公开(公告)号：US12149436B2

公开(公告)日：2024-11-19

申请号：US17979640

申请日：2022-11-02

Applicant: Cisco Technology, Inc.

Inventor： David John Zacks ,  Nagendra Kumar Nainar ,  Madhan Sankaranarayanan ,  Jaganbabu Rajamanickam ,  Craig Thomas Hill ,  Cesar Obediente

IPC: H04L45/00 ,  H04L43/50 ,  H04L45/28

Abstract: Technologies for testing resiliency of a data network with real-world accuracy without affecting the flow of production data through the network. A method according to the technologies may include receiving a production data packet and determining a preferred data route toward a destination node for the production data packet based on a first routing information base, wherein the first routing information base includes a database where routes and route metadata are stored according to a routing protocol. The method may also include, receiving a test data packet, and determining an alternate data route toward the destination node for the test data packet based on a second routing information base, wherein the second routing information base simulates an error in the preferred data route. The method may include sending the production data packet to the preferred data route and sending the test data packet to the alternate data route.

公开(公告)号：US11818141B2

公开(公告)日：2023-11-14

申请号：US17546492

申请日：2021-12-09

Applicant: Cisco Technology, Inc.

Inventor： Craig Thomas Hill ,  Sujal Sheth ,  Frank Brockners ,  Cesar Obediente

IPC: H04L29/06 ,  H04L9/40 ,  H04L9/08

CPC classification number: H04L63/123 ,  H04L9/0838 ,  H04L63/0464 ,  H04L63/20 ,  H04L63/205

Abstract: According to an embodiment, a node comprises one or more processors and one or more computer-readable non-transitory storage media comprising instructions that, when executed by the one or more processors, cause one or more components of the node to perform operations. The operations comprise determining security validation information that the node associates with a packet, inserting into the packet an identifier associated with the node and the security validation information that the node associates with the packet, and transmitting the packet comprising the identifier associated with the node and the security validation information that the node associates with the packet. The security validation information comprises one or more proof of security attributes and/or one or more proof of security level attributes.

公开(公告)号：US11469999B1

公开(公告)日：2022-10-11

申请号：US17389634

申请日：2021-07-30

Applicant: Cisco Technology, Inc.

Inventor： Indermeet Singh Gandhi ,  Robert Edgar Barton ,  Jerome Henry ,  Cesar Obediente

IPC: H04L45/00

Abstract: In one embodiment, a method includes receiving energy efficiency data from a plurality of nodes within a network. The method also includes determining an energy efficiency node quotient for each of the plurality of nodes within the network to generate a plurality of energy efficiency node quotients and determining an energy efficiency path quotient for each of a plurality of paths within the network to generate a plurality of energy efficiency path quotients. The method further includes determining one or more policies associated with the plurality of paths and selecting a path from the plurality of paths based at least on the plurality of energy efficient path quotients and the one or more policies.

公开(公告)号：US11792065B2

公开(公告)日：2023-10-17

申请号：US17674686

申请日：2022-02-17

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Jaganbabu Rajamanickam ,  David John Zacks ,  Carlos M. Pignataro ,  Madhan Sankaranarayanan ,  Cesar Obediente ,  Craig Thomas Hill

IPC: H04L41/0604 ,  H04L41/0654 ,  H04L9/40 ,  H04L61/103 ,  H04L41/0631 ,  H04L67/133

CPC classification number: H04L41/0627 ,  H04L41/0631 ,  H04L41/0654 ,  H04L61/103 ,  H04L63/101 ,  H04L67/133

Abstract: Methods and devices provide fault injection testing techniques in a production network environment without risking service outages for hosted computing services, by providing examples of a remote network controller configured to communicate with network devices of a network; a remote fault injection communication protocol configuring a remote network controller in communication with a network device to signal a failure injection; and a failure injection module configuring a network device to configure a network device processor to implement a failure injection signaled according to the remote failure injection communication protocol. The method includes a network controller transmitting a failure injection signal in a control plane packet over a network connection to a network device, and the network device creating a child process by executing, in a dedicated runtime environment, a copy of one or more processes impacted by a parsed failure type.

公开(公告)号：US20230029987A1

公开(公告)日：2023-02-02

申请号：US17930281

申请日：2022-09-07

Applicant: Cisco Technology, Inc.

Inventor： Indermeet Singh Gandhi ,  Robert Edgar Barton ,  Jerome Henry ,  Cesar Obediente

IPC: H04L45/00

Abstract: In one embodiment, a method includes receiving energy efficiency data from a plurality of nodes within a network. The method also includes determining an energy efficiency node quotient for each of the plurality of nodes within the network to generate a plurality of energy efficiency node quotients and determining an energy efficiency path quotient for each of a plurality of paths within the network to generate a plurality of energy efficiency path quotients. The method further includes determining one or more policies associated with the plurality of paths and selecting a path from the plurality of paths based at least on the plurality of energy efficient path quotients and the one or more policies.

