公开(公告)号：US12218908B2

公开(公告)日：2025-02-04

申请号：US17677599

申请日：2022-02-22

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Jerome Tollet ,  Ali Sajassi ,  Aloÿs Christophe Augustin ,  Nathan Roland Maryan Skrzypczak ,  Stephane Litkowski

IPC: G06F15/16 ,  G06F9/54 ,  H04L29/06 ,  H04L61/5061 ,  H04L61/5092 ,  H04L101/686

Abstract: Systems, methods, and computer-readable media are provided for securely advertising autoconfigured prefixes in a cloud environment. In some examples, a method can include, receiving, by a first router, an indication of an available network address prefix. In some aspects, the method can also include selecting, by the first router, a first network address prefix that is within the available network address prefix, wherein the first network address prefix provides at least one route to one or more network elements associated with the first router. In some cases, the method may further include sending, to a second router, a message including a stub registration option that indicates the first network address prefix.

公开(公告)号：US20240364669A1

公开(公告)日：2024-10-31

申请号：US18139871

申请日：2023-04-26

Applicant: Cisco Technology, Inc.

Inventor： William Mark Townsley ,  Edward Albert Warnicke ,  Jerome Tollet ,  Aloys Augustin ,  Andrew Yourtchenko ,  Giles Douglas Yorke Heron

IPC: H04L9/40 ,  H04L45/24 ,  H04L45/745

CPC classification number: H04L63/0485 ,  H04L45/24 ,  H04L45/745

Abstract: Techniques for routing Internet Protocol security (IPsec) data packets. An index is assigned to a Security Parameter Index (SPI) header of the IPsec data packet. The index includes information for routing the data packet to a particular Encapsulating Security Payload (ESP) processor. The data packet can be routed using techniques that are analogous to conventional routing protocols such as IPv4 routing protocol. This allows the data packet to be routed using less expensive routing protocols rather than relying solely on more expensive load balancing techniques to route the data packet. This also advantageously allows the data packet to be routed employing routing techniques developed over decades of routing protocol development.

公开(公告)号：US20240015050A1

公开(公告)日：2024-01-11

申请号：US17860926

申请日：2022-07-08

Applicant: Cisco Technology, Inc.

Inventor： Hari Shankar ,  Rashmi Garg ,  Benoit Ganne ,  Jerome Tollet ,  Nathan Skrzypczak

IPC: H04L12/46 ,  H04L12/44 ,  H04L45/02 ,  H04L45/44 ,  H04L45/741

CPC classification number: H04L12/4683 ,  H04L12/44 ,  H04L45/04 ,  H04L45/44 ,  H04L45/741 ,  H04L2012/445

Abstract: Techniques for a hub node, provisioned in a site of a hub and spoke overlay network, to receive, store, and/or forward network routing information associated with a spoke, and send packets directly to spoke(s) that are remote from the hub node. A first hub node may receive a network advertisement including a border gateway protocol (BGP) large community string from a first spoke local to the first hub node. The first hub node may send the BGP large community string to a second hub node remote from the first hub node. The second hub node may decode network routing information from the BGP large community string and store the network routing information locally. The second hub node may send a packet from a second spoke local to the second hub node directly to the first spoke without the data packet being routed via the first hub node.

公开(公告)号：US20190079788A1

公开(公告)日：2019-03-14

申请号：US15698980

申请日：2017-09-08

Applicant: Cisco Technology, Inc.

Inventor： Guillaume Ruty ,  Pierre Pfister ,  Jerome Tollet ,  William Mark Townsley ,  Andre Jean-Marie Surcouf

IPC: G06F9/455 ,  G06F9/445 ,  G06F9/50 ,  G06F3/06

Abstract: Systems, methods, and computer-readable media for controlling container execution. In some examples, a system can determine whether a block of a container image used in running a container is present in local storage at a host. If the block of the container image is present in the local storage at the host, then the system can use the block in the local storage to run the container at the host. If the block of the container image is absent from the local storage at the host, the system can fetch the block of the container image for the host from a container image storage node where the container image resides in its entirety. The system can use the block of the container image fetched from the container image storage node to run the container.

公开(公告)号：US20230269223A1

公开(公告)日：2023-08-24

申请号：US17677599

申请日：2022-02-22

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Jerome Tollet ,  Ali Sajassi ,  Aloÿs Christophe Augustin ,  Nathan Roland Maryan Skrzypczak ,  Stephane Litkowski

IPC: H04L61/5092 ,  H04L61/5061

CPC classification number: H04L61/2092 ,  H04L61/2061 ,  H04L61/6086

Abstract: Systems, methods, and computer-readable media are provided for securely advertising autoconfigured prefixes in a cloud environment. In some examples, a method can include, receiving, by a first router, an indication of an available network address prefix. In some aspects, the method can also include selecting, by the first router, a first network address prefix that is within the available network address prefix, wherein the first network address prefix provides at least one route to one or more network elements associated with the first router. In some cases, the method may further include sending, to a second router, a message including a stub registration option that indicates the first network address prefix.

