and for each given entry a flat rule comprising the combination of the rule and the entry is generated, wherein a flattened priority is calculated based at least in part on the priority value of the given one of given entry and the priority value of the rule.
-
Patent Agency Ranking
公开(公告)号:US11218508B2
公开(公告)日:2022-01-04
申请号:US16217559
申请日:2018-12-12
Applicant: Cisco Technology, Inc.
Inventor: Advait Dixit , Navneet Yadav , Navjyoti Sharma , Ramana Rao Kompella , Kartik Mohanram
IPC: H04L29/06
Abstract: Systems, methods, and computer-readable media for assurance of rules in a network. An example method can include creating a compliance requirement including a first endpoint group (EPG) selector, a second EPG selector, a traffic selector, and a communication operator, the first and second EPG selectors representing sets of EPGs and the communication operator defining a communication condition for traffic associated with the first and second EPG selectors and the traffic selector. The method can include creating, for each distinct pair of EPGs, a first respective data structure representing the distinct pair of EPGs, the communication operator, and the traffic selector; creating a second respective data structure representing a logical model of the network; determining whether the first respective data structure is contained in the second respective data structure to yield a containment check; and determining whether policies on the network comply with the compliance requirement based on the containment check.
-
公开(公告)号:US20210092023A1
公开(公告)日:2021-03-25
申请号:US17112854
申请日:2020-12-04
Applicant: Cisco Technology, Inc.
Inventor: Divjyot Sethi , Chandra Nagarajan , Advait Dixit , John Thomas Monk , Gabriel Cheukbun Ng , Ramana Rao Kompella , Sundar Iyer
Abstract: Systems, methods, and computer-readable media for emulating a state of a network environment for purposes of re-executing a network assurance appliance in the emulated state of the network environment. In some embodiments, a method can include receiving snapshot data for a network environment corresponding to a specific time in the network environment and including network events occurring in the network environment generated by a network assurance appliance. A state of the network environment at the specific time can be emulated using the snapshot data to create an emulated state of the network environment. Subsequently, the network assurance appliance can be re-executed in the emulated state of the network environment corresponding to the specific time and the network assurance appliance can be debugged outside of the network environment based on re-execution of the network assurance appliance in the emulated state of the network environment.
-
公开(公告)号:US20180351806A1
公开(公告)日:2018-12-06
申请号:US15663642
申请日:2017-07-28
Applicant: Cisco Technology, Inc.
Inventor: Kartik Mohanram , Chandra Nagarajan , Advait Dixit , Ramana Rao Kompella
IPC: H04L12/24
CPC classification number: H04L41/145 , H04L41/0823 , H04L41/0873 , H04L41/0893
Abstract: Systems, methods, and computer-readable media for intent specification checks. In one example, a system obtains, from one or more controllers in a software-defined network, a logical model of the software-defined network, the logical model including configurations of one or more objects in a hierarchical management information tree that defines manageable objects and object properties for the software-defined network. Based on the hierarchical management information tree, the system performs a policy analysis of configurations in the logical model and determines, based on the policy analysis, whether the configurations in the logical model contain one or more errors.
-
公开(公告)号:US11888603B2
公开(公告)日:2024-01-30
申请号:US17157957
申请日:2021-01-25
Applicant: Cisco Technology, Inc.
Inventor: Advait Dixit , Navneet Yadav , Navjyoti Sharma , Ramana Rao Kompella , Kartik Mohanram
CPC classification number: H04L63/20 , G06F16/2246 , H04L43/08 , G06F9/45558 , G06F2009/45562 , G06F2009/45595 , H04L63/20 , G06F9/45558
Abstract: In some examples, a system creates a requirement including EPG selectors representing EPG pairs, a traffic selector, and a communication operator; determines that EPGs in distinct pairs are associated with different network contexts and, for each pair, which network context(s) contains associated policies; creates first data representing the pair, operator, and traffic selector; when only one network context contains the associated policies, creates second data representing a network model portion associated with the only network context and determines whether the first data is contained in the second data to yield a first check; when both network contexts contain the associated policies, also creates third data representing a network model portion associated with a second network context, and determines whether the first data is contained in the second and/or third data to yield a second check; and determines whether policies for the pairs comply with the requirement based on the checks.
-
10.发明申请公开(公告)号:US20210144069A1
公开(公告)日:2021-05-13
申请号:US17153831
申请日:2021-01-20
Applicant: Cisco Technology, Inc.
Inventor: Advait Dixit , Ramana Rao Kompella , Kartik Mohanram , Sundar Iyer , Shadab Nazar , Chandra Nagarajan
IPC: H04L12/24
Abstract: Systems, methods, and computer-readable media for receiving one or more models of network intents, comprising a plurality of contracts between providers and consumers, each contract containing entries with priority values. Each contract is flattened into a listing of rules and a new priority value is calculated. The listing of rules encodes the implementation of the contract between the providers and the consumers. Each entry is iterated over and added to a listing of entries if it is not already present. For each rule, the one or more entries associated with the contract from which the rule was flattened are identified, and for each given entry a flat rule comprising the combination of the rule and the entry is generated, wherein a flattened priority is calculated based at least in part on the priority value of the given one of given entry and the priority value of the rule.
-
-
-
-
-
-
-
-
-
Search Results
28
records
(took 0.018 seconds)
