-
公开(公告)号:US11838325B2
公开(公告)日:2023-12-05
申请号:US17506553
申请日:2021-10-20
Applicant: Cisco Technology, Inc.
Inventor: Rajagopalan Janakiraman , Sivakumar Ganapathy , Prashanth Matety , Patel Amitkumar Valjibhai
IPC: H04L9/40 , H04L12/46 , H04L12/66 , H04L41/0893 , H04L67/10
CPC classification number: H04L63/20 , H04L12/46 , H04L12/4641 , H04L12/66 , H04L41/0893 , H04L63/0263 , H04L63/101 , H04L67/10 , H04L63/0272
Abstract: Systems, methods, and computer-readable media for elastic policy scaling in multi-cloud fabrics. A method can involve deploying a cluster of policy agents on a hub virtual private cloud (VPC) that interconnects spoke VPCs in a cloud associated with a multi-cloud fabric, and mapping endpoints in the spoke VPCs to the policy agents. The method can involve distributing groups of policies for the endpoints across the policy agents based on the mapping of endpoints to policy agents, and advertising, by each policy agent to a respective first set of virtual gateways in the spoke VPCs, routes associated with endpoints mapped to the policy agent and preventing the policy agent from advertising routes associated with a second set of virtual gateways in the spoke VPCs. The method can involve applying, via the policy agent, a group of policies on the policy agent to traffic received by the policy agent.
-
公开(公告)号:US11082258B1
公开(公告)日:2021-08-03
申请号:US16742604
申请日:2020-01-14
Applicant: Cisco Technology, Inc.
Inventor: Sivakumar Ganapathy , Rajagopalan Janakiraman , Suresh Pasupula , Sachin Gupta , Shashank Chaturvedi , Prashanth Matety
IPC: G06F15/177 , H04L12/46 , H04L12/741 , H04L29/06
Abstract: Techniques for maintaining isolation and segregation for network paths through multi-cloud fabrics using VRF technologies. The techniques include running virtual routers in a cloud network that connect the cloud network to an on-premises network using a network overlay that preserves VRF information in data packets. Further, the virtual routers connect to individual gateways in the cloud network using tunnels, and each individual gateway is connected to multiple VPCs without overlapping subnets. The virtual routers may assign a sink VRF to each gateway connection that can be used to perform source-IP based VRF selection by mapping source IP addresses in each tunnel connection to appropriate VRFs for the source IP addresses. In this way, virtual routers may use sink VRFs to translate into the VRF information for data packets from the VPCs via source-IP based lookup, and use the corresponding VRF route table to determine next hops for data packets.
-
Patent Agency Ranking
公开(公告)号:US20210218598A1
公开(公告)日:2021-07-15
申请号:US16742604
申请日:2020-01-14
Applicant: Cisco Technology, Inc.
Inventor: Sivakumar Ganapathy , Rajagopalan Janakiraman , Suresh Pasupula , Sachin Gupta , Shashank Chaturvedi , Prashanth Matety
IPC: H04L12/46 , H04L29/06 , H04L12/741
Abstract: Techniques for maintaining isolation and segregation for network paths through multi-cloud fabrics using VRF technologies. The techniques include running virtual routers in a cloud network that connect the cloud network to an on-premises network using a network overlay that preserves VRF information in data packets. Further, the virtual routers connect to individual gateways in the cloud network using tunnels, and each individual gateway is connected to multiple VPCs without overlapping subnets. The virtual routers may assign a sink VRF to each gateway connection that can be used to perform source-IP based VRF selection by mapping source IP addresses in each tunnel connection to appropriate VRFs for the source IP addresses. In this way, virtual routers may use sink VRFs to translate into the VRF information for data packets from the VPCs via source-IP based lookup, and use the corresponding VRF route table to determine next hops for data packets.
-
公开(公告)号:US11159569B2
公开(公告)日:2021-10-26
申请号:US16105822
申请日:2018-08-20
Applicant: Cisco Technology, Inc.