公开(公告)号：US20200028758A1

公开(公告)日：2020-01-23

申请号：US16037765

申请日：2018-07-17

Applicant: Cisco Technology, Inc.

Inventor： Jerome Tollet ,  Alain Fiocco ,  Andre Jean-Marie Surcouf ,  Pablo Camarillo Garvia ,  Clarence Filsfils

IPC: H04L12/24 ,  H04L12/721 ,  H04L12/713 ,  H04L12/751 ,  H04L29/08

Abstract: Systems, methods, and computer-readable media for providing multi-cloud connectivity. A method can involve adding a new virtual private cloud (VPC) to a multi-cloud environment including a private network and VPCs connected to the private network via a segment routing (SR) domain and respective virtual routers on the VPCs and the private network. The method can involve deploying a new virtual router on the new VPC, registering the new virtual router at a BGP controller in the multi-cloud environment, and receiving, at the BGP controller, topology information from the new virtual router. The method can further involve identifying routes in the multi-cloud environment based on paths computed based on the topology information, sending, to the new virtual router, routing information including the routes, SR identifiers and SR policies, and based on the routing information, providing interconnectivity between the private network, the VPCs, and the new VPC.

公开(公告)号：US11558345B2

公开(公告)日：2023-01-17

申请号：US17099506

申请日：2020-11-16

Applicant: Cisco Technology, Inc.

Inventor： Yoann Desmouceaux ,  Marcel Paul Sosthène Enguehard ,  Jacques Olivier Samain ,  Jerome Tollet

IPC: H04L61/4541 ,  H04L45/00 ,  H04L41/0816 ,  H04L45/745 ,  H04L67/51

Abstract: Systems, methods, and computer-readable storage media are provided to populate databases with routing data for containers to eliminate the need for continuously accessing a global discovery service. An example method includes initiating, from a source container operating on a first machine in a first rack, a communication with a destination container operating on a second machine on a second rack, wherein a local database on the first machine does not know an address of the destination container. The method includes accessing a global discovery service to provide the address of the destination container, populating the local database on the first machine with the address of the destination container and routing a packet from the source container to the destination container according to the address of the destination container.

公开(公告)号：US10862857B2

公开(公告)日：2020-12-08

申请号：US16366466

申请日：2019-03-27

Applicant: Cisco Technology, Inc.

Inventor： Yoann Desmouceaux ,  Marcel Paul Sosthène Enguehard ,  Jacques Olivier Samain ,  Jerome Tollet

IPC: G06F15/177 ,  H04L29/12 ,  H04L29/08 ,  H04L12/24 ,  H04L12/721 ,  H04L12/741

Abstract: Systems, methods, and computer-readable storage media are provided to populate databases with routing data for containers to eliminate the need for continuously accessing a global discovery service. An example method includes initiating, from a source container operating on a first machine in a first rack, a communication with a destination container operating on a second machine on a second rack, wherein a local database on the first machine does not know an address of the destination container. The method includes accessing a global discovery service to provide the address of the destination container, populating the local database on the first machine with the address of the destination container and routing a packet from the source container to the destination container according to the address of the destination container.

公开(公告)号：US20200314056A1

公开(公告)日：2020-10-01

申请号：US16366466

申请日：2019-03-27

Applicant: Cisco Technology, Inc.

Inventor： Yoann Desmouceaux ,  Marcel Paul Sosthène Enguehard ,  Jacques Olivier Samain ,  Jerome Tollet

IPC: H04L29/12 ,  H04L29/08 ,  H04L12/741 ,  H04L12/721 ,  H04L12/24

Abstract: Systems, methods, and computer-readable storage media are provided to populate databases with routing data for containers to eliminate the need for continuously accessing a global discovery service. An example method includes initiating, from a source container operating on a first machine in a first rack, a communication with a destination container operating on a second machine on a second rack, wherein a local database on the first machine does not know an address of the destination container. The method includes accessing a global discovery service to provide the address of the destination container, populating the local database on the first machine with the address of the destination container and routing a packet from the source container to the destination container according to the address of the destination container.

公开(公告)号：US10904342B2

公开(公告)日：2021-01-26

申请号：US16049401

申请日：2018-07-30

Applicant: Cisco Technology, Inc.

Inventor： Jerome Tollet ,  Giles Douglas Yorke Heron ,  Keith Burns ,  Andre Jean-Marie Surcouf

IPC: G06F15/16 ,  H04L29/08 ,  G06F9/54 ,  H04L29/06

Abstract: Systems, methods, and computer-readable media for enabling container networking are disclosed. In one aspect, a method includes receiving a request from a first network container on a source server to establish a data session with a second network container on a destination server; determining a destination switch of the destination server based on the request; identifying a communication tunnel between the source server and the destination server; generating a data stream to be embedded in the pre-established communication tunnel, wherein a communication protocol associated with the request is different from a communication protocol used by the data stream; receiving a data packet to be sent to the destination container; mapping the data packet to the data stream; and sending the data packet to the destination server via the data stream over the communication tunnel.