公开(公告)号：US20230188479A1

公开(公告)日：2023-06-15

申请号：US18164013

申请日：2023-02-03

Applicant: Cisco Technology, Inc.

Inventor： Mingzhe Lu ,  Hongqing Li ,  Diana Leung ,  Madhu Gindi ,  Preety Mordani ,  Prabahar Radhakrishnan

IPC: H04L49/00

CPC classification number: H04L49/3009

Abstract: The present disclosure is directed to adaptive networking policy with user defined fields and includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors and comprising instructions that, when executed by the one or more processors, cause one or more components to perform operations including generating a user defined attribute (UDA) value corresponding to a set of attributes; receiving, at a network device, a packet having one or more packet conditions; determining that the one or more packet conditions of the packet match the set of attributes of the UDA value; assigning a UDA tag to the packet, wherein the UDA tag corresponds to the UDA value and is configured for chaining with one or more other UDA tags; and taking an action on the packet based on the UDA tag.

公开(公告)号：US11588752B2

公开(公告)日：2023-02-21

申请号：US17389003

申请日：2021-07-29

Applicant: Cisco Technology, Inc.

Inventor： Srilatha Tangirala ,  Nithin Bangalore Raju ,  Ananya Raval ,  Prabahar Radhakrishnan ,  Vivek Agarwal ,  Balaji Sundararajan

IPC: H04L47/80 ,  H04L47/70 ,  H04L45/64 ,  H04L45/02 ,  H04L47/762 ,  H04L47/78

Abstract: Route exchange in a plurality of network controller appliances on a per-tenant basis is disclosed. In one aspect, a method includes receiving, from a network management system and at a first network controller appliance, a designation of at least two tenants to be hosted on the first network controller appliance, the first network controller appliance being one of a plurality of network controller appliances in a SD-WAN; sending, from the first network controller appliance to other network controller appliances of the plurality of network controller appliances, a tenant list query message to obtain a corresponding tenant list of each of the other network controller appliances; and receiving a corresponding response from each of the other network controller appliances indicating the corresponding tenant list of each of the other network controller appliances, the corresponding response being used to update the tenant list on the first network controller appliance.

公开(公告)号：US12160370B2

公开(公告)日：2024-12-03

申请号：US18166786

申请日：2023-02-09

Applicant: Cisco Technology, Inc.

Inventor： Srilatha Tangirala ,  Nithin Bangalore Raju ,  Ananya Raval ,  Prabahar Radhakrishnan ,  Vivek Agarwal ,  Balaji Sundararajan

IPC: H04L47/80 ,  H04L45/02 ,  H04L45/64 ,  H04L47/70 ,  H04L47/762 ,  H04L47/78

Abstract: Route exchange in a plurality of network controller appliances on a per-tenant basis is disclosed. In one aspect, a method includes receiving, from a network management system and at a first network controller appliance, a designation of at least two tenants to be hosted on the first network controller appliance, the first network controller appliance being one of a plurality of network controller appliances in a SD-WAN; sending, from the first network controller appliance to other network controller appliances of the plurality of network controller appliances, a tenant list query message to obtain a corresponding tenant list of each of the other network controller appliances; and receiving a corresponding response from each of the other network controller appliances indicating the corresponding tenant list of each of the other network controller appliances, the corresponding response being used to update the tenant list on the first network controller appliance.

公开(公告)号：US20220326995A1

公开(公告)日：2022-10-13

申请号：US17390187

申请日：2021-07-30

Applicant: Cisco Technology, Inc.

Inventor： Xiaohu Wang ,  Ajeet Pal Singh Gill ,  Srilatha Tangirala ,  Nithin Bangalore Raju ,  Prabahar Radhakrishnan ,  Vivek Agarwal ,  Balaji Sundararajan

IPC: G06F9/50 ,  G06F9/455

Abstract: A method for allocating resources of a virtual controller is disclosed. The method comprises: allocating resources of a virtual controller to a first tenant, wherein the first tenant is allocated a first tenant quantity of guaranteed resources of the virtual controller and a second tenant is allocated a second tenant quantity of guaranteed resources of the virtual controller; determining that resources requested by the first tenant are greater than the first tenant quantity of guaranteed resources; determining that the virtual controller has unutilized resources sufficient to at least partially provide additional resources beyond the first tenant quantity of guaranteed resources to the first tenant; and temporarily provisioning the additional resources to the first tenant, wherein the additional resources are greater than the first tenant quantity of guaranteed resources.

公开(公告)号：US11431730B2

公开(公告)日：2022-08-30

申请号：US16694809

申请日：2019-11-25

Applicant: Cisco Technology, Inc.

Inventor： Suresh Singh Keisam ,  Prabahar Radhakrishnan ,  David Mark Carrel

IPC: H04L29/06 ,  H04L9/40

Abstract: In one embodiment, a method includes negotiating, by a networking device, a security association with a peer and receiving, by the networking device, an Internet Protocol (IP) packet from the peer. The IP packet includes an outer IP header, an ESP header, a protocol header, data, an ESP trailer, and ESP authentication data. The method further includes performing, using an IP Security (IPSec) authentication algorithm, authentication checks for the outer IP header, the ESP header, the protocol header, the data, the ESP trailer, and the ESP authentication data of the IP packet.