公开(公告)号：US20220353143A1

公开(公告)日：2022-11-03

申请号：US17243740

申请日：2021-04-29

Applicant: Cisco Technology, Inc.

Inventor： Craig Thomas Hill ,  Cesar Obediente

IPC: H04L12/24

Abstract: A network controller is configured to control a plurality of network devices in a network. The network controller generates one or more commands that are configured to inject a failure to propagate through two or more network devices in the network. The network controller provides the one or more commands to at least one of the two or more network devices to initiate the failure. The one or more commands cause the failure cause the two or more network devices to collect and propagate telemetry data, on a hop-by-hop basis. The network controller obtains the telemetry data collected from the two or more network devices, and analyzes the telemetry data to determine an impact in the network of the failure propagated through the two or more network devices.

公开(公告)号：US20240427918A1

公开(公告)日：2024-12-26

申请号：US18339035

申请日：2023-06-21

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Cesar Obediente ,  David John Zacks ,  Carlos M. Pignataro ,  Thomas Szigeti ,  Craig T. Hill

IPC: G06F21/62

Abstract: In one embodiment, a method includes generating a security policy and converting the security policy into a chaos hypothesis. The method also includes initiating execution of the chaos hypothesis across a plurality of microservices within a technology stack. The method further includes receiving metrics associated with the execution of the chaos hypothesis across the plurality of microservices within the technology stack.

公开(公告)号：US20240146643A1

公开(公告)日：2024-05-02

申请号：US17979640

申请日：2022-11-02

Applicant: Cisco Technology, Inc.

Inventor： David John Zacks ,  Nagendra Kumar Nainar ,  Madhan Sankaranarayanan ,  Jaganbabu Rajamanickam ,  Craig Thomas Hill ,  Cesar Obediente

IPC: H04L45/00 ,  H04L43/50 ,  H04L45/28

CPC classification number: H04L45/22 ,  H04L43/50 ,  H04L45/28

Abstract: Technologies for testing resiliency of a data network with real-world accuracy without affecting the flow of production data through the network. A method according to the technologies may include receiving a production data packet and determining a preferred data route toward a destination node for the production data packet based on a first routing information base, wherein the first routing information base includes a database where routes and route metadata are stored according to a routing protocol. The method may also include, receiving a test data packet, and determining an alternate data route toward the destination node for the test data packet based on a second routing information base, wherein the second routing information base simulates an error in the preferred data route. The method may include sending the production data packet to the preferred data route and sending the test data packet to the alternate data route.

公开(公告)号：US20240048436A1

公开(公告)日：2024-02-08

申请号：US18380594

申请日：2023-10-16

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Jaganbabu Rajamanickam ,  David John Zacks ,  Carlos M. Pignataro ,  Madhan Sankaranarayanan ,  Cesar Obediente ,  Craig Thomas Hill

IPC: H04L41/0604 ,  H04L67/133 ,  H04L41/0631 ,  H04L41/0654 ,  H04L61/103 ,  H04L9/40

CPC classification number: H04L41/0627 ,  H04L67/133 ,  H04L41/0631 ,  H04L41/0654 ,  H04L61/103 ,  H04L63/101

Abstract: Methods and devices provide fault injection testing techniques in a production network environment without risking service outages for hosted computing services, by providing examples of a remote network controller configured to communicate with network devices of a network; a remote fault injection communication protocol configuring a remote network controller in communication with a network device to signal a failure injection; and a failure injection module configuring a network device to configure a network device processor to implement a failure injection signaled according to the remote failure injection communication protocol. The method includes a network controller transmitting a failure injection signal in a control plane packet over a network connection to a network device, and the network device creating a child process by executing, in a dedicated runtime environment, a copy of one or more processes impacted by a parsed failure type.

公开(公告)号：US11863450B1

公开(公告)日：2024-01-02

申请号：US18063291

申请日：2022-12-08

Applicant: Cisco Technology, Inc.

Inventor： Cesar Obediente ,  Craig Thomas Hill ,  Nagendra Kumar Nainar ,  David John Zacks ,  Jaganbabu Rajamanickam ,  Madhan Sankaranarayanan

IPC: H04L45/76

CPC classification number: H04L45/76

Abstract: A method comprises: at a network device configured to be connected to a network and having control and data planes, and interfaces configured for network operations in the network: upon receiving, from a controller, instructions to form a local twin of the network device that is a virtual replica of the network device to be used for test purposes, creating the local twin and configuring the local twin to include virtual control and data planes, and virtual interfaces, which are virtual replicas of, and operate independently from, the control and data planes, and the interfaces, of the network device, respectively; and hosting the local twin on physical resources of the network device such that the local twin is configured for virtual network operations on the network device that replicate, but are independent from, the network operations.