Inventor: Rajagopalan Janakiraman , Sivakumar Ganapathy , Prashanth Matety , Patel Amitkumar Valjibhai
Abstract: Systems, methods, and computer-readable media for elastic policy scaling in multi-cloud fabrics. A method can involve deploying a cluster of policy agents on a hub virtual private cloud (VPC) that interconnects spoke VPCs in a cloud associated with a multi-cloud fabric, and mapping endpoints in the spoke VPCs to the policy agents. The method can involve distributing groups of policies for the endpoints across the policy agents based on the mapping of endpoints to policy agents, and advertising, by each policy agent to a respective first set of virtual gateways in the spoke VPCs, routes associated with endpoints mapped to the policy agent and preventing the policy agent from advertising routes associated with a second set of virtual gateways in the spoke VPCs. The method can involve applying, via the policy agent, a group of policies on the policy agent to traffic received by the policy agent.
-
5.发明申请公开(公告)号:US20210320817A1
公开(公告)日:2021-10-14
申请号:US16848647
申请日:2020-04-14
Applicant: Cisco Technology, Inc.
Inventor: Rajagopalan Janakiraman , Sivakumar Ganapathy , Shashank Chaturvedi , Suresh Pasupula , Prashanth Matety , Sachin Gupta
Abstract: Techniques and architecture for routing data packets through networks that include TGWs. A data packet may be received from a TGW at an infra VPC. A TGW attachment on which the data packet was received is determined. Based at least in part on the TGW attachment, the data packet is routed to a CSR at the infra VPC. Load balancing may be achieved by defining VRF groups that include VPCs and the TGWs. Each VRF group may be assigned to an interface of one or more CSRs. Also, the VRF groups allow for supporting overlapping subnets.
-
公开(公告)号:US20210266255A1
公开(公告)日:2021-08-26
申请号:US16799476
申请日:2020-02-24
Applicant: Cisco Technology, Inc.
Inventor: Sivakumar Ganapathy , Saurabh Jain , Neelesh Kumar , Prashanth Matety , Hari Hara Prasad Muthulingam , Suresh Pasupula
IPC: H04L12/741 , H04L29/08 , H04L12/46
Abstract: Techniques for maintaining virtual routing and forwarding (VRF) segregation for network paths through multi-cloud fabrics that utilize shared services, e.g., application load balancers. The router of a first network of a multi-cloud fabric receives a first data packet from a source end-point group within the first network and forwards the first data packet to a service end-point group. The service end-point group may forward the first data packet to a destination end-point group of a second network of the multi-cloud fabric. The service end-point group may receive a second data packet from the destination end-point group and forward the second data packet to the router. Based on one of (i) an identity of the service end-point group or (ii) an address of the source end-point group, a VRF may be identified and the second data packet may be forwarded by the router to the source end-point group using the VRF.
-
公开(公告)号:US20200059492A1
公开(公告)日:2020-02-20
申请号:US16105822
申请日:2018-08-20
Applicant: Cisco Technology, Inc.
Inventor: Rajagopalan Janakiraman , Sivakumar Ganapathy , Prashanth Matety , Patel Amitkumar Valjibhai
Abstract: Systems, methods, and computer-readable media for elastic policy scaling in multi-cloud fabrics. A method can involve deploying a cluster of policy agents on a hub virtual private cloud (VPC) that interconnects spoke VPCs in a cloud associated with a multi-cloud fabric, and mapping endpoints in the spoke VPCs to the policy agents. The method can involve distributing groups of policies for the endpoints across the policy agents based on the mapping of endpoints to policy agents, and advertising, by each policy agent to a respective first set of virtual gateways in the spoke VPCs, routes associated with endpoints mapped to the policy agent and preventing the policy agent from advertising routes associated with a second set of virtual gateways in the spoke VPCs. The method can involve applying, via the policy agent, a group of policies on the policy agent to traffic received by the policy agent.
-
-
-
-
-
-
Search Results
7
records
(took 0.016 seconds)