公开(公告)号：US11646956B2

公开(公告)日：2023-05-09

申请号：US16675465

申请日：2019-11-06

Applicant: Cisco Technology, Inc.

Inventor： Anubhav Gupta ,  Mahesh Eknath Bhole ,  Laxmikantha Reddy Ponnuru ,  Ajay Kumar Mishra ,  Prabahar Radhakrishnan

IPC: G06F15/173 ,  H04L43/0829 ,  H04L43/0811 ,  H04L43/0817 ,  H04L41/0604 ,  H04L45/42 ,  H04L45/00 ,  H04L43/087

CPC classification number: H04L43/0829 ,  H04L41/0627 ,  H04L43/087 ,  H04L43/0811 ,  H04L43/0817 ,  H04L45/22 ,  H04L45/42

Abstract: Disclosed is a first device and a second device each sending BFD echo request packets in an initial stage of establishing communication between the two devices. A method can include determining that a certain mode is detected, such as a low bandwidth mode. The method can be practiced by one or both of the devices or a separate network controller. Based on the detection of the certain mode or the communication link being in a certain mode, the method includes the first device or the second device electing to be a master or a slave. Upon establishing that one of the devices is the master and the other of the devices is a slave, only the master will send BFD echo request packets.

公开(公告)号：US11575619B2

公开(公告)日：2023-02-07

申请号：US17080319

申请日：2020-10-26

Applicant: Cisco Technology, Inc.

Inventor： Mingzhe Lu ,  Hongqing Li ,  Diana Leung ,  Madhu Gindi ,  Preety Mordani ,  Prabahar Radhakrishnan

IPC: H04L49/00

Abstract: The present disclosure is directed to adaptive networking policy with user defined fields and includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors and comprising instructions that, when executed by the one or more processors, cause one or more components to perform operations including generating a user defined attribute (UDA) value corresponding to a set of attributes; receiving, at a network device, a packet having one or more packet conditions; determining that the one or more packet conditions of the packet match the set of attributes of the UDA value; assigning a UDA tag to the packet, wherein the UDA tag corresponds to the UDA value and is configured for chaining with one or more other UDA tags; and taking an action on the packet based on the UDA tag.

公开(公告)号：US20210160251A1

公开(公告)日：2021-05-27

申请号：US16694809

申请日：2019-11-25

Applicant: Cisco Technology, Inc.

Inventor： Suresh Singh Keisam ,  Prabahar Radhakrishnan ,  David Mark Carrel

IPC: H04L29/06

Abstract: In one embodiment, a method includes negotiating, by a networking device, a security association with a peer and receiving, by the networking device, an Internet Protocol (IP) packet from the peer. The IP packet includes an outer IP header, an ESP header, a protocol header, data, an ESP trailer, and ESP authentication data. The method further includes performing, using an IP Security (IPSec) authentication algorithm, authentication checks for the outer IP header, the ESP header, the protocol header, the data, the ESP trailer, and the ESP authentication data of the IP packet.

公开(公告)号：US20210029008A1

公开(公告)日：2021-01-28

申请号：US16675465

申请日：2019-11-06

Applicant: Cisco Technology, Inc.

Inventor： Anubhav Gupta ,  Mahesh Eknath Bhole ,  Laxmikantha Reddy Ponnuru ,  Ajay Kumar Mishra ,  Prabahar Radhakrishnan

IPC: H04L12/26 ,  H04L12/717 ,  H04L12/707 ,  H04L12/24

Abstract: Disclosed is a first device and a second device each sending BFD echo request packets in an initial stage of establishing communication between the two devices. A method can include determining that a certain mode is detected, such as a low bandwidth mode. The method can be practiced by one or both of the devices or a separate network controller. Based on the detection of the certain mode or the communication link being in a certain mode, the method includes the first device or the second device electing to be a master or a slave. Upon establishing that one of the devices is the master and the other of the devices is a slave, only the master will send BFD echo request packets.

公开(公告)号：US20250126045A1

公开(公告)日：2025-04-17

申请号：US18485110

申请日：2023-10-11

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Michael Moskal ,  Satish Kumar Mahadevan ,  Vivek Agarwal ,  Pradeep Kanavihalli Subramanyasetty ,  Prabahar Radhakrishnan ,  Samir Thoria ,  Pritam Baruah ,  Samantha Misra ,  Shailendra Vinod Pardeshi

IPC: H04L45/02 ,  H04L45/122

Abstract: A process can include determining affinity information indicative of route preferences between branch routers and gateway routers. A prefix can be determined for a subnet of branch routers located at a same branch location. An affinity position of a first gateway router can be determined based on affinity information of the branch routers in the subnet. A mapping can be determined between a local preference Border Gateway Protocol (BGP) community attribute and the affinity position of the first gateway router, wherein a mapped local preference BGP community attribute and the affinity position are indicative of a same routing preference. The mapped local preference BGP community attribute can be attached to routes from the first gateway router into a cloud service provider. Affinity-based route preferences are indicated to the cloud service provider by redistributing the routes from the first gateway router with the mapped local preference BGP community attribute attached.