公开(公告)号：US20240414094A1

公开(公告)日：2024-12-12

申请号：US18208165

申请日：2023-06-09

Applicant: Cisco Technology, Inc.

Inventor： Avinash Shah ,  Ganesh Devendrachar ,  Arul Murugan Manickam ,  Laxmikantha Reddy Ponnuru ,  Satyajit Das ,  Pritam Baruah

IPC: H04L47/36

Abstract: Techniques are described for detecting a change in Path Maximum Transfer Unit (PMTU) in a network and initiating a PMTU discovery process. A Bidirectional Forwarding Detection (BFD) data packet is generated having enhanced headers configured to record a largest packet sent value and a largest packet received value. The BFD data packet is sent from a first network device (such as a first router) to a second network device (such as a second router). A largest packet sent value and a largest packet received value are each recorded in the BFD data packet. If the largest data packet sent value is larger than the largest data packet received value, then a determination can be made that a path change has resulted in a reduction in PMTU which has resulted in either a data packet being fragmented, a data packet being dropped or both. A PMTU discovery can then be performed.

公开(公告)号：US20230344771A1

公开(公告)日：2023-10-26

申请号：US17816818

申请日：2022-08-02

Applicant: Cisco Technology, Inc.

Inventor： Arul Murugan Manickam ,  Avinash Shah ,  Laxmikantha Reddy Ponnuru ,  Satyajit Das ,  Deepa Rajendra Sangolli ,  Govindakrishnan Kannan ,  Pritam Baruah

IPC: H04L47/125 ,  H04L47/2416

CPC classification number: H04L47/125 ,  H04L47/2416

Abstract: In one embodiment, a method includes receiving traffic and identifying one or more attributes associated with the traffic. The method also includes dynamically selecting a load balancing algorithm based on the one or more attributes in accordance with a load balancing scheme. The method further includes performing load balancing on the traffic in accordance with the load balancing algorithm and communicating the traffic from a first network element to a second network element in accordance with the load balancing.

公开(公告)号：US20230336480A1

公开(公告)日：2023-10-19

申请号：US17892691

申请日：2022-08-22

Applicant: Cisco Technology, Inc.

Inventor： Arul Murugan Manickam ,  Laxmikantha Reddy Ponnuru ,  Avinash Shah ,  Vishali Somaskanthan

IPC: H04L45/745 ,  H04L47/43 ,  H04L47/2483

CPC classification number: H04L45/745 ,  H04L47/43 ,  H04L47/2483

Abstract: An efficient method to handle fragmented packets in multi-node all-active clusters. In one particular embodiment, a method includes receiving an initial fragment packet at a node in a cluster, creating a secondary flow table, linking the secondary flow table to a primary flow table, determining the primary flow owner of the initial fragment packet, and transmitting initial and succeeding fragment packets out of the cluster through, if possible, the primary flow owner.

公开(公告)号：US20250106149A1

公开(公告)日：2025-03-27

申请号：US18471931

申请日：2023-09-21

Applicant: Cisco Technology, Inc.

Inventor： Avinash Shah ,  Pritam Baruah ,  Amjad Inamdar ,  Laxmikantha Reddy Ponnuru ,  Latika Ahuja ,  Jai Prakash Agrawal

IPC: H04L45/00 ,  H04L9/40 ,  H04L45/745

Abstract: A system facilitates communication between branches of an SD-WAN and a service chain element. A hub node receives a data packet of a flow from a source branch over a VPN segment to be transmitted to a destination branch, extracts flow information from the data packet including VPN segment information to be stored in a flow table before transmitting the data packet to the service chain element over a service chain VPN. Upon return of the data packet from the service chain element, the hub node uses packet tuple information to retrieve the flow information with VPN segment information from the flow table. The hub node can then forward the data packet to the destination branch over the VPN segment. The hub node can generate and store an Auto Service Chaining Key that connects bidirectional flows so that the hub node can apply service-chaining to bidirectional traffic.

公开(公告)号：US20240348536A1

公开(公告)日：2024-10-17

申请号：US18348065

申请日：2023-07-06

Applicant: Cisco Technology, Inc.

Inventor： Pritam Baruah ,  Amjad Inamdar ,  Laxmikantha Reddy Ponnuru ,  Avinash Shah ,  Jai Prakash Agrawal

IPC: H04L45/247 ,  H04L45/28

CPC classification number: H04L45/247 ,  H04L45/28

Abstract: One or more aspects of the present disclosure are directed to providing a single hierarchical construct for defining requirements (connectivity parameters) of a service in a service chain. In one aspect, a single construct for identifying a service in a service chain includes a first object identifying at least one path for accessing an instance of the service within a communication network, a second object identifying a respective communication protocol for the at least one path; and a third object identifying at least a transmission specification for the respective communication protocol in the second object, wherein the second object and the third object are embedded within the first object.

公开(公告)号：US12095652B1

公开(公告)日：2024-09-17

申请号：US18328566

申请日：2023-06-02

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Satish Kumar Mahadevan ,  Ramakumara Kariyappa ,  Ganesh Devendrachar ,  Arul Murugan Manickam ,  Samir D Thoria ,  Pritam Baruah ,  Deepa Rajendra Sangolli ,  Avinash Shah

IPC: H04L45/17 ,  H04L43/0817 ,  H04L45/24

CPC classification number: H04L45/17 ,  H04L43/0817 ,  H04L45/24

Abstract: Techniques are described for suppressing data plane traffic using a service monitoring policy for data plane control. If a service provided to a router becomes nonfunctional, preventing the router from being able to forward traffic to a next-hop device, data plane traffic from client devices on the data plane that requires the use of the nonfunctioning service is suppressed. Additionally, new communication pathways to the router that will use the nonfunctioning service are prevented from being established. Traffic is redirected to another router with a functioning service. Thus, traffic that may normally be directed to the router with the nonfunctioning service and not able to be forwarded (e.g., blackholing of data) can be forwarded to the other router.

公开(公告)号：US20250106170A1

公开(公告)日：2025-03-27

申请号：US18472052

申请日：2023-09-21

Applicant: Cisco Technology, Inc.

Inventor： Avinash Shah ,  Pritam Baruah ,  Jai Prakash Agrawal ,  Amjad Inamdar

IPC: H04L47/34 ,  H04L41/14

Abstract: Disclosed are systems, apparatuses, methods, computer readable medium, and circuits for ordering services in a service chain comprising: receiving, at an edge router, one or more data packets; determining, at the edge router, a sequence order of service chain elements for the one or more data packets based upon an established sequence, the sequence order modifies the established sequence to performing an altering service that alters a payload of the one or more packets prior to one or more remaining services that inspect the one or more packets; transmitting and receiving, by the edge router in the sequence order, the one or more data packets to and from the service chain elements; transmitting, by the edge router, the one more data packets to a destination after a last of the service chain elements has been performed.

公开(公告)号：US20250106150A1

公开(公告)日：2025-03-27

申请号：US18472011

申请日：2023-09-21

Applicant: Cisco Technology, Inc.

Inventor： Avinash Shah ,  Pritam Baruah ,  Amjad Inamdar ,  Laxmikantha Reddy Ponnuru ,  Latika Ahuja ,  Jai Prakash Agrawal

IPC: H04L45/00 ,  H04L9/40

Abstract: A system facilitates communication between branches of an SD-WAN and a service chain element. A hub node receives a data packet of a flow from a source branch over a VPN segment to be transmitted to a destination branch, extracts flow information from the data packet including VPN segment information to be stored in a flow table before transmitting the data packet to the service chain element over a service chain VPN. Upon return of the data packet from the service chain element, the hub node uses packet tuple information to retrieve the flow information with VPN segment information from the flow table. The hub node can then forward the data packet to the destination branch over the VPN segment. The hub node can generate and store an Auto Service Chaining Key that connects bidirectional flows so that the hub node can apply service-chaining to bidirectional traffic.

公开(公告)号：US20250071060A1

公开(公告)日：2025-02-27

申请号：US18409701

申请日：2024-01-10

Applicant: Cisco Technology, Inc.

Inventor： Steven Wood ,  Balaji Sundararajan ,  Laxmikantha Reddy Ponnuru ,  Avinash Shah ,  Pritam Baruah ,  Venkatesh Nataraj ,  Ganesh Devendrachar

IPC: H04L45/76 ,  H04L12/46

Abstract: Generally, Software-Defined Wide Area Networks (SD-WAN) generally do not support network segmentation. The concepts disclosed herein connects IPSec SD-WAN fabric to a Virtual Routing and Forwarding (VRF) router and make use of a Software Defined Cloud Interconnect (SDCI) Router to route traffic from IPSec SD-WAN to various cloud services from the SDCI Router in the fabric. The concepts disclosed herein also provides for tunnel multi-plexing that takes incoming and outgoing traffic and maps VPNs to any service VRF associated with the cloud based services.

公开(公告)号：US20250071058A1

公开(公告)日：2025-02-27

申请号：US18946588

申请日：2024-11-13

Applicant: Cisco Technology, Inc.

Inventor： Arul Murugan Manickam ,  Laxmikantha Reddy Ponnuru ,  Avinash Shah ,  Vishali Somaskanthan

IPC: H04L45/745 ,  H04L47/2483 ,  H04L47/43

Abstract: An efficient method to handle fragmented packets in multi-node all-active clusters. In one particular embodiment, a method includes receiving an initial fragment packet at a node in a cluster, creating a secondary flow table, linking the secondary flow table to a primary flow table, determining the primary flow owner of the initial fragment packet, and transmitting initial and succeeding fragment packets out of the cluster through, if possible, the primary flow owner